last executing test programs:

3m47.46454479s ago: executing program 3 (id=1347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x14020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x1efda11d}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xfffffffb, 0x80, 0x1, 0x357}, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000340)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000280)={0x4, <r7=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=r2, @ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYRESHEX=r1, @ANYRES32=r6, @ANYRES64=r0], 0x0, 0x0, 0x13, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r8 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
getdents(r8, &(0x7f0000000340)=""/101, 0xfec8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000000)=ANY=[@ANYRES64=r0, @ANYRES32, @ANYRES8=r2, @ANYRESOCT=0x0, @ANYRES32=r8], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffd0e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x18)
r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r11 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r11, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000300)=[{0x3}], 0x1, 0x0, 0x0, 0x0, 0x0, 0x5c})
ioctl$USBDEVFS_CONTROL(r10, 0xc0105500, &(0x7f0000000080)={0x0, 0x9, 0x3, 0x0, 0x0, 0x8, 0x0})

3m47.246762203s ago: executing program 3 (id=1349):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x8000}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = dup(r1)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, 0x0, 0x4)

3m47.232014523s ago: executing program 3 (id=1350):
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x9, 0x3, 0x7de0, 0x8e, 0xfff, 0xb92, 0x7fff, {0x0, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}, 0xe51}}, 0xf247, 0x401, 0x82e7f8, 0x800, 0x6}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="05000000b00200000300000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="0000007f6db0ed876e00010007000000000705"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x5, 0x486, 0x1000, {}, {0x77359400}, {0x2, 0x0, 0x1}, 0x1, @can={{0x3, 0x1, 0x1, 0x1}, 0x27, 0x3, 0x0, 0x0, "e05ad60a92c50497"}}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="050000009f6000"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="00000001"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x8800)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x9}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r7 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
fchdir(r7)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)

3m47.166383594s ago: executing program 3 (id=1352):
r0 = syz_io_uring_setup(0x51ba, &(0x7f0000000000)={0x0, 0x35d2, 0x0, 0x0, 0x20f}, &(0x7f00000000c0), &(0x7f00000001c0))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0000000101010200000000000000000a0000020c00198008000100a90e00233c801400030000000000000000000000ffff"], 0x5c}, 0x1, 0x0, 0x0, 0x8000850}, 0x20008840)
io_uring_enter(r0, 0x1e9b, 0x140b, 0x1d, &(0x7f0000000180)={[0x1]}, 0x8)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}]}, 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x480, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)='B', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
dup(r3)
ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000540))
ptrace$cont(0x20, r2, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000300000000000000", @ANYRES32=0x1, @ANYBLOB="050000000000000000faffffffffffffff0000008c62a7e5bf1e3c94d48352946be209563229df985bff845abedc9be01fb13b615ef46e8c097728f880deddf0d3f7176c4d1beb187e1eaf6b3d4905b59336b325e9241316d3843075400bf819a114043986205bf677af87b94f1df42202e0efa585c076025a4490bcb02143d15a3948e0c081303ef4d0c98ab04385ad8f5110878cfa3d28200a133f6146707e6d1033ec5f3a3b16c8ba7c70f4c75053a5a716f909614129", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000000000000100"/28], 0x50)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x7, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x6, 0x0, 0x0, 0x272, 0xb, 0xfffffffd, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffff8000, 0x0, 0xffffffff, 0x1, 0x0, 0x9, 0x0, 0x0, 0x4, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x2000000, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb6, 0x0, 0x1, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x7, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff, 0x2, 0x0, 0x0, 0x19, 0x40000000}, 0x0, 0x7f}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000540)='net/netstat\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x7, 0xa, 0xff, 0x8, 0x101, 0x1, 0x75, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x5}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@bloom_filter={0x1e, 0x7fffffff, 0x5, 0x4, 0x1a, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1, 0x2}, 0x50)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000005e80)=ANY=[@ANYBLOB="1b00000000000000000200000020000000010000522b1d6f0a87580f56f88d72e7df2c13634133417685f9aa6355ad81a88988a757a033accfd9013f870db535f25fd72bf8cc8e0da4c0e54e5368e027e2efdf88ab16ac1ac27a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f00000000c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x1003, &(0x7f0000001e40)=""/4099, 0x41000, 0x4}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r7)
sendmsg$NL80211_CMD_GET_WIPHY(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x20, r8, 0x301, 0x0, 0x0, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x29}}}}}, 0x20}}, 0x40)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r6, &(0x7f0000000a80)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="061ad06420b0991c000000", @ANYRES16=r8, @ANYBLOB="00012dbd7000fbdbdf25270000000600360005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x24}, 0x20008000)

3m46.436811525s ago: executing program 3 (id=1366):
r0 = socket$kcm(0x29, 0x5, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{0x0}], 0x1, &(0x7f0000000000)=ANY=[], 0xd0}}], 0x1, 0x0)
close(r0)

3m45.670805366s ago: executing program 3 (id=1378):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="000c0000000c00000002000000000000000020000400000000000090e000"/47], 0x0, 0x26}, 0x20)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

3m45.670513246s ago: executing program 32 (id=1378):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c25000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="000c0000000c00000002000000000000000020000400000000000090e000"/47], 0x0, 0x26}, 0x20)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

3m39.213611768s ago: executing program 5 (id=1480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0xffffffff, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x8, 0xfffffffffffffff5, 0x6, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private0}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)

3m39.179341108s ago: executing program 5 (id=1483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mkdir(&(0x7f0000000200)='./file0\x00', 0x50)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', 0x0, 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_u}]}})

3m39.145013959s ago: executing program 5 (id=1484):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
mount(&(0x7f0000000100), 0x0, &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

3m39.116219099s ago: executing program 5 (id=1485):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x2002, 0x0, 0x9)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x1218088, &(0x7f0000000f80)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c1c1416c42047ca7a5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a035afc6241e25fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d"], 0xa, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
r0 = gettid()
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x65, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
open(&(0x7f0000000000)='./bus\x00', 0x1c71c1, 0x170)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x477, &(0x7f0000000f80)="$eJzs3MtvVNUfAPDvnT540/4IP5WHWqNGRG1pQWThRqOJC01MdIHLsS0EGaihNbEN0WoMLg2JKzfGpYl/gSvdGHVl4sYF7g0JMWxAV2Nu594yHWamQ5lHYT6f5HbOfQznfOecM3PuOcwE0LfG0j9JxM6IuBIRIxFRqL1grPJw8/rF6X+uX5xOolx+6+9kMD194/rF6fzSJHvcke8MRhQ+S+JAnXznF5fOFkul2QvZ/sTCufcn5heXnjtzrnh69vTs+akTJ44dnXzh+NTzbYkzjevG/o/mDu577Z3Lb0yfvPzuL98lefw1cbTJWLOTT5bLbc6ut3ZVpSsto7mhThaGlg1UuulKfVyJkRiIW5U3Eq9+2tPCAR1VLpfLDzQ+vVwG7mNJtHBROiroQlmAbso/6NP733zr0tBjU7j2UuUGKI37ZrZVzgyuzoMM1dzfttNYRJxc/vfrdIvOzEMAAKzxQzr+ebbe+K8Q1fNCu7M1lNGI+F9E7ImI4xGxNyL+H7Fy7YMR8dAd5l+7SHL7+KdwdUOBtSgd/72YrW2tHf+troKNDmR7u1biH0pOnSnNHslek0MxtCXdn2ySx4+v/P5Fo3PV4790S/PPx4JZOa4Obln7nJniQvFuYq527ZOI/YP14k9WVwKSiNgXEfs3mMeZw98ebHRu/fibaGGdaT3lbyKeqtT/ctTEn0uar09ObI3S7JGJvFXc7tffLr3ZKP+7ir8N0vrfXrf9r8Y/mlSv187fyb/+1dPp30t/ft7wnmaj7X84eXvNsQ+LCwsXJiOGk9crha4+PlVz3dSt69P4Dz1ev//viVuvxIGISBvxwxHxSEQ8mpX9sT92r/sq/PzyE+9tPP7OSuOfab3+yyMReUNYHI4ssXqkfmLg7E/fr8l0tH78uxvW/7GV1KHsSCvvf62U605bMwAAANyrChGxM5LC+Gq6UBgfr/wf/r2xvVCam1945tTcB+dnKt8RGI2hQj7TNVI1HzqZ3dbn+1M1+0ezeeMvB7at7I9Pz5Vmeh089LkdDfp/6q+BXpcO6Lg2rKMB9yj9H/qX/g/96/b+v7Un5QC6r87n/7ZelAPovnrj/49beeLO9pcF6K6a/m/ZD/qI+T/oXxvp/94z4P4w2Ownm4e7WhSge+a3xfpfkpeon0giljdBMZbOFkerjuS/XNPmLPLfwymWDkfE4lIUNkMVSHQq0ct3JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb5LwAA//+8Ztld")
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r3=>0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x8164, 0x10000, 0x2, 0x1, 0x8, 0x200, 0x4b, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000200), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)={0x2c, r7, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000000)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000070000002a0000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32=r8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
timer_getoverrun(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee8, 0x2031, 0xffffffffffffffff, 0x0)
lsm_get_self_attr(0x64, 0xffffffffffffffff, &(0x7f0000000040)=0xfffffffffffffdb1, 0x0)

3m38.978277801s ago: executing program 5 (id=1487):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x10)

3m38.729212575s ago: executing program 5 (id=1494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0xffffffff, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x8, 0xfffffffffffffff5, 0x6, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private0}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)

3m38.704362095s ago: executing program 33 (id=1494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0xffffffff, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0x8, 0xfffffffffffffff5, 0x6, 0x1}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @private0}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)

3m16.962906436s ago: executing program 2 (id=1888):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000006000000080000000c"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r1}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000140)=0x10)
listen(r0, 0xfff)
r3 = accept$inet6(r0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000340)={0x1d, r6, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
r7 = open_tree(0xffffffffffffff9c, 0x0, 0x81000)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000380)={0x0, 0x80}, 0x8)
setsockopt$sock_int(r5, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r6, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @mcast2, 0x3}, 0x1c)

3m15.988700459s ago: executing program 2 (id=1929):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800040000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',msize=0x0000000000001000'])

3m15.9666157s ago: executing program 2 (id=1931):
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={0x0, 0x9, 0x3, 0x7de0, 0x8e, 0xfff, 0xb92, 0x7fff, {0x0, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}, 0xe51}}, 0xf247, 0x401, 0x82e7f8, 0x800, 0x6}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="05000000b00200000300000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="0000007f6db0ed876e00010007000000000705"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x5, 0x486, 0x1000, {}, {0x77359400}, {0x2, 0x0, 0x1}, 0x1, @can={{0x3, 0x1, 0x1, 0x1}, 0x27, 0x3, 0x0, 0x0, "e05ad60a92c50497"}}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="050000009f6000"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="00000001"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x8800)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], &(0x7f0000000040)=""/249, 0x46, 0xf9, 0x9}, 0x28)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
r7 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
fchdir(r7)

3m14.217496515s ago: executing program 2 (id=1950):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfcfa, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x0, 0x2d, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4}}}, 0x24}}, 0x50)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0xb4}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f00000002c0)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000940)='sched_switch\x00', r8}, 0x18)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000001900)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000a00120002002800000019002d4400009b84136ef75afb83de066a5b00e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
flistxattr(r2, &(0x7f0000000040)=""/24, 0x18)
sendmsg$NFT_MSG_GETSET(r9, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440100000a0a01030000009d4b6a2b500a00000000000700000a0800084000000001cf000d40efe68471845d3d570a906901edab8c0aa3c10cf8d44d5f3df175d47395b3f17d5aa22bcfbd456e49ba26ef71cad403300ef79bd03d375a671a73896fe66b53bccfa0b172e14a55faa18c6034fe329a314c2360b8d69a03d1a52dbf9dc1f4cac05d5441ebb36e6bf5f402cb99610c036743cab63e096aca39090e8af60e518f87ce2934fe45ae52c3c97d73ec324488d0e1e871e0585c1e77dbf01d72b7dc661d620b86b9f13e9e93682af22133420b4ba3c6545a35fb4d3bf2332d5b63bf2b7ad6f44298763d9f82ef74d70024001280100001800b000100736f636b6574000010000180090001006d6574610000000008000440000000030800064000000000080005400000000f08000f400000000614001280100001800b00010074756e6e656c0000"], 0x144}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m14.165699456s ago: executing program 2 (id=1954):
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0xa1c406, &(0x7f0000000400)=ANY=[@ANYRES32=<r0=>0x0, @ANYRES16, @ANYRESDEC], 0x1, 0x2a2, &(0x7f0000001140)="$eJzs3M9r02AYwPGn6dZ0k/04CXrxQS96CbMe1UOVDcSC0q2iHoSMZVpa25EUbUUwZ0/7O4ZHb4L4D+y/8DYE2WknI22zNOu633Wt3fcDI++b5323J3nJeNKSbD1ff1ta9axVuyZGWsUQ8WVHZFaKsisRblOtdiraL/cz4sutuXfbnxdfvHyczeXm86oL2aU7GVWdvvb9/ccv13/ULj37Om2asjn7aut35ufm5c0rW3+W3hQ9LaakUq2prcvVas1eLju6UvRKlurTsmN7jhYrnuPuia+Wq2trDbUrK1OTa67jeWpXGmpIQ2tVTYdZVdSyLJ2abLbTcoGkTjyjsJHP29lOfz7Z34wwDFw3azcXdmLf1VDYGExGAABgkA6u/41ozG79b3TX/yJH1P+fwlHT33rW/56evv5PSlT/l5xW/V9zG2q/tovx+h+H6q7/j8f4N8ngLBJ+rPNgT8h1sxO9J1H/AwAAAAAAAAAAAAAAAAAAAADwP9gJgpkgCGaaW0NEgrBvikgy1u8x9UI9Wz+q4usfxH7McIEPWX+MgNiDe2mRX369UC8kWtt2fOFRbn5OW2IP/m3X64VkFL/djuve+LhMhvFMz3hKbt5ox5uxh09y8fh6vTAhK4dm7vfrFAAAAAAAMPIsjcxGO9MS3d9blprSHW/dv7dbfufzAe28GqgZH5OrY+d5JAAAAAAA4CBe40PJLpcd93wayXP8W6duiJxu+t3A7EsaSRE5Ykx+UWTwJ2pfw5ShSGOUG/f69guDhEh7z3j4z6DrKgAAAAAwWjr3Ayefy9f7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0x5neImYcb/CgjxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYFn8DAAD//8DvvIM=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="30000000130001002abd7000f9dbdf2500000000", @ANYRES8=r0, @ANYBLOB="008300003020000008002e"], 0x30}, 0x1, 0x0, 0x0, 0x200088c4}, 0x20000000)
read(r1, &(0x7f0000001400)=""/4096, 0x1000)

3m13.90065562s ago: executing program 2 (id=1966):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',msize=0x0000000000001000'])

3m13.86798262s ago: executing program 34 (id=1966):
open(&(0x7f0000000180)='./file0\x00', 0x40c5, 0x24)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',msize=0x0000000000001000'])

1.41462001s ago: executing program 1 (id=6020):
socket$nl_xfrm(0x10, 0x3, 0x6)
unshare(0x40020000)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000014000b032bbd7000fcdbdf250a281000", @ANYRES32=r1, @ANYBLOB="080008000604000014000100ff"], 0x34}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r2, 0x0, 0x25, 0xe, @void}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0xfffffffd, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000808}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000e50000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e334185850000007300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f00000010c0)=ANY=[@ANYBLOB="b674047f09904e0773373ed4e9e523b774d1bdfde758ccfbac71c1e31f8fc8be9471903c4a464bf4250c88b4c1ee4062a583fa2b8fa95b59af09b06252c52c2c82b0a43accc6ce2191f40422d3c47922cd2e546be731b9d126911f14b434945f1e09749933c15603050fc38fab61a096b9e31741bc1644214126b622c97e2ada00f212", @ANYRES8=r2, @ANYRES64=r5, @ANYRES64=r5], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0xffffffffffffffff}, 0x13)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x582, &(0x7f0000009ec0)="$eJzs3U9rHGUcB/DfM9mkf9KaVAStPRgo2IKaNGlFEcEW682DfwqeBGOSltJtG5oItlZsob4DfQGCNy/isYgU9eLVm+ALkGKRNhdvkdnMpNt2N82fTadmPh/YZJ55MjzPZPnuM/vszGwAtTWS/8gi9kbEbIoYaqtrRFE5svR3d25fnlq4fXkqxeLi+/+kSMW68u9T8Xuw2Hh7RPz+c4on+x5sd+7ipTOTzebMhaI8Nn92dmzu4qWXTp+dPDVzaubcxPgr4y8fOTxx5FBP9nN3RPw6erxx7eSb+76f+nbPFz9+dz3F0dhV1LfvR6+MxMjy/6Rd/n99tdeNVaSv2J/2pzg1KuwQa1I+f/0R8XQMRV/cffKG4st3K+0csKkWU8QiUFNJ/qGmyuOA/P1v+aj2iAR4VG4dW5oAuJOW5vYWlvPfWJobjO2tuYGdCynap3VSRPRiZi5vY/b5NJQ/YpPm4YDOrlyNiGc6jf+plc3h1ix+nv/snvxnEfFO8Ttf/9462x+5ryz/8OhsJP8fteX/43W2L/8AAAAAAADQOzeORcSLnT7/y5bP/4kO5/8MRsTRHrT/8M//sps9aAbo4NaxiNcjojz3b6Et/4XhvqK0u3U+QH86ebo5cyginoiIg9G/LS+Pr9DGyL7f+rvWtZ3/lz/y9stzAYt+3Gxsu3eb6cn5yY3sM7Dk1tWIZxud8p+Wx//UYfzPXw9mV9nG4vE3fulW9/D8A5tl8ZuIAx3H/7t3rkgr359jrHU8MFYeFTzosw+v/9CtffmH6uTj/86V8z+c2u/XM7f2Nj7/+88N5L/z8f9AOtG65cxAse7Tyfn5C+MRA+ntB9dPrL3PsBWVeSjzkuf/4P7O7/9XOv7fERFXVtnmiZ/eutatzvgP1cnzP72m8X/tC/s/+Prfbu2vbvw/0hrTDxZrzP/BylYb0Kr7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/R1lE7IqUjS4vZ9noaMRgRDwVO7Pm+bn5F06e/+TcdF7X+v7/rPym36Glciq//3+4rTxxX/lwROyJiK/6drTKo1Pnm9NV7zwAAAAAAAAAAAAAAAAAAAA8Jga7XP+f+6uv6t4Bm65RdQeAysg/1Jf8Q33JP9SX/EN9yT/Ul/xDfck/1Jf8Q33JPwAAAAAAbCl7nrvxR4qIK6/taD1yA0Vdf6U9AzZbVnUHgMq4xQ/Ul1N/oL5S1R0AKvew14Ht694SAAAAAAAAAAAAAOiVA3td/w915fp/qK/u1/+7MwBsda7/h/ryHh9w/T8AAAAAAAAAAAAAPP7mLl46M9lszlxY78K2jW1uwUJ9FiL1IHGPaKHqVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKD0XwAAAP//dt72Ng==")
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00', r8}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)

934.677557ms ago: executing program 4 (id=6028):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[@ANYRES16=r2, @ANYRESDEC, @ANYBLOB="a1ab000000000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10) (async)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

894.826697ms ago: executing program 4 (id=6031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)

894.446027ms ago: executing program 4 (id=6032):
perf_event_open(&(0x7f0000000140)={0x2, 0x99, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x10, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r3, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="0f0000000000000002004e21ac141444000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000be7a00000000000000000000000000000000000000000000000000010000000300000002004e200a010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bf5cc5aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230a010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21ac1e000100"/528], 0x210)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='contention_end\x00', r4, 0x0, 0x4}, 0x18)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r6 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
pwritev(r6, &(0x7f0000000640)=[{&(0x7f00000005c0)="80034fa11a48377fc2f03eb4633bdac46c73f672c0aab6b5b7d7fb2778f6d2d7ed4793677d86589d2dd9cb6ec695dbb5d0b38a7327d76a48d8755ad9ee9c4e5d7128588c54c1a3fd", 0x48}, {&(0x7f0000000900)="730bc8c7b87c564a40", 0x9}, {&(0x7f00000017c0)="ab514a7e1830410a3c008f534e4177e61f0b005258566674253fbb86d675d2482c68425f48ddf9434a8818124297b4e3eb229d84feb0be455455012594b160b58ff0a70ec61ed4200e5a7e0ec0a2015bcdbdbdc3713ec9ce321c865137ac792db1fb186c44416f8e06901c89510550151c5ae562d3759000f7d8c08393f4f385eb9a7db07c2af34534bd216b275896ac1fc9f6cf1015aef015b499a5510e76dde8295ddd6eb65f51542187b53e2a7d7c8ec8be8e81f18380110baa6fe7a7a5dad52a7f0a2529b7608ef90eb278f3aafe5f8be879bf6f075cea6b7d9ca41dbb7dc59614daaf42139d48f8582e4dac45d38ae4617048e096f13f4394058658eb9615d2b0a8cfd0e933aec7784dd8138595a4348e89dea6495bf25b3eb4b94c1fb0b1e93217c2d84d44d7ab732b3106e6cbc3fb33189784d151124ef5e7d4d9da7eb1b9aecbad57cd49d1788e7886c6b5a1c33e40ef8fca6d753a5791fdd1b1e1b6bf0897812fe5343b8fdcd33b080fa8a1a5a7cdf05a8cd4d60c8ce9bab72ad1bfdcb2369a3386ff0328cf43095c084ecd7488e9da22a483809af6611f47cf150ab8e790af4b665fef887a066423f601c41188dc88ecd087e4d55cb6d1860898f0272e343fe34dc78adbce0544ac12d480b9cfc24905cb1d555db2d21b84e8937bd8990dad2b060f458b9252956ed9e58b18d78b656a835caf57323ed1675bcf96c96d37f04448b06e6be386b82b8794473a4bfe8e814686e2ea0511770b7980b2cff6cc6246b736715eda51a6eeba0466c40413e8780bbb14e00462a06cd832deca9473b3e670917f4865f4ca5a81d425e55d12f26ee767d0eccb6301d21aa461f20dbc5820d0d4aa75caabe03e489700c1c05befd79659597b4b62a9b1da57d409e70715cd53d01f5f259e2b516b0dbce17936344bf2cc535929f4d7bbbcbedebe1c97aff8f6c591da190521c2492be2c775aa02ed1535910b0fcc3e109d23b2bf2af420ca5b5f8d75f1e607d7d71eb54a0c9008b4734ebf629b519938a098c01b36803e74f91052127f1dfa731b95b244ce691dc2d9f724f92537a4a3e4b7ceb576b5f91cc9d4b1d0dee87cfce4d75e5e88fcb8e2c7c9c17a16536d5fd1616971ba5524b839a615dcf8b7896bb577e03db86f8bd24e1421dcdb76f6c3a938c9fdd8dfc22b8ba8040d3832af4cb2acbcc22c05bc937c62d1c2dc6a7a234617eaf79606e2c3581a159764193b1557b0499681969aff6a2cc705b37e642c5df949e9f4d71dc724db3005ee7694b097a61acf3d009e9a9fa4e36e540c73052beabe759045e48c183c9dcce7a17b9d705d821cff0c267a666c00e96c16d6d2a3ffebeb5ff6dae72251c46dde4ad44db93ec95a8c1a4ead9e326b1a5eac9d32a897fa6781a7c48eb476768ea5a5aea2876e0d480411a3e3f779ab49749e65c988264d99d57eb48422c8809f00895b9aa5a8c85691ffa2c9a3aeaa0d87b06e8494d5fe8c93c7df06a951a48f805aff8034511b3933045aefd68e04c7ae133c72fe304f7a4b669b92e1939fb32f70e4cfa93550a1883d4946883b00364b0a9a0b1c48752af91c490443ebceb449949602b78d5235f6258829493b041ba9db24b496097f3f62e4dd5235db8aa1565a6d1f30c4bd4efddd50288339bc35678fe36de27671af43f0e60f2c1eec49621f67f4d951d01c8882b4cbf4e828692fe9739641d1508fd9582df64e10e2ca944c551f6aa4c0ab464ece71417ccc10d088fbafa48d48b061a2e8a17dbe9191b88afe09406579749eb6f2b65b07cfa0837d606a61652c2ae0b3099aa88853c44f9560aef56aedc344d86cc9b9b3d48f6b3e9af9be5768f34bb2c9fd2831239bf48f8846a349200b1d9b7c525469b440e11a93a019f56c52ba7278540028a183e5a8875807b1751ee369287589058dc4ead314c98777ebc656815a131b390cdf1ec8077ee27aa7fd26b2fe11cd0565e407b7f4676421ff0d8a1addc1cf5e17fdd33347da2c764738afeeb62c6656b765184c1d1657fac2962dc008dcd18747f46817dc961a9f389db4ff836271fde0c9b3dd43ae0bc44966226b460ce609808c826afeca468a67d1267457972315159649f979b319b38eb5836316f24d7281bb8764389356bf5d85b1003c8746612ce69d2c8f2af3ffdb09b982420bf2f8d3b741ff1ad1c8e3822c36062d7006a972c0db256803aee1554cba1fc08e1a7e21b3da408b533787b1f40d99606730944b814891c131de9db1a1b2e12a30c9cbf859e58fbc1a0e273d70635d556fcdab7215224b720f7e554b4b9d98ed4a3e09a48d4e466eb97250ce7dc5f84bfdc2c54793908d4d9c54e1063bc505b8a8637194e63f073728b97f5b3311e509b350d426c61110a5450b7cf1939e4a8098bf060ae7d6fd1cc74ca79b4bd477069018d1bd93ff0222f8df8fca32bafd03c64d3fb12a5d4adffa3c5ef93f8bab948f47ea252968a71f94d4c6cacab504c68d72adb76cf0b619a977d6018b92d38c992c09a7e94b6bd21b0ac76ea175970f69a532aa8f050520697bc41b638c6d4d36f31a6202a0b5955ca218735b8463fd7c80e873070d3045d3a86e8d9b9b8891010be78ef13bd5ef30e180381396f53bde26c125040c469a019657124f57a5988638996b7bd746f91d7f3b511e246df7fef82170c1ab82fa687a6c188f230961a7fe139910cbe83f2d11da4319308ef6742fe6613b2318d4f0e574ed23d741580c1117b17600d2a7511d26d115a5893909dcf1570c6f9868acf6819ad4fcc7c00a9e4ccbf5bbebc6a33e376ef2cd2e8a22ca24b1dc5b06810472868df0e4b80fd1ccb324b9e151b2431c3b6b845a696c64ed5fe8f85caf824b0b1cfe79b96b302de42a13cfb80ecd70a43a6d2f4b9bb05d2173fe0f002701ecbb426422a1f9fa816786fb5d6c48b32c2dc52a3ecfd27a334074a6e46d9e80dce70ae999cfdbfb2092967ebd0086e35e86362410ffb17bde748da31556746945ef3f05e913d37c823f52a7c3309b708e007160cbd19ab08b7f0c50ad7bf117c2010267872452ddfea76ae14be71486a849cfb9d2afe3987c261fc67350573b77b5c3ce50b390f626097a68aacde549b28e9715a005017222d70a719705bcedb6785b973573fbf807b54f077957e2a8e70141cc386cea12ff1443da193b29a538f30cb433eb182c4ce811b84169a8a2d5e679c153f69c617243609964c0187a6cc3776e7c69631dbc381425f90801f58dc7fcaf9dc43a04ef34ee11e9ccd5d519183f8541a6522cc82fdf06fd11221fe07c85751e20a5c048c119b059a84c43f08a2604b6e96361c11e659d0f8c8c3355a2b1d49e9e96696dcd49026f7419305b3588c2b6e48b4ba7e81c76ee802990730d5ee07b81233d22b5e9e2adc95104ec521cd5ed391fd1a4a6e10ff062104dbada745deceb21cf5ee71b71ee7b2de72e17d66b545a40e5a464b51102493f871cf7edd66546ef6e1ce82f7f74f068e7df09a0e66d469d88aabc428548ddffda6df2c979bba26af9f0282510b2fc524a22531ad1ef42ce921012ad53a6027a57b6133626e4c2e18d5b33494ddb593d998849d49d98954ea97389f4d79937686a9892958d1405a36df9ae8f20949271aeec0e62d1ac658444a23c00e3ccd493781450863252703174f6ece0bb6204932792660a7559d730768cfbe5d291ab5b90602bf5ab5e2056c84f21065efabe0ed83e71a12a8d0acec34d98e118bb7d418ad495a2b80e5294e96d1be62b761582154bb6718081747ba5a4a8b1474ff67d7d31b17d5aa4bfb35312194cc57c8fe3ec35c4c40e2dc8e64261f466d972755f8b6e653be76b06d51e5a3107cb6877b385765bfdd7ea39c371ae6f8ff2b00f61f6e7516a6cb808f62807b60def0139f5c1db6f5a519e0e8069a15b0a70f8c782fb94f20cec80d3db4bb830d920a3fd3df20c79e187d975b80896d69bf31ac1a3ef271f5f74a29a0771807dfa8cdc56241fe2f429ca000ffeaa2349b50978773a58b02edb9a3e96778358e5171a1ff67acb6c2105ba1d6b9c7e5c07a522250aa6680e0c285d6bf639a2b9ed954a93aa25c753d89a7215c23d120063470067fcb39c9f3b203fefc80fbef83baacae590525ba3141ae45f607e5c184d22e43d99356292d02b90a12635c466bd590af09b3a6d0858b634440821757277b75c5209c2388fe69963acc3315410aaf7d54d8ca5bac1f727f2cbf6517d0676a7f64c91072692d43c78580d77e52697513dbc01134e49042657a5d8d99bcee8c6fd521187af9b4fcc463cc0dddf50bcccf9ec25aeb1126a5e6047c1b97faf6e42dc6ae3845ae9fa5047cdc8e4d5f0c6560fe482a883f9c806ccba4022b22dc3034269dc309111ab6de56d6b09efd3485a6806cbc15dabcaffcbdc0c2888960638bd1c9a4d30dea347ea7cfef8f8b1a654817c63a42eb1e2a9c1f2ba9fad2baec42e81fb14be5ae965ae77b83037c19084dc92d8ab9fab020ccca4730cb1fbf81f779f780967ac29466d5490d57449f90884e8d0c0c8c99d468568d19dc1bf4c90eab64b2b9a98fd0315549ad0719679d6b11a61e100a93111276d7a877eecf1c3b2528f17794f64af354560dfbf99eda21e0ccea752dd0455beedd4b21b8dd7dfa033397e45ffc65ecb17592cecb51bae428d35febd74605ef90e22023ed3b6963f6e4bb11c174e52c9671ddf13b0b639aa531d68fbb5e7d13a81903a924580b8061e46788fd46435bfd4b1692a693ab3047c5f9d0c006cfc0cf4eed4aa4addb9523089c6554fb8b7809eb857e1b96f27dbba598c5aaac02a205f35078fcf4c9a6f421f53cc4e10564c5cfa2c202a263aa085a51bf7b284b366be766353807799fc53cc315bcd869d4a631bf7659612123e6d19447688b2e463d8f10f327cee1b2e8f8e39ced4f2fab17ca27357ae55962395db127f72336f18d791add0d4de793daecefe813bc97000ef7d397fba96bba842a5ebba8e6a480e96c3bcf80cbbd1e0b7423139230995f7e4229819d9e6e2cf3c6ea6879db6faa3d338cf9e646c78004c4f6d8ea30dc30abd3f7612e9cb8be3cc130673133f411dc0b99be68957ad853b5a43fbd0f25f2a47f875602a96bd75073294c294fbbcda98ae4d38122f380516040e395ccdb239ccd1cd246717d6a578de3ad9c0ae19fe415837074ffb4b91bf3eb37654fa08f8e9430bf755255b7ef1eaa24c9455dd118c7fac5ae42e69a47cb5362ca3206920d1c765379cdae0a0c71429dd26cd527a578ca48d6bcfcf2ed8bb4a2319cf9c6162d1eac0d9d06f979133bdeab07eb3ed6c1b4f9f057284171eaa996c68d8e2e7d108c96e6159ba0b16596da98348961474fc2e3478d90d5b214b0c97e4d4d89d9f6b3706f1153fb9b0770afad6698efdc882e4586569d1981a68083f84a1cb4f3da4aa66173a1d92622d5016bfb534318544be6303ad7dde73e38d56d7c374867d9f7834d32b75b954e3ad21ff25b04dfefa1403380937f1ae86779488f3c6d334c49a0254c072c53b15c18299bac7c15cce10a1dafd5644f12afb52271277801c216be7be89a59eae283a695d25348a8923d550770e2b7ac46a7a76b1c914b2c3f6a915949733e6031ac13798", 0xf8d}], 0x3, 0x6, 0x81)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)

770.907739ms ago: executing program 6 (id=6035):
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000500)={0x0, 0x1, 0x8, 0x0, 0x4401}, 0xc)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4)

762.776549ms ago: executing program 4 (id=6037):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

757.983409ms ago: executing program 1 (id=6038):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000640)={@broadcast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "87fb89", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2}}}}, 0x0)

722.10869ms ago: executing program 7 (id=6040):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)

712.61371ms ago: executing program 6 (id=6041):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000680)=""/88, 0x58}, {&(0x7f00000047c0)=""/4048, 0xfd0}, {&(0x7f00000037c0)=""/4069, 0xfe5}, {&(0x7f0000000ac0)=""/235, 0xeb}, {&(0x7f0000000080)=""/109, 0x6d}], 0x5}, 0x100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e513aeac9bf2bee150d5fe86", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

678.85211ms ago: executing program 4 (id=6043):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x38, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r7, 0x0, 0x100000000}, 0x18)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r8, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b040000000000000000020000400900020073797a32000000000900010073797a30520000002800048024000180090001006d657461000000001400028008000240000000130800034000000017140000001100010000000000001300000000000a"], 0x7c}}, 0x0)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000f80)=ANY=[@ANYBLOB="050000000000000073113500000000591029197fa138008500000002090000000000000000000095000000000000009500a5050000020023256522c69c2f2bd9c47e3b0a864f4f5e5942be8b2d23cdcb8acd2b7da37bf605ea32dee6287a72c9f2f00ca6a03e4c664382716f3aba07b893ca91d490a3d451847be879466b73d6a51349678145045fe8218a72be935fe5b7d38a5bc6d9c831"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r9, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
r10 = socket$qrtr(0x2a, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x2, &(0x7f00000001c0)=[{0x5c, 0xfc, 0x7f}, {0x6}]})
connect$qrtr(r10, &(0x7f0000000e00)={0x2a, 0x0, 0xfffffffe}, 0xc)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x1)
r11 = socket$inet6(0xa, 0x4, 0x1ff)
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000200)={0x8, &(0x7f00000001c0)=[{0x6, 0x2, 0x9, 0x4}, {0x1000, 0x66, 0x5, 0x1}, {0x3, 0xa, 0x6, 0x8}, {0xfff, 0x2, 0x10, 0x1}, {0x7fff, 0x5, 0x6, 0xc1b}, {0xc, 0x3, 0x0, 0x200}, {0x267, 0x3, 0x80, 0x3}, {0x88b, 0x9, 0x0, 0x5}]}, 0x10)

674.95779ms ago: executing program 7 (id=6044):
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x6}, 0x18)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x28)

639.222651ms ago: executing program 7 (id=6045):
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

592.018722ms ago: executing program 6 (id=6047):
perf_event_open(&(0x7f0000000140)={0x2, 0x99, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x10, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r3, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="0f0000000000000002004e21ac141444000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000be7a00000000000000000000000000000000000000000000000000010000000300000002004e200a010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bf5cc5aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e230a010100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e21ac1e000100"/528], 0x210)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='contention_end\x00', r4, 0x0, 0x4}, 0x18)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r6 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
pwritev(r6, &(0x7f0000000640)=[{&(0x7f00000005c0)="80034fa11a48377fc2f03eb4633bdac46c73f672c0aab6b5b7d7fb2778f6d2d7ed4793677d86589d2dd9cb6ec695dbb5d0b38a7327d76a48d8755ad9ee9c4e5d7128588c54c1a3fd", 0x48}, {&(0x7f0000000900)="730bc8c7b87c564a40", 0x9}, {&(0x7f00000017c0)="ab514a7e1830410a3c008f534e4177e61f0b005258566674253fbb86d675d2482c68425f48ddf9434a8818124297b4e3eb229d84feb0be455455012594b160b58ff0a70ec61ed4200e5a7e0ec0a2015bcdbdbdc3713ec9ce321c865137ac792db1fb186c44416f8e06901c89510550151c5ae562d3759000f7d8c08393f4f385eb9a7db07c2af34534bd216b275896ac1fc9f6cf1015aef015b499a5510e76dde8295ddd6eb65f51542187b53e2a7d7c8ec8be8e81f18380110baa6fe7a7a5dad52a7f0a2529b7608ef90eb278f3aafe5f8be879bf6f075cea6b7d9ca41dbb7dc59614daaf42139d48f8582e4dac45d38ae4617048e096f13f4394058658eb9615d2b0a8cfd0e933aec7784dd8138595a4348e89dea6495bf25b3eb4b94c1fb0b1e93217c2d84d44d7ab732b3106e6cbc3fb33189784d151124ef5e7d4d9da7eb1b9aecbad57cd49d1788e7886c6b5a1c33e40ef8fca6d753a5791fdd1b1e1b6bf0897812fe5343b8fdcd33b080fa8a1a5a7cdf05a8cd4d60c8ce9bab72ad1bfdcb2369a3386ff0328cf43095c084ecd7488e9da22a483809af6611f47cf150ab8e790af4b665fef887a066423f601c41188dc88ecd087e4d55cb6d1860898f0272e343fe34dc78adbce0544ac12d480b9cfc24905cb1d555db2d21b84e8937bd8990dad2b060f458b9252956ed9e58b18d78b656a835caf57323ed1675bcf96c96d37f04448b06e6be386b82b8794473a4bfe8e814686e2ea0511770b7980b2cff6cc6246b736715eda51a6eeba0466c40413e8780bbb14e00462a06cd832deca9473b3e670917f4865f4ca5a81d425e55d12f26ee767d0eccb6301d21aa461f20dbc5820d0d4aa75caabe03e489700c1c05befd79659597b4b62a9b1da57d409e70715cd53d01f5f259e2b516b0dbce17936344bf2cc535929f4d7bbbcbedebe1c97aff8f6c591da190521c2492be2c775aa02ed1535910b0fcc3e109d23b2bf2af420ca5b5f8d75f1e607d7d71eb54a0c9008b4734ebf629b519938a098c01b36803e74f91052127f1dfa731b95b244ce691dc2d9f724f92537a4a3e4b7ceb576b5f91cc9d4b1d0dee87cfce4d75e5e88fcb8e2c7c9c17a16536d5fd1616971ba5524b839a615dcf8b7896bb577e03db86f8bd24e1421dcdb76f6c3a938c9fdd8dfc22b8ba8040d3832af4cb2acbcc22c05bc937c62d1c2dc6a7a234617eaf79606e2c3581a159764193b1557b0499681969aff6a2cc705b37e642c5df949e9f4d71dc724db3005ee7694b097a61acf3d009e9a9fa4e36e540c73052beabe759045e48c183c9dcce7a17b9d705d821cff0c267a666c00e96c16d6d2a3ffebeb5ff6dae72251c46dde4ad44db93ec95a8c1a4ead9e326b1a5eac9d32a897fa6781a7c48eb476768ea5a5aea2876e0d480411a3e3f779ab49749e65c988264d99d57eb48422c8809f00895b9aa5a8c85691ffa2c9a3aeaa0d87b06e8494d5fe8c93c7df06a951a48f805aff8034511b3933045aefd68e04c7ae133c72fe304f7a4b669b92e1939fb32f70e4cfa93550a1883d4946883b00364b0a9a0b1c48752af91c490443ebceb449949602b78d5235f6258829493b041ba9db24b496097f3f62e4dd5235db8aa1565a6d1f30c4bd4efddd50288339bc35678fe36de27671af43f0e60f2c1eec49621f67f4d951d01c8882b4cbf4e828692fe9739641d1508fd9582df64e10e2ca944c551f6aa4c0ab464ece71417ccc10d088fbafa48d48b061a2e8a17dbe9191b88afe09406579749eb6f2b65b07cfa0837d606a61652c2ae0b3099aa88853c44f9560aef56aedc344d86cc9b9b3d48f6b3e9af9be5768f34bb2c9fd2831239bf48f8846a349200b1d9b7c525469b440e11a93a019f56c52ba7278540028a183e5a8875807b1751ee369287589058dc4ead314c98777ebc656815a131b390cdf1ec8077ee27aa7fd26b2fe11cd0565e407b7f4676421ff0d8a1addc1cf5e17fdd33347da2c764738afeeb62c6656b765184c1d1657fac2962dc008dcd18747f46817dc961a9f389db4ff836271fde0c9b3dd43ae0bc44966226b460ce609808c826afeca468a67d1267457972315159649f979b319b38eb5836316f24d7281bb8764389356bf5d85b1003c8746612ce69d2c8f2af3ffdb09b982420bf2f8d3b741ff1ad1c8e3822c36062d7006a972c0db256803aee1554cba1fc08e1a7e21b3da408b533787b1f40d99606730944b814891c131de9db1a1b2e12a30c9cbf859e58fbc1a0e273d70635d556fcdab7215224b720f7e554b4b9d98ed4a3e09a48d4e466eb97250ce7dc5f84bfdc2c54793908d4d9c54e1063bc505b8a8637194e63f073728b97f5b3311e509b350d426c61110a5450b7cf1939e4a8098bf060ae7d6fd1cc74ca79b4bd477069018d1bd93ff0222f8df8fca32bafd03c64d3fb12a5d4adffa3c5ef93f8bab948f47ea252968a71f94d4c6cacab504c68d72adb76cf0b619a977d6018b92d38c992c09a7e94b6bd21b0ac76ea175970f69a532aa8f050520697bc41b638c6d4d36f31a6202a0b5955ca218735b8463fd7c80e873070d3045d3a86e8d9b9b8891010be78ef13bd5ef30e180381396f53bde26c125040c469a019657124f57a5988638996b7bd746f91d7f3b511e246df7fef82170c1ab82fa687a6c188f230961a7fe139910cbe83f2d11da4319308ef6742fe6613b2318d4f0e574ed23d741580c1117b17600d2a7511d26d115a5893909dcf1570c6f9868acf6819ad4fcc7c00a9e4ccbf5bbebc6a33e376ef2cd2e8a22ca24b1dc5b06810472868df0e4b80fd1ccb324b9e151b2431c3b6b845a696c64ed5fe8f85caf824b0b1cfe79b96b302de42a13cfb80ecd70a43a6d2f4b9bb05d2173fe0f002701ecbb426422a1f9fa816786fb5d6c48b32c2dc52a3ecfd27a334074a6e46d9e80dce70ae999cfdbfb2092967ebd0086e35e86362410ffb17bde748da31556746945ef3f05e913d37c823f52a7c3309b708e007160cbd19ab08b7f0c50ad7bf117c2010267872452ddfea76ae14be71486a849cfb9d2afe3987c261fc67350573b77b5c3ce50b390f626097a68aacde549b28e9715a005017222d70a719705bcedb6785b973573fbf807b54f077957e2a8e70141cc386cea12ff1443da193b29a538f30cb433eb182c4ce811b84169a8a2d5e679c153f69c617243609964c0187a6cc3776e7c69631dbc381425f90801f58dc7fcaf9dc43a04ef34ee11e9ccd5d519183f8541a6522cc82fdf06fd11221fe07c85751e20a5c048c119b059a84c43f08a2604b6e96361c11e659d0f8c8c3355a2b1d49e9e96696dcd49026f7419305b3588c2b6e48b4ba7e81c76ee802990730d5ee07b81233d22b5e9e2adc95104ec521cd5ed391fd1a4a6e10ff062104dbada745deceb21cf5ee71b71ee7b2de72e17d66b545a40e5a464b51102493f871cf7edd66546ef6e1ce82f7f74f068e7df09a0e66d469d88aabc428548ddffda6df2c979bba26af9f0282510b2fc524a22531ad1ef42ce921012ad53a6027a57b6133626e4c2e18d5b33494ddb593d998849d49d98954ea97389f4d79937686a9892958d1405a36df9ae8f20949271aeec0e62d1ac658444a23c00e3ccd493781450863252703174f6ece0bb6204932792660a7559d730768cfbe5d291ab5b90602bf5ab5e2056c84f21065efabe0ed83e71a12a8d0acec34d98e118bb7d418ad495a2b80e5294e96d1be62b761582154bb6718081747ba5a4a8b1474ff67d7d31b17d5aa4bfb35312194cc57c8fe3ec35c4c40e2dc8e64261f466d972755f8b6e653be76b06d51e5a3107cb6877b385765bfdd7ea39c371ae6f8ff2b00f61f6e7516a6cb808f62807b60def0139f5c1db6f5a519e0e8069a15b0a70f8c782fb94f20cec80d3db4bb830d920a3fd3df20c79e187d975b80896d69bf31ac1a3ef271f5f74a29a0771807dfa8cdc56241fe2f429ca000ffeaa2349b50978773a58b02edb9a3e96778358e5171a1ff67acb6c2105ba1d6b9c7e5c07a522250aa6680e0c285d6bf639a2b9ed954a93aa25c753d89a7215c23d120063470067fcb39c9f3b203fefc80fbef83baacae590525ba3141ae45f607e5c184d22e43d99356292d02b90a12635c466bd590af09b3a6d0858b634440821757277b75c5209c2388fe69963acc3315410aaf7d54d8ca5bac1f727f2cbf6517d0676a7f64c91072692d43c78580d77e52697513dbc01134e49042657a5d8d99bcee8c6fd521187af9b4fcc463cc0dddf50bcccf9ec25aeb1126a5e6047c1b97faf6e42dc6ae3845ae9fa5047cdc8e4d5f0c6560fe482a883f9c806ccba4022b22dc3034269dc309111ab6de56d6b09efd3485a6806cbc15dabcaffcbdc0c2888960638bd1c9a4d30dea347ea7cfef8f8b1a654817c63a42eb1e2a9c1f2ba9fad2baec42e81fb14be5ae965ae77b83037c19084dc92d8ab9fab020ccca4730cb1fbf81f779f780967ac29466d5490d57449f90884e8d0c0c8c99d468568d19dc1bf4c90eab64b2b9a98fd0315549ad0719679d6b11a61e100a93111276d7a877eecf1c3b2528f17794f64af354560dfbf99eda21e0ccea752dd0455beedd4b21b8dd7dfa033397e45ffc65ecb17592cecb51bae428d35febd74605ef90e22023ed3b6963f6e4bb11c174e52c9671ddf13b0b639aa531d68fbb5e7d13a81903a924580b8061e46788fd46435bfd4b1692a693ab3047c5f9d0c006cfc0cf4eed4aa4addb9523089c6554fb8b7809eb857e1b96f27dbba598c5aaac02a205f35078fcf4c9a6f421f53cc4e10564c5cfa2c202a263aa085a51bf7b284b366be766353807799fc53cc315bcd869d4a631bf7659612123e6d19447688b2e463d8f10f327cee1b2e8f8e39ced4f2fab17ca27357ae55962395db127f72336f18d791add0d4de793daecefe813bc97000ef7d397fba96bba842a5ebba8e6a480e96c3bcf80cbbd1e0b7423139230995f7e4229819d9e6e2cf3c6ea6879db6faa3d338cf9e646c78004c4f6d8ea30dc30abd3f7612e9cb8be3cc130673133f411dc0b99be68957ad853b5a43fbd0f25f2a47f875602a96bd75073294c294fbbcda98ae4d38122f380516040e395ccdb239ccd1cd246717d6a578de3ad9c0ae19fe415837074ffb4b91bf3eb37654fa08f8e9430bf755255b7ef1eaa24c9455dd118c7fac5ae42e69a47cb5362ca3206920d1c765379cdae0a0c71429dd26cd527a578ca48d6bcfcf2ed8bb4a2319cf9c6162d1eac0d9d06f979133bdeab07eb3ed6c1b4f9f057284171eaa996c68d8e2e7d108c96e6159ba0b16596da98348961474fc2e3478d90d5b214b0c97e4d4d89d9f6b3706f1153fb9b0770afad6698efdc882e4586569d1981a68083f84a1cb4f3da4aa66173a1d92622d5016bfb534318544be6303ad7dde73e38d56d7c374867d9f7834d32b75b954e3ad21ff25b04dfefa1403380937f1ae86779488f3c6d334c49a0254c072c53b15c18299bac7c15cce10a1dafd5644f12afb52271277801c216be7be89a59eae283a695d25348a8923d550770e2b7ac46a7a76b1c914b2c3f6a915949733e6031ac13798", 0xf8d}], 0x3, 0x6, 0x81)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)

576.773822ms ago: executing program 7 (id=6048):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = syz_socket_connect_nvme_tcp()
sendto$inet_nvme_pdu(r0, &(0x7f00000001c0)=@data_h2c={{}, 0x0, 0x0, 0x4, 0x0, "cfbf3586"}, 0x80, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
io_setup(0x7f, &(0x7f0000000000)=<r5=>0x0)
io_pgetevents(r5, 0x1, 0x1, &(0x7f0000000400)=[{}], &(0x7f0000000040), 0x0) (async)
io_pgetevents(r5, 0x1, 0x1, &(0x7f0000000400)=[{}], &(0x7f0000000040), 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000380)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x3c, 0x14, 0x0, 0x0, 0x0, 0x89, 0x0, @rand_addr, @private}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r7}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r9 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5c00000014006b0300000000006c1d0010047e0c8131a6080c000af32c6e020075f800250002000f00e5aa000017d34460bc24eab556a705251e6182949a36c2d13b48dfffa600000000ecb8f6ec63c9f4d4938037e786a6d1bdd700", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="120000000200000008000000ebd0000000000000", @ANYRES32, @ANYBLOB="000000000000000004000000000000000000000035aa298a42d1b18aaeb6f83fda3066f5025301dd8ba826f59a43ca22010220b78d4ba1045b16dcbb103b999b1a58a237df6e3ec2474561352d93bd8c84b2e1da625852957dd10c6de46cd198b9519dd012359f2667e56400946f15165102f2a76229ad05f7326e28ca351b1bb85f5f2cdd1e671ce2960440f73f524751f0a6b90f32103d7822fd33dc49df365aecd5114d0b0afb2b338074a86e78d89495c77c8122d4281380636533a3413d666d9cb4304da2ce012d666c756905d937f2b6412415208fed80a7f01aebfb13c35e22f2bfe0ea31d914b279bf5d4b1bd78d641d3019aed719a823e0f19b7792a1617cbdc3050d4eea0cacf3a50df7820d9cc3ab4845fba3d28d25068de7ca4775b17622787d87d6a3fca251131f90c5344255780bbeadc7b540e073e3550000000040", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000400"/28], 0x50)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f00000012c0)=[0x0])
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0xe}, 0x1100, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)

576.351572ms ago: executing program 0 (id=6049):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}, 0x1, 0x0, 0x0, 0x20044040}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r3], 0x4}}, 0x0)
sendfile(r6, r4, 0x0, 0x100000000)

551.376072ms ago: executing program 1 (id=6050):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume_offset', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000c00)="9a91ef48012e6b11a79c12f44266c41f3fdf9f727914e8cdd22deb07bfaec63f846189c79f7fb0855a1a80b750752d73ac1f3c4748c838e4507136468b9f4e31bf315ce00076bf0cb4d1524c7816b6d55aaa63d2e4c3c2e0a08a7eabac1d60b117442757e4df1c03764c42cdcb6a481d5c96754fe6dad1b74311d64361ffff2e4006e80e1391b5fe75b5e6eba5eca4d98fd599a04687b97839b9a639b5507ff14da843a262d12e371d244092f5e2abea18677387f8c562fcb3fe836c5553683ae9a08a1abe3c811b5599bdf0e6bde277bf83957eaa69f4a1cb04c6258000000035e8964736649e750000000000000000", 0xf0, 0x4, 0x0, 0x0, r0}])

518.536623ms ago: executing program 0 (id=6051):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0xf00, &(0x7f0000000040)=[{&(0x7f00000000c0)="5c00000014006b02c84e21100af32c6e0a0675f8d34460400000000100005c1e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504b14003132be471b93c91b5d7870743719b4b53cf2", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
execve(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)

380.824634ms ago: executing program 4 (id=6052):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
getrlimit(0x5, &(0x7f0000000480))
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$kcm(0x11, 0x200000000000003, 0x300)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000340), 0x4)
recvmsg(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001000)=""/253, 0xfd}], 0x1}, 0x2)
sendmmsg$inet(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000009c0)}], 0x1}}], 0x1, 0x400c0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001ec0)={0x14, r6, 0xc4fc9e906872338b, 0x70bd2d, 0x0, {{0x15}, {@void, @void}}}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00042cbd7000fedbdf25facbb70900000008000300", @ANYRES32=r7, @ANYBLOB="0c0099000100000074000000110007006152dbe65dda96ab32f3f9d67c000000050008000100000018005080040006000800030005ac0f000700040078f23f0004000b0004002800"], 0x64}, 0x1, 0x0, 0x0, 0x20000004}, 0x4004000)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x8)

366.792925ms ago: executing program 6 (id=6053):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = epoll_create(0x3ff)
r3 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0xa0000000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000280)={0x2000000})
close(r0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
r8 = eventfd2(0x0, 0x0)
io_setup(0x6, &(0x7f0000000140)=<r9=>0x0)
io_submit(r9, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r4, 0x0, 0x0, 0x0, 0x0, 0x3, r8}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
shutdown(r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000500000000000000000000001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000340)='module_request\x00', r0}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))

210.884007ms ago: executing program 0 (id=6054):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)

210.521437ms ago: executing program 6 (id=6055):
r0 = socket$inet(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0x6}, 0x18)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x28)

190.337707ms ago: executing program 0 (id=6056):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)

185.036677ms ago: executing program 6 (id=6057):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000680)=""/88, 0x58}, {&(0x7f00000047c0)=""/4048, 0xfd0}, {&(0x7f00000037c0)=""/4069, 0xfe5}, {&(0x7f0000000ac0)=""/235, 0xeb}, {&(0x7f0000000080)=""/109, 0x6d}], 0x5}, 0x100)

124.326658ms ago: executing program 0 (id=6058):
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5419, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff030768f1258c989e14f05c71", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

60.60686ms ago: executing program 0 (id=6059):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0}, 0x18)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(0x0, 0x0, &(0x7f0000000140)="10", 0x1, r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
set_mempolicy(0x2, &(0x7f0000000180)=0xfffffffffffffffd, 0x3)
r3 = socket(0x400000000010, 0x3, 0x0)
gettid()
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="070006750400000000000000f666c6e78366205140fd8a4a5f4a42382280241275adfd8cfc8c0e5499c2cc0fcbf19a34f97ccb6d9658203ba48fa45178c5b46711e378829419fc0045d73dadcfbce18c27b5e2cbb0b64336fd", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kfree\x00', r6, 0x0, 0x6}, 0x18)
r7 = socket$inet6(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000340)=[{{&(0x7f00000001c0)={0xa, 0x4e23, 0x401, @private0, 0x4}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000007c0)="d20ac1e52a933d7fc05cc4542afdb1773a6c97b1f9ae76fcca652ee4cc9ed59c278b597956bff5aad06abe2ebe6ac57c46c3745a48fb97c563939c9e692003db5bbbc9d3d763ae9533c0949044412435107b5078faa552caf7a4b3fee46cd15b3f911a1c594dfd8dd36f92443f2ca732c91d6524d442389de8be2be88038aac9213f239d4234d380ef01adb7209003b0ae687b81eb369a8aa76425629d15ec820fd0469269db501bfe7118d674056a6f850126dabbcc39c0e23efb530413", 0xbe}], 0x1, &(0x7f0000000940)=[@dstopts={{0x28, 0x29, 0x37, {0x73, 0x1, '\x00', [@pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x3610}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@private1={0xfc, 0x1, '\x00', 0x1}}}}, @rthdrdstopts={{0x60, 0x29, 0x37, {0x87, 0x8, '\x00', [@enc_lim, @jumbo={0xc2, 0x4, 0x9}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @generic={0x7, 0x2d, "6a3105fa716968d6c7359d8a72d8027aa9258754c79a6601b579c05ab64eafb2a35742212ead89901e3ac50ffa"}, @enc_lim={0x4, 0x1, 0x3}]}}}], 0xb0}}], 0x1, 0x50040)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10, 0x7, 0x0, 0x4}})
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20305, 0x7e15}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x42}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MTU={0x8, 0x4, 0x74de}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x20048094)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000680)={'syztnl1\x00', 0x0})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r11, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0xa}, {}, {0xffff}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x2c, 0x2, [@TCA_CGROUP_EMATCHES={0x28, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x2, 0x1, 0xfff}, {0x3, 0x1, 0x332e, 0x0, 0x8}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8080}, 0x4800)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6, 0x0, 0x0, 0x40000}, [@tail_call={{}, {}, {}, {0x7, 0x0, 0xb, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_setup(0x7623, &(0x7f0000000280)={0x0, 0x6966, 0x1, 0x3, 0x5d})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r12, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x8000000}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x101}]}], {0xc1}}, 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="34000000150a03000000000000000000020000000900020073797a310000000008000340000000070900010073797a30"], 0x34}}, 0x0)

60.2848ms ago: executing program 1 (id=6060):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10)

41.15724ms ago: executing program 7 (id=6061):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}, 0x1, 0x0, 0x0, 0x20044040}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r3], 0x4}}, 0x0)
sendfile(r6, r4, 0x0, 0x100000000)

40.76738ms ago: executing program 1 (id=6062):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}]}, {0x25}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0)

6.23229ms ago: executing program 7 (id=6063):
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x83, 0x1, 0x0, 0x0, 0x0, 0xc, 0x100020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x5}, 0x354, 0x0, 0x0, 0x9, 0x0, 0xd, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$cgroup_pid(r2, &(0x7f0000000000), 0xfdef) (async, rerun: 64)
recvmsg$unix(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/79, 0xce80}], 0x300}, 0x0) (async, rerun: 64)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001680)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) (async)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x24, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @nested={0x4, 0x1d}]}, 0x24}], 0x1, 0x0, 0x0, 0x8001}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67100000000000560602000fff00006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc67357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9ec7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dca20563e1c1e7624cc3b88b330ad416c4c1d8c60589b6445a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843240000000000"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @flow_dissector}, 0x94) (async)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) (async, rerun: 32)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r0, 0x4) (rerun: 32)

0s ago: executing program 1 (id=6064):
stat(0x0, 0x0)
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4, 0x0, 0x4}, 0x18)
readv(r2, &(0x7f0000001c80)=[{&(0x7f0000000740)=""/200, 0xc8}], 0x1)
close_range(r2, r3, 0x0)
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33, 0x0, 0x2e2e}})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000640)={{{@in=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@loopback}, 0x0, @in=@local}}, &(0x7f0000000040)=0xe8)
quotactl_fd$Q_GETNEXTQUOTA(r7, 0xffffffff80000900, r8, &(0x7f00000004c0))
r9 = socket$inet6_udp(0x2d, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r9, 0x11d, 0x30, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r10, 0x11b, 0x6, &(0x7f0000000000)=0x1, 0x4)
close_range(r10, r10, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r11, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='`\x00', @ANYRES16=r12, @ANYBLOB="99742dbd7000fbdadf25150000004c"], 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200), 0x60400, 0x0)

kernel console output (not intermixed with test programs):

0x10
[  289.884172][T17994]  vfs_write+0x49d/0x8e0
[  289.884239][T17994]  ksys_write+0xda/0x1a0
[  289.884277][T17994]  __x64_sys_write+0x40/0x50
[  289.884320][T17994]  x64_sys_call+0x2cdd/0x2fb0
[  289.884375][T17994]  do_syscall_64+0xd2/0x200
[  289.884395][T17994]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.884541][T17994]  ? clear_bhb_loop+0x40/0x90
[  289.884567][T17994]  ? clear_bhb_loop+0x40/0x90
[  289.884595][T17994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.884622][T17994] RIP: 0033:0x7f798dd4e929
[  289.884682][T17994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.884706][T17994] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  289.884801][T17994] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  289.884936][T17994] RDX: 000000000000fe33 RSI: 0000200000000080 RDI: 0000000000000006
[  289.884949][T17994] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  289.884963][T17994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.884979][T17994] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  289.885003][T17994]  </TASK>
[  289.886764][T17994] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.5129'.
[  289.940192][T17998] FAULT_INJECTION: forcing a failure.
[  289.940192][T17998] name failslab, interval 1, probability 0, space 0, times 0
[  289.963354][T17996] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5130'.
[  289.966165][T17998] CPU: 1 UID: 0 PID: 17998 Comm: syz.1.5131 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  289.966271][T17998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  289.966289][T17998] Call Trace:
[  289.966308][T17998]  <TASK>
[  289.966318][T17998]  __dump_stack+0x1d/0x30
[  289.966348][T17998]  dump_stack_lvl+0xe8/0x140
[  289.966429][T17998]  dump_stack+0x15/0x1b
[  289.966453][T17998]  should_fail_ex+0x265/0x280
[  289.966498][T17998]  should_failslab+0x8c/0xb0
[  289.966531][T17998]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  289.966634][T17998]  ? sidtab_sid2str_get+0xa0/0x130
[  289.966722][T17998]  kmemdup_noprof+0x2b/0x70
[  289.966756][T17998]  sidtab_sid2str_get+0xa0/0x130
[  289.966789][T17998]  security_sid_to_context_core+0x1eb/0x2e0
[  289.966825][T17998]  security_sid_to_context+0x27/0x40
[  289.966855][T17998]  selinux_lsmprop_to_secctx+0x67/0xf0
[  289.967028][T17998]  security_lsmprop_to_secctx+0x43/0x80
[  289.967077][T17998]  audit_log_task_context+0x77/0x190
[  289.967158][T17998]  audit_log_task+0xf4/0x250
[  289.967208][T17998]  audit_seccomp+0x61/0x100
[  289.967244][T17998]  ? __seccomp_filter+0x68c/0x10d0
[  289.967278][T17998]  __seccomp_filter+0x69d/0x10d0
[  289.967361][T17998]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  289.967410][T17998]  ? vfs_write+0x75e/0x8e0
[  289.967463][T17998]  __secure_computing+0x82/0x150
[  289.967539][T17998]  syscall_trace_enter+0xcf/0x1e0
[  289.967575][T17998]  do_syscall_64+0xac/0x200
[  289.967635][T17998]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  289.967673][T17998]  ? clear_bhb_loop+0x40/0x90
[  289.967703][T17998]  ? clear_bhb_loop+0x40/0x90
[  289.967772][T17998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.967793][T17998] RIP: 0033:0x7f78df61e929
[  289.967810][T17998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.967834][T17998] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b9
[  289.967860][T17998] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  289.967877][T17998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  289.967894][T17998] RBP: 00007f78ddc87090 R08: 0000000000000000 R09: 0000000000000000
[  289.967926][T17998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.967943][T17998] R13: 0000000000000000 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  289.967970][T17998]  </TASK>
[  290.172814][T18007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=18007 comm=syz.0.5132
[  290.224065][T18006] netem: change failed
[  290.626210][T18026] xt_limit: Overflow, try lower: 2147483649/3300
[  292.550736][T18049] pim6reg: entered allmulticast mode
[  292.565409][   T29] kauditd_printk_skb: 112 callbacks suppressed
[  292.565429][   T29] audit: type=1400 audit(2000000251.098:49513): avc:  denied  { write } for  pid=18046 comm="syz.0.5149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  292.608415][T18050] pim6reg: left allmulticast mode
[  292.726093][   T29] audit: type=1326 audit(2000000251.278:49514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.811236][   T29] audit: type=1326 audit(2000000251.298:49515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.834954][   T29] audit: type=1326 audit(2000000251.308:49516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.858708][   T29] audit: type=1326 audit(2000000251.308:49517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.882434][   T29] audit: type=1326 audit(2000000251.308:49518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.906163][   T29] audit: type=1326 audit(2000000251.308:49519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.929914][   T29] audit: type=1326 audit(2000000251.308:49520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.932990][T18056] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=18056 comm=syz.0.5151
[  292.953577][   T29] audit: type=1326 audit(2000000251.308:49521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  292.953615][   T29] audit: type=1326 audit(2000000251.308:49522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18054 comm="syz.0.5151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  293.028186][T18067] pim6reg: entered allmulticast mode
[  293.035588][T18067] pim6reg: left allmulticast mode
[  293.048726][T18071] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5154'.
[  293.069291][T18071] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18071 comm=syz.1.5154
[  293.197415][T18087] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5164'.
[  293.209444][T18090] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5165'.
[  293.224672][T18090] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5165'.
[  293.514545][T18107] $Hÿ: renamed from bond0
[  293.527210][T18107] $Hÿ: entered promiscuous mode
[  293.532358][T18107] bond_slave_0: entered promiscuous mode
[  293.538168][T18107] bond_slave_1: entered promiscuous mode
[  293.616718][T18114] netlink: 'syz.4.5174': attribute type 4 has an invalid length.
[  293.699275][T18119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5175'.
[  293.708376][T18119] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5175'.
[  293.787947][T18122] pim6reg: entered allmulticast mode
[  293.794070][T18122] pim6reg: left allmulticast mode
[  293.849342][T18124] pim6reg: entered allmulticast mode
[  293.856460][T18124] pim6reg: left allmulticast mode
[  294.221541][T11055] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  294.237767][T11055] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  294.382391][T18156] xt_limit: Overflow, try lower: 2147483649/3300
[  294.512132][T18165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5196'.
[  294.616434][T18167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5194'.
[  294.798870][T18193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5208'.
[  294.811625][T18193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5208'.
[  295.115713][T18219] netem: change failed
[  295.218213][T18227] pim6reg: entered allmulticast mode
[  295.224511][T18227] pim6reg: left allmulticast mode
[  295.286490][T18232] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  295.664103][T18253] netlink: 'syz.1.5233': attribute type 4 has an invalid length.
[  295.699213][T18251] xt_CT: You must specify a L4 protocol and not use inversions on it
[  295.730626][T18258] netlink: 'syz.1.5233': attribute type 4 has an invalid length.
[  295.739557][T18258] FAULT_INJECTION: forcing a failure.
[  295.739557][T18258] name failslab, interval 1, probability 0, space 0, times 0
[  295.752288][T18258] CPU: 1 UID: 0 PID: 18258 Comm: syz.1.5233 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  295.752321][T18258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.752337][T18258] Call Trace:
[  295.752410][T18258]  <TASK>
[  295.752420][T18258]  __dump_stack+0x1d/0x30
[  295.752442][T18258]  dump_stack_lvl+0xe8/0x140
[  295.752464][T18258]  dump_stack+0x15/0x1b
[  295.752485][T18258]  should_fail_ex+0x265/0x280
[  295.752525][T18258]  should_failslab+0x8c/0xb0
[  295.752689][T18258]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  295.752743][T18258]  ? __devinet_sysctl_register+0x5a/0x260
[  295.752786][T18258]  kmemdup_noprof+0x2b/0x70
[  295.752817][T18258]  __devinet_sysctl_register+0x5a/0x260
[  295.752854][T18258]  ? neigh_sysctl_register+0x682/0x6d0
[  295.752956][T18258]  ? raw_notifier_call_chain+0x6f/0x1b0
[  295.753130][T18258]  ? netlink_sendmsg+0x58b/0x6b0
[  295.753150][T18258]  devinet_sysctl_register+0x101/0x150
[  295.753183][T18258]  inetdev_init+0x1fb/0x370
[  295.753259][T18258]  inetdev_event+0x15c/0xc10
[  295.753321][T18258]  ? __pfx_ib_netdevice_event+0x10/0x10
[  295.753348][T18258]  ? ib_netdevice_event+0x186/0x5f0
[  295.753376][T18258]  ? __pfx_inetdev_event+0x10/0x10
[  295.753417][T18258]  raw_notifier_call_chain+0x6f/0x1b0
[  295.753435][T18258]  ? call_netdevice_notifiers_info+0x9c/0x100
[  295.753465][T18258]  call_netdevice_notifiers_info+0xae/0x100
[  295.753514][T18258]  netif_set_mtu_ext+0x296/0x370
[  295.753551][T18258]  do_setlink+0x751/0x2810
[  295.753577][T18258]  ? save_fpregs_to_fpstate+0x100/0x160
[  295.753607][T18258]  ? _raw_spin_unlock+0x26/0x50
[  295.753659][T18258]  ? finish_task_switch+0xad/0x2b0
[  295.753765][T18258]  ? __schedule+0x6a8/0xb30
[  295.753838][T18258]  rtnl_setlink+0x311/0x420
[  295.753942][T18258]  ? security_capable+0x83/0x90
[  295.754018][T18258]  ? ns_capable+0x7d/0xb0
[  295.754038][T18258]  ? __pfx_rtnl_setlink+0x10/0x10
[  295.754060][T18258]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  295.754144][T18258]  netlink_rcv_skb+0x120/0x220
[  295.754184][T18258]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  295.754221][T18258]  rtnetlink_rcv+0x1c/0x30
[  295.754301][T18258]  netlink_unicast+0x59e/0x670
[  295.754356][T18258]  netlink_sendmsg+0x58b/0x6b0
[  295.754383][T18258]  ? __pfx_netlink_sendmsg+0x10/0x10
[  295.754408][T18258]  __sock_sendmsg+0x145/0x180
[  295.754438][T18258]  sock_write_iter+0x165/0x1b0
[  295.754464][T18258]  do_iter_readv_writev+0x41e/0x4c0
[  295.754547][T18258]  vfs_writev+0x2df/0x8b0
[  295.754584][T18258]  do_writev+0xe7/0x210
[  295.754608][T18258]  __x64_sys_writev+0x45/0x50
[  295.754629][T18258]  x64_sys_call+0x2006/0x2fb0
[  295.754657][T18258]  do_syscall_64+0xd2/0x200
[  295.754680][T18258]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  295.754777][T18258]  ? clear_bhb_loop+0x40/0x90
[  295.754829][T18258]  ? clear_bhb_loop+0x40/0x90
[  295.754904][T18258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.754929][T18258] RIP: 0033:0x7f78df61e929
[  295.754949][T18258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.754971][T18258] RSP: 002b:00007f78ddc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  295.755022][T18258] RAX: ffffffffffffffda RBX: 00007f78df846080 RCX: 00007f78df61e929
[  295.755035][T18258] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000003
[  295.755047][T18258] RBP: 00007f78ddc66090 R08: 0000000000000000 R09: 0000000000000000
[  295.755059][T18258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  295.755070][T18258] R13: 0000000000000001 R14: 00007f78df846080 R15: 00007ffda96ed018
[  295.755140][T18258]  </TASK>
[  296.227421][T18267] pim6reg: entered allmulticast mode
[  296.233587][T18267] pim6reg: left allmulticast mode
[  296.960915][T18301] netlink: 'syz.6.5251': attribute type 33 has an invalid length.
[  296.972890][T18303] FAULT_INJECTION: forcing a failure.
[  296.972890][T18303] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.986098][T18303] CPU: 1 UID: 0 PID: 18303 Comm: syz.4.5252 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  296.986136][T18303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  296.986153][T18303] Call Trace:
[  296.986161][T18303]  <TASK>
[  296.986174][T18303]  __dump_stack+0x1d/0x30
[  296.986201][T18303]  dump_stack_lvl+0xe8/0x140
[  296.986226][T18303]  dump_stack+0x15/0x1b
[  296.986313][T18303]  should_fail_ex+0x265/0x280
[  296.986369][T18303]  should_fail+0xb/0x20
[  296.986405][T18303]  should_fail_usercopy+0x1a/0x20
[  296.986447][T18303]  _copy_from_user+0x1c/0xb0
[  296.986536][T18303]  ___sys_sendmsg+0xc1/0x1d0
[  296.986735][T18303]  __x64_sys_sendmsg+0xd4/0x160
[  296.986857][T18303]  x64_sys_call+0x2999/0x2fb0
[  296.986885][T18303]  do_syscall_64+0xd2/0x200
[  296.986907][T18303]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  296.986940][T18303]  ? clear_bhb_loop+0x40/0x90
[  296.987059][T18303]  ? clear_bhb_loop+0x40/0x90
[  296.987088][T18303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.987115][T18303] RIP: 0033:0x7fcfaebce929
[  296.987135][T18303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.987154][T18303] RSP: 002b:00007fcfad237038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  296.987229][T18303] RAX: ffffffffffffffda RBX: 00007fcfaedf5fa0 RCX: 00007fcfaebce929
[  296.987245][T18303] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  296.987261][T18303] RBP: 00007fcfad237090 R08: 0000000000000000 R09: 0000000000000000
[  296.987357][T18303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.987451][T18303] R13: 0000000000000000 R14: 00007fcfaedf5fa0 R15: 00007fff2a986bf8
[  296.987516][T18303]  </TASK>
[  297.274054][T18309] netlink: 'syz.4.5254': attribute type 33 has an invalid length.
[  297.485314][T18319] xt_limit: Overflow, try lower: 2147483649/3300
[  297.582279][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  297.582295][   T29] audit: type=1400 audit(2000000256.118:49649): avc:  denied  { write } for  pid=18325 comm="syz.4.5261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  297.627966][   T29] audit: type=1400 audit(2000000256.148:49650): avc:  denied  { ioctl } for  pid=18320 comm="syz.1.5259" path="socket:[52811]" dev="sockfs" ino=52811 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  297.664159][T18321] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.675948][T18324] IPv6: NLM_F_CREATE should be specified when creating new route
[  297.684761][T18324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.695807][T18324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.749779][T18321] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.892311][   T29] audit: type=1400 audit(2000000256.428:49651): avc:  denied  { read write } for  pid=18344 comm="syz.6.5270" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  297.916876][   T29] audit: type=1400 audit(2000000256.428:49652): avc:  denied  { open } for  pid=18344 comm="syz.6.5270" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  298.110562][T18345] SELinux:  policydb magic number 0x6e7cff8c does not match expected magic number 0xf97cff8c
[  298.123848][T18345] SELinux: failed to load policy
[  298.335318][   T29] audit: type=1400 audit(2000000256.648:49653): avc:  denied  { load_policy } for  pid=18344 comm="syz.6.5270" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  298.392728][T18321] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.416926][   T29] audit: type=1400 audit(2000000256.949:49654): avc:  denied  { create } for  pid=18352 comm="syz.6.5273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  298.439114][T18354] __nla_validate_parse: 2 callbacks suppressed
[  298.439144][T18354] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5273'.
[  298.455123][   T29] audit: type=1400 audit(2000000256.989:49655): avc:  denied  { ioctl } for  pid=18352 comm="syz.6.5273" path="socket:[52866]" dev="sockfs" ino=52866 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  298.485411][T18321] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.488970][T18354] netlink: 16178 bytes leftover after parsing attributes in process `syz.6.5273'.
[  298.508444][T18357] pim6reg: entered allmulticast mode
[  298.517922][T18357] pim6reg: left allmulticast mode
[  298.523785][   T29] audit: type=1400 audit(2000000257.059:49656): avc:  denied  { nlmsg_write } for  pid=18352 comm="syz.6.5273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  298.570816][T18321] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.582985][   T29] audit: type=1400 audit(2000000257.129:49657): avc:  denied  { ioctl } for  pid=18358 comm="syz.6.5276" path="socket:[52882]" dev="sockfs" ino=52882 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  298.618207][T18321] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.627485][T18359] syzkaller1: entered promiscuous mode
[  298.632987][T18359] syzkaller1: entered allmulticast mode
[  298.670925][   T29] audit: type=1400 audit(2000000257.209:49658): avc:  denied  { read } for  pid=18358 comm="syz.6.5276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  298.719548][T18321] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.769505][T18321] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.908191][T18389] pim6reg: entered allmulticast mode
[  298.981270][T18389] pim6reg: left allmulticast mode
[  299.089606][T18404] FAULT_INJECTION: forcing a failure.
[  299.089606][T18404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.102811][T18404] CPU: 0 UID: 0 PID: 18404 Comm: syz.0.5296 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  299.102845][T18404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.102924][T18404] Call Trace:
[  299.102933][T18404]  <TASK>
[  299.102944][T18404]  __dump_stack+0x1d/0x30
[  299.102970][T18404]  dump_stack_lvl+0xe8/0x140
[  299.102995][T18404]  dump_stack+0x15/0x1b
[  299.103016][T18404]  should_fail_ex+0x265/0x280
[  299.103120][T18404]  should_fail+0xb/0x20
[  299.103157][T18404]  should_fail_usercopy+0x1a/0x20
[  299.103225][T18404]  _copy_from_user+0x1c/0xb0
[  299.103251][T18404]  ___sys_sendmsg+0xc1/0x1d0
[  299.103312][T18404]  __x64_sys_sendmsg+0xd4/0x160
[  299.103398][T18404]  x64_sys_call+0x2999/0x2fb0
[  299.103428][T18404]  do_syscall_64+0xd2/0x200
[  299.103446][T18404]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  299.103498][T18404]  ? clear_bhb_loop+0x40/0x90
[  299.103572][T18404]  ? clear_bhb_loop+0x40/0x90
[  299.103598][T18404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.103620][T18404] RIP: 0033:0x7f798dd4e929
[  299.103640][T18404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.103727][T18404] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.103756][T18404] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  299.103818][T18404] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[  299.103833][T18404] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  299.103848][T18404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.103943][T18404] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  299.103968][T18404]  </TASK>
[  299.379437][T18408] bridge0: port 3(syz_tun) entered blocking state
[  299.386131][T18408] bridge0: port 3(syz_tun) entered disabled state
[  299.396307][T18408] syz_tun: entered allmulticast mode
[  299.411885][T18408] syz_tun: entered promiscuous mode
[  299.426596][T18408] bridge0: port 3(syz_tun) entered blocking state
[  299.433115][T18408] bridge0: port 3(syz_tun) entered forwarding state
[  299.495639][T18425] pim6reg: entered allmulticast mode
[  299.501602][T18425] pim6reg: left allmulticast mode
[  299.509688][T18427] FAULT_INJECTION: forcing a failure.
[  299.509688][T18427] name failslab, interval 1, probability 0, space 0, times 0
[  299.522486][T18427] CPU: 0 UID: 0 PID: 18427 Comm: syz.1.5306 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  299.522575][T18427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  299.522586][T18427] Call Trace:
[  299.522591][T18427]  <TASK>
[  299.522598][T18427]  __dump_stack+0x1d/0x30
[  299.522617][T18427]  dump_stack_lvl+0xe8/0x140
[  299.522634][T18427]  dump_stack+0x15/0x1b
[  299.522648][T18427]  should_fail_ex+0x265/0x280
[  299.522754][T18427]  ? resv_map_alloc+0x32/0x190
[  299.522783][T18427]  should_failslab+0x8c/0xb0
[  299.522804][T18427]  __kmalloc_cache_noprof+0x4c/0x320
[  299.522836][T18427]  ? save_fpregs_to_fpstate+0x100/0x160
[  299.522863][T18427]  resv_map_alloc+0x32/0x190
[  299.522960][T18427]  hugetlbfs_get_inode+0x67/0x370
[  299.522986][T18427]  ? xfd_validate_state+0x45/0xf0
[  299.523017][T18427]  hugetlb_file_setup+0x192/0x3d0
[  299.523092][T18427]  ksys_mmap_pgoff+0x157/0x310
[  299.523160][T18427]  x64_sys_call+0x1602/0x2fb0
[  299.523179][T18427]  do_syscall_64+0xd2/0x200
[  299.523307][T18427]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  299.523332][T18427]  ? clear_bhb_loop+0x40/0x90
[  299.523351][T18427]  ? clear_bhb_loop+0x40/0x90
[  299.523370][T18427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.523413][T18427] RIP: 0033:0x7f78df61e929
[  299.523430][T18427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.523453][T18427] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  299.523539][T18427] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  299.523551][T18427] RDX: 0000000000000009 RSI: 0000000000c00000 RDI: 0000200000400000
[  299.523562][T18427] RBP: 00007f78ddc87090 R08: ffffffffffffffff R09: 0000000000000000
[  299.523592][T18427] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000001
[  299.523603][T18427] R13: 0000000000000000 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  299.523621][T18427]  </TASK>
[  299.859257][T18443] netlink: 196 bytes leftover after parsing attributes in process `syz.7.5314'.
[  300.194333][T18447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5312'.
[  300.411408][T18462] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  300.527334][T18466] FAULT_INJECTION: forcing a failure.
[  300.527334][T18466] name failslab, interval 1, probability 0, space 0, times 0
[  300.540073][T18466] CPU: 1 UID: 0 PID: 18466 Comm: syz.4.5324 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  300.540127][T18466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  300.540142][T18466] Call Trace:
[  300.540149][T18466]  <TASK>
[  300.540157][T18466]  __dump_stack+0x1d/0x30
[  300.540200][T18466]  dump_stack_lvl+0xe8/0x140
[  300.540228][T18466]  dump_stack+0x15/0x1b
[  300.540249][T18466]  should_fail_ex+0x265/0x280
[  300.540370][T18466]  should_failslab+0x8c/0xb0
[  300.540395][T18466]  kmem_cache_alloc_noprof+0x50/0x310
[  300.540421][T18466]  ? __anon_vma_prepare+0xcd/0x2f0
[  300.540613][T18466]  __anon_vma_prepare+0xcd/0x2f0
[  300.540653][T18466]  do_wp_page+0x1838/0x2400
[  300.540681][T18466]  ? __rcu_read_lock+0x37/0x50
[  300.540713][T18466]  handle_mm_fault+0x77d/0x2be0
[  300.540745][T18466]  ? mas_walk+0xf2/0x120
[  300.540786][T18466]  do_user_addr_fault+0x636/0x1090
[  300.540831][T18466]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  300.540873][T18466]  exc_page_fault+0x62/0xa0
[  300.540940][T18466]  asm_exc_page_fault+0x26/0x30
[  300.540966][T18466] RIP: 0033:0x7fcfaea90ca3
[  300.540982][T18466] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  300.541004][T18466] RSP: 002b:00007fcfad2364a0 EFLAGS: 00010202
[  300.541020][T18466] RAX: 0000000000000400 RBX: 00007fcfad236540 RCX: 00007fcfa4e17000
[  300.541036][T18466] RDX: 00007fcfad2366e0 RSI: 0000000000000001 RDI: 00007fcfad2365e0
[  300.541051][T18466] RBP: 00000000000000f9 R08: 000000000000000a R09: 00000000000003b4
[  300.541099][T18466] R10: 00000000000003c8 R11: 00007fcfad236540 R12: 0000000000000001
[  300.541110][T18466] R13: 00007fcfaec6c200 R14: 0000000000000020 R15: 00007fcfad2365e0
[  300.541132][T18466]  </TASK>
[  300.541147][T18466] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  302.196844][T18501] netlink: 'syz.0.5338': attribute type 4 has an invalid length.
[  302.204748][T18501] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5338'.
[  302.245860][T18502] syz_tun: entered allmulticast mode
[  302.331191][T18502] dvmrp1: entered allmulticast mode
[  302.535554][T18520] FAULT_INJECTION: forcing a failure.
[  302.535554][T18520] name failslab, interval 1, probability 0, space 0, times 0
[  302.548286][T18520] CPU: 0 UID: 0 PID: 18520 Comm: syz.0.5344 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  302.548321][T18520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.548337][T18520] Call Trace:
[  302.548344][T18520]  <TASK>
[  302.548353][T18520]  __dump_stack+0x1d/0x30
[  302.548381][T18520]  dump_stack_lvl+0xe8/0x140
[  302.548494][T18520]  dump_stack+0x15/0x1b
[  302.548597][T18520]  should_fail_ex+0x265/0x280
[  302.548656][T18520]  ? dev_ethtool+0x96/0x1650
[  302.548678][T18520]  should_failslab+0x8c/0xb0
[  302.548706][T18520]  __kmalloc_cache_noprof+0x4c/0x320
[  302.548744][T18520]  dev_ethtool+0x96/0x1650
[  302.548832][T18520]  ? full_name_hash+0x92/0xe0
[  302.548883][T18520]  ? strcmp+0x22/0x50
[  302.548987][T18520]  dev_ioctl+0x2e0/0x960
[  302.549012][T18520]  sock_do_ioctl+0x197/0x220
[  302.549061][T18520]  sock_ioctl+0x41b/0x610
[  302.549090][T18520]  ? __pfx_sock_ioctl+0x10/0x10
[  302.549116][T18520]  __se_sys_ioctl+0xcb/0x140
[  302.549147][T18520]  __x64_sys_ioctl+0x43/0x50
[  302.549249][T18520]  x64_sys_call+0x19a8/0x2fb0
[  302.549308][T18520]  do_syscall_64+0xd2/0x200
[  302.549330][T18520]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.549362][T18520]  ? clear_bhb_loop+0x40/0x90
[  302.549390][T18520]  ? clear_bhb_loop+0x40/0x90
[  302.549432][T18520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.549453][T18520] RIP: 0033:0x7f798dd4e929
[  302.549497][T18520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.549521][T18520] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  302.549553][T18520] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  302.549601][T18520] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000003
[  302.549618][T18520] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  302.549634][T18520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.549649][T18520] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  302.549673][T18520]  </TASK>
[  302.790983][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  302.791002][   T29] audit: type=1400 audit(2000000261.329:49751): avc:  denied  { write } for  pid=18521 comm="syz.6.5345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  302.854671][T18528] tipc: Can't bind to reserved service type 0
[  302.879273][   T29] audit: type=1400 audit(2000000261.419:49752): avc:  denied  { read } for  pid=18514 comm="syz.1.5342" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  302.928158][T18533] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  302.941066][   T29] audit: type=1400 audit(2000000261.419:49753): avc:  denied  { open } for  pid=18514 comm="syz.1.5342" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  303.031099][T18542] loop0: detected capacity change from 0 to 512
[  303.068171][T18542] EXT4-fs mount: 48 callbacks suppressed
[  303.068193][T18542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.091796][T18498] syz_tun: left allmulticast mode
[  303.107382][   T29] audit: type=1400 audit(2000000261.649:49754): avc:  denied  { mount } for  pid=18541 comm="syz.0.5353" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  303.111511][T18542] ext4 filesystem being mounted at /466/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  303.155360][   T29] audit: type=1400 audit(2000000261.699:49755): avc:  denied  { setattr } for  pid=18541 comm="syz.0.5353" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  303.177940][T18542] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.5353: corrupted inode contents
[  303.206975][T18542] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.5353: mark_inode_dirty error
[  303.229346][T18542] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.5353: corrupted inode contents
[  303.294567][T12785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.569333][   T29] audit: type=1400 audit(2000000262.109:49756): avc:  denied  { name_bind } for  pid=18578 comm="syz.6.5367" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  303.933400][T18592] netlink: 3 bytes leftover after parsing attributes in process `syz.6.5371'.
[  303.943177][T18592] 0ªX¹¦À: renamed from caif0
[  303.950847][T18592] 0ªX¹¦À: entered allmulticast mode
[  303.956281][T18592] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  303.977090][   T29] audit: type=1400 audit(2000000262.519:49757): avc:  denied  { create } for  pid=18591 comm="syz.6.5371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=iucv_socket permissive=1
[  304.049306][   T29] audit: type=1400 audit(2000000262.589:49758): avc:  denied  { map } for  pid=18595 comm="syz.4.5372" path="/dev/bus/usb/008/001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  304.095723][   T29] audit: type=1326 audit(2000000262.629:49759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18598 comm="syz.4.5373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  304.119418][   T29] audit: type=1326 audit(2000000262.629:49760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18598 comm="syz.4.5373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  304.274122][T18611] ip6erspan0: entered allmulticast mode
[  304.289730][T11058] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0
[  304.315113][T11058] hid-generic 0000:0000:0000.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  304.410684][T18621] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  304.470038][T18623] FAULT_INJECTION: forcing a failure.
[  304.470038][T18623] name failslab, interval 1, probability 0, space 0, times 0
[  304.482772][T18623] CPU: 0 UID: 0 PID: 18623 Comm: syz.0.5384 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  304.482874][T18623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.482891][T18623] Call Trace:
[  304.482962][T18623]  <TASK>
[  304.482973][T18623]  __dump_stack+0x1d/0x30
[  304.483000][T18623]  dump_stack_lvl+0xe8/0x140
[  304.483025][T18623]  dump_stack+0x15/0x1b
[  304.483045][T18623]  should_fail_ex+0x265/0x280
[  304.483082][T18623]  ? audit_log_d_path+0x8d/0x150
[  304.483272][T18623]  should_failslab+0x8c/0xb0
[  304.483424][T18623]  __kmalloc_cache_noprof+0x4c/0x320
[  304.483461][T18623]  audit_log_d_path+0x8d/0x150
[  304.483497][T18623]  audit_log_d_path_exe+0x42/0x70
[  304.483604][T18623]  audit_log_task+0x1e9/0x250
[  304.483711][T18623]  audit_seccomp+0x61/0x100
[  304.483744][T18623]  ? __seccomp_filter+0x68c/0x10d0
[  304.483774][T18623]  __seccomp_filter+0x69d/0x10d0
[  304.483838][T18623]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  304.483882][T18623]  ? vfs_write+0x75e/0x8e0
[  304.484040][T18623]  ? __rcu_read_unlock+0x4f/0x70
[  304.484197][T18623]  ? __fget_files+0x184/0x1c0
[  304.484225][T18623]  __secure_computing+0x82/0x150
[  304.484251][T18623]  syscall_trace_enter+0xcf/0x1e0
[  304.484305][T18623]  do_syscall_64+0xac/0x200
[  304.484337][T18623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  304.484438][T18623]  ? clear_bhb_loop+0x40/0x90
[  304.484461][T18623]  ? clear_bhb_loop+0x40/0x90
[  304.484485][T18623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.484508][T18623] RIP: 0033:0x7f798dd4e929
[  304.484527][T18623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.484548][T18623] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000115
[  304.484571][T18623] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  304.484586][T18623] RDX: 0010000000000000 RSI: 0000000000000006 RDI: ffffffffffffffff
[  304.484668][T18623] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  304.484682][T18623] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  304.484697][T18623] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  304.484786][T18623]  </TASK>
[  304.788923][T18629] FAULT_INJECTION: forcing a failure.
[  304.788923][T18629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.802419][T18629] CPU: 0 UID: 0 PID: 18629 Comm: syz.6.5386 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  304.802448][T18629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  304.802460][T18629] Call Trace:
[  304.802543][T18629]  <TASK>
[  304.802552][T18629]  __dump_stack+0x1d/0x30
[  304.802579][T18629]  dump_stack_lvl+0xe8/0x140
[  304.802605][T18629]  dump_stack+0x15/0x1b
[  304.802692][T18629]  should_fail_ex+0x265/0x280
[  304.802725][T18629]  should_fail+0xb/0x20
[  304.802761][T18629]  should_fail_usercopy+0x1a/0x20
[  304.802829][T18629]  _copy_to_user+0x20/0xa0
[  304.802857][T18629]  simple_read_from_buffer+0xb5/0x130
[  304.802901][T18629]  proc_fail_nth_read+0x100/0x140
[  304.802964][T18629]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  304.803009][T18629]  vfs_read+0x19d/0x6f0
[  304.803188][T18629]  ? __rcu_read_unlock+0x4f/0x70
[  304.803218][T18629]  ? __fget_files+0x184/0x1c0
[  304.803256][T18629]  ksys_read+0xda/0x1a0
[  304.803307][T18629]  __x64_sys_read+0x40/0x50
[  304.803338][T18629]  x64_sys_call+0x2d77/0x2fb0
[  304.803358][T18629]  do_syscall_64+0xd2/0x200
[  304.803456][T18629]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  304.803494][T18629]  ? clear_bhb_loop+0x40/0x90
[  304.803524][T18629]  ? clear_bhb_loop+0x40/0x90
[  304.803554][T18629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.803582][T18629] RIP: 0033:0x7fa6a0d4d33c
[  304.803657][T18629] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  304.803682][T18629] RSP: 002b:00007fa69f3b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  304.803705][T18629] RAX: ffffffffffffffda RBX: 00007fa6a0f75fa0 RCX: 00007fa6a0d4d33c
[  304.803718][T18629] RDX: 000000000000000f RSI: 00007fa69f3b70a0 RDI: 0000000000000006
[  304.803729][T18629] RBP: 00007fa69f3b7090 R08: 0000000000000000 R09: 0000000000000000
[  304.803740][T18629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  304.803768][T18629] R13: 0000000000000000 R14: 00007fa6a0f75fa0 R15: 00007ffc289062f8
[  304.803793][T18629]  </TASK>
[  305.059230][T18634] SELinux:  Context system_u:object_r:usr_t:s0 is not valid (left unmapped).
[  305.159758][T11047] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  305.168714][T11047] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  305.262352][T18648] pim6reg: entered allmulticast mode
[  305.296226][T18648] pim6reg: left allmulticast mode
[  305.401634][T18661] FAULT_INJECTION: forcing a failure.
[  305.401634][T18661] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.414877][T18661] CPU: 0 UID: 0 PID: 18661 Comm: syz.4.5402 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  305.414922][T18661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.414974][T18661] Call Trace:
[  305.414983][T18661]  <TASK>
[  305.414993][T18661]  __dump_stack+0x1d/0x30
[  305.415017][T18661]  dump_stack_lvl+0xe8/0x140
[  305.415044][T18661]  dump_stack+0x15/0x1b
[  305.415060][T18661]  should_fail_ex+0x265/0x280
[  305.415096][T18661]  should_fail+0xb/0x20
[  305.415143][T18661]  should_fail_usercopy+0x1a/0x20
[  305.415266][T18661]  _copy_to_user+0x20/0xa0
[  305.415326][T18661]  simple_read_from_buffer+0xb5/0x130
[  305.415359][T18661]  proc_fail_nth_read+0x100/0x140
[  305.415443][T18661]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.415490][T18661]  vfs_read+0x19d/0x6f0
[  305.415602][T18661]  ? __rcu_read_unlock+0x4f/0x70
[  305.415646][T18661]  ? __fget_files+0x184/0x1c0
[  305.415677][T18661]  ksys_read+0xda/0x1a0
[  305.415797][T18661]  __x64_sys_read+0x40/0x50
[  305.415840][T18661]  x64_sys_call+0x2d77/0x2fb0
[  305.415869][T18661]  do_syscall_64+0xd2/0x200
[  305.415893][T18661]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  305.415958][T18661]  ? clear_bhb_loop+0x40/0x90
[  305.415986][T18661]  ? clear_bhb_loop+0x40/0x90
[  305.416014][T18661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.416051][T18661] RIP: 0033:0x7fcfaebcd33c
[  305.416072][T18661] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  305.416101][T18661] RSP: 002b:00007fcfad237030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  305.416127][T18661] RAX: ffffffffffffffda RBX: 00007fcfaedf5fa0 RCX: 00007fcfaebcd33c
[  305.416143][T18661] RDX: 000000000000000f RSI: 00007fcfad2370a0 RDI: 0000000000000007
[  305.416171][T18661] RBP: 00007fcfad237090 R08: 0000000000000000 R09: 0000000000000000
[  305.416187][T18661] R10: 000000000000006f R11: 0000000000000246 R12: 0000000000000001
[  305.416199][T18661] R13: 0000000000000000 R14: 00007fcfaedf5fa0 R15: 00007fff2a986bf8
[  305.416218][T18661]  </TASK>
[  305.427779][T18663] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5403'.
[  306.269799][T18688] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  306.322064][T18690] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  306.401946][T18694] loop0: detected capacity change from 0 to 512
[  306.418383][T18694] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.430148][T18694] EXT4-fs: Ignoring removed i_version option
[  306.457317][T18694] EXT4-fs (loop0): 1 orphan inode deleted
[  306.463831][T18694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.484149][T18694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5416'.
[  306.508563][T12785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.532442][T18703] pim6reg: entered allmulticast mode
[  306.545081][T11058] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  306.553637][T11058] hid-generic 0000:0000:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  306.565218][T18703] pim6reg: left allmulticast mode
[  307.446414][T18729] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  307.455349][T18729] SELinux: failed to load policy
[  307.519807][T18736] FAULT_INJECTION: forcing a failure.
[  307.519807][T18736] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  307.533145][T18736] CPU: 0 UID: 0 PID: 18736 Comm: syz.1.5433 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  307.533182][T18736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.533255][T18736] Call Trace:
[  307.533263][T18736]  <TASK>
[  307.533273][T18736]  __dump_stack+0x1d/0x30
[  307.533300][T18736]  dump_stack_lvl+0xe8/0x140
[  307.533325][T18736]  dump_stack+0x15/0x1b
[  307.533346][T18736]  should_fail_ex+0x265/0x280
[  307.533422][T18736]  should_fail_alloc_page+0xf2/0x100
[  307.533455][T18736]  __alloc_frozen_pages_noprof+0xff/0x360
[  307.533502][T18736]  alloc_pages_mpol+0xb3/0x250
[  307.533542][T18736]  alloc_pages_noprof+0x90/0x130
[  307.533629][T18736]  __pud_alloc+0x47/0x4c0
[  307.533651][T18736]  handle_mm_fault+0x1882/0x2be0
[  307.533671][T18736]  ? __rcu_read_unlock+0x4f/0x70
[  307.533773][T18736]  do_user_addr_fault+0x3fe/0x1090
[  307.533819][T18736]  exc_page_fault+0x62/0xa0
[  307.533853][T18736]  asm_exc_page_fault+0x26/0x30
[  307.533939][T18736] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  307.533964][T18736] Code: f1 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  307.533985][T18736] RSP: 0018:ffffc9000143fbb0 EFLAGS: 00050206
[  307.534067][T18736] RAX: ffff8881199fbb58 RBX: ffff88813df60000 RCX: 000000000000fe33
[  307.534080][T18736] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffff88813df60000
[  307.534178][T18736] RBP: 0000200000000080 R08: 000000000000056e R09: 0000000000000000
[  307.534192][T18736] R10: 000188813df60000 R11: 000188813df6fe32 R12: 000020000000feb3
[  307.534204][T18736] R13: ffffc9000143fd48 R14: 000000000000fe33 R15: 00007ffffffff000
[  307.534223][T18736]  _copy_from_iter+0x141/0xe40
[  307.534309][T18736]  ? __build_skb_around+0x1a0/0x200
[  307.534347][T18736]  ? __build_skb+0x59/0x70
[  307.534378][T18736]  ? is_vmalloc_addr+0x37/0x90
[  307.534428][T18736]  netlink_sendmsg+0x471/0x6b0
[  307.534462][T18736]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.534486][T18736]  __sock_sendmsg+0x145/0x180
[  307.534567][T18736]  sock_write_iter+0x165/0x1b0
[  307.534598][T18736]  ? __pfx_sock_write_iter+0x10/0x10
[  307.534683][T18736]  vfs_write+0x49d/0x8e0
[  307.534726][T18736]  ksys_write+0xda/0x1a0
[  307.534801][T18736]  __x64_sys_write+0x40/0x50
[  307.534914][T18736]  x64_sys_call+0x2cdd/0x2fb0
[  307.535013][T18736]  do_syscall_64+0xd2/0x200
[  307.535032][T18736]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  307.535073][T18736]  ? clear_bhb_loop+0x40/0x90
[  307.535100][T18736]  ? clear_bhb_loop+0x40/0x90
[  307.535128][T18736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.535204][T18736] RIP: 0033:0x7f78df61e929
[  307.535223][T18736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.535246][T18736] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  307.535266][T18736] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  307.535330][T18736] RDX: 000000000000fe33 RSI: 0000200000000080 RDI: 0000000000000003
[  307.535344][T18736] RBP: 00007f78ddc87090 R08: 0000000000000000 R09: 0000000000000000
[  307.535359][T18736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.535375][T18736] R13: 0000000000000000 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  307.535398][T18736]  </TASK>
[  307.909269][T18738] pim6reg: entered allmulticast mode
[  307.925858][T18738] pim6reg: left allmulticast mode
[  307.934217][   T29] kauditd_printk_skb: 301 callbacks suppressed
[  307.934234][   T29] audit: type=1400 audit(2000000266.469:50062): avc:  denied  { create } for  pid=18745 comm="syz.1.5438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  307.962964][   T29] audit: type=1400 audit(2000000266.499:50063): avc:  denied  { bind } for  pid=18745 comm="syz.1.5438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  307.986316][   T29] audit: type=1400 audit(2000000266.529:50064): avc:  denied  { listen } for  pid=18745 comm="syz.1.5438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  308.008159][   T29] audit: type=1400 audit(2000000266.549:50065): avc:  denied  { ioctl } for  pid=18745 comm="syz.1.5438" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  308.048118][   T29] audit: type=1400 audit(2000000266.589:50066): avc:  denied  { setcheckreqprot } for  pid=18751 comm="syz.0.5441" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  308.069052][T18754] netlink: 209836 bytes leftover after parsing attributes in process `syz.7.5442'.
[  308.086570][T18754] netlink: del zone limit has 8 unknown bytes
[  308.101574][   T29] audit: type=1400 audit(2000000266.639:50067): avc:  denied  { setcheckreqprot } for  pid=18753 comm="syz.7.5442" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  308.835124][   T29] audit: type=1326 audit(2000000267.379:50068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.0.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  308.858804][   T29] audit: type=1326 audit(2000000267.379:50069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.0.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  308.935596][   T29] audit: type=1326 audit(2000000267.379:50070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.0.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  308.959229][   T29] audit: type=1326 audit(2000000267.379:50071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.0.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f798dd4e929 code=0x7ffc0000
[  309.043119][T18780] pim6reg: entered allmulticast mode
[  309.071018][T18780] pim6reg: left allmulticast mode
[  309.112675][T18791] xt_limit: Overflow, try lower: 2147483649/3300
[  309.984498][T18822] pim6reg: entered allmulticast mode
[  309.992713][T18822] pim6reg: left allmulticast mode
[  310.069456][T18825] xt_limit: Overflow, try lower: 2147483649/3300
[  310.099290][T18828] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  310.147695][T18828] SELinux: failed to load policy
[  310.910196][T18848] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5481'.
[  311.130589][T18863] atomic_op ffff8881009cb128 conn xmit_atomic 0000000000000000
[  311.294489][T18867] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  312.217296][T18879] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5492'.
[  312.273761][T18881] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  312.292384][T18881] SELinux: failed to load policy
[  312.521953][T18887] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5496'.
[  312.678022][T18901] xt_limit: Overflow, try lower: 2147483649/3300
[  312.997669][T18910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5508'.
[  313.024718][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  313.024737][   T29] audit: type=1326 audit(2000000271.569:50085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.074119][   T29] audit: type=1326 audit(2000000271.599:50086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.098208][   T29] audit: type=1326 audit(2000000271.599:50087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.121929][   T29] audit: type=1326 audit(2000000271.599:50088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.145560][   T29] audit: type=1326 audit(2000000271.599:50089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.169236][   T29] audit: type=1326 audit(2000000271.599:50090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.192873][   T29] audit: type=1326 audit(2000000271.599:50091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.216596][   T29] audit: type=1326 audit(2000000271.599:50092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.240211][   T29] audit: type=1326 audit(2000000271.599:50093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.263861][   T29] audit: type=1326 audit(2000000271.599:50094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18911 comm="syz.6.5507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  313.294629][T18914] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  313.685037][T11058] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[  313.725906][T11058] hid-generic 0000:0000:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  313.756352][T18948] bridge0: entered allmulticast mode
[  314.024460][T18958] netlink: 536 bytes leftover after parsing attributes in process `syz.4.5530'.
[  314.052128][T18958] program  is using a deprecated SCSI ioctl, please convert it to SG_IO
[  314.744724][ T3399] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[  314.753233][ T3399] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  315.157290][T18991] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5544'.
[  316.206637][T19030] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=19030 comm=syz.7.5559
[  316.285966][T19034] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5560'.
[  316.298366][T19034] netem: change failed
[  316.632399][T19045] xt_limit: Overflow, try lower: 2147483649/3300
[  316.895600][T19057] program syz.1.5569 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  316.978421][T19061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5570'.
[  317.044161][T19072] FAULT_INJECTION: forcing a failure.
[  317.044161][T19072] name failslab, interval 1, probability 0, space 0, times 0
[  317.056965][T19072] CPU: 0 UID: 0 PID: 19072 Comm: syz.0.5573 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  317.057004][T19072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.057019][T19072] Call Trace:
[  317.057026][T19072]  <TASK>
[  317.057032][T19072]  __dump_stack+0x1d/0x30
[  317.057130][T19072]  dump_stack_lvl+0xe8/0x140
[  317.057157][T19072]  dump_stack+0x15/0x1b
[  317.057179][T19072]  should_fail_ex+0x265/0x280
[  317.057218][T19072]  should_failslab+0x8c/0xb0
[  317.057247][T19072]  __kmalloc_noprof+0xa5/0x3e0
[  317.057312][T19072]  ? cond_policydb_dup+0xa3/0x4e0
[  317.057348][T19072]  cond_policydb_dup+0xa3/0x4e0
[  317.057385][T19072]  security_set_bools+0xa0/0x340
[  317.057416][T19072]  sel_commit_bools_write+0x1ea/0x270
[  317.057516][T19072]  vfs_writev+0x406/0x8b0
[  317.057543][T19072]  ? __pfx_sel_commit_bools_write+0x10/0x10
[  317.057647][T19072]  ? mutex_lock+0xd/0x30
[  317.057676][T19072]  do_writev+0xe7/0x210
[  317.057708][T19072]  __x64_sys_writev+0x45/0x50
[  317.057770][T19072]  x64_sys_call+0x2006/0x2fb0
[  317.057793][T19072]  do_syscall_64+0xd2/0x200
[  317.057815][T19072]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  317.057911][T19072]  ? clear_bhb_loop+0x40/0x90
[  317.057937][T19072]  ? clear_bhb_loop+0x40/0x90
[  317.057965][T19072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.058000][T19072] RIP: 0033:0x7f798dd4e929
[  317.058019][T19072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.058107][T19072] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  317.058128][T19072] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  317.058144][T19072] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000003
[  317.058160][T19072] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  317.058176][T19072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.058192][T19072] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  317.058217][T19072]  </TASK>
[  317.319480][T19061] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19061 comm=syz.1.5570
[  317.333524][T19079] tipc: Started in network mode
[  317.338619][T19079] tipc: Node identity ac14140f, cluster identity 4711
[  317.355646][T19079] tipc: New replicast peer: 10.1.1.2
[  317.361098][T19079] tipc: Enabled bearer <udp:syz0>, priority 10
[  317.367467][T19081] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  317.446409][T19090] pim6reg: entered allmulticast mode
[  317.454037][T19090] pim6reg: left allmulticast mode
[  317.627669][T19094] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5577'.
[  317.764656][   T36] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  317.790674][T19104] vlan2: entered allmulticast mode
[  317.801890][T19104] dummy0: entered allmulticast mode
[  317.826031][   T36] hid-generic 0000:0000:0000.0026: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  318.107042][   T29] kauditd_printk_skb: 321 callbacks suppressed
[  318.107059][   T29] audit: type=1326 audit(2000000276.650:50416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.132637][T19116] pim6reg: entered allmulticast mode
[  318.142652][   T29] audit: type=1326 audit(2000000276.690:50417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.166912][   T29] audit: type=1326 audit(2000000276.690:50418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.167983][T19116] pim6reg: left allmulticast mode
[  318.190619][   T29] audit: type=1326 audit(2000000276.690:50419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.219389][   T29] audit: type=1326 audit(2000000276.690:50420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.263477][   T29] audit: type=1326 audit(2000000276.770:50421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.287167][   T29] audit: type=1326 audit(2000000276.770:50422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.311113][   T29] audit: type=1326 audit(2000000276.770:50423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.334700][   T29] audit: type=1326 audit(2000000276.770:50424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.358350][   T29] audit: type=1326 audit(2000000276.770:50425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19111 comm="syz.6.5588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x7ffc0000
[  318.414145][T19117] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19117 comm=syz.6.5588
[  318.473901][ T3399] tipc: Node number set to 2886997007
[  318.528044][T19133] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  318.632527][T19153] pim6reg: entered allmulticast mode
[  318.639140][T19153] pim6reg: left allmulticast mode
[  318.830075][T19159] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5605'.
[  319.036959][T19160] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19160 comm=syz.1.5606
[  319.164400][T19165] FAULT_INJECTION: forcing a failure.
[  319.164400][T19165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.177564][T19165] CPU: 0 UID: 0 PID: 19165 Comm: syz.1.5607 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  319.177616][T19165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.177633][T19165] Call Trace:
[  319.177641][T19165]  <TASK>
[  319.177651][T19165]  __dump_stack+0x1d/0x30
[  319.177679][T19165]  dump_stack_lvl+0xe8/0x140
[  319.177701][T19165]  dump_stack+0x15/0x1b
[  319.177737][T19165]  should_fail_ex+0x265/0x280
[  319.177776][T19165]  should_fail+0xb/0x20
[  319.177853][T19165]  should_fail_usercopy+0x1a/0x20
[  319.177894][T19165]  _copy_from_iter+0xcf/0xe40
[  319.177934][T19165]  ? alloc_pages_mpol+0x201/0x250
[  319.178033][T19165]  copy_page_from_iter+0x178/0x2a0
[  319.178058][T19165]  tun_get_user+0x5f0/0x2500
[  319.178208][T19165]  ? ref_tracker_alloc+0x1f2/0x2f0
[  319.178249][T19165]  tun_chr_write_iter+0x15e/0x210
[  319.178280][T19165]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  319.178375][T19165]  vfs_write+0x49d/0x8e0
[  319.178469][T19165]  ksys_write+0xda/0x1a0
[  319.178504][T19165]  __x64_sys_write+0x40/0x50
[  319.178545][T19165]  x64_sys_call+0x2cdd/0x2fb0
[  319.178572][T19165]  do_syscall_64+0xd2/0x200
[  319.178642][T19165]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  319.178670][T19165]  ? clear_bhb_loop+0x40/0x90
[  319.178742][T19165]  ? clear_bhb_loop+0x40/0x90
[  319.178779][T19165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.178802][T19165] RIP: 0033:0x7f78df61d3df
[  319.178847][T19165] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  319.178870][T19165] RSP: 002b:00007f78ddc66000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  319.178893][T19165] RAX: ffffffffffffffda RBX: 00007f78df846080 RCX: 00007f78df61d3df
[  319.178909][T19165] RDX: 000000000000005a RSI: 0000200000000280 RDI: 00000000000000c8
[  319.178924][T19165] RBP: 00007f78ddc66090 R08: 0000000000000000 R09: 0000000000000000
[  319.178939][T19165] R10: 000000000000005a R11: 0000000000000293 R12: 0000000000000001
[  319.178951][T19165] R13: 0000000000000000 R14: 00007f78df846080 R15: 00007ffda96ed018
[  319.179028][T19165]  </TASK>
[  319.446548][T19171] FAULT_INJECTION: forcing a failure.
[  319.446548][T19171] name failslab, interval 1, probability 0, space 0, times 0
[  319.459297][T19171] CPU: 1 UID: 0 PID: 19171 Comm: syz.1.5610 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  319.459326][T19171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.459338][T19171] Call Trace:
[  319.459346][T19171]  <TASK>
[  319.459356][T19171]  __dump_stack+0x1d/0x30
[  319.459383][T19171]  dump_stack_lvl+0xe8/0x140
[  319.459499][T19171]  dump_stack+0x15/0x1b
[  319.459518][T19171]  should_fail_ex+0x265/0x280
[  319.459549][T19171]  should_failslab+0x8c/0xb0
[  319.459641][T19171]  kmem_cache_alloc_noprof+0x50/0x310
[  319.459668][T19171]  ? security_file_alloc+0x32/0x100
[  319.459774][T19171]  security_file_alloc+0x32/0x100
[  319.459813][T19171]  init_file+0x5c/0x1d0
[  319.459901][T19171]  alloc_empty_file+0x8b/0x200
[  319.459963][T19171]  path_openat+0x68/0x2170
[  319.460068][T19171]  ? _parse_integer_limit+0x170/0x190
[  319.460099][T19171]  ? kstrtoull+0x111/0x140
[  319.460125][T19171]  ? kstrtouint+0x76/0xc0
[  319.460202][T19171]  do_filp_open+0x109/0x230
[  319.460248][T19171]  do_sys_openat2+0xa6/0x110
[  319.460285][T19171]  __x64_sys_openat+0xf2/0x120
[  319.460318][T19171]  x64_sys_call+0x1af/0x2fb0
[  319.460390][T19171]  do_syscall_64+0xd2/0x200
[  319.460408][T19171]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  319.460500][T19171]  ? clear_bhb_loop+0x40/0x90
[  319.460528][T19171]  ? clear_bhb_loop+0x40/0x90
[  319.460554][T19171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.460575][T19171] RIP: 0033:0x7f78df61e929
[  319.460604][T19171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.460627][T19171] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  319.460651][T19171] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  319.460664][T19171] RDX: 0000000000000806 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  319.460752][T19171] RBP: 00007f78ddc87090 R08: 0000000000000000 R09: 0000000000000000
[  319.460776][T19171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.460787][T19171] R13: 0000000000000001 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  319.460807][T19171]  </TASK>
[  319.816286][T19178] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5612'.
[  319.955568][T19198] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.961166][T19191] xt_limit: Overflow, try lower: 2147483649/3300
[  319.962805][T19198] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.976810][T19198] bridge0: entered allmulticast mode
[  319.988530][T19194] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.995880][T19194] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.047972][T19204] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  320.060348][T19194] bridge0: entered allmulticast mode
[  320.126121][T19214] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5627'.
[  320.126936][T11055] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  320.168497][T11055] hid-generic 0000:0000:0000.0027: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  320.271510][T19229] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5624'.
[  320.280083][T19230] xt_limit: Overflow, try lower: 2147483649/3300
[  320.291728][T19233] FAULT_INJECTION: forcing a failure.
[  320.291728][T19233] name failslab, interval 1, probability 0, space 0, times 0
[  320.304580][T19233] CPU: 1 UID: 0 PID: 19233 Comm: syz.4.5634 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  320.304615][T19233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  320.304630][T19233] Call Trace:
[  320.304637][T19233]  <TASK>
[  320.304714][T19233]  __dump_stack+0x1d/0x30
[  320.304739][T19233]  dump_stack_lvl+0xe8/0x140
[  320.304821][T19233]  dump_stack+0x15/0x1b
[  320.304840][T19233]  should_fail_ex+0x265/0x280
[  320.304887][T19233]  should_failslab+0x8c/0xb0
[  320.304915][T19233]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  320.305043][T19233]  ? v9fs_session_init+0x78/0xde0
[  320.305075][T19233]  kstrdup+0x3e/0xd0
[  320.305170][T19233]  v9fs_session_init+0x78/0xde0
[  320.305201][T19233]  ? obj_cgroup_charge_account+0x122/0x1a0
[  320.305239][T19233]  ? __rcu_read_unlock+0x4f/0x70
[  320.305270][T19233]  ? v9fs_mount+0x51/0x590
[  320.305304][T19233]  ? __kmalloc_cache_noprof+0x299/0x320
[  320.305340][T19233]  v9fs_mount+0x67/0x590
[  320.305376][T19233]  ? __pfx_v9fs_mount+0x10/0x10
[  320.305461][T19233]  legacy_get_tree+0x75/0xd0
[  320.305499][T19233]  vfs_get_tree+0x54/0x1d0
[  320.305538][T19233]  do_new_mount+0x207/0x680
[  320.305659][T19233]  path_mount+0x4a4/0xb20
[  320.305697][T19233]  ? user_path_at+0x109/0x130
[  320.305730][T19233]  __se_sys_mount+0x28f/0x2e0
[  320.305795][T19233]  ? fput+0x8f/0xc0
[  320.305826][T19233]  __x64_sys_mount+0x67/0x80
[  320.305855][T19233]  x64_sys_call+0xd36/0x2fb0
[  320.305907][T19233]  do_syscall_64+0xd2/0x200
[  320.305928][T19233]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  320.305959][T19233]  ? clear_bhb_loop+0x40/0x90
[  320.305985][T19233]  ? clear_bhb_loop+0x40/0x90
[  320.306011][T19233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.306045][T19233] RIP: 0033:0x7fcfaebce929
[  320.306063][T19233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.306092][T19233] RSP: 002b:00007fcfad237038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  320.306115][T19233] RAX: ffffffffffffffda RBX: 00007fcfaedf5fa0 RCX: 00007fcfaebce929
[  320.306129][T19233] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[  320.306143][T19233] RBP: 00007fcfad237090 R08: 0000200000000340 R09: 0000000000000000
[  320.306158][T19233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  320.306172][T19233] R13: 0000000000000000 R14: 00007fcfaedf5fa0 R15: 00007fff2a986bf8
[  320.306195][T19233]  </TASK>
[  320.778727][T19258] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5644'.
[  320.864549][T19262] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5646'.
[  320.873583][T19262] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5646'.
[  320.902360][T19264] xt_limit: Overflow, try lower: 2147483649/3300
[  321.126125][T19291] pim6reg: entered allmulticast mode
[  321.134621][T19291] pim6reg: left allmulticast mode
[  321.143159][T19293] FAULT_INJECTION: forcing a failure.
[  321.143159][T19293] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  321.156681][T19293] CPU: 0 UID: 0 PID: 19293 Comm: syz.0.5658 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  321.156712][T19293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  321.156779][T19293] Call Trace:
[  321.156855][T19293]  <TASK>
[  321.156863][T19293]  __dump_stack+0x1d/0x30
[  321.156889][T19293]  dump_stack_lvl+0xe8/0x140
[  321.156913][T19293]  dump_stack+0x15/0x1b
[  321.156934][T19293]  should_fail_ex+0x265/0x280
[  321.157023][T19293]  should_fail_alloc_page+0xf2/0x100
[  321.157055][T19293]  __alloc_frozen_pages_noprof+0xff/0x360
[  321.157103][T19293]  __alloc_pages_noprof+0x9/0x20
[  321.157134][T19293]  probe_event_enable+0x50d/0x7d0
[  321.157216][T19293]  ? __pfx_uprobe_perf_filter+0x10/0x10
[  321.157331][T19293]  trace_uprobe_register+0x86/0x3c0
[  321.157430][T19293]  perf_trace_event_init+0x35c/0x7b0
[  321.157473][T19293]  perf_uprobe_init+0xf9/0x150
[  321.157515][T19293]  perf_uprobe_event_init+0xea/0x150
[  321.157544][T19293]  perf_try_init_event+0xd9/0x540
[  321.157577][T19293]  ? perf_event_alloc+0xb1c/0x1680
[  321.157616][T19293]  perf_event_alloc+0xb27/0x1680
[  321.157663][T19293]  __se_sys_perf_event_open+0x615/0x11c0
[  321.157770][T19293]  ? __rcu_read_unlock+0x4f/0x70
[  321.157804][T19293]  __x64_sys_perf_event_open+0x67/0x80
[  321.157910][T19293]  x64_sys_call+0x27ec/0x2fb0
[  321.157936][T19293]  do_syscall_64+0xd2/0x200
[  321.157953][T19293]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  321.157979][T19293]  ? clear_bhb_loop+0x40/0x90
[  321.158098][T19293]  ? clear_bhb_loop+0x40/0x90
[  321.158182][T19293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.158209][T19293] RIP: 0033:0x7f798dd4e929
[  321.158228][T19293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.158307][T19293] RSP: 002b:00007f798c3b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  321.158388][T19293] RAX: ffffffffffffffda RBX: 00007f798df75fa0 RCX: 00007f798dd4e929
[  321.158403][T19293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  321.158418][T19293] RBP: 00007f798c3b7090 R08: 0000000000000000 R09: 0000000000000000
[  321.158433][T19293] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[  321.158446][T19293] R13: 0000000000000000 R14: 00007f798df75fa0 R15: 00007fff10ebf778
[  321.158464][T19293]  </TASK>
[  321.535605][T19306] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  321.568805][T19311] bridge0: port 3(syz_tun) entered disabled state
[  321.575589][T19311] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.582802][T19311] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.591530][T19311] bridge0: entered allmulticast mode
[  321.646928][T19316] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5659'.
[  322.257457][T19330] pim6reg: entered allmulticast mode
[  322.263377][T19330] pim6reg: left allmulticast mode
[  322.311613][T19334] Falling back ldisc for ttyS3.
[  322.417111][T19342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5679'.
[  322.701719][T19368] FAULT_INJECTION: forcing a failure.
[  322.701719][T19368] name failslab, interval 1, probability 0, space 0, times 0
[  322.714604][T19368] CPU: 1 UID: 0 PID: 19368 Comm: syz.4.5690 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  322.714641][T19368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.714658][T19368] Call Trace:
[  322.714666][T19368]  <TASK>
[  322.714714][T19368]  __dump_stack+0x1d/0x30
[  322.714737][T19368]  dump_stack_lvl+0xe8/0x140
[  322.714761][T19368]  dump_stack+0x15/0x1b
[  322.714778][T19368]  should_fail_ex+0x265/0x280
[  322.714877][T19368]  ? __hw_addr_add_ex+0x162/0x440
[  322.714981][T19368]  should_failslab+0x8c/0xb0
[  322.715011][T19368]  __kmalloc_cache_noprof+0x4c/0x320
[  322.715051][T19368]  __hw_addr_add_ex+0x162/0x440
[  322.715125][T19368]  dev_addr_init+0xb1/0x120
[  322.715160][T19368]  alloc_netdev_mqs+0x212/0xab0
[  322.715207][T19368]  ? __pfx_vti6_dev_setup+0x10/0x10
[  322.715236][T19368]  vti6_locate+0x357/0x440
[  322.715273][T19368]  vti6_siocdevprivate+0x579/0x8e0
[  322.715317][T19368]  dev_ifsioc+0x8f8/0xaa0
[  322.715343][T19368]  dev_ioctl+0x78d/0x960
[  322.715404][T19368]  sock_ioctl+0x593/0x610
[  322.715442][T19368]  ? __pfx_sock_ioctl+0x10/0x10
[  322.715469][T19368]  __se_sys_ioctl+0xcb/0x140
[  322.715565][T19368]  __x64_sys_ioctl+0x43/0x50
[  322.715592][T19368]  x64_sys_call+0x19a8/0x2fb0
[  322.715684][T19368]  do_syscall_64+0xd2/0x200
[  322.715730][T19368]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  322.715819][T19368]  ? clear_bhb_loop+0x40/0x90
[  322.715846][T19368]  ? clear_bhb_loop+0x40/0x90
[  322.715874][T19368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.715902][T19368] RIP: 0033:0x7fcfaebce929
[  322.715985][T19368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.716003][T19368] RSP: 002b:00007fcfad237038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  322.716023][T19368] RAX: ffffffffffffffda RBX: 00007fcfaedf5fa0 RCX: 00007fcfaebce929
[  322.716038][T19368] RDX: 0000200000000080 RSI: 00000000000089f1 RDI: 0000000000000008
[  322.716053][T19368] RBP: 00007fcfad237090 R08: 0000000000000000 R09: 0000000000000000
[  322.716068][T19368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.716083][T19368] R13: 0000000000000000 R14: 00007fcfaedf5fa0 R15: 00007fff2a986bf8
[  322.716179][T19368]  </TASK>
[  322.954363][T19374] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5691'.
[  322.985309][T19375] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5686'.
[  323.095135][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.102619][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.110354][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.117857][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.125385][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.132864][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.140313][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.147811][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.155252][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.162788][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.170322][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.177762][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.261881][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.268513][   T29] kauditd_printk_skb: 300 callbacks suppressed
[  323.268533][   T29] audit: type=1326 audit(2000000281.810:50726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19391 comm="syz.6.5697" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa6a0d4e929 code=0x0
[  323.269551][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.306365][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.313944][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.321484][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.328971][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.336448][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.344159][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.351588][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.359182][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.366712][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.374206][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.381659][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.389138][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.396789][T11058] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[  323.404887][T11058] hid-generic 0000:0000:0000.0028: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  323.517668][   T29] audit: type=1400 audit(2000000282.060:50727): avc:  denied  { create } for  pid=19404 comm="syz.1.5703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  323.538825][   T29] audit: type=1400 audit(2000000282.060:50728): avc:  denied  { setopt } for  pid=19404 comm="syz.1.5703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  323.558913][   T29] audit: type=1400 audit(2000000282.060:50729): avc:  denied  { getopt } for  pid=19404 comm="syz.1.5703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  323.578947][   T29] audit: type=1400 audit(2000000282.060:50730): avc:  denied  { read } for  pid=19404 comm="syz.1.5703" lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  323.726117][T19416] pim6reg: entered allmulticast mode
[  323.733296][T19416] pim6reg: left allmulticast mode
[  323.770407][T19418] xt_limit: Overflow, try lower: 2147483649/3300
[  323.837755][   T29] audit: type=1400 audit(2000000282.380:50731): avc:  denied  { create } for  pid=19422 comm="syz.0.5709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  323.875594][T19426] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5697'.
[  324.355945][T19435] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5712'.
[  324.378359][T19435] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19435 comm=syz.7.5712
[  324.438707][   T29] audit: type=1326 audit(2000000282.980:50732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  324.454411][T19440] FAULT_INJECTION: forcing a failure.
[  324.454411][T19440] name failslab, interval 1, probability 0, space 0, times 0
[  324.462395][   T29] audit: type=1326 audit(2000000282.980:50733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  324.475144][T19440] CPU: 1 UID: 0 PID: 19440 Comm: syz.7.5712 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  324.475216][T19440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  324.475236][T19440] Call Trace:
[  324.475245][T19440]  <TASK>
[  324.475300][T19440]  __dump_stack+0x1d/0x30
[  324.475341][T19440]  dump_stack_lvl+0xe8/0x140
[  324.475370][T19440]  dump_stack+0x15/0x1b
[  324.475396][T19440]  should_fail_ex+0x265/0x280
[  324.475440][T19440]  ? io_wq_create+0x4b/0x4a0
[  324.475521][T19440]  should_failslab+0x8c/0xb0
[  324.475561][T19440]  __kmalloc_cache_noprof+0x4c/0x320
[  324.475602][T19440]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  324.475654][T19440]  io_wq_create+0x4b/0x4a0
[  324.475691][T19440]  io_uring_alloc_task_context+0x17d/0x2d0
[  324.475736][T19440]  __io_uring_add_tctx_node+0x1f3/0x2d0
[  324.475880][T19440]  __io_uring_add_tctx_node_from_submit+0x69/0xc0
[  324.475943][T19440]  __se_sys_io_uring_enter+0x195b/0x1b70
[  324.476029][T19440]  ? htab_map_hash+0x15f/0x1d0
[  324.476071][T19440]  ? __htab_map_lookup_elem+0x129/0x150
[  324.476174][T19440]  ? htab_percpu_map_lookup_percpu_elem+0x9f/0xb0
[  324.476216][T19440]  ? __rcu_read_unlock+0x4f/0x70
[  324.476249][T19440]  ? bpf_trace_run2+0x124/0x1c0
[  324.476287][T19440]  ? bpf_trace_run2+0x124/0x1c0
[  324.476379][T19440]  ? __bpf_trace_sys_enter+0x10/0x30
[  324.476438][T19440]  __x64_sys_io_uring_enter+0x78/0x90
[  324.476497][T19440]  x64_sys_call+0x28c8/0x2fb0
[  324.476529][T19440]  do_syscall_64+0xd2/0x200
[  324.476553][T19440]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  324.476591][T19440]  ? clear_bhb_loop+0x40/0x90
[  324.476671][T19440]  ? clear_bhb_loop+0x40/0x90
[  324.476750][T19440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.476835][T19440] RIP: 0033:0x7f741506e929
[  324.476859][T19440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.476886][T19440] RSP: 002b:00007f7413683038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  324.476941][T19440] RAX: ffffffffffffffda RBX: 00007f7415296080 RCX: 00007f741506e929
[  324.476993][T19440] RDX: 00000000000004c1 RSI: 0000000000000fd0 RDI: 0000000000000007
[  324.477010][T19440] RBP: 00007f7413683090 R08: 0000000000000000 R09: 0000000000000000
[  324.477028][T19440] R10: 0000000000000043 R11: 0000000000000246 R12: 0000000000000001
[  324.477045][T19440] R13: 0000000000000000 R14: 00007f7415296080 R15: 00007ffca72ee3a8
[  324.477074][T19440]  </TASK>
[  324.646479][T19439] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5714'.
[  324.652164][   T29] audit: type=1326 audit(2000000282.980:50734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  324.652203][   T29] audit: type=1326 audit(2000000282.980:50735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19438 comm="syz.4.5714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  324.844660][T19451] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5718'.
[  324.872436][ T3399] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0
[  324.880533][ T3399] hid-generic 0000:0000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  325.468377][T19489] pim6reg: entered allmulticast mode
[  325.486916][T19489] pim6reg: left allmulticast mode
[  325.496377][T19466] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5723'.
[  325.506411][T19466] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19466 comm=syz.1.5723
[  325.509970][T19493] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5737'.
[  325.533616][   T36] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0
[  325.559875][T19491] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19491 comm=syz.6.5736
[  325.573612][   T36] hid-generic 0000:0000:0000.002A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  325.641138][T19507] netlink: 'syz.6.5739': attribute type 13 has an invalid length.
[  325.652528][T19507] gretap0: refused to change device tx_queue_len
[  325.661915][T19507] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  325.810663][T19517] lo speed is unknown, defaulting to 1000
[  325.830614][T19517] lo speed is unknown, defaulting to 1000
[  325.843727][T19517] lo speed is unknown, defaulting to 1000
[  325.858879][T19517] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  325.877630][T19526] FAULT_INJECTION: forcing a failure.
[  325.877630][T19526] name failslab, interval 1, probability 0, space 0, times 0
[  325.878027][T19517] lo speed is unknown, defaulting to 1000
[  325.890414][T19526] CPU: 0 UID: 0 PID: 19526 Comm: syz.6.5748 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  325.890539][T19526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  325.890557][T19526] Call Trace:
[  325.890568][T19526]  <TASK>
[  325.890579][T19526]  __dump_stack+0x1d/0x30
[  325.890611][T19526]  dump_stack_lvl+0xe8/0x140
[  325.890640][T19526]  dump_stack+0x15/0x1b
[  325.890663][T19526]  should_fail_ex+0x265/0x280
[  325.890714][T19526]  should_failslab+0x8c/0xb0
[  325.890748][T19526]  kmem_cache_alloc_noprof+0x50/0x310
[  325.890786][T19526]  ? __anon_vma_prepare+0xcd/0x2f0
[  325.890880][T19526]  __anon_vma_prepare+0xcd/0x2f0
[  325.890928][T19526]  do_wp_page+0x1838/0x2400
[  325.890961][T19526]  ? __rcu_read_lock+0x37/0x50
[  325.890996][T19526]  handle_mm_fault+0x77d/0x2be0
[  325.891028][T19526]  ? mas_walk+0xf2/0x120
[  325.891133][T19526]  do_user_addr_fault+0x636/0x1090
[  325.891210][T19526]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  325.891257][T19526]  exc_page_fault+0x62/0xa0
[  325.891297][T19526]  asm_exc_page_fault+0x26/0x30
[  325.891331][T19526] RIP: 0033:0x7fa6a0c10ca3
[  325.891355][T19526] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  325.891390][T19526] RSP: 002b:00007fa69f3b64a0 EFLAGS: 00010202
[  325.891414][T19526] RAX: 0000000000000400 RBX: 00007fa69f3b6540 RCX: 00007fa696f97000
[  325.891432][T19526] RDX: 00007fa69f3b66e0 RSI: 0000000000000000 RDI: 00007fa69f3b65e0
[  325.891450][T19526] RBP: 00000000000000f9 R08: 000000000000000a R09: 00000000000003d4
[  325.891492][T19526] R10: 00000000000003d8 R11: 00007fa69f3b6540 R12: 0000000000000001
[  325.891510][T19526] R13: 00007fa6a0dec200 R14: 0000000000000020 R15: 00007fa69f3b65e0
[  325.891537][T19526]  </TASK>
[  325.891555][T19526] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  325.909577][T19517] lo speed is unknown, defaulting to 1000
[  326.073491][T19539] netlink: 'syz.1.5752': attribute type 4 has an invalid length.
[  326.077523][T19517] lo speed is unknown, defaulting to 1000
[  326.095853][T11044] hid-generic 0000:0000:0000.002B: unknown main item tag 0x0
[  326.101838][T19517] lo speed is unknown, defaulting to 1000
[  326.118031][T19517] lo speed is unknown, defaulting to 1000
[  326.127941][T19529] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  326.143538][T19529] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  326.153282][T11044] hid-generic 0000:0000:0000.002B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  326.166022][T19517] lo speed is unknown, defaulting to 1000
[  326.172157][T19517] lo speed is unknown, defaulting to 1000
[  326.184182][T19539] dvmrp1: entered allmulticast mode
[  326.226050][T19539] dvmrp1: left allmulticast mode
[  326.321347][T19564] pim6reg: entered allmulticast mode
[  326.335181][T19564] pim6reg: left allmulticast mode
[  326.515787][T19581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19581 comm=syz.4.5768
[  326.657462][T19597] __nla_validate_parse: 4 callbacks suppressed
[  326.657481][T19597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5776'.
[  326.830155][T19613] pim6reg: entered allmulticast mode
[  326.839811][T19614] pim6reg: entered allmulticast mode
[  326.846622][T19613] pim6reg: left allmulticast mode
[  326.857694][T19614] pim6reg: left allmulticast mode
[  326.883047][T19618] tmpfs: Bad value for 'nr_inodes'
[  326.961511][T19626] xt_limit: Overflow, try lower: 2147483649/3300
[  326.967412][T19629] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5788'.
[  326.977069][T19630] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5788'.
[  327.002591][T19634] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19634 comm=syz.0.5790
[  327.026582][T19630] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5788'.
[  327.035795][T19629] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5788'.
[  327.158374][   T36] kernel write not supported for file /1182/oom_score_adj (pid: 36 comm: kworker/1:1)
[  327.171821][T19644] openvswitch: netlink: Message has 6 unknown bytes.
[  327.207610][T19649] SELinux: syz.6.5795 (19649) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  327.258834][T19649] bridge2: entered promiscuous mode
[  327.264146][T19649] bridge2: entered allmulticast mode
[  327.279001][T19649] team0: Port device bridge2 added
[  327.300505][T19651] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5797'.
[  327.321497][T19657] xt_hashlimit: max too large, truncated to 1048576
[  327.331790][T19655] pim6reg: entered allmulticast mode
[  327.337950][T19655] pim6reg: left allmulticast mode
[  327.340329][   T36] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0
[  327.370422][   T36] hid-generic 0000:0000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  327.376218][T19659] xt_limit: Overflow, try lower: 2147483649/3300
[  327.587838][T19678] wg2: entered promiscuous mode
[  327.592794][T19678] wg2: entered allmulticast mode
[  327.601032][T19678] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5808'.
[  327.687728][T19692] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5814'.
[  327.697590][T19682] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=59923 sclass=netlink_route_socket pid=19682 comm=syz.6.5805
[  327.699381][ T3399] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[  327.719295][ T3399] hid-generic 0000:0000:0000.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  327.737886][T19694] xt_limit: Overflow, try lower: 2147483649/3300
[  327.800372][T19707] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  327.869615][T19717] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5824'.
[  327.976644][T19725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5826'.
[  327.976842][T19719] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19719 comm=syz.0.5825
[  328.001065][ T3399] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0
[  328.011015][ T3399] hid-generic 0000:0000:0000.002E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  328.185494][T19741] FAULT_INJECTION: forcing a failure.
[  328.185494][T19741] name failslab, interval 1, probability 0, space 0, times 0
[  328.198217][T19741] CPU: 1 UID: 0 PID: 19741 Comm: syz.1.5834 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  328.198253][T19741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.198349][T19741] Call Trace:
[  328.198359][T19741]  <TASK>
[  328.198369][T19741]  __dump_stack+0x1d/0x30
[  328.198396][T19741]  dump_stack_lvl+0xe8/0x140
[  328.198421][T19741]  dump_stack+0x15/0x1b
[  328.198443][T19741]  should_fail_ex+0x265/0x280
[  328.198482][T19741]  should_failslab+0x8c/0xb0
[  328.198562][T19741]  __kmalloc_noprof+0xa5/0x3e0
[  328.198643][T19741]  ? alloc_pipe_info+0x1c9/0x350
[  328.198669][T19741]  alloc_pipe_info+0x1c9/0x350
[  328.198693][T19741]  splice_direct_to_actor+0x592/0x680
[  328.198786][T19741]  ? __pfx_direct_splice_actor+0x10/0x10
[  328.198824][T19741]  ? selinux_file_permission+0x2f0/0x320
[  328.198850][T19741]  do_splice_direct+0xda/0x150
[  328.198891][T19741]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  328.198926][T19741]  do_sendfile+0x380/0x650
[  328.198955][T19741]  __x64_sys_sendfile64+0x105/0x150
[  328.199054][T19741]  x64_sys_call+0xb39/0x2fb0
[  328.199075][T19741]  do_syscall_64+0xd2/0x200
[  328.199168][T19741]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  328.199212][T19741]  ? clear_bhb_loop+0x40/0x90
[  328.199270][T19741]  ? clear_bhb_loop+0x40/0x90
[  328.199326][T19741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.199353][T19741] RIP: 0033:0x7f78df61e929
[  328.199372][T19741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.199466][T19741] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  328.199490][T19741] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  328.199506][T19741] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  328.199522][T19741] RBP: 00007f78ddc87090 R08: 0000000000000000 R09: 0000000000000000
[  328.199533][T19741] R10: 7fffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  328.199545][T19741] R13: 0000000000000000 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  328.199622][T19741]  </TASK>
[  328.491532][T19745] FAULT_INJECTION: forcing a failure.
[  328.491532][T19745] name failslab, interval 1, probability 0, space 0, times 0
[  328.504285][T19745] CPU: 0 UID: 0 PID: 19745 Comm: syz.1.5836 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  328.504339][T19745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  328.504356][T19745] Call Trace:
[  328.504363][T19745]  <TASK>
[  328.504373][T19745]  __dump_stack+0x1d/0x30
[  328.504399][T19745]  dump_stack_lvl+0xe8/0x140
[  328.504424][T19745]  dump_stack+0x15/0x1b
[  328.504529][T19745]  should_fail_ex+0x265/0x280
[  328.504568][T19745]  should_failslab+0x8c/0xb0
[  328.504597][T19745]  __kvmalloc_node_noprof+0x123/0x4e0
[  328.504684][T19745]  ? alloc_netdev_mqs+0x73f/0xab0
[  328.504793][T19745]  alloc_netdev_mqs+0x73f/0xab0
[  328.504832][T19745]  rtnl_create_link+0x239/0x710
[  328.504875][T19745]  rtnl_newlink_create+0x14c/0x620
[  328.504923][T19745]  ? security_capable+0x83/0x90
[  328.504951][T19745]  ? netlink_ns_capable+0x86/0xa0
[  328.504990][T19745]  rtnl_newlink+0xf29/0x12d0
[  328.505028][T19745]  ? __skb_clone+0x2a6/0x2d0
[  328.505101][T19745]  ? __rcu_read_unlock+0x34/0x70
[  328.505123][T19745]  ? __memcg_slab_free_hook+0x135/0x230
[  328.505224][T19745]  ? __kfree_skb+0x109/0x150
[  328.505263][T19745]  ? __rcu_read_unlock+0x4f/0x70
[  328.505290][T19745]  ? avc_has_perm_noaudit+0x1b1/0x200
[  328.505326][T19745]  ? selinux_capable+0x1f9/0x270
[  328.505361][T19745]  ? security_capable+0x83/0x90
[  328.505431][T19745]  ? ns_capable+0x7d/0xb0
[  328.505454][T19745]  ? __pfx_rtnl_newlink+0x10/0x10
[  328.505483][T19745]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  328.505558][T19745]  netlink_rcv_skb+0x120/0x220
[  328.505589][T19745]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  328.505621][T19745]  rtnetlink_rcv+0x1c/0x30
[  328.505642][T19745]  netlink_unicast+0x59e/0x670
[  328.505719][T19745]  netlink_sendmsg+0x58b/0x6b0
[  328.505788][T19745]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.505811][T19745]  __sock_sendmsg+0x145/0x180
[  328.505837][T19745]  ____sys_sendmsg+0x31e/0x4e0
[  328.505899][T19745]  ___sys_sendmsg+0x17b/0x1d0
[  328.505960][T19745]  __x64_sys_sendmsg+0xd4/0x160
[  328.506008][T19745]  x64_sys_call+0x2999/0x2fb0
[  328.506102][T19745]  do_syscall_64+0xd2/0x200
[  328.506126][T19745]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  328.506169][T19745]  ? clear_bhb_loop+0x40/0x90
[  328.506192][T19745]  ? clear_bhb_loop+0x40/0x90
[  328.506237][T19745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.506265][T19745] RIP: 0033:0x7f78df61e929
[  328.506284][T19745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.506305][T19745] RSP: 002b:00007f78ddc87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.506324][T19745] RAX: ffffffffffffffda RBX: 00007f78df845fa0 RCX: 00007f78df61e929
[  328.506360][T19745] RDX: 0000000000008044 RSI: 0000200000000440 RDI: 0000000000000008
[  328.506388][T19745] RBP: 00007f78ddc87090 R08: 0000000000000000 R09: 0000000000000000
[  328.506404][T19745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.506419][T19745] R13: 0000000000000000 R14: 00007f78df845fa0 R15: 00007ffda96ed018
[  328.506438][T19745]  </TASK>
[  328.864094][   T29] kauditd_printk_skb: 363 callbacks suppressed
[  328.864113][   T29] audit: type=1326 audit(2000000287.400:51099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  328.894020][   T29] audit: type=1326 audit(2000000287.400:51100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  328.917642][   T29] audit: type=1326 audit(2000000287.400:51101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  328.941375][   T29] audit: type=1326 audit(2000000287.400:51102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  328.963707][T19755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19755 comm=syz.7.5838
[  328.965148][   T29] audit: type=1326 audit(2000000287.400:51103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.001217][   T29] audit: type=1326 audit(2000000287.400:51104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.024887][   T29] audit: type=1326 audit(2000000287.400:51105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.048651][   T29] audit: type=1326 audit(2000000287.400:51106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.072468][   T29] audit: type=1326 audit(2000000287.400:51107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.096059][   T29] audit: type=1326 audit(2000000287.400:51108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19749 comm="syz.7.5838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  329.123906][T19748] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1549 sclass=netlink_route_socket pid=19748 comm=syz.6.5837
[  329.149928][T11058] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0
[  329.160063][T11058] hid-generic 0000:0000:0000.002F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  329.409183][T19802] netlink: 'syz.1.5857': attribute type 3 has an invalid length.
[  329.539478][T19815] netlink: 'syz.4.5865': attribute type 1 has an invalid length.
[  329.547442][T19815] netlink: 'syz.4.5865': attribute type 2 has an invalid length.
[  329.578041][T19819] netlink: 'syz.7.5867': attribute type 21 has an invalid length.
[  329.604108][T19819] 9pnet_fd: Insufficient options for proto=fd
[  329.987250][T19828] lo speed is unknown, defaulting to 1000
[  329.997533][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.097717][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.113903][T19828] chnl_net:caif_netlink_parms(): no params data found
[  330.304176][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.338786][T19828] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.346059][T19828] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.357184][T19828] bridge_slave_0: entered allmulticast mode
[  330.366558][T19828] bridge_slave_0: entered promiscuous mode
[  330.408175][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.433992][T19828] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.441134][T19828] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.487287][T19828] bridge_slave_1: entered allmulticast mode
[  330.499752][T19828] bridge_slave_1: entered promiscuous mode
[  330.575947][   T51] bridge_slave_1: left allmulticast mode
[  330.581696][   T51] bridge_slave_1: left promiscuous mode
[  330.587543][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.602069][   T51] bridge_slave_0: left allmulticast mode
[  330.607903][   T51] bridge_slave_0: left promiscuous mode
[  330.613775][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.682002][T19861] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19861 comm=syz.6.5878
[  330.726065][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.736203][   T51] bond0 (unregistering): Released all slaves
[  330.747221][T19828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.758289][T19867] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.791287][T19828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.800570][   T51] tipc: Disabling bearer <udp:syz0>
[  330.805879][   T51] tipc: Left network mode
[  330.882175][T19867] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.905807][   T51] hsr_slave_0: left promiscuous mode
[  330.905938][T19884] netlink: 'syz.4.5886': attribute type 1 has an invalid length.
[  330.922233][   T51] hsr_slave_1: left promiscuous mode
[  330.928661][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.936247][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.948380][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.955923][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.969177][   T51] veth1_macvtap: left promiscuous mode
[  330.974799][   T51] veth0_macvtap: left promiscuous mode
[  330.980402][   T51] veth1_vlan: left promiscuous mode
[  330.985766][   T51] veth0_vlan: left promiscuous mode
[  331.062392][   T51] team0 (unregistering): Port device team_slave_1 removed
[  331.073566][   T51] team0 (unregistering): Port device team_slave_0 removed
[  331.125819][T19878] lo speed is unknown, defaulting to 1000
[  331.133928][T19828] team0: Port device team_slave_0 added
[  331.148974][T19867] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.167123][T19828] team0: Port device team_slave_1 added
[  331.198597][T19828] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.205735][T19828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.232398][T19828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.327144][T19828] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.334656][T19828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.361578][T19828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.588794][T19867] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.619034][T19905] netlink: 'syz.6.5892': attribute type 4 has an invalid length.
[  331.719667][T19910] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=19910 comm=syz.4.5891
[  331.788603][T19828] hsr_slave_0: entered promiscuous mode
[  331.795121][T19828] hsr_slave_1: entered promiscuous mode
[  331.801363][T19828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  331.808997][T19828] Cannot create hsr debugfs directory
[  331.946615][T19867] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.966470][T19867] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.978277][T19867] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.995202][T19867] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.709668][T19828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  332.719003][T19828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  332.729463][T19828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  332.741572][T19828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  332.810335][T19828] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.832179][T19940] __nla_validate_parse: 8 callbacks suppressed
[  332.832197][T19940] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5900'.
[  332.847608][T19940] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5900'.
[  332.919950][T19828] 8021q: adding VLAN 0 to HW filter on device team0
[  332.959937][ T3419] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.967203][ T3419] bridge0: port 1(bridge_slave_0) entered forwarding state
[  333.006915][T19828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  333.017479][T19828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  333.037022][ T3419] bridge0: port 2(bridge_slave_1) entered blocking state
[  333.044161][ T3419] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.078954][T19952] netlink: 'syz.6.5906': attribute type 4 has an invalid length.
[  333.122951][T19828] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.199244][T19828] veth0_vlan: entered promiscuous mode
[  333.210804][T19828] veth1_vlan: entered promiscuous mode
[  333.244193][T19828] veth0_macvtap: entered promiscuous mode
[  333.253733][T19828] veth1_macvtap: entered promiscuous mode
[  333.280832][T19828] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.304143][T19828] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.340228][T19828] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.349227][T19828] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.358035][T19828] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.367007][T19828] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.466235][T19991] FAULT_INJECTION: forcing a failure.
[  333.466235][T19991] name failslab, interval 1, probability 0, space 0, times 0
[  333.479043][T19991] CPU: 1 UID: 0 PID: 19991 Comm: syz.0.5868 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  333.479143][T19991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.479157][T19991] Call Trace:
[  333.479164][T19991]  <TASK>
[  333.479172][T19991]  __dump_stack+0x1d/0x30
[  333.479194][T19991]  dump_stack_lvl+0xe8/0x140
[  333.479214][T19991]  dump_stack+0x15/0x1b
[  333.479311][T19991]  should_fail_ex+0x265/0x280
[  333.479351][T19991]  should_failslab+0x8c/0xb0
[  333.479381][T19991]  kmem_cache_alloc_node_noprof+0x57/0x320
[  333.479409][T19991]  ? __alloc_skb+0x101/0x320
[  333.479502][T19991]  __alloc_skb+0x101/0x320
[  333.479532][T19991]  __pskb_copy_fclone+0x6c/0x750
[  333.479558][T19991]  ? kmalloc_reserve+0x84/0x190
[  333.479676][T19991]  ? _copy_from_iter+0x1bd/0xe40
[  333.479719][T19991]  tipc_msg_reassemble+0xc0/0x280
[  333.479760][T19991]  tipc_mcast_xmit+0xaf/0xcb0
[  333.479843][T19991]  ? tipc_msg_build+0x2fd/0x840
[  333.479886][T19991]  tipc_send_group_bcast+0x5d9/0x6c0
[  333.479916][T19991]  ? __pfx_woken_wake_function+0x10/0x10
[  333.479941][T19991]  __tipc_sendmsg+0x186/0x1b00
[  333.479984][T19991]  ? obj_cgroup_charge_account+0x122/0x1a0
[  333.480027][T19991]  ? __rcu_read_unlock+0x4f/0x70
[  333.480056][T19991]  ? avc_has_perm_noaudit+0x1b1/0x200
[  333.480156][T19991]  ? __rcu_read_unlock+0x4f/0x70
[  333.480181][T19991]  __tipc_sendstream+0xa23/0xb30
[  333.480220][T19991]  ? selinux_socket_sendmsg+0x175/0x1b0
[  333.480365][T19991]  ? _raw_spin_unlock_bh+0x36/0x40
[  333.480398][T19991]  tipc_send_packet+0x65/0x80
[  333.480425][T19991]  ? __pfx_tipc_send_packet+0x10/0x10
[  333.480455][T19991]  __sock_sendmsg+0x145/0x180
[  333.480530][T19991]  ____sys_sendmsg+0x31e/0x4e0
[  333.480575][T19991]  ___sys_sendmsg+0x17b/0x1d0
[  333.480631][T19991]  __x64_sys_sendmsg+0xd4/0x160
[  333.480708][T19991]  x64_sys_call+0x2999/0x2fb0
[  333.480735][T19991]  do_syscall_64+0xd2/0x200
[  333.480780][T19991]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  333.480876][T19991]  ? clear_bhb_loop+0x40/0x90
[  333.480935][T19991]  ? clear_bhb_loop+0x40/0x90
[  333.480959][T19991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.480980][T19991] RIP: 0033:0x7fe0d2afe929
[  333.480997][T19991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.481079][T19991] RSP: 002b:00007fe0d1167038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.481118][T19991] RAX: ffffffffffffffda RBX: 00007fe0d2d25fa0 RCX: 00007fe0d2afe929
[  333.481139][T19991] RDX: 0000000000000020 RSI: 0000200000000400 RDI: 0000000000000005
[  333.481156][T19991] RBP: 00007fe0d1167090 R08: 0000000000000000 R09: 0000000000000000
[  333.481171][T19991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.481188][T19991] R13: 0000000000000000 R14: 00007fe0d2d25fa0 R15: 00007ffe06bdf108
[  333.481214][T19991]  </TASK>
[  333.841460][T19999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5920'.
[  333.867981][T19999] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  333.956303][   T29] kauditd_printk_skb: 842 callbacks suppressed
[  333.956321][   T29] audit: type=1400 audit(2000000292.501:51951): avc:  denied  { read write } for  pid=20000 comm="syz.0.5921" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  333.989616][   T29] audit: type=1400 audit(2000000292.501:51952): avc:  denied  { open } for  pid=20000 comm="syz.0.5921" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  334.046091][   T29] audit: type=1400 audit(2000000292.571:51953): avc:  denied  { ioctl } for  pid=20000 comm="syz.0.5921" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  334.174631][   T29] audit: type=1400 audit(2000000292.721:51954): avc:  denied  { create } for  pid=20021 comm="syz.7.5928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  334.223496][T20024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5929'.
[  334.225042][   T29] audit: type=1326 audit(2000000292.741:51955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.255449][   T29] audit: type=1326 audit(2000000292.741:51956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.278611][   T29] audit: type=1326 audit(2000000292.741:51957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.303685][   T29] audit: type=1326 audit(2000000292.741:51958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.327103][   T29] audit: type=1326 audit(2000000292.741:51959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.350281][   T29] audit: type=1326 audit(2000000292.741:51960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20021 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f741506e929 code=0x7ffc0000
[  334.445352][T20041] netlink: 28 bytes leftover after parsing attributes in process `gtp'.
[  334.455158][T20041] netlink: 204 bytes leftover after parsing attributes in process `gtp'.
[  334.616675][T20050] netlink: 'syz.0.5940': attribute type 29 has an invalid length.
[  334.624721][T20050] netlink: 'syz.0.5940': attribute type 3 has an invalid length.
[  334.632510][T20050] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5940'.
[  334.795891][T20062] netlink: 'syz.0.5944': attribute type 13 has an invalid length.
[  334.825582][T20062] gretap0: refused to change device tx_queue_len
[  334.831999][T20062] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  334.872069][T20061] netlink: 'syz.0.5944': attribute type 10 has an invalid length.
[  334.880044][T20061] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5944'.
[  334.908572][T20061] dummy0: entered promiscuous mode
[  334.918282][T20061] bridge0: port 3(dummy0) entered blocking state
[  334.924763][T20061] bridge0: port 3(dummy0) entered disabled state
[  334.953128][T20061] dummy0: entered allmulticast mode
[  334.959358][T20061] bridge0: port 3(dummy0) entered blocking state
[  334.965783][T20061] bridge0: port 3(dummy0) entered forwarding state
[  335.066670][T20068] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5946'.
[  335.113476][T20071] pim6reg: entered allmulticast mode
[  335.119588][T20071] pim6reg: left allmulticast mode
[  335.130151][T20072] netlink: 'syz.0.5947': attribute type 3 has an invalid length.
[  335.337095][T20082] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=20082 comm=syz.0.5953
[  335.619327][T20099] block device autoloading is deprecated and will be removed.
[  335.873618][T20107] FAULT_INJECTION: forcing a failure.
[  335.873618][T20107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.886793][T20107] CPU: 1 UID: 0 PID: 20107 Comm: syz.0.5961 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  335.886880][T20107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  335.886893][T20107] Call Trace:
[  335.886901][T20107]  <TASK>
[  335.886910][T20107]  __dump_stack+0x1d/0x30
[  335.886942][T20107]  dump_stack_lvl+0xe8/0x140
[  335.887041][T20107]  dump_stack+0x15/0x1b
[  335.887124][T20107]  should_fail_ex+0x265/0x280
[  335.887165][T20107]  should_fail+0xb/0x20
[  335.887273][T20107]  should_fail_usercopy+0x1a/0x20
[  335.887323][T20107]  _copy_from_user+0x1c/0xb0
[  335.887351][T20107]  __se_sys_mount+0x10d/0x2e0
[  335.887374][T20107]  ? fput+0x8f/0xc0
[  335.887406][T20107]  ? ksys_write+0x192/0x1a0
[  335.887496][T20107]  __x64_sys_mount+0x67/0x80
[  335.887527][T20107]  x64_sys_call+0xd36/0x2fb0
[  335.887555][T20107]  do_syscall_64+0xd2/0x200
[  335.887579][T20107]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  335.887649][T20107]  ? clear_bhb_loop+0x40/0x90
[  335.887722][T20107]  ? clear_bhb_loop+0x40/0x90
[  335.887747][T20107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.887771][T20107] RIP: 0033:0x7fe0d2afe929
[  335.887791][T20107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.887813][T20107] RSP: 002b:00007fe0d1167038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  335.887873][T20107] RAX: ffffffffffffffda RBX: 00007fe0d2d25fa0 RCX: 00007fe0d2afe929
[  335.887890][T20107] RDX: 0000200000000240 RSI: 0000200000000200 RDI: 0000000000000000
[  335.887906][T20107] RBP: 00007fe0d1167090 R08: 0000200000000400 R09: 0000000000000000
[  335.887922][T20107] R10: 000000000021004a R11: 0000000000000246 R12: 0000000000000001
[  335.887938][T20107] R13: 0000000000000000 R14: 00007fe0d2d25fa0 R15: 00007ffe06bdf108
[  335.887961][T20107]  </TASK>
[  336.116061][T20109] pim6reg: entered allmulticast mode
[  336.128629][T20109] pim6reg: left allmulticast mode
[  337.061784][T20145] netlink: 'syz.7.5978': attribute type 4 has an invalid length.
[  337.106580][ T3515] lo speed is unknown, defaulting to 1000
[  337.112460][ T3515] syz0: Port: 1 Link DOWN
[  337.360989][T20163] syzkaller1: entered promiscuous mode
[  337.366807][T20163] syzkaller1: entered allmulticast mode
[  337.503047][T20170] loop0: detected capacity change from 0 to 512
[  337.510131][T20170] /dev/loop0: Can't open blockdev
[  337.704952][T20176] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=20176 comm=syz.7.5990
[  337.880490][T20182] No source specified
[  337.885980][T20182] __nla_validate_parse: 10 callbacks suppressed
[  337.885996][T20182] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5991'.
[  338.179454][T20198] pim6reg: entered allmulticast mode
[  338.185956][T20194] netlink: 'syz.7.5996': attribute type 4 has an invalid length.
[  338.213035][T20198] pim6reg: left allmulticast mode
[  338.315424][T20210] bridge0: port 4(batadv1) entered blocking state
[  338.321989][T20210] bridge0: port 4(batadv1) entered disabled state
[  338.349648][T20210] batadv1: entered allmulticast mode
[  338.357462][T20210] batadv1: entered promiscuous mode
[  338.430097][T20228] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6006'.
[  338.439415][T20218] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6006'.
[  338.465565][T20227] lo speed is unknown, defaulting to 1000
[  338.480035][T20229] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6010'.
[  338.567435][T20235] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6013'.
[  338.576763][T20235] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6013'.
[  338.765023][T20250] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20250 comm=syz.1.6019
[  338.818618][T11044] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[  338.826868][T11044] hid-generic 0000:0000:0000.0030: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  338.837302][   T31] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  338.846681][   T31] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  338.865558][T20254] lo speed is unknown, defaulting to 1000
[  338.910209][T20255] netlink: 'syz.1.6020': attribute type 16 has an invalid length.
[  338.918162][T20255] netlink: 'syz.1.6020': attribute type 17 has an invalid length.
[  338.959977][T20255] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  338.988899][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  338.988919][   T29] audit: type=1400 audit(2000000297.531:52196): avc:  denied  { create } for  pid=20253 comm="syz.1.6020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  339.042165][T20259] gtp0: entered promiscuous mode
[  339.045577][   T29] audit: type=1400 audit(2000000297.561:52197): avc:  denied  { read } for  pid=20253 comm="syz.1.6020" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  339.047285][T20259] gtp0: entered allmulticast mode
[  339.070869][   T29] audit: type=1400 audit(2000000297.561:52198): avc:  denied  { open } for  pid=20253 comm="syz.1.6020" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  339.084017][T20259] 9pnet_fd: Insufficient options for proto=fd
[  339.099849][   T29] audit: type=1400 audit(2000000297.561:52199): avc:  denied  { ioctl } for  pid=20253 comm="syz.1.6020" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  339.140834][T20254] lo speed is unknown, defaulting to 1000
[  339.215469][   T29] audit: type=1400 audit(2000000297.631:52200): avc:  denied  { mounton } for  pid=20258 comm="syz.7.6024" path="/187/file1" dev="tmpfs" ino=1007 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  339.295030][   T29] audit: type=1400 audit(2000000297.841:52201): avc:  denied  { write } for  pid=20272 comm="syz.6.6030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  339.360822][T11058] hid-generic 0000:0000:0000.0031: unknown main item tag 0x0
[  339.369840][T11058] hid-generic 0000:0000:0000.0031: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  339.410569][T20287] pim6reg: entered allmulticast mode
[  339.423790][T20287] pim6reg: left allmulticast mode
[  339.468858][T20291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6037'.
[  339.566241][T20309] netlink: 60 bytes leftover after parsing attributes in process `syz.6.6041'.
[  339.576009][T20302] netlink: 60 bytes leftover after parsing attributes in process `syz.6.6041'.
[  339.650091][T11058] hid-generic 0000:0000:0000.0032: unknown main item tag 0x0
[  339.661491][T11058] hid-generic 0000:0000:0000.0032: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  339.677062][T20321] tipc: Started in network mode
[  339.682053][T20321] tipc: Node identity ac14140f, cluster identity 4711
[  339.691314][T20321] tipc: New replicast peer: 255.255.255.255
[  339.697815][T20321] tipc: Enabled bearer <udp:syz2>, priority 10
[  339.722612][   T29] audit: type=1400 audit(2000000298.261:52202): avc:  denied  { create } for  pid=20305 comm="syz.4.6043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  339.742962][   T29] audit: type=1326 audit(2000000298.261:52203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20305 comm="syz.4.6043" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x0
[  339.827016][   T29] audit: type=1400 audit(2000000298.321:52204): avc:  denied  { connect } for  pid=20305 comm="syz.4.6043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  339.847346][   T29] audit: type=1326 audit(2000000298.361:52205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20327 comm="syz.4.6052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfaebce929 code=0x7ffc0000
[  339.944260][T20335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=20335 comm=syz.4.6052
[  340.126887][T20349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6059'.
[  340.211746][T20359] ==================================================================
[  340.219924][T20359] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[  340.227533][T20359] 
[  340.229911][T20359] write to 0xffff8881065f5a10 of 8 bytes by task 20357 on cpu 0:
[  340.237645][T20359]  mas_wr_store_entry+0x1581/0x2b50
[  340.242878][T20359]  mas_store_prealloc+0x74d/0x9e0
[  340.247936][T20359]  commit_merge+0x6a5/0x730
[  340.252460][T20359]  vma_expand+0x1d0/0x370
[  340.256811][T20359]  vma_merge_new_range+0x296/0x310
[  340.261950][T20359]  mmap_region+0x9fa/0x1580
[  340.266479][T20359]  do_mmap+0x9b3/0xbe0
[  340.270671][T20359]  vm_mmap_pgoff+0x17a/0x2e0
[  340.275291][T20359]  ksys_mmap_pgoff+0xc2/0x310
[  340.280006][T20359]  x64_sys_call+0x1602/0x2fb0
[  340.284706][T20359]  do_syscall_64+0xd2/0x200
[  340.289228][T20359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.295144][T20359] 
[  340.297481][T20359] read to 0xffff8881065f5a10 of 8 bytes by task 20359 on cpu 1:
[  340.305129][T20359]  mas_state_walk+0x2f5/0x650
[  340.309839][T20359]  mas_walk+0x30/0x120
[  340.313935][T20359]  lock_vma_under_rcu+0xa2/0x2f0
[  340.318904][T20359]  do_user_addr_fault+0x233/0x1090
[  340.324068][T20359]  exc_page_fault+0x62/0xa0
[  340.328604][T20359]  asm_exc_page_fault+0x26/0x30
[  340.333470][T20359] 
[  340.335803][T20359] value changed: 0x00007f7413695fff -> 0x00007f7413674fff
[  340.342920][T20359] 
[  340.345264][T20359] Reported by Kernel Concurrency Sanitizer on:
[  340.351431][T20359] CPU: 1 UID: 0 PID: 20359 Comm: syz.7.6063 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  340.363950][T20359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  340.374026][T20359] ==================================================================
[  340.802657][T11058] tipc: Node number set to 2886997007