last executing test programs:

2.574650453s ago: executing program 1 (id=10651):
bpf$PROG_LOAD(0x5, 0x0, 0x9)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x28000600)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000)=0x2, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="01005ee1fadefcdbdf250100000008000100", @ANYRES32, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004"], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
socket$inet_sctp(0x2, 0x5, 0x84)

2.530474033s ago: executing program 1 (id=10653):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
recvmsg$unix(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/243, 0xfffffed7}], 0x1}, 0x0)

2.509893524s ago: executing program 1 (id=10654):
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000000480)={0x0, 0x1568, 0x10000, 0x2, 0x264}, &(0x7f0000000040), &(0x7f00000000c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000740)='btrfs_find_cluster\x00', r1}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
move_mount(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r4=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000280)={@remote, r4}, 0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, r4, {0x7, 0x11}, {0x8, 0x6}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x24008804)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000100)={[{@grpid}, {@auto_da_alloc}, {@lazytime}, {@journal_dev={'journal_dev', 0x3d, 0x6}}]}, 0x3, 0x4d4, &(0x7f0000000180)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpiuJN4NDEejTdNvOrRePIPwIMHE0NCDBfA05jZnWm3291ttz8p+/kk232e2WfmeZ6ZeWaffZ7OBNCzhrI/ScT/IuJORDxVjy5MMFR/e3j/+sSj+9cnYjZNz/yT1NI9yOK5Yr2deWS4FFH6MmnaYN301WsXxqvVqSt5fHTm4mej01evvX7+4vi5qXNTl8ZOnTpx/NjJN8fe6L5SLfLL6vVg/xeXD+x79+zt9yfKxfKB/L2xHm2VuyvGUIfPXuluU4+9XQ3hZPF+urGhhWHZBvLTupK1/+vVw2c3u0DAhknTNO1v//Fs2uzmoiXAlpXEZpcA2BzFF332+7d4bVDX47Fw73T9B1BW74f5q/5JOUp5mkrT79u1NBQRH8/++032ik7jEH+uUwEAgJ7zy+miJ9jc/yvF3oZ0/8/nUAYj4umI2B0Rz0TEnoh4NqKW9rmIeL45gyQi7ZD/nqb4fP4/5rMIpburrmQHWf/vrXxua2H/r+j9xWBfHtsVUXSYp47m+2Q4Kv2fnK9OHWuz/W1L5N/Y/8teWf5FXzAvx91y0wDd5PjM+Mpqu9i9mxH7y831T8rZgSumcZKI2BcR+7vY7mBD+Pxr3x2Yi1Ty96/rb0vXvyZtMaXX9XxcK+m3Ea/Wj/9sNB7/ZD7HpPP85OhAVKeOjmZnwdGWefz2+60P2uW/ZP1/+qt5lXdO/nxm1fUuZMd/R8P5H8X87fwk6mASkczN105HpH3d5XHrj/YrrPT835Z8VAsX7evz8ZmZK8citiXvLV4+Nr9uES/SZ/UfPtK6/e/O18n2xAsRkZ3EL0bESxFxMC/7oYg4HBFHOtT/17df/nTl9V9fWf0nW17/Fhz/+fn6ZQaKlbMlfRcO3XnU5uKxvON/ohYazpe0vv4lCy4Ryy3p6vYeAAAAbA2lqP3vf2lkLlwqjYzUx4D2xI5S9fL0zMGIuDRZv0dgMCqlYqSrPh5cSYrxz8GG+FhT/Hg+bvxV3/ZafGTicnVysysPPW5nrc0ni9p/5u8ux3mBLWgN5tGALWqp9r/39gYVBNhwvv+hdzW0/9k2SWb9pww8mXz/Q+9q1f5vxPcd711wzYCtL9WWoadp/9C7yvHhXLh223PLu22BJ5Hvf+hJ3d7Xv5xA8biGaxfS/tZpBqLFEwMG1rgYeWB7i7w2JZD1rNZwg5WIWF7i7SvJougCtn/CQ6m7DfbH4o/6otNaSRfPcSgC2V5ZMvG5vWt+8hfPRFnr0+aH+XZaaTgW5aWOzuoDG3oZAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWDf/BQAA//8mic8a")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2010800, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000038000000380000000300000001000000000000010000000000000000000000000000000105000000100000000000000000000003000000000100000002"], 0x0, 0x53}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r6, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001000)={&(0x7f0000000140)='kmem_cache_free\x00', r7, 0x0, 0x2}, 0x18)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000640)=ANY=[], 0x1000f)
open_by_handle_at(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="080000dfb9b2aaf515a16e776021111c00020000000c00000005000000"], 0x36e8476f)
io_uring_enter(r0, 0x29ab, 0xd480, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)

1.650505579s ago: executing program 1 (id=10661):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], 0x0}, 0x94)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRESOCT], 0x38}}, 0x0)

1.56252564s ago: executing program 2 (id=10662):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r2, &(0x7f0000002140)={0xa, 0x4e25, 0x9, @mcast2, 0x7}, 0x1c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x88, 0x2c, 0xd27, 0x3, 0x0, {0x0, 0x0, 0x0, r6, {0xfffa, 0x5}, {}, {0x1c, 0xb}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x1, 0x7, 0xfc, 0x3}, 0xb}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x4000000)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet6(r2, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4008080)
sendmmsg$inet6(r2, &(0x7f0000007140)=[{{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000fc0)="326d1f58f8c8f6a312b6fc80780f3869784f22e42274e7e3204a668cd40db286192e16ec7298fdc236886c2ee0a7580efb8bd2ecd14a6480e2d5856181794c82b0fd2f495c34bf1810ab79bbaed6702f23064296460efb721d3cf06338a8ca4ee05f40a6b9a9369ff21996d6a87d2e23ba669cf11be43073b7ab9f18f16c6121079104b989b47340e459faba555f727d11bf", 0x92}], 0x1}}], 0x1, 0x1)

1.53664094s ago: executing program 2 (id=10663):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], 0x0}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x8000, 0x4, 0xe6}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, 0x0)
io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x9, 0x2000010e, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000007c0)={0x4, &(0x7f0000000780)=[{0x1, 0xd0, 0xfc, 0x5}, {0x0, 0x7, 0xff, 0xa}, {0x0, 0x3, 0x7, 0xfff}, {0x7, 0x3, 0xb, 0x6}]})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={r0, 0x20, &(0x7f0000000040)={&(0x7f0000000f80)=""/4096, 0x1000, 0x0, &(0x7f00000004c0)=""/136, 0x88}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', <r5=>0x0, 0x2f, 0x92, 0x7, 0x6, 0x5c, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x1, 0x5, 0x7}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, '\x00', r5}, 0x94)
io_uring_setup(0x1edd, &(0x7f0000000700)={0x0, 0x98e0, 0x8, 0x1, 0x159, 0x0, r0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x6, 0x1000)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000005e002200850000006d00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10)
write$selinux_access(r7, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x56)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)=r11}, 0x20)

1.293625661s ago: executing program 4 (id=10664):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0) (fail_nth: 1)

1.072396003s ago: executing program 3 (id=10665):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
recvmsg$unix(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/243, 0xfffffed7}], 0x1}, 0x0)

1.057368733s ago: executing program 4 (id=10666):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, 0x0, 0x0)

1.056689363s ago: executing program 3 (id=10667):
r0 = socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={0x0}}, 0x6048800)

1.009340033s ago: executing program 4 (id=10668):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="02030003130000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af05000600000000000a004e2400000004ff010000000000000000000000000001000000000000000002000100000000000000070c0100000005000500000000000a004e2400000009000000000000000000000000000000000600000000002000020013"], 0x98}, 0x1, 0x7}, 0x0)

1.008775943s ago: executing program 3 (id=10669):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
close(r0)

978.522523ms ago: executing program 0 (id=10670):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, 0x0, 0x0}, 0x94)
close(0xffffffffffffffff)
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89e0, 0x0)
r1 = open(0x0, 0x101980, 0x108)
syz_open_procfs(0x0, &(0x7f0000000300)='net/tcp\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r3 = syz_io_uring_setup(0x4e4c, &(0x7f0000000400)={0x0, 0xcdc2, 0x0, 0x3, 0x288}, &(0x7f0000000380)=<r4=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r3, 0x3516, 0xddd3, 0x4, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0300000000000000b703000000020000850000000cb9d1e9aef51d1fed000000b7000000000000008510000002000000180000000000000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x121101, 0x0)
r9 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r9)

968.976903ms ago: executing program 4 (id=10671):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc0000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0014000004000000000000000000000000000000000000000000b13a"], 0x50)

866.906664ms ago: executing program 4 (id=10672):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
syz_clone(0x82114800, &(0x7f0000000240)="de381f707ebb3264e946bdef42977821dcc6b08f490104899e38b7efce2b8fa8274fdc1796b1b84c0dfa4425e097fd141640184433734c5b71b17c346a8ee3db69151cdf34ee7f960cb69ded332e471b9f417dc82efc20b4eaff42e42e8a3e41651f283375281b638131d841cb46", 0x6e, &(0x7f00000000c0), &(0x7f00000002c0), &(0x7f0000000340)="03adf97728d3b3936e185109a49760f4bddc6e4ecdf1f4b7794a2e960f03016bbfaa195ffb6662191ba1a442773b0dd601812cb75e699253e391b7a2235339a721c02281f2f65697e524")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001", @ANYRES32=0x0], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
unshare(0x64000680)

865.070964ms ago: executing program 3 (id=10673):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe)
rt_sigsuspend(&(0x7f0000000000)={[0x2]}, 0x8)

786.091835ms ago: executing program 1 (id=10674):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, 0x0, 0x0}, 0x94)
close(0xffffffffffffffff)
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89e0, 0x0)
r1 = open(0x0, 0x101980, 0x108)
syz_open_procfs(0x0, &(0x7f0000000300)='net/tcp\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
r3 = syz_io_uring_setup(0x4e4c, &(0x7f0000000400)={0x0, 0xcdc2, 0x0, 0x3, 0x288}, &(0x7f0000000380)=<r4=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r3, 0x3516, 0xddd3, 0x4, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1807000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0300000000000000b703000000020000850000000cb9d1e9aef51d1fed000000b7000000000000008510000002000000180000000000000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x121101, 0x0)
r9 = ioctl$LOOP_CTL_GET_FREE(r8, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r9)

747.491275ms ago: executing program 0 (id=10675):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
fcntl$setstatus(r1, 0x4, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x468, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x5ec888eb7598db49}, @TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x1, 0x8, 0x2, 0xff, 0x7}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x9}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x4, 0x2, 0x8, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x8, 0x255, 0x6, 0xa, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0x2, 0x200, 0x1, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x1, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0xe, 0x80, 0x90000000, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf5, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x9, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0x7, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x3, 0x1, 0x8762, 0x8e, 0x5, 0xfffff76b, 0x0, 0x4, 0x4275c4e9, 0x8, 0x5, 0x800, 0x0, 0x955, 0x5, 0x3ff, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x2, 0x18ce, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffff8000, 0x5, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x0, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x9, 0x1, 0x5, 0x283, 0x1ff, 0x4, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff8, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x4, 0x62cc, 0x2, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x800, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xffffffff, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0xe, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49b, 0x9, 0xffffffff, 0xffff, 0xdf3b, 0xfffffffb, 0x6, 0xfffffeff, 0x8dc3, 0x20000001, 0x5, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x40, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x468}}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000840)={&(0x7f0000000280)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, 0x0, 0x0, &(0x7f0000000800)=""/53, 0x35}, 0x40000000)
sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0xfffd, @rand_addr=0x64010101}, 0x10, 0x0}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)

533.320016ms ago: executing program 0 (id=10676):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = syz_io_uring_setup(0x8d3, &(0x7f0000000140)={0x0, 0x49be, 0x1, 0xfffffffe, 0x8069}, 0x0, &(0x7f0000000280))
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000880)={'gre0\x00', <r8=>0x0, 0xf820, 0x8000, 0x4, 0x0, {{0x5, 0x4, 0x2, 0x38, 0x14, 0x64, 0x0, 0x3, 0x4, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r9}, 0x9)
io_uring_enter(r7, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200c0}, 0x40)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
io_uring_setup(0x3ff, &(0x7f0000000580)={0x0, 0x4008267, 0x40, 0x8000000, 0x374})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r11, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b90703600000f007049e0ff086dd", 0x0, 0x104, 0xa000000, 0x29, 0x0, &(0x7f0000000640)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999", 0x0}, 0x34)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x4c}}, 0x0)

481.122597ms ago: executing program 2 (id=10677):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000280)=ANY=[], 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000ac0)={0x7, 0x6, 0x0, 'queue0\x00', 0xffffffff})
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600"/147], 0x10c}}, 0x804)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r4, 0x28, 0x2, &(0x7f0000000140)=0x8, 0x8)
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000dc0))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x183, 0x200000000000d6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r6, 0x80045505, &(0x7f0000000000)=0x1)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x4, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x20000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x30d8c7bc, 0x8}, 0x0, 0x800000000000000, 0xfffffffc, 0x0, 0x7, 0x0, 0x2, 0x0, 0x6, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x2}, 0x18)
syz_genetlink_get_family_id$gtp(&(0x7f0000000a00), r4)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x500, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

228.527728ms ago: executing program 1 (id=10678):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[], 0x0}, 0x94)
socket$inet6(0xa, 0x1, 0x0)
r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xf96d, 0x8000, 0x4, 0xe6}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, 0x0)
io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[], 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x9, 0x2000010e, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000007c0)={0x4, &(0x7f0000000780)=[{0x1, 0xd0, 0xfc, 0x5}, {0x0, 0x7, 0xff, 0xa}, {0x0, 0x3, 0x7, 0xfff}, {0x7, 0x3, 0xb, 0x6}]})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={r0, 0x20, &(0x7f0000000040)={&(0x7f0000000f80)=""/4096, 0x1000, 0x0, &(0x7f00000004c0)=""/136, 0x88}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6_vti0\x00', <r5=>0x0, 0x2f, 0x92, 0x7, 0x6, 0x5c, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x1, 0x5, 0x7}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, '\x00', r5}, 0x94)
io_uring_setup(0x1edd, &(0x7f0000000700)={0x0, 0x98e0, 0x8, 0x1, 0x159, 0x0, r0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x6, 0x1000)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0x10)
write$selinux_access(r7, &(0x7f00000000c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723ae6ffffffffffffff3a73302030"], 0x56)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f0000000580), &(0x7f00000005c0)=r10}, 0x20)

224.704578ms ago: executing program 0 (id=10679):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, 0x0, 0x0)

197.868769ms ago: executing program 0 (id=10680):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r2 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0xc895}, 0x4000000)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1018, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x40000008, 0x6}, 0x0, 0x10000, 0x0, 0x7, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r4], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=@newqdisc={0x64, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x38, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x31223a1a15cd58ab}]}}]}, 0x64}}, 0x44080)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SIOCX25SDTEFACILITIES(r7, 0x89eb, &(0x7f0000000480)={0x5, 0xdf5c, 0x1000, 0x8, 0x3, 0x21, 0x1e, "b9a7f9e7d73c0a405ab838ffc6cb16d331dc7053", "09e49a9d90e19a02d14c84925a54ca8e0376e742"})
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r11=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r10, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ee, @empty, 0x1}, {0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x37}, 0x108}, r11, 0xb}}, 0x48)

196.784339ms ago: executing program 2 (id=10681):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000005000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)

139.961179ms ago: executing program 2 (id=10682):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'geneve0\x00', {0x2, 0x0, @initdev}})
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400060000120800040043000000a80016000a000140061e0d3f036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1, 0x0, 0x0, 0xc3ff}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0xa5, 0x7, 0x7ffc0001}]})
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000001d00), 0x1, 0x0)
pwritev(r3, 0x0, 0x0, 0xd, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f00000018c0)=ANY=[@ANYBLOB="000000004c90020052feffff0300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002a41"])
connect$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10)

139.137669ms ago: executing program 0 (id=10683):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000280)=ANY=[], 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000ac0)={0x7, 0x6, 0x0, 'queue0\x00', 0xffffffff})
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f000000000000000000"], 0x10c}}, 0x804)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r4, 0x28, 0x2, &(0x7f0000000140)=0x8, 0x8)
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$BTRFS_IOC_INO_LOOKUP(r1, 0xd0009412, &(0x7f0000000dc0))
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x183, 0x200000000000d6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r6, 0x80045505, &(0x7f0000000000)=0x1)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000a40)={0x4, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x20000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x30d8c7bc, 0x8}, 0x0, 0x800000000000000, 0xfffffffc, 0x0, 0x7, 0x0, 0x2, 0x0, 0x6, 0x0, 0x8000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x2}, 0x18)
syz_genetlink_get_family_id$gtp(&(0x7f0000000a00), r4)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x500, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=")
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)

125.030509ms ago: executing program 2 (id=10684):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], 0x0}, 0x94)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r1, 0x4)
recvmmsg(r1, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x40000100, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="020900000700000000000000000000000500", @ANYRESOCT], 0x38}}, 0x0)

19.46173ms ago: executing program 3 (id=10685):
r0 = syz_socket_connect_nvme_tcp()
sendmsg$inet(r0, &(0x7f0000000540)={&(0x7f0000000300)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)="31940be3bc05f96311427d8ff1d6e7986625ae8851e570ff838cee320f5f76625f9a4fc2406253a88dfdc89ca33ee560e7cc126f668405c3819922d3338d5627e8545ea829d18c4f27f2f5e8632c8b8e010a21c747ebfd2351697640c1bf16610dfff7ed278ecf29b98706f64381d54bf071", 0x72}], 0x1, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@rr={0x7, 0xf, 0xde, [@empty, @rand_addr=0x64010100, @loopback]}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x1}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}], 0x70}, 0x8001)
socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'ip_vti0\x00', <r2=>0x0, 0x20, 0x7b6, 0xa, 0x0, {{0xc, 0x4, 0x0, 0x10, 0x30, 0x66, 0x0, 0x0, 0x23, 0x0, @broadcast, @rand_addr=0x64010101, {[@rr={0x7, 0x17, 0x25, [@private=0xa010102, @local, @rand_addr=0x64010102, @broadcast, @private=0xa010101]}, @noop, @end]}}}}})
pipe2$9p(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = dup(r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000a40)={'dummy0\x00'})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRESDEC, @ANYRES16=r7, @ANYBLOB="010000100000000000002a0000000c00018008000100", @ANYRES32=0x0], 0x20}}, 0x40c14)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='kfree\x00', r8}, 0x18)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r9, 0x0, 0xc8, &(0x7f0000000000), 0x4)
setsockopt$inet_int(r9, 0x0, 0x5, &(0x7f0000000080)=0x6, 0x4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}], [], 0x6b}})
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES64=r9, @ANYRES32=r1, @ANYBLOB="720b000000000000000000000000000000000000e99c2123f40d83812df70c0a06bb048c4b24d02121d48c6fa90c9f414e725a7f3e97c44ba2879810df156de0306801e6ea87ca94c7412afa04c1a26550b03aead82776caa09a6fd50cb21e52499420b746c9a08f9720db3a3e2084142e673ebbf723af3275b06c494abe4e75f170dcc020c9982b547ae1b1dd65c234acf80917df53f149b84d821d7ed36eca355cd676d5524c0aca57c96df7fc70276d9c95223bc78189ed577db52810c040a37ea65f4e8fe451111cb07ff8fc7e6c5d34f926e6475606002467fc6316d58e47bee2ecb1dbca0ac194e36b777dd1337b3810fcb2a6b276d11d9b4652a54df0cf0d67a283d3cced24d0c44a0a0f50d7cdbaf23cea222e436b39ea0bac79", @ANYRES32=r2, @ANYRES32=r5, @ANYBLOB="0300000001000000010000000600"/28], 0x50)

253.67µs ago: executing program 4 (id=10686):
bpf$PROG_LOAD(0x5, 0x0, 0x9)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x28000600)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000005c0)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000)=0x2, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16, @ANYBLOB="01005ee1fadefcdbdf250100000008000100", @ANYRES32, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004"], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000000000000114000000110001"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
socket$inet_sctp(0x2, 0x5, 0x84)

0s ago: executing program 3 (id=10687):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0014000004000000000000000000000000000000000000000000b13a"], 0x50)

kernel console output (not intermixed with test programs):

:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.809819][   T29] audit: type=1326 audit(2000000177.219:153620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.833524][   T29] audit: type=1326 audit(2000000177.219:153621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.857257][   T29] audit: type=1326 audit(2000000177.219:153622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.880949][   T29] audit: type=1326 audit(2000000177.219:153623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.904803][   T29] audit: type=1326 audit(2000000177.219:153624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.928561][   T29] audit: type=1326 audit(2000000177.219:153625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.952246][   T29] audit: type=1326 audit(2000000177.219:153626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.975842][   T29] audit: type=1326 audit(2000000177.219:153627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  666.999568][   T29] audit: type=1326 audit(2000000177.219:153628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13026 comm="syz.0.9727" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  667.198953][T13075] 9pnet_fd: Insufficient options for proto=fd
[  667.299180][T13084] bond4: Removing last arp target with arp_interval on
[  667.306568][T13084] bond4: entered allmulticast mode
[  667.312068][T13084] 8021q: adding VLAN 0 to HW filter on device bond4
[  667.322532][T13084] Cannot find del_set index 0 as target
[  667.366860][T13121] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9737'.
[  667.665471][T13173] geneve2: entered promiscuous mode
[  667.693338][T13173] netlink: 140 bytes leftover after parsing attributes in process `syz.4.9743'.
[  667.944102][T13204] hsr_slave_1 (unregistering): left promiscuous mode
[  668.115826][T13247] 8021q: adding VLAN 0 to HW filter on device bond2
[  668.151698][T15320] Bluetooth: hci0: Frame reassembly failed (-84)
[  668.226227][T13295] macvlan2: entered promiscuous mode
[  668.231648][T13295] macvlan2: entered allmulticast mode
[  668.242767][T13295] bond2: entered promiscuous mode
[  668.257945][T13295] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  668.277817][T13295] bond2: left promiscuous mode
[  668.356837][T13304] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.401449][T13304] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.468574][T13311] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  668.476168][T13311] tipc: Disabling bearer <eth:syzkaller0>
[  668.491788][T13304] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.561530][T13304] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.629119][T16567] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  668.642168][T16567] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  668.657907][T16567] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  668.666276][T16567] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  669.203908][T13348] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.9761' sets config #0
[  669.214704][T13348] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.9761' sets config #1
[  669.284250][T13348] netlink: 'syz.4.9761': attribute type 4 has an invalid length.
[  669.323535][T13373] 9pnet_fd: Insufficient options for proto=fd
[  669.641551][T13406] __nla_validate_parse: 7 callbacks suppressed
[  669.641569][T13406] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9764'.
[  669.816199][T13421] netlink: 3 bytes leftover after parsing attributes in process `syz.1.9765'.
[  669.829555][T13421] 0ªX¹¦À: renamed from caif0
[  669.837233][T13421] 0ªX¹¦À: entered allmulticast mode
[  669.842632][T13421] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  669.867146][T13421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=13421 comm=syz.1.9765
[  670.020396][T13450] netlink: 32 bytes leftover after parsing attributes in process `syz.0.9768'.
[  670.033064][T13453] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.9769' sets config #0
[  670.044872][T13453] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.9769' sets config #1
[  670.190063][ T6984] Bluetooth: hci0: command 0x1003 tx timeout
[  670.190072][ T6563] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  670.205089][T13463] netlink: 'syz.2.9769': attribute type 4 has an invalid length.
[  670.308875][T13490] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  670.333388][T13490] netlink: 'syz.2.9773': attribute type 10 has an invalid length.
[  670.341354][T13490] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9773'.
[  670.652982][T13554] netlink: 'syz.2.9779': attribute type 1 has an invalid length.
[  670.670358][T13554] wireguard0: entered promiscuous mode
[  670.675867][T13554] wireguard0: entered allmulticast mode
[  670.698140][T13562] program syz.2.9780 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  670.884170][T13570] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9783'.
[  670.901677][T13570] 8021q: adding VLAN 0 to HW filter on device bond7
[  670.913507][T15320] Bluetooth: hci0: Frame reassembly failed (-84)
[  670.967378][T13606] macvlan2: entered promiscuous mode
[  670.972754][T13606] macvlan2: entered allmulticast mode
[  670.979105][T13606] bond7: entered promiscuous mode
[  670.984512][T13606] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  670.992057][T13606] bond7: left promiscuous mode
[  671.012876][T13612] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.9784' sets config #0
[  671.023095][T13612] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.9784' sets config #1
[  671.090035][T13612] netlink: 'syz.0.9784': attribute type 4 has an invalid length.
[  671.398622][T13650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  671.407766][T13650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  671.931276][T13695] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.9799' sets config #0
[  671.941598][T13695] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.9799' sets config #1
[  672.000278][T13695] netlink: 'syz.0.9799': attribute type 4 has an invalid length.
[  672.017599][   T29] kauditd_printk_skb: 959 callbacks suppressed
[  672.017613][   T29] audit: type=1326 audit(2000000182.429:154588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.3.9786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  672.047556][   T29] audit: type=1326 audit(2000000182.429:154589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13637 comm="syz.3.9786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  672.094695][   T29] audit: type=1400 audit(2000000182.509:154590): avc:  denied  { setopt } for  pid=13720 comm="syz.0.9801" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  672.137494][   T29] audit: type=1400 audit(2000000182.549:154591): avc:  denied  { read } for  pid=13725 comm="syz.0.9803" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  672.159570][   T29] audit: type=1400 audit(2000000182.549:154592): avc:  denied  { open } for  pid=13725 comm="syz.0.9803" path="net:[4026532516]" dev="nsfs" ino=4026532516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  672.165940][T13729] program syz.3.9804 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  672.183258][   T29] audit: type=1326 audit(2000000182.569:154593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13674 comm="syz.4.9792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  672.216252][   T29] audit: type=1326 audit(2000000182.569:154594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13674 comm="syz.4.9792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  672.244040][   T29] audit: type=1400 audit(2000000182.659:154595): avc:  denied  { write } for  pid=13725 comm="syz.0.9803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  672.411334][T13769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9805'.
[  672.422330][   T29] audit: type=1400 audit(2000000182.849:154596): avc:  denied  { search } for  pid=13732 comm="syz.4.9805" name="/" dev="configfs" ino=2066 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  672.445322][   T29] audit: type=1400 audit(2000000182.849:154597): avc:  denied  { setattr } for  pid=13732 comm="syz.4.9805" name="/" dev="configfs" ino=2066 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  672.740767][T13795] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.750765][T13795] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.989998][ T6984] Bluetooth: hci0: command 0x1003 tx timeout
[  672.996058][ T6563] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  673.055157][T13807] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9812' sets config #0
[  673.070503][T13807] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9812' sets config #1
[  673.217416][T13808] netlink: 'syz.3.9812': attribute type 4 has an invalid length.
[  673.266917][T13832] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  673.304311][T13832] netlink: 'syz.4.9813': attribute type 10 has an invalid length.
[  673.312268][T13832] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9813'.
[  673.383616][T13874] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  673.432472][T13874] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  673.492882][T13886] program syz.4.9822 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  673.511429][T13874] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  673.561621][T13874] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  673.625439][   T52] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  673.636545][   T52] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  673.647420][   T52] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  673.658891][   T52] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  673.810833][T13925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9823'.
[  674.585110][T13961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  674.593729][T13961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  674.658679][T13998] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.695773][T14006] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.721364][T13998] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.771262][T14006] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.802792][T14014] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  674.810800][T14014] tipc: Disabling bearer <eth:syzkaller0>
[  674.821583][T13998] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.861685][T14006] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.911258][T13998] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.941311][T14006] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  674.966077][   T52] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.977609][   T52] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.989106][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.000797][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.182583][T14067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9845'.
[  675.200257][T14072] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.243856][T14072] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.293173][T14072] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.356063][T14072] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  675.411533][T16567] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  675.426017][T16545] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  675.443058][T16545] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.459966][T16545] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.576126][T14107] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9856'.
[  675.585146][T14107] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9856'.
[  675.829528][T14109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.838601][T14109] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  676.089702][T14119] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9860'.
[  676.105231][T14119] 8021q: adding VLAN 0 to HW filter on device bond8
[  676.116780][T16567] Bluetooth: hci0: Frame reassembly failed (-84)
[  676.170818][T14156] macvlan2: entered promiscuous mode
[  676.176129][T14156] macvlan2: entered allmulticast mode
[  676.182226][T14156] bond8: entered promiscuous mode
[  676.187384][T14156] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  676.194959][T14156] bond8: left promiscuous mode
[  676.427551][T14170] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.451631][T14170] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.502015][T14170] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.571259][T14170] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.591343][T14182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9867'.
[  676.626620][T15320] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  676.637938][T16545] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  676.649130][T16545] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  676.660526][T16545] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  677.344545][T16545] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  677.364666][T16545] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  677.380820][T16545] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  677.399497][T16545] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  677.493264][T14225] 9pnet_fd: Insufficient options for proto=fd
[  677.550847][   T29] kauditd_printk_skb: 332 callbacks suppressed
[  677.550872][   T29] audit: type=1400 audit(2000000187.969:154928): avc:  denied  { read write } for  pid=6119 comm="syz-executor" name="loop0" dev="devtmpfs" ino=1922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  677.580621][   T29] audit: type=1400 audit(2000000187.969:154929): avc:  denied  { open } for  pid=6119 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=1922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  677.621382][   T29] audit: type=1326 audit(2000000188.039:154930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14206 comm="syz.4.9873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  677.785855][T14237] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  677.824679][T14244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9882'.
[  677.858306][T14242] netlink: 'syz.4.9881': attribute type 10 has an invalid length.
[  677.866207][T14242] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9881'.
[  678.002045][T14249] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  678.108790][T14249] netlink: 'syz.2.9883': attribute type 10 has an invalid length.
[  678.116747][T14249] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9883'.
[  678.196244][ T6563] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  678.300040][   T29] audit: type=1326 audit(2000000188.709:154931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.323985][   T29] audit: type=1326 audit(2000000188.709:154932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.347666][   T29] audit: type=1326 audit(2000000188.709:154933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.371395][   T29] audit: type=1326 audit(2000000188.709:154934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.395166][   T29] audit: type=1326 audit(2000000188.709:154935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.418799][   T29] audit: type=1326 audit(2000000188.709:154936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  678.442618][   T29] audit: type=1326 audit(2000000188.709:154937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14264 comm="syz.3.9887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  679.145883][T14343] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9900'.
[  679.735886][T14379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  679.744583][T14379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  680.057223][T14394] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9914'.
[  680.084240][T14396] 9pnet_fd: Insufficient options for proto=fd
[  680.244256][T14409] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9920' sets config #0
[  680.257344][T14409] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9920' sets config #1
[  680.293631][T14414] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9922'.
[  680.327096][T14407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  680.347190][T14407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  680.371232][T14409] netlink: 'syz.3.9920': attribute type 4 has an invalid length.
[  680.412785][T14451] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9921'.
[  680.459347][T14466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9924'.
[  680.505319][T14477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9926'.
[  680.797921][T14489] FAULT_INJECTION: forcing a failure.
[  680.797921][T14489] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  680.811400][T14489] CPU: 0 UID: 0 PID: 14489 Comm: syz.2.9929 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  680.811430][T14489] Tainted: [W]=WARN
[  680.811437][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  680.811448][T14489] Call Trace:
[  680.811455][T14489]  <TASK>
[  680.811538][T14489]  __dump_stack+0x1d/0x30
[  680.811562][T14489]  dump_stack_lvl+0xe8/0x140
[  680.811612][T14489]  dump_stack+0x15/0x1b
[  680.811629][T14489]  should_fail_ex+0x265/0x280
[  680.811700][T14489]  should_fail_alloc_page+0xf2/0x100
[  680.811733][T14489]  __alloc_frozen_pages_noprof+0xff/0x360
[  680.811757][T14489]  alloc_pages_mpol+0xb3/0x260
[  680.811782][T14489]  folio_alloc_mpol_noprof+0x39/0x80
[  680.811813][T14489]  shmem_get_folio_gfp+0x3cf/0xd60
[  680.811878][T14489]  ? simple_xattr_get+0xb9/0x120
[  680.811916][T14489]  shmem_write_begin+0xa8/0x190
[  680.811974][T14489]  generic_perform_write+0x184/0x490
[  680.812060][T14489]  shmem_file_write_iter+0xc5/0xf0
[  680.812086][T14489]  do_iter_readv_writev+0x4a1/0x540
[  680.812134][T14489]  vfs_writev+0x2df/0x8b0
[  680.812176][T14489]  __se_sys_pwritev2+0xfc/0x1c0
[  680.812208][T14489]  __x64_sys_pwritev2+0x67/0x80
[  680.812261][T14489]  x64_sys_call+0x2c59/0x3000
[  680.812286][T14489]  do_syscall_64+0xd2/0x200
[  680.812306][T14489]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  680.812336][T14489]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  680.812370][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.812452][T14489] RIP: 0033:0x7f40547befc9
[  680.812469][T14489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.812485][T14489] RSP: 002b:00007f405321f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  680.812505][T14489] RAX: ffffffffffffffda RBX: 00007f4054a15fa0 RCX: 00007f40547befc9
[  680.812518][T14489] RDX: 0000000000000014 RSI: 0000200000000240 RDI: 0000000000000003
[  680.812531][T14489] RBP: 00007f405321f090 R08: 0000000000000000 R09: 0000000000000003
[  680.812545][T14489] R10: 0000000000007800 R11: 0000000000000246 R12: 0000000000000001
[  680.812608][T14489] R13: 00007f4054a16038 R14: 00007f4054a15fa0 R15: 00007fffb0e768a8
[  680.812627][T14489]  </TASK>
[  681.255318][T14498] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  681.269288][T14498] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.336948][T14508] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9935' sets config #0
[  681.347395][T14508] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.9935' sets config #1
[  681.409731][T14508] netlink: 'syz.3.9935': attribute type 4 has an invalid length.
[  681.563737][T14542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  681.573003][T14542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.666352][T14540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9938'.
[  682.056969][T14572] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  682.081131][T14572] netlink: 'syz.4.9947': attribute type 10 has an invalid length.
[  682.088989][T14572] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9947'.
[  682.277783][T14591] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9954'.
[  682.442745][T14583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  682.451319][T14583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  682.674609][T14615] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9958'.
[  682.773341][   T29] kauditd_printk_skb: 704 callbacks suppressed
[  682.773355][   T29] audit: type=1326 audit(2000000193.189:155642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.815237][   T29] audit: type=1326 audit(2000000193.189:155643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.839107][   T29] audit: type=1326 audit(2000000193.189:155644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.863077][   T29] audit: type=1326 audit(2000000193.189:155645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.886770][   T29] audit: type=1326 audit(2000000193.189:155646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.910516][   T29] audit: type=1326 audit(2000000193.189:155647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.934151][   T29] audit: type=1326 audit(2000000193.189:155648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.957929][   T29] audit: type=1326 audit(2000000193.189:155649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  682.981644][   T29] audit: type=1326 audit(2000000193.189:155650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  683.005370][   T29] audit: type=1326 audit(2000000193.189:155651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14630 comm="syz.2.9959" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  683.139951][T14661] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9960'.
[  683.336781][T14667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.345619][T14667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.523334][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9963'.
[  683.683479][T14683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.692127][T14683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  684.095745][T14707] program syz.0.9972 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  684.112671][T14694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  684.121441][T14694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  684.267290][T14718] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.321329][T14718] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.371288][T14718] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.411428][T14718] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.466499][   T52] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  684.477829][   T52] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  684.489297][   T52] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  684.500580][T16571] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  684.556966][T14740] 9pnet_fd: Insufficient options for proto=fd
[  684.686469][T14748] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.754667][T14748] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.881810][T14748] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.981486][T14748] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.285527][T14788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.295816][T14788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.440481][T14839] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14839 comm=syz.2.10007
[  685.757839][T14843] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  685.788644][T14843] netlink: 'syz.2.10009': attribute type 10 has an invalid length.
[  685.796671][T14843] __nla_validate_parse: 2 callbacks suppressed
[  685.796684][T14843] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10009'.
[  685.999788][T14899] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.018507][T14892] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10018'.
[  686.055557][T14899] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.081811][T14922] netlink: 'syz.3.10024': attribute type 1 has an invalid length.
[  686.089706][T14922] netlink: 'syz.3.10024': attribute type 4 has an invalid length.
[  686.097711][T14922] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.10024'.
[  686.108327][T14914] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  686.116755][T14899] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.130492][T14914] tipc: Disabling bearer <eth:syzkaller0>
[  686.173722][T14899] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.220256][T14904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  686.228704][T14904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  686.266207][T16567] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  686.277398][T16567] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  686.288561][T16540] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  686.305860][T16540] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  686.534307][T14983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10030'.
[  686.780891][T14992] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10033'.
[  687.436903][T15047] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10044'.
[  687.825692][T15054] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  687.842338][T15056] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10047'.
[  687.857567][T15054] netlink: 'syz.4.10046': attribute type 10 has an invalid length.
[  687.865614][T15054] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10046'.
[  687.933285][T15074] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10048'.
[  687.951025][T15074] 8021q: adding VLAN 0 to HW filter on device bond3
[  687.962947][T16567] Bluetooth: hci0: Frame reassembly failed (-84)
[  688.011902][   T29] kauditd_printk_skb: 786 callbacks suppressed
[  688.011915][   T29] audit: type=1326 audit(2000000198.429:156438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15113 comm="syz.4.10050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  688.017572][T15115] macvlan2: entered promiscuous mode
[  688.041971][   T29] audit: type=1326 audit(2000000198.429:156439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15113 comm="syz.4.10050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  688.047214][T15115] macvlan2: entered allmulticast mode
[  688.076483][   T29] audit: type=1326 audit(2000000198.429:156440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15113 comm="syz.4.10050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  688.100140][T15115] bond3: entered promiscuous mode
[  688.105541][T15115] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  688.113583][T15115] bond3: left promiscuous mode
[  688.116322][   T29] audit: type=1400 audit(2000000198.539:156441): avc:  denied  { execute_no_trans } for  pid=15120 comm="syz.2.10052" path="/277/file0" dev="tmpfs" ino=1453 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  688.147659][   T29] audit: type=1326 audit(2000000198.559:156442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15113 comm="syz.4.10050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  688.173888][   T29] audit: type=1326 audit(2000000198.559:156443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15113 comm="syz.4.10050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  688.198528][   T29] audit: type=1326 audit(2000000198.599:156444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15124 comm="syz.2.10053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  688.222477][   T29] audit: type=1326 audit(2000000198.599:156445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15124 comm="syz.2.10053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  688.246575][   T29] audit: type=1326 audit(2000000198.599:156446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15124 comm="syz.2.10053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  688.270399][   T29] audit: type=1326 audit(2000000198.599:156447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15124 comm="syz.2.10053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  688.318163][T16571] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  688.337939][T16571] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  688.358005][T16571] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  688.366853][T16571] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  688.446977][T15156] 9pnet_fd: Insufficient options for proto=fd
[  688.454591][T15158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  688.464744][T15158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  688.584764][T15170] 9pnet_fd: Insufficient options for proto=fd
[  688.683043][T15176] program syz.0.10066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  689.159275][T15184] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10069'.
[  689.492238][T15205] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10076' sets config #0
[  689.502549][T15205] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10076' sets config #1
[  689.562997][T15205] netlink: 'syz.2.10076': attribute type 4 has an invalid length.
[  689.692811][T15239] 9pnet_fd: Insufficient options for proto=fd
[  690.002086][T15250] /dev/loop4: Can't lookup blockdev
[  690.015299][T15250] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  690.030018][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  690.036140][ T6563] Bluetooth: hci0: command 0x1003 tx timeout
[  690.058428][T15258] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.110046][T15265] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  690.132429][T15258] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.164356][T15271] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10089' sets config #0
[  690.174632][T15271] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10089' sets config #1
[  690.218640][T15258] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.246862][T15291] netlink: 'syz.1.10089': attribute type 4 has an invalid length.
[  690.305420][T15258] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.470988][T15320] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  690.498456][T15320] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  690.506949][T15320] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  690.532924][T16571] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  690.607421][T15377] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.622255][T15379] program syz.0.10097 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  690.672049][T15387] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10100' sets config #0
[  690.691182][T15387] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10100' sets config #1
[  690.691838][T15377] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.768595][T15409] netlink: 'syz.2.10100': attribute type 4 has an invalid length.
[  690.791823][T15377] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.882283][T15377] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  690.959499][T15425] syzkaller0: entered allmulticast mode
[  691.001781][T15385] syzkaller0: entered promiscuous mode
[  691.018250][T15385] syzkaller0 (unregistering): left allmulticast mode
[  691.025077][T15385] syzkaller0 (unregistering): left promiscuous mode
[  691.254826][T15445] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  691.262479][T15445] tipc: Disabling bearer <eth:syzkaller0>
[  691.394590][T15461] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.441273][T15461] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.501385][T15461] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.551429][T15461] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.667677][T15467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  691.676236][T15467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  691.764889][T16571] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  691.775922][T16571] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  691.787242][T16571] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  691.801846][T15320] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  691.827325][T15483] wireguard1: entered promiscuous mode
[  691.833040][T15483] wireguard1: entered allmulticast mode
[  691.851146][T15488] __nla_validate_parse: 1 callbacks suppressed
[  691.851158][T15488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10114'.
[  691.882710][T15493] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  691.882710][T15493]    program syz.2.10113 not setting count and/or reply_len properly
[  691.921885][T15495] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10115'.
[  692.200036][T15505] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10117'.
[  692.395074][T15524] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  692.416481][T15524] netlink: 'syz.0.10120': attribute type 10 has an invalid length.
[  692.424431][T15524] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10120'.
[  692.689453][T15536] tmpfs: Bad value for 'mpol'
[  693.020088][   T29] kauditd_printk_skb: 957 callbacks suppressed
[  693.020101][   T29] audit: type=1326 audit(2000000203.439:157405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.050100][   T29] audit: type=1326 audit(2000000203.439:157406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.073977][   T29] audit: type=1326 audit(2000000203.439:157407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.097749][   T29] audit: type=1326 audit(2000000203.439:157408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.121502][   T29] audit: type=1326 audit(2000000203.439:157409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.145329][   T29] audit: type=1326 audit(2000000203.439:157410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.169090][   T29] audit: type=1326 audit(2000000203.439:157411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.192812][   T29] audit: type=1326 audit(2000000203.439:157412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.216555][   T29] audit: type=1326 audit(2000000203.439:157413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.240305][   T29] audit: type=1326 audit(2000000203.449:157414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15543 comm="syz.2.10125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f40547f1885 code=0x7ffc0000
[  693.570457][T15552] x_tables: duplicate underflow at hook 2
[  693.625876][T15556] netlink: 220 bytes leftover after parsing attributes in process `syz.4.10129'.
[  693.691870][T15567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10133'.
[  693.707974][T15567] 8021q: adding VLAN 0 to HW filter on device bond7
[  693.755435][T15611] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10137'.
[  693.764695][T15610] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10137'.
[  693.786517][T15614] macvlan2: entered promiscuous mode
[  693.791990][T15614] macvlan2: entered allmulticast mode
[  693.798799][T15614] bond7: entered promiscuous mode
[  693.804239][T15614] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  693.811934][T15614] bond7: left promiscuous mode
[  694.295347][T15320] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  694.306565][T15320] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  694.317843][T15320] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  694.328797][T16571] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  694.376679][T15634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10140'.
[  694.832384][T15641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.840836][T15641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  695.414000][T15648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  695.426187][T15648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  695.527158][T15662] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10148'.
[  695.789947][ T6563] Bluetooth: hci0: command 0x1003 tx timeout
[  695.789947][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  695.970583][T15722] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.10157' sets config #0
[  696.036249][T15722] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.10157' sets config #1
[  696.083915][T15732] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  696.116673][T15743] netlink: 'syz.3.10157': attribute type 4 has an invalid length.
[  696.135492][T15732] netlink: 'syz.2.10160': attribute type 10 has an invalid length.
[  696.707167][T15796] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10171' sets config #0
[  696.742212][T15796] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10171' sets config #1
[  696.873309][T15796] netlink: 'syz.2.10171': attribute type 4 has an invalid length.
[  696.942099][T15838] 9pnet_fd: Insufficient options for proto=fd
[  697.076072][T15848] tipc: Started in network mode
[  697.080999][T15848] tipc: Node identity d2bcad65ab18, cluster identity 4711
[  697.088132][T15848] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  697.098145][T15848] tipc: Disabling bearer <eth:syzkaller0>
[  697.742730][T15886] 9pnet_fd: Insufficient options for proto=fd
[  697.769243][T15891] __nla_validate_parse: 2 callbacks suppressed
[  697.769254][T15891] netlink: 48 bytes leftover after parsing attributes in process `syz.4.10192'.
[  697.900105][T15898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10195'.
[  697.954788][T15906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10198'.
[  698.122119][T15940] program syz.0.10207 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  698.136501][T15940] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[  698.143166][T15940] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  698.150715][T15940] vhci_hcd vhci_hcd.0: Device attached
[  698.157223][T15940] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(13)
[  698.163875][T15940] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  698.171381][T15940] vhci_hcd vhci_hcd.0: Device attached
[  698.177517][T15940] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  698.186088][T15940] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  698.194704][T15940] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  698.203177][T15940] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  698.212049][T15940] vhci_hcd vhci_hcd.0: pdev(0) rhport(6) sockfd(23)
[  698.218755][T15940] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  698.226333][T15940] vhci_hcd vhci_hcd.0: Device attached
[  698.232918][T15940] vhci_hcd vhci_hcd.0: pdev(0) rhport(7) sockfd(25)
[  698.239508][T15940] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  698.247295][T15940] vhci_hcd vhci_hcd.0: Device attached
[  698.253471][T15940] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10207'.
[  698.264573][T15947] vhci_hcd: connection closed
[  698.265150][T16571] vhci_hcd: stop threads
[  698.270023][T15945] vhci_hcd: connection closed
[  698.274166][T16571] vhci_hcd: release socket
[  698.274504][T15943] vhci_hcd: connection closed
[  698.278842][T16571] vhci_hcd: disconnect device
[  698.278912][T15941] vhci_hcd: connection closed
[  698.284216][T16571] vhci_hcd: stop threads
[  698.301806][T16571] vhci_hcd: release socket
[  698.306341][T16571] vhci_hcd: disconnect device
[  698.311792][T15937] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  698.320484][T15937] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  698.326312][T16571] vhci_hcd: stop threads
[  698.330723][T14251] vhci_hcd: vhci_device speed not set
[  698.332524][T16571] vhci_hcd: release socket
[  698.342290][T16571] vhci_hcd: disconnect device
[  698.347009][T16571] vhci_hcd: stop threads
[  698.351334][T16571] vhci_hcd: release socket
[  698.355729][T16571] vhci_hcd: disconnect device
[  698.389960][T14251] usb 1-1: new full-speed USB device number 2 using vhci_hcd
[  698.397515][T14251] usb 1-1: enqueue for inactive port 0
[  698.403224][T14251] usb 1-1: enqueue for inactive port 0
[  698.408890][T14251] usb 1-1: enqueue for inactive port 0
[  698.464192][T15953] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15953 comm=syz.4.10208
[  698.479975][T14251] vhci_hcd: vhci_device speed not set
[  698.740457][T15957] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  698.747998][T15957] tipc: Disabling bearer <eth:syzkaller0>
[  698.850892][   T29] kauditd_printk_skb: 919 callbacks suppressed
[  698.850909][   T29] audit: type=1326 audit(2000000465.276:158334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  698.881455][   T29] audit: type=1326 audit(2000000465.276:158335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  698.905301][   T29] audit: type=1326 audit(2000000465.306:158336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  698.929289][   T29] audit: type=1326 audit(2000000465.306:158337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  698.959166][   T29] audit: type=1326 audit(2000000465.306:158338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  698.962044][T15977] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10217'.
[  698.982971][   T29] audit: type=1326 audit(2000000465.326:158339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  699.015672][   T29] audit: type=1326 audit(2000000465.326:158340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  699.039402][   T29] audit: type=1326 audit(2000000465.326:158341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  699.063289][   T29] audit: type=1326 audit(2000000465.326:158342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  699.087104][   T29] audit: type=1326 audit(2000000465.326:158343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15966 comm="syz.0.10213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  699.188164][T16013] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.231511][T16013] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.294623][T16013] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.321543][T16022] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  699.351622][T16013] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  699.406896][T16567] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  699.417705][T16567] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  699.429367][T16567] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  699.443128][T16049] program syz.2.10227 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  699.453138][T16567] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  699.535414][T16059] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  699.593054][T16059] netlink: 'syz.3.10231': attribute type 10 has an invalid length.
[  699.601107][T16059] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10231'.
[  699.742737][ T6186] hid_parser_main: 24 callbacks suppressed
[  699.742749][ T6186] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4
[  699.756325][ T6186] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2
[  699.764620][ T6186] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x3
[  699.772842][ T6186] hid-generic 0000:3000000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  699.990642][T16113] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10248'.
[  700.095158][T16125] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10251'.
[  700.114360][T16125] 8021q: adding VLAN 0 to HW filter on device bond4
[  700.132464][T16571] Bluetooth: hci0: Frame reassembly failed (-84)
[  700.198143][T16161] macvlan2: entered promiscuous mode
[  700.203483][T16161] macvlan2: entered allmulticast mode
[  700.210329][T16161] bond4: entered promiscuous mode
[  700.215701][T16161] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  700.223946][T16161] bond4: left promiscuous mode
[  700.275849][T16169] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  700.293343][T16171] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  700.310485][T16169] netlink: 'syz.1.10253': attribute type 10 has an invalid length.
[  700.318508][T16169] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10253'.
[  700.479303][T16188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10259'.
[  700.594701][T16182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  700.603212][T16182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  701.244780][T16224] 8021q: adding VLAN 0 to HW filter on device bond5
[  701.293530][T16224] macvlan2: entered promiscuous mode
[  701.298840][T16224] macvlan2: entered allmulticast mode
[  701.305248][T16224] bond5: entered promiscuous mode
[  701.310635][T16224] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  701.318964][T16224] bond5: left promiscuous mode
[  701.344527][T16281] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10265' sets config #0
[  701.355088][T16281] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10265' sets config #1
[  701.416431][T16281] netlink: 'syz.1.10265': attribute type 4 has an invalid length.
[  701.416791][T16307] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.10267' sets config #0
[  701.451614][T16307] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.10267' sets config #1
[  701.518386][T16315] netlink: 'syz.4.10267': attribute type 4 has an invalid length.
[  701.579295][T16327] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  701.617945][T16327] netlink: 'syz.0.10269': attribute type 10 has an invalid length.
[  701.822241][T16376] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.10278' sets config #0
[  701.833556][T16376] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.10278' sets config #1
[  701.882922][T16349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  701.891633][T16349] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  701.908866][T16376] netlink: 'syz.4.10278': attribute type 4 has an invalid length.
[  702.190007][ T6563] Bluetooth: hci0: command 0x1003 tx timeout
[  702.196077][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  702.449190][T16442] netlink: 'syz.3.10284': attribute type 10 has an invalid length.
[  702.488773][T16441] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  702.531936][T16454] FAULT_INJECTION: forcing a failure.
[  702.531936][T16454] name failslab, interval 1, probability 0, space 0, times 0
[  702.544675][T16454] CPU: 1 UID: 0 PID: 16454 Comm: syz.2.10288 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  702.544711][T16454] Tainted: [W]=WARN
[  702.544718][T16454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  702.544733][T16454] Call Trace:
[  702.544740][T16454]  <TASK>
[  702.544749][T16454]  __dump_stack+0x1d/0x30
[  702.544775][T16454]  dump_stack_lvl+0xe8/0x140
[  702.544825][T16454]  dump_stack+0x15/0x1b
[  702.544844][T16454]  should_fail_ex+0x265/0x280
[  702.544867][T16454]  should_failslab+0x8c/0xb0
[  702.544947][T16454]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  702.544976][T16454]  ? __alloc_skb+0x101/0x320
[  702.545006][T16454]  __alloc_skb+0x101/0x320
[  702.545088][T16454]  netlink_alloc_large_skb+0xbf/0xf0
[  702.545117][T16454]  netlink_sendmsg+0x3cf/0x6b0
[  702.545234][T16454]  ? __pfx_netlink_sendmsg+0x10/0x10
[  702.545256][T16454]  __sock_sendmsg+0x145/0x180
[  702.545313][T16454]  ____sys_sendmsg+0x31e/0x4e0
[  702.545398][T16454]  ___sys_sendmsg+0x17b/0x1d0
[  702.545427][T16454]  __x64_sys_sendmsg+0xd4/0x160
[  702.545451][T16454]  x64_sys_call+0x191e/0x3000
[  702.545481][T16454]  do_syscall_64+0xd2/0x200
[  702.545500][T16454]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  702.545529][T16454]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  702.545561][T16454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.545662][T16454] RIP: 0033:0x7f40547befc9
[  702.545676][T16454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.545693][T16454] RSP: 002b:00007f405321f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  702.545711][T16454] RAX: ffffffffffffffda RBX: 00007f4054a15fa0 RCX: 00007f40547befc9
[  702.545723][T16454] RDX: 0000000000000000 RSI: 0000200000000440 RDI: 0000000000000005
[  702.545736][T16454] RBP: 00007f405321f090 R08: 0000000000000000 R09: 0000000000000000
[  702.545783][T16454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  702.545798][T16454] R13: 00007f4054a16038 R14: 00007f4054a15fa0 R15: 00007fffb0e768a8
[  702.545819][T16454]  </TASK>
[  702.759074][T16461] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10290' sets config #0
[  702.808443][T16461] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10290' sets config #1
[  702.831109][T16465] FAULT_INJECTION: forcing a failure.
[  702.831109][T16465] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  702.844233][T16465] CPU: 0 UID: 0 PID: 16465 Comm: syz.0.10292 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  702.844317][T16465] Tainted: [W]=WARN
[  702.844324][T16465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  702.844336][T16465] Call Trace:
[  702.844342][T16465]  <TASK>
[  702.844349][T16465]  __dump_stack+0x1d/0x30
[  702.844370][T16465]  dump_stack_lvl+0xe8/0x140
[  702.844399][T16465]  dump_stack+0x15/0x1b
[  702.844417][T16465]  should_fail_ex+0x265/0x280
[  702.844439][T16465]  should_fail+0xb/0x20
[  702.844455][T16465]  should_fail_usercopy+0x1a/0x20
[  702.844475][T16465]  _copy_to_user+0x20/0xa0
[  702.844517][T16465]  simple_read_from_buffer+0xb5/0x130
[  702.844543][T16465]  proc_fail_nth_read+0x10e/0x150
[  702.844585][T16465]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  702.844617][T16465]  vfs_read+0x1a8/0x770
[  702.844652][T16465]  ? __rcu_read_unlock+0x4f/0x70
[  702.844677][T16465]  ? __fget_files+0x184/0x1c0
[  702.844705][T16465]  ksys_read+0xda/0x1a0
[  702.844800][T16465]  __x64_sys_read+0x40/0x50
[  702.844826][T16465]  x64_sys_call+0x27c0/0x3000
[  702.844857][T16465]  do_syscall_64+0xd2/0x200
[  702.844922][T16465]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  702.844947][T16465]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  702.845016][T16465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.845044][T16465] RIP: 0033:0x7fd72ac7d9dc
[  702.845061][T16465] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  702.845080][T16465] RSP: 002b:00007fd7296df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  702.845156][T16465] RAX: ffffffffffffffda RBX: 00007fd72aed5fa0 RCX: 00007fd72ac7d9dc
[  702.845169][T16465] RDX: 000000000000000f RSI: 00007fd7296df0a0 RDI: 0000000000000007
[  702.845180][T16465] RBP: 00007fd7296df090 R08: 0000000000000000 R09: 0000000000000000
[  702.845193][T16465] R10: 0000000004000004 R11: 0000000000000246 R12: 0000000000000001
[  702.845273][T16465] R13: 00007fd72aed6038 R14: 00007fd72aed5fa0 R15: 00007ffd0472b1e8
[  702.845290][T16465]  </TASK>
[  703.065290][T16484] netlink: 'syz.1.10290': attribute type 4 has an invalid length.
[  703.216025][T16509] __nla_validate_parse: 7 callbacks suppressed
[  703.216051][T16509] netlink: 44 bytes leftover after parsing attributes in process `syz.3.10301'.
[  703.244277][T16511] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  703.260419][T16509] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10301'.
[  703.269478][T16509] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10301'.
[  703.276095][T16511] netlink: 'syz.1.10302': attribute type 10 has an invalid length.
[  703.286460][T16511] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10302'.
[  703.326830][T16494] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  703.335312][T16494] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  703.468211][T16530] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10308' sets config #0
[  703.478619][T16530] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.10308' sets config #1
[  703.542230][T16530] netlink: 'syz.1.10308': attribute type 4 has an invalid length.
[  703.663433][T16580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10310'.
[  703.682247][T16590] 9pnet_fd: Insufficient options for proto=fd
[  704.095994][   T29] kauditd_printk_skb: 377 callbacks suppressed
[  704.096010][   T29] audit: type=1326 audit(2000000470.516:158721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd72ac75e67 code=0x7ffc0000
[  704.141435][   T29] audit: type=1326 audit(2000000470.546:158722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd72ac1b099 code=0x7ffc0000
[  704.165215][   T29] audit: type=1326 audit(2000000470.546:158723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd72ac75e67 code=0x7ffc0000
[  704.188898][   T29] audit: type=1326 audit(2000000470.546:158724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd72ac1b099 code=0x7ffc0000
[  704.212647][   T29] audit: type=1326 audit(2000000470.546:158725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd72ac75e67 code=0x7ffc0000
[  704.236388][   T29] audit: type=1326 audit(2000000470.546:158726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd72ac1b099 code=0x7ffc0000
[  704.260059][   T29] audit: type=1326 audit(2000000470.546:158727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd72ac75e67 code=0x7ffc0000
[  704.283832][   T29] audit: type=1326 audit(2000000470.546:158728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd72ac1b099 code=0x7ffc0000
[  704.307613][   T29] audit: type=1326 audit(2000000470.546:158729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd72ac75e67 code=0x7ffc0000
[  704.331290][   T29] audit: type=1326 audit(2000000470.546:158730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16607 comm="syz.0.10318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd72ac1b099 code=0x7ffc0000
[  704.439059][T16618] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  704.447965][T16618] tipc: Disabling bearer <eth:syzkaller0>
[  704.685622][T16628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  704.695225][T16628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  704.882243][T16677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10332'.
[  705.317326][T16684] netlink: 592 bytes leftover after parsing attributes in process `syz.3.10334'.
[  705.710719][T16693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10336'.
[  705.850360][T16701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10340'.
[  705.863068][T16701] program syz.1.10340 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  706.119777][T16707] TCP: tcp_parse_options: Illegal window scaling value 168 > 14 received
[  706.128617][T16707] TCP: tcp_parse_options: Illegal window scaling value 139 > 14 received
[  706.318498][T16733] 9pnet_fd: Insufficient options for proto=fd
[  706.436077][T16726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  706.460322][T16726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  706.948485][T16762] binfmt_misc: register: failed to install interpreter file ./file0
[  706.995431][T16766] bridge2: entered promiscuous mode
[  707.016973][T16770] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  707.038121][T16770] validate_nla: 1 callbacks suppressed
[  707.038134][T16770] netlink: 'syz.2.10356': attribute type 10 has an invalid length.
[  707.051576][T16770] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10356'.
[  707.173208][T16779] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  708.128588][T16808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  708.150077][T16808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  708.157816][T16815] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  708.185097][T16815] netlink: 'syz.1.10369': attribute type 10 has an invalid length.
[  708.661671][T16852] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.811772][T16852] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.892649][T16852] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  708.952567][T16852] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  709.024048][T16540] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  709.056943][T16540] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  709.081803][T16540] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  709.090132][T16540] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  709.170543][   T29] kauditd_printk_skb: 579 callbacks suppressed
[  709.170567][   T29] audit: type=1326 audit(2000000475.596:159310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.1.10372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  709.200898][   T29] audit: type=1326 audit(2000000475.596:159311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16827 comm="syz.1.10372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  709.226000][T16898] __nla_validate_parse: 1 callbacks suppressed
[  709.226017][T16898] netlink: 592 bytes leftover after parsing attributes in process `syz.0.10381'.
[  709.273519][   T29] audit: type=1326 audit(2000000475.696:159312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.297387][   T29] audit: type=1326 audit(2000000475.696:159313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.321919][   T29] audit: type=1326 audit(2000000475.696:159314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.345740][   T29] audit: type=1326 audit(2000000475.696:159315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.369625][   T29] audit: type=1326 audit(2000000475.696:159316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.393470][   T29] audit: type=1326 audit(2000000475.696:159317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.417245][   T29] audit: type=1326 audit(2000000475.696:159318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.441009][   T29] audit: type=1326 audit(2000000475.696:159319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16903 comm="syz.2.10384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  709.679940][T16922] netlink: 'syz.4.10388': attribute type 1 has an invalid length.
[  709.696973][T16922] 8021q: adding VLAN 0 to HW filter on device bond6
[  709.709180][T16922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10388'.
[  709.720117][T16922] bond6 (unregistering): Released all slaves
[  709.968185][T16995] block device autoloading is deprecated and will be removed.
[  710.101760][T16995] dvmrp0: entered allmulticast mode
[  710.164174][T17015] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10396'.
[  710.429584][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b535600: rx timeout, send abort
[  710.511661][T17042] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10397'.
[  710.929599][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b534e00: rx timeout, send abort
[  710.937909][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b535600: abort rx timeout. Force session deactivation
[  711.301947][T17074] netlink: 592 bytes leftover after parsing attributes in process `syz.2.10402'.
[  711.437841][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811b534e00: abort rx timeout. Force session deactivation
[  711.548445][T17082] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10405'.
[  711.984816][T17131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10411'.
[  712.102226][T17149] netlink: 400 bytes leftover after parsing attributes in process `syz.2.10416'.
[  712.131727][T17149] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10416'.
[  712.474960][T17185] FAULT_INJECTION: forcing a failure.
[  712.474960][T17185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  712.488046][T17185] CPU: 1 UID: 0 PID: 17185 Comm: syz.4.10422 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  712.488147][T17185] Tainted: [W]=WARN
[  712.488154][T17185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  712.488168][T17185] Call Trace:
[  712.488177][T17185]  <TASK>
[  712.488199][T17185]  __dump_stack+0x1d/0x30
[  712.488244][T17185]  dump_stack_lvl+0xe8/0x140
[  712.488263][T17185]  dump_stack+0x15/0x1b
[  712.488280][T17185]  should_fail_ex+0x265/0x280
[  712.488359][T17185]  should_fail+0xb/0x20
[  712.488377][T17185]  should_fail_usercopy+0x1a/0x20
[  712.488420][T17185]  _copy_to_user+0x20/0xa0
[  712.488497][T17185]  simple_read_from_buffer+0xb5/0x130
[  712.488531][T17185]  proc_fail_nth_read+0x10e/0x150
[  712.488642][T17185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  712.488699][T17185]  vfs_read+0x1a8/0x770
[  712.488725][T17185]  ? __rcu_read_unlock+0x4f/0x70
[  712.488749][T17185]  ? __fget_files+0x184/0x1c0
[  712.488802][T17185]  ? finish_task_switch+0xad/0x2b0
[  712.488831][T17185]  ksys_read+0xda/0x1a0
[  712.488861][T17185]  __x64_sys_read+0x40/0x50
[  712.488888][T17185]  x64_sys_call+0x27c0/0x3000
[  712.488956][T17185]  do_syscall_64+0xd2/0x200
[  712.488978][T17185]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  712.489010][T17185]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  712.489048][T17185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.489069][T17185] RIP: 0033:0x7f6aa54bd9dc
[  712.489087][T17185] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  712.489149][T17185] RSP: 002b:00007f6aa3f1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  712.489168][T17185] RAX: ffffffffffffffda RBX: 00007f6aa5715fa0 RCX: 00007f6aa54bd9dc
[  712.489181][T17185] RDX: 000000000000000f RSI: 00007f6aa3f1f0a0 RDI: 0000000000000007
[  712.489195][T17185] RBP: 00007f6aa3f1f090 R08: 0000000000000000 R09: 0000000000000000
[  712.489209][T17185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  712.489286][T17185] R13: 00007f6aa5716038 R14: 00007f6aa5715fa0 R15: 00007ffc7c2a7698
[  712.489304][T17185]  </TASK>
[  713.054642][T17189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  713.084097][T17189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  713.181316][T17211] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10427'.
[  713.708408][T17259] 9pnet_fd: Insufficient options for proto=fd
[  713.922585][T17270] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.101466][T17270] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.162395][T17270] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.252481][T17270] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.343518][T16540] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  714.400487][T16540] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  714.438662][T16540] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  714.447077][T16540] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  714.504100][T17316] __nla_validate_parse: 1 callbacks suppressed
[  714.504117][T17316] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10439'.
[  714.530420][T17316] 8021q: adding VLAN 0 to HW filter on device bond6
[  714.846366][T17364] macvlan2: entered promiscuous mode
[  714.851745][T17364] macvlan2: entered allmulticast mode
[  714.889565][T17364] bond6: entered promiscuous mode
[  714.896488][T17364] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  714.905237][T17364] bond6: left promiscuous mode
[  715.253000][T17420] 9pnet_fd: Insufficient options for proto=fd
[  715.562291][T17428] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  715.578582][T17430] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10449'.
[  715.599575][T17445] 9pnet_fd: Insufficient options for proto=fd
[  715.628468][T17428] netlink: 'syz.2.10448': attribute type 10 has an invalid length.
[  715.636485][T17428] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10448'.
[  715.849546][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  715.849562][   T29] audit: type=1326 audit(2000000482.266:159584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17471 comm="syz.1.10456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  715.880913][   T29] audit: type=1326 audit(2000000482.306:159585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17471 comm="syz.1.10456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  715.904808][   T29] audit: type=1326 audit(2000000482.306:159586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17471 comm="syz.1.10456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  715.928622][   T29] audit: type=1326 audit(2000000482.306:159587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17471 comm="syz.1.10456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5792f8efc9 code=0x7ffc0000
[  715.953799][T17468] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  715.963404][T17468] tipc: Disabling bearer <eth:syzkaller0>
[  716.300931][T17487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  716.310596][T17487] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  716.568658][   T29] audit: type=1326 audit(2000000482.986:159588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  716.589949][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  716.593141][   T29] audit: type=1326 audit(2000000482.986:159589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  716.622345][   T29] audit: type=1326 audit(2000000482.996:159590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  716.646042][   T29] audit: type=1326 audit(2000000482.996:159591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  716.669840][   T29] audit: type=1326 audit(2000000482.996:159592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  716.693682][   T29] audit: type=1326 audit(2000000482.996:159593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17526 comm="syz.3.10465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  717.084031][T17554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.123306][T17554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  717.161246][T17593] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  717.713759][T17637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10478'.
[  718.520158][T17691] smc: net device bond0 applied user defined pnetid SYZ0
[  718.536027][T17691] FAULT_INJECTION: forcing a failure.
[  718.536027][T17691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  718.549532][T17691] CPU: 0 UID: 0 PID: 17691 Comm: syz.3.10485 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  718.549573][T17691] Tainted: [W]=WARN
[  718.549581][T17691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  718.549595][T17691] Call Trace:
[  718.549601][T17691]  <TASK>
[  718.549610][T17691]  __dump_stack+0x1d/0x30
[  718.549636][T17691]  dump_stack_lvl+0xe8/0x140
[  718.549736][T17691]  dump_stack+0x15/0x1b
[  718.549757][T17691]  should_fail_ex+0x265/0x280
[  718.549781][T17691]  should_fail+0xb/0x20
[  718.549801][T17691]  should_fail_usercopy+0x1a/0x20
[  718.549898][T17691]  _copy_from_user+0x1c/0xb0
[  718.549932][T17691]  ___sys_sendmsg+0xc1/0x1d0
[  718.550021][T17691]  __x64_sys_sendmsg+0xd4/0x160
[  718.550046][T17691]  x64_sys_call+0x191e/0x3000
[  718.550067][T17691]  do_syscall_64+0xd2/0x200
[  718.550087][T17691]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  718.550113][T17691]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  718.550253][T17691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.550278][T17691] RIP: 0033:0x7f6553eeefc9
[  718.550296][T17691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  718.550315][T17691] RSP: 002b:00007f6552957038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  718.550337][T17691] RAX: ffffffffffffffda RBX: 00007f6554145fa0 RCX: 00007f6553eeefc9
[  718.550351][T17691] RDX: 0000000000004000 RSI: 0000200000000080 RDI: 0000000000000007
[  718.550430][T17691] RBP: 00007f6552957090 R08: 0000000000000000 R09: 0000000000000000
[  718.550444][T17691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  718.550458][T17691] R13: 00007f6554146038 R14: 00007f6554145fa0 R15: 00007ffc106bffa8
[  718.550498][T17691]  </TASK>
[  718.845942][T17770] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.935919][T17770] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.992043][T17770] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.041713][T17770] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.094303][T17752] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  719.106179][T17746] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  719.118024][T17752] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  719.129687][T17752] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  719.158386][T17807] netlink: 36 bytes leftover after parsing attributes in process `syz.4.10495'.
[  719.186112][T17810] FAULT_INJECTION: forcing a failure.
[  719.186112][T17810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.199250][T17810] CPU: 0 UID: 0 PID: 17810 Comm: syz.4.10496 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  719.199281][T17810] Tainted: [W]=WARN
[  719.199287][T17810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  719.199300][T17810] Call Trace:
[  719.199309][T17810]  <TASK>
[  719.199317][T17810]  __dump_stack+0x1d/0x30
[  719.199409][T17810]  dump_stack_lvl+0xe8/0x140
[  719.199451][T17810]  dump_stack+0x15/0x1b
[  719.199534][T17810]  should_fail_ex+0x265/0x280
[  719.199555][T17810]  should_fail+0xb/0x20
[  719.199571][T17810]  should_fail_usercopy+0x1a/0x20
[  719.199590][T17810]  _copy_from_user+0x1c/0xb0
[  719.199629][T17810]  ___sys_sendmsg+0xc1/0x1d0
[  719.199703][T17810]  __sys_sendmmsg+0x178/0x300
[  719.199731][T17810]  __x64_sys_sendmmsg+0x57/0x70
[  719.199750][T17810]  x64_sys_call+0x1c4a/0x3000
[  719.199798][T17810]  do_syscall_64+0xd2/0x200
[  719.199895][T17810]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  719.199938][T17810]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  719.199971][T17810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.199995][T17810] RIP: 0033:0x7f6aa54befc9
[  719.200011][T17810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.200029][T17810] RSP: 002b:00007f6aa3f1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  719.200067][T17810] RAX: ffffffffffffffda RBX: 00007f6aa5715fa0 RCX: 00007f6aa54befc9
[  719.200130][T17810] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000006
[  719.200143][T17810] RBP: 00007f6aa3f1f090 R08: 0000000000000000 R09: 0000000000000000
[  719.200157][T17810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.200170][T17810] R13: 00007f6aa5716038 R14: 00007f6aa5715fa0 R15: 00007ffc7c2a7698
[  719.200188][T17810]  </TASK>
[  719.390443][T17812] 9pnet_fd: Insufficient options for proto=fd
[  719.708408][T17828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10501'.
[  719.721379][T17833] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  719.731485][T17834] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10504'.
[  719.744623][T17833] tipc: Disabling bearer <eth:syzkaller0>
[  719.832623][T17859] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.891273][T17859] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.942345][T17859] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.952802][T17838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  719.961790][T17838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  719.973113][T17871] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.001916][T17859] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.051568][T17871] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.106811][T17893] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  720.115177][T17893] tipc: Disabling bearer <eth:syzkaller0>
[  720.141233][T17871] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.221587][T17903] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  720.241045][T17871] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  720.255021][T17903] netlink: 'syz.3.10519': attribute type 10 has an invalid length.
[  720.263077][T17903] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10519'.
[  720.316200][T17750] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  720.327066][T17746] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  720.338942][T17746] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  720.350567][T17746] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  720.377141][T17919] FAULT_INJECTION: forcing a failure.
[  720.377141][T17919] name failslab, interval 1, probability 0, space 0, times 0
[  720.389858][T17919] CPU: 1 UID: 0 PID: 17919 Comm: syz.3.10520 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  720.389897][T17919] Tainted: [W]=WARN
[  720.389904][T17919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  720.389916][T17919] Call Trace:
[  720.389923][T17919]  <TASK>
[  720.389930][T17919]  __dump_stack+0x1d/0x30
[  720.389952][T17919]  dump_stack_lvl+0xe8/0x140
[  720.389996][T17919]  dump_stack+0x15/0x1b
[  720.390012][T17919]  should_fail_ex+0x265/0x280
[  720.390032][T17919]  should_failslab+0x8c/0xb0
[  720.390057][T17919]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  720.390144][T17919]  ? __alloc_skb+0x101/0x320
[  720.390194][T17919]  __alloc_skb+0x101/0x320
[  720.390223][T17919]  alloc_skb_with_frags+0x7d/0x470
[  720.390288][T17919]  ? selinux_file_open+0x2df/0x330
[  720.390408][T17919]  sock_alloc_send_pskb+0x430/0x4e0
[  720.390429][T17919]  ? mntput+0x4b/0x80
[  720.390446][T17919]  tun_get_user+0x9b3/0x26e0
[  720.390514][T17919]  ? ref_tracker_alloc+0x1f2/0x2f0
[  720.390555][T17919]  ? selinux_file_permission+0x2f0/0x320
[  720.390642][T17919]  tun_chr_write_iter+0x15e/0x210
[  720.390674][T17919]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  720.390705][T17919]  vfs_write+0x52a/0x960
[  720.390747][T17919]  ksys_write+0xda/0x1a0
[  720.390783][T17919]  __x64_sys_write+0x40/0x50
[  720.390810][T17919]  x64_sys_call+0x2802/0x3000
[  720.390841][T17919]  do_syscall_64+0xd2/0x200
[  720.390859][T17919]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  720.390887][T17919]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  720.390928][T17919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.390948][T17919] RIP: 0033:0x7f6553eeda7f
[  720.390983][T17919] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  720.391002][T17919] RSP: 002b:00007f6552957000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  720.391023][T17919] RAX: ffffffffffffffda RBX: 00007f6554145fa0 RCX: 00007f6553eeda7f
[  720.391104][T17919] RDX: 0000000000000d81 RSI: 0000200000002c00 RDI: 00000000000000c8
[  720.391183][T17919] RBP: 00007f6552957090 R08: 0000000000000000 R09: 0000000000000000
[  720.391195][T17919] R10: 0000000000000d81 R11: 0000000000000293 R12: 0000000000000001
[  720.391207][T17919] R13: 00007f6554146038 R14: 00007f6554145fa0 R15: 00007ffc106bffa8
[  720.391289][T17919]  </TASK>
[  720.690728][T17941] 9pnet_fd: Insufficient options for proto=fd
[  720.712604][T17951] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  720.720563][T17951] tipc: Disabling bearer <eth:syzkaller0>
[  720.759021][T17957] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  720.789599][T17961] FAULT_INJECTION: forcing a failure.
[  720.789599][T17961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.802768][T17961] CPU: 0 UID: 0 PID: 17961 Comm: syz.0.10531 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  720.802798][T17961] Tainted: [W]=WARN
[  720.802804][T17961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  720.802815][T17961] Call Trace:
[  720.802821][T17961]  <TASK>
[  720.802828][T17961]  __dump_stack+0x1d/0x30
[  720.802848][T17961]  dump_stack_lvl+0xe8/0x140
[  720.802938][T17961]  dump_stack+0x15/0x1b
[  720.802958][T17961]  should_fail_ex+0x265/0x280
[  720.802981][T17961]  should_fail+0xb/0x20
[  720.803073][T17961]  should_fail_usercopy+0x1a/0x20
[  720.803096][T17961]  _copy_from_user+0x1c/0xb0
[  720.803123][T17961]  ___sys_sendmsg+0xc1/0x1d0
[  720.803156][T17961]  __sys_sendmmsg+0x178/0x300
[  720.803198][T17961]  __x64_sys_sendmmsg+0x57/0x70
[  720.803217][T17961]  x64_sys_call+0x1c4a/0x3000
[  720.803244][T17961]  do_syscall_64+0xd2/0x200
[  720.803316][T17961]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  720.803343][T17961]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  720.803372][T17961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.803436][T17961] RIP: 0033:0x7fd72ac7efc9
[  720.803452][T17961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.803521][T17961] RSP: 002b:00007fd7296df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  720.803542][T17961] RAX: ffffffffffffffda RBX: 00007fd72aed5fa0 RCX: 00007fd72ac7efc9
[  720.803556][T17961] RDX: 0000000000000001 RSI: 0000200000000580 RDI: 0000000000000003
[  720.803591][T17961] RBP: 00007fd7296df090 R08: 0000000000000000 R09: 0000000000000000
[  720.803603][T17961] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[  720.803619][T17961] R13: 00007fd72aed6038 R14: 00007fd72aed5fa0 R15: 00007ffd0472b1e8
[  720.803640][T17961]  </TASK>
[  720.808422][T17963] netlink: 'syz.1.10530': attribute type 10 has an invalid length.
[  720.809702][T17964] FAULT_INJECTION: forcing a failure.
[  720.809702][T17964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.819975][T17963] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10530'.
[  720.823836][T17964] CPU: 1 UID: 0 PID: 17964 Comm: syz.2.10532 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  720.823936][T17964] Tainted: [W]=WARN
[  720.823983][T17964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  720.823996][T17964] Call Trace:
[  720.824004][T17964]  <TASK>
[  720.824014][T17964]  __dump_stack+0x1d/0x30
[  720.824037][T17964]  dump_stack_lvl+0xe8/0x140
[  720.824059][T17964]  dump_stack+0x15/0x1b
[  720.824078][T17964]  should_fail_ex+0x265/0x280
[  720.824112][T17964]  should_fail+0xb/0x20
[  720.824129][T17964]  should_fail_usercopy+0x1a/0x20
[  720.824151][T17964]  _copy_from_user+0x1c/0xb0
[  720.824178][T17964]  perf_copy_attr+0x145/0x610
[  720.824224][T17964]  __se_sys_perf_event_open+0x67/0x11c0
[  720.824253][T17964]  ? vfs_write+0x7e8/0x960
[  720.824279][T17964]  ? __rcu_read_unlock+0x4f/0x70
[  720.824314][T17964]  __x64_sys_perf_event_open+0x67/0x80
[  720.824416][T17964]  x64_sys_call+0x7bd/0x3000
[  720.824439][T17964]  do_syscall_64+0xd2/0x200
[  720.824460][T17964]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  720.824537][T17964]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  720.824570][T17964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.824593][T17964] RIP: 0033:0x7f40547befc9
[  720.824609][T17964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.824633][T17964] RSP: 002b:00007f405321f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  720.824654][T17964] RAX: ffffffffffffffda RBX: 00007f4054a15fa0 RCX: 00007f40547befc9
[  720.824667][T17964] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  720.824681][T17964] RBP: 00007f405321f090 R08: 0000000000000000 R09: 0000000000000000
[  720.824695][T17964] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  720.824708][T17964] R13: 00007f4054a16038 R14: 00007f4054a15fa0 R15: 00007fffb0e768a8
[  720.824727][T17964]  </TASK>
[  721.261654][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  721.261668][   T29] audit: type=1326 audit(2000000487.676:159800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.291825][   T29] audit: type=1326 audit(2000000487.676:159801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.315544][   T29] audit: type=1326 audit(2000000487.676:159802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.339379][   T29] audit: type=1326 audit(2000000487.676:159803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.363230][   T29] audit: type=1326 audit(2000000487.676:159804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.387071][   T29] audit: type=1326 audit(2000000487.686:159805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.410812][   T29] audit: type=1326 audit(2000000487.686:159806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd72ac7efc9 code=0x7ffc0000
[  721.434684][   T29] audit: type=1326 audit(2000000487.686:159807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd72ac80ee7 code=0x7ffc0000
[  721.458363][   T29] audit: type=1326 audit(2000000487.686:159808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fd72ac80e5c code=0x7ffc0000
[  721.482077][   T29] audit: type=1326 audit(2000000487.686:159809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17988 comm="syz.0.10538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fd72ac80d94 code=0x7ffc0000
[  721.541537][T18007] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  721.557309][T18007] tipc: Disabling bearer <eth:syzkaller0>
[  721.571069][T18005] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  721.636445][T18015] 9pnet_fd: Insufficient options for proto=fd
[  721.717363][T18038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10553'.
[  721.763638][T18011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.772844][T18011] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.786730][T18045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10554'.
[  722.153163][T18057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10557'.
[  722.296974][T18088] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  722.358167][T18090] FAULT_INJECTION: forcing a failure.
[  722.358167][T18090] name failslab, interval 1, probability 0, space 0, times 0
[  722.370999][T18090] CPU: 1 UID: 0 PID: 18090 Comm: syz.3.10560 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  722.371099][T18090] Tainted: [W]=WARN
[  722.371107][T18090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  722.371119][T18090] Call Trace:
[  722.371126][T18090]  <TASK>
[  722.371134][T18090]  __dump_stack+0x1d/0x30
[  722.371156][T18090]  dump_stack_lvl+0xe8/0x140
[  722.371178][T18090]  dump_stack+0x15/0x1b
[  722.371221][T18090]  should_fail_ex+0x265/0x280
[  722.371239][T18090]  should_failslab+0x8c/0xb0
[  722.371266][T18090]  kmem_cache_alloc_noprof+0x50/0x480
[  722.371371][T18090]  ? audit_log_start+0x342/0x720
[  722.371394][T18090]  audit_log_start+0x342/0x720
[  722.371415][T18090]  ? htab_map_hash+0x15f/0x1d0
[  722.371442][T18090]  audit_seccomp+0x48/0x100
[  722.371508][T18090]  ? __seccomp_filter+0x82d/0x1250
[  722.371611][T18090]  __seccomp_filter+0x83e/0x1250
[  722.371685][T18090]  ? sysvec_reschedule_ipi+0x4f/0x70
[  722.371717][T18090]  ? trace_reschedule_exit+0xd/0xc0
[  722.371742][T18090]  __secure_computing+0x82/0x150
[  722.371826][T18090]  syscall_trace_enter+0xcf/0x1e0
[  722.371860][T18090]  do_syscall_64+0xac/0x200
[  722.371905][T18090]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  722.372014][T18090]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  722.372051][T18090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.372070][T18090] RIP: 0033:0x7f6553eeefc9
[  722.372088][T18090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.372108][T18090] RSP: 002b:00007f6552957038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  722.372198][T18090] RAX: ffffffffffffffda RBX: 00007f6554145fa0 RCX: 00007f6553eeefc9
[  722.372213][T18090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000068
[  722.372227][T18090] RBP: 00007f6552957090 R08: 0000000000000000 R09: 0000000000000000
[  722.372241][T18090] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  722.372256][T18090] R13: 00007f6554146038 R14: 00007f6554145fa0 R15: 00007ffc106bffa8
[  722.372278][T18090]  </TASK>
[  723.803656][T18158] netlink: 'syz.0.10568': attribute type 10 has an invalid length.
[  723.811808][T18158] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10568'.
[  723.829344][T18113] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  724.147475][T18180] FAULT_INJECTION: forcing a failure.
[  724.147475][T18180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  724.160609][T18180] CPU: 1 UID: 0 PID: 18180 Comm: syz.0.10573 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  724.160644][T18180] Tainted: [W]=WARN
[  724.160652][T18180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  724.160666][T18180] Call Trace:
[  724.160674][T18180]  <TASK>
[  724.160682][T18180]  __dump_stack+0x1d/0x30
[  724.160748][T18180]  dump_stack_lvl+0xe8/0x140
[  724.160770][T18180]  dump_stack+0x15/0x1b
[  724.160820][T18180]  should_fail_ex+0x265/0x280
[  724.160842][T18180]  should_fail+0xb/0x20
[  724.160857][T18180]  should_fail_usercopy+0x1a/0x20
[  724.160877][T18180]  _copy_from_user+0x1c/0xb0
[  724.160904][T18180]  ___sys_sendmsg+0xc1/0x1d0
[  724.160990][T18180]  __x64_sys_sendmsg+0xd4/0x160
[  724.161014][T18180]  x64_sys_call+0x191e/0x3000
[  724.161039][T18180]  do_syscall_64+0xd2/0x200
[  724.161085][T18180]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  724.161115][T18180]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  724.161150][T18180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.161206][T18180] RIP: 0033:0x7fd72ac7efc9
[  724.161221][T18180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.161295][T18180] RSP: 002b:00007fd7296df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  724.161317][T18180] RAX: ffffffffffffffda RBX: 00007fd72aed5fa0 RCX: 00007fd72ac7efc9
[  724.161329][T18180] RDX: 0000000040008880 RSI: 0000200000000080 RDI: 0000000000000003
[  724.161421][T18180] RBP: 00007fd7296df090 R08: 0000000000000000 R09: 0000000000000000
[  724.161435][T18180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  724.161448][T18180] R13: 00007fd72aed6038 R14: 00007fd72aed5fa0 R15: 00007ffd0472b1e8
[  724.161472][T18180]  </TASK>
[  724.614115][T18254] 9pnet_fd: Insufficient options for proto=fd
[  724.926356][T18316] netlink: 'syz.1.10586': attribute type 8 has an invalid length.
[  724.934256][T18316] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10586'.
[  725.073161][T18346] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  725.081046][T18346] tipc: Disabling bearer <eth:syzkaller0>
[  725.344408][T18401] FAULT_INJECTION: forcing a failure.
[  725.344408][T18401] name failslab, interval 1, probability 0, space 0, times 0
[  725.357292][T18401] CPU: 0 UID: 0 PID: 18401 Comm: syz.2.10593 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  725.357362][T18401] Tainted: [W]=WARN
[  725.357366][T18401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  725.357374][T18401] Call Trace:
[  725.357377][T18401]  <TASK>
[  725.357382][T18401]  __dump_stack+0x1d/0x30
[  725.357397][T18401]  dump_stack_lvl+0xe8/0x140
[  725.357409][T18401]  dump_stack+0x15/0x1b
[  725.357419][T18401]  should_fail_ex+0x265/0x280
[  725.357432][T18401]  should_failslab+0x8c/0xb0
[  725.357504][T18401]  kmem_cache_alloc_noprof+0x50/0x480
[  725.357521][T18401]  ? prepare_creds+0x37/0x4c0
[  725.357551][T18401]  prepare_creds+0x37/0x4c0
[  725.357571][T18401]  __sys_setresuid+0x464/0x6d0
[  725.357585][T18401]  __x64_sys_setresuid+0x3f/0x50
[  725.357685][T18401]  x64_sys_call+0x2490/0x3000
[  725.357699][T18401]  do_syscall_64+0xd2/0x200
[  725.357721][T18401]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  725.357737][T18401]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  725.357771][T18401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.357783][T18401] RIP: 0033:0x7f40547befc9
[  725.357794][T18401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  725.357842][T18401] RSP: 002b:00007f405321f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075
[  725.357854][T18401] RAX: ffffffffffffffda RBX: 00007f4054a15fa0 RCX: 00007f40547befc9
[  725.357862][T18401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  725.357869][T18401] RBP: 00007f405321f090 R08: 0000000000000000 R09: 0000000000000000
[  725.357876][T18401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  725.357883][T18401] R13: 00007f4054a16038 R14: 00007f4054a15fa0 R15: 00007fffb0e768a8
[  725.357893][T18401]  </TASK>
[  725.546740][T18403] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10594'.
[  725.744722][   T52] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  725.755919][   T52] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  725.766572][   T52] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  725.778045][T17746] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  725.798934][T18431] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10597'.
[  725.815811][T18431] 8021q: adding VLAN 0 to HW filter on device bond7
[  725.831593][T17746] Bluetooth: hci0: Frame reassembly failed (-84)
[  725.885436][T18467] macvlan2: entered promiscuous mode
[  725.890819][T18467] macvlan2: entered allmulticast mode
[  725.897195][T18467] bond7: entered promiscuous mode
[  725.902464][T18467] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  725.910180][T18467] bond7: left promiscuous mode
[  726.599359][T18493] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  726.875415][T18495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  726.884432][T18495] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  727.011512][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  727.011527][   T29] audit: type=1326 audit(2000000493.436:159935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18498 comm="syz.1.10605" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5792f8efc9 code=0x0
[  727.170383][   T29] audit: type=1400 audit(2000000493.596:159936): avc:  denied  { create } for  pid=18516 comm="syz.3.10610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  727.176424][T18517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10610'.
[  727.190454][   T29] audit: type=1400 audit(2000000493.596:159937): avc:  denied  { connect } for  pid=18516 comm="syz.3.10610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  727.199387][T18517] netlink: 348 bytes leftover after parsing attributes in process `syz.3.10610'.
[  727.199409][T18517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10610'.
[  727.199420][T18517] netlink: 348 bytes leftover after parsing attributes in process `syz.3.10610'.
[  727.199662][T18517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10610'.
[  727.866979][T18540] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  727.873989][ T6563] Bluetooth: hci0: command 0x1003 tx timeout
[  727.880192][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  728.300799][T18556] FAULT_INJECTION: forcing a failure.
[  728.300799][T18556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  728.314000][T18556] CPU: 0 UID: 0 PID: 18556 Comm: syz.0.10618 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  728.314036][T18556] Tainted: [W]=WARN
[  728.314044][T18556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  728.314058][T18556] Call Trace:
[  728.314066][T18556]  <TASK>
[  728.314074][T18556]  __dump_stack+0x1d/0x30
[  728.314174][T18556]  dump_stack_lvl+0xe8/0x140
[  728.314197][T18556]  dump_stack+0x15/0x1b
[  728.314218][T18556]  should_fail_ex+0x265/0x280
[  728.314241][T18556]  should_fail+0xb/0x20
[  728.314259][T18556]  should_fail_usercopy+0x1a/0x20
[  728.314331][T18556]  _copy_to_user+0x20/0xa0
[  728.314360][T18556]  simple_read_from_buffer+0xb5/0x130
[  728.314442][T18556]  proc_fail_nth_read+0x10e/0x150
[  728.314478][T18556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  728.314572][T18556]  vfs_read+0x1a8/0x770
[  728.314598][T18556]  ? __cond_resched+0x4e/0x90
[  728.314628][T18556]  ksys_read+0xda/0x1a0
[  728.314655][T18556]  __x64_sys_read+0x40/0x50
[  728.314681][T18556]  x64_sys_call+0x27c0/0x3000
[  728.314761][T18556]  do_syscall_64+0xd2/0x200
[  728.314782][T18556]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  728.314892][T18556]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  728.314927][T18556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.314955][T18556] RIP: 0033:0x7fd72ac7d9dc
[  728.314972][T18556] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  728.314993][T18556] RSP: 002b:00007fd7296be030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  728.315016][T18556] RAX: ffffffffffffffda RBX: 00007fd72aed6090 RCX: 00007fd72ac7d9dc
[  728.315030][T18556] RDX: 000000000000000f RSI: 00007fd7296be0a0 RDI: 000000000000000c
[  728.315069][T18556] RBP: 00007fd7296be090 R08: 0000000000000000 R09: 0000000000000000
[  728.315083][T18556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.315098][T18556] R13: 00007fd72aed6128 R14: 00007fd72aed6090 R15: 00007ffd0472b1e8
[  728.315119][T18556]  </TASK>
[  728.520604][   T29] audit: type=1326 audit(2000000494.946:159938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.544510][   T29] audit: type=1326 audit(2000000494.946:159939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.578207][   T29] audit: type=1326 audit(2000000494.996:159940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.602078][   T29] audit: type=1326 audit(2000000494.996:159941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.625858][   T29] audit: type=1326 audit(2000000494.996:159942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.649713][   T29] audit: type=1326 audit(2000000494.996:159943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.673619][   T29] audit: type=1326 audit(2000000494.996:159944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18557 comm="syz.3.10619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6553eeefc9 code=0x7ffc0000
[  728.776187][T18571] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10620'.
[  728.816799][T18598] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10624'.
[  729.171942][T18615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  729.180535][T18615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  730.103798][T18667] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  730.113102][T18667] tipc: Disabling bearer <eth:syzkaller0>
[  730.168036][T18673] __nla_validate_parse: 1 callbacks suppressed
[  730.168052][T18673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10635'.
[  730.261838][T18681] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10637'.
[  730.612977][T18710] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10640'.
[  730.636017][T18735] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10642'.
[  730.645687][T18734] 9pnet_fd: Insufficient options for proto=fd
[  730.674786][T18735] 8021q: adding VLAN 0 to HW filter on device bond5
[  730.716572][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  730.783963][T18775] macvlan2: entered promiscuous mode
[  730.789299][T18775] macvlan2: entered allmulticast mode
[  730.796712][T18775] bond5: entered promiscuous mode
[  730.802195][T18775] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  730.810918][T18775] bond5: left promiscuous mode
[  730.861180][T18782] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  731.037875][T18794] FAULT_INJECTION: forcing a failure.
[  731.037875][T18794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  731.050974][T18794] CPU: 1 UID: 0 PID: 18794 Comm: syz.1.10649 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  731.051010][T18794] Tainted: [W]=WARN
[  731.051015][T18794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  731.051084][T18794] Call Trace:
[  731.051089][T18794]  <TASK>
[  731.051094][T18794]  __dump_stack+0x1d/0x30
[  731.051110][T18794]  dump_stack_lvl+0xe8/0x140
[  731.051122][T18794]  dump_stack+0x15/0x1b
[  731.051183][T18794]  should_fail_ex+0x265/0x280
[  731.051196][T18794]  should_fail+0xb/0x20
[  731.051205][T18794]  should_fail_usercopy+0x1a/0x20
[  731.051226][T18794]  _copy_from_user+0x1c/0xb0
[  731.051249][T18794]  io_register_mem_region+0x86/0x2d0
[  731.051318][T18794]  __se_sys_io_uring_register+0xc20/0xf30
[  731.051332][T18794]  ? fput+0x8f/0xc0
[  731.051343][T18794]  ? ksys_write+0x192/0x1a0
[  731.051358][T18794]  __x64_sys_io_uring_register+0x55/0x70
[  731.051441][T18794]  x64_sys_call+0x18a3/0x3000
[  731.051454][T18794]  do_syscall_64+0xd2/0x200
[  731.051494][T18794]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  731.051510][T18794]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  731.051527][T18794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.051589][T18794] RIP: 0033:0x7f5792f8efc9
[  731.051599][T18794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  731.051610][T18794] RSP: 002b:00007f57919ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  731.051622][T18794] RAX: ffffffffffffffda RBX: 00007f57931e5fa0 RCX: 00007f5792f8efc9
[  731.051630][T18794] RDX: 0000200000000380 RSI: 0000000000000022 RDI: 0000000000000003
[  731.051660][T18794] RBP: 00007f57919ef090 R08: 0000000000000000 R09: 0000000000000000
[  731.051668][T18794] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  731.051675][T18794] R13: 00007f57931e6038 R14: 00007f57931e5fa0 R15: 00007ffe916605d8
[  731.051731][T18794]  </TASK>
[  731.250702][T18792] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  731.270735][T18792] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  731.323494][T18801] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  731.398978][T18815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10654'.
[  732.291558][   T29] kauditd_printk_skb: 219 callbacks suppressed
[  732.291572][   T29] audit: type=1326 audit(2000000498.716:160164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18903 comm="syz.4.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  732.343340][   T29] audit: type=1326 audit(2000000498.716:160165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18903 comm="syz.4.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aa54befc9 code=0x7ffc0000
[  732.367191][   T29] audit: type=1326 audit(2000000498.746:160166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.391053][   T29] audit: type=1326 audit(2000000498.746:160167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.415024][   T29] audit: type=1326 audit(2000000498.746:160168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.438821][   T29] audit: type=1326 audit(2000000498.746:160169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.462713][   T29] audit: type=1326 audit(2000000498.746:160170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.486686][   T29] audit: type=1326 audit(2000000498.746:160171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.510580][   T29] audit: type=1326 audit(2000000498.756:160172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.534428][   T29] audit: type=1326 audit(2000000498.756:160173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18923 comm="syz.2.10662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f40547befc9 code=0x7ffc0000
[  732.597824][T18972] FAULT_INJECTION: forcing a failure.
[  732.597824][T18972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.610982][T18972] CPU: 0 UID: 0 PID: 18972 Comm: syz.4.10664 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  732.611017][T18972] Tainted: [W]=WARN
[  732.611023][T18972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  732.611101][T18972] Call Trace:
[  732.611108][T18972]  <TASK>
[  732.611156][T18972]  __dump_stack+0x1d/0x30
[  732.611182][T18972]  dump_stack_lvl+0xe8/0x140
[  732.611205][T18972]  dump_stack+0x15/0x1b
[  732.611222][T18972]  should_fail_ex+0x265/0x280
[  732.611257][T18972]  should_fail+0xb/0x20
[  732.611276][T18972]  should_fail_usercopy+0x1a/0x20
[  732.611303][T18972]  _copy_from_user+0x1c/0xb0
[  732.611332][T18972]  ___sys_sendmsg+0xc1/0x1d0
[  732.611365][T18972]  __x64_sys_sendmsg+0xd4/0x160
[  732.611416][T18972]  x64_sys_call+0x191e/0x3000
[  732.611523][T18972]  do_syscall_64+0xd2/0x200
[  732.611544][T18972]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  732.611570][T18972]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  732.611631][T18972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.611655][T18972] RIP: 0033:0x7f6aa54befc9
[  732.611672][T18972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.611692][T18972] RSP: 002b:00007f6aa3f1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  732.611780][T18972] RAX: ffffffffffffffda RBX: 00007f6aa5715fa0 RCX: 00007f6aa54befc9
[  732.611793][T18972] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  732.611805][T18972] RBP: 00007f6aa3f1f090 R08: 0000000000000000 R09: 0000000000000000
[  732.611818][T18972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.611830][T18972] R13: 00007f6aa5716038 R14: 00007f6aa5715fa0 R15: 00007ffc7c2a7698
[  732.611872][T18972]  </TASK>
[  732.794644][ T6984] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  732.910084][T19009] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  732.925592][T19009] tipc: Disabling bearer <eth:syzkaller0>
[  732.963818][T19013] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  733.002633][T19013] netlink: 'syz.0.10670': attribute type 10 has an invalid length.
[  733.010594][T19013] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10670'.
[  733.108299][T19036] netlink: 'syz.1.10674': attribute type 10 has an invalid length.
[  733.116384][T19036] netlink: 40 bytes leftover after parsing attributes in process `syz.1.10674'.
[  733.270996][T19041] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  733.377118][T19066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10676'.
[  733.393119][T19068] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10677'.
[  733.404362][T19068] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10677' sets config #0
[  733.415484][T19068] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.10677' sets config #1
[  733.443593][T19066] 8021q: adding VLAN 0 to HW filter on device bond5
[  733.512321][T19114] netlink: 'syz.2.10677': attribute type 4 has an invalid length.
[  733.534853][T19066] macvlan2: entered promiscuous mode
[  733.540308][T19066] macvlan2: entered allmulticast mode
[  733.547479][T19066] bond5: entered promiscuous mode
[  733.553017][T19066] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  733.561310][T19066] bond5: left promiscuous mode
[  733.688079][T19139] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  733.710090][T19143] netlink: 6 bytes leftover after parsing attributes in process `syz.2.10682'.
[  733.719457][T19143] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  733.758974][T19147] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.10683' sets config #0
[  733.769372][T19147] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.10683' sets config #1
[  733.897313][T16236] ==================================================================
[  733.905408][T16236] BUG: KCSAN: data-race in alloc_pid / copy_process
[  733.911996][T16236] 
[  733.914309][T16236] read-write to 0xffffffff8685ff78 of 4 bytes by task 16540 on cpu 1:
[  733.922441][T16236]  alloc_pid+0x539/0x720
[  733.926699][T16236]  copy_process+0xe25/0x2000
[  733.931305][T16236]  kernel_clone+0x16c/0x5c0
[  733.935890][T16236]  user_mode_thread+0x7d/0xb0
[  733.940564][T16236]  call_usermodehelper_exec_work+0x41/0x160
[  733.946443][T16236]  process_scheduled_works+0x4ce/0x9d0
[  733.951898][T16236]  worker_thread+0x582/0x770
[  733.956474][T16236]  kthread+0x489/0x510
[  733.960526][T16236]  ret_from_fork+0x122/0x1b0
[  733.965099][T16236]  ret_from_fork_asm+0x1a/0x30
[  733.969848][T16236] 
[  733.972153][T16236] read to 0xffffffff8685ff78 of 4 bytes by task 16236 on cpu 0:
[  733.979763][T16236]  copy_process+0x17fc/0x2000
[  733.984429][T16236]  kernel_clone+0x16c/0x5c0
[  733.988922][T16236]  user_mode_thread+0x7d/0xb0
[  733.993591][T16236]  call_usermodehelper_exec_work+0x41/0x160
[  733.999465][T16236]  process_scheduled_works+0x4ce/0x9d0
[  734.004918][T16236]  worker_thread+0x582/0x770
[  734.009489][T16236]  kthread+0x489/0x510
[  734.013545][T16236]  ret_from_fork+0x122/0x1b0
[  734.018118][T16236]  ret_from_fork_asm+0x1a/0x30
[  734.022866][T16236] 
[  734.025169][T16236] value changed: 0x80000131 -> 0x80000132
[  734.030870][T16236] 
[  734.033184][T16236] Reported by Kernel Concurrency Sanitizer on:
[  734.039333][T16236] CPU: 0 UID: 0 PID: 16236 Comm: kworker/u8:0 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  734.050881][T16236] Tainted: [W]=WARN
[  734.054668][T16236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  734.064709][T16236] Workqueue: events_unbound call_usermodehelper_exec_work
[  734.071816][T16236] ==================================================================
[  734.091763][T19147] netlink: 'syz.0.10683': attribute type 4 has an invalid length.