last executing test programs:

2.361651528s ago: executing program 2 (id=7458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000440)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000c00)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f911b51430437121dd9cf63abd44159eab9c28011a8928958aba1c149950f956c204b0b86a7a2b9bcf52354f41f065a8477309e4e93ca5f4ec3e203e888413486449b8bed05f38f1bb5c7a563a8abaa29c98e2124c98954e5a400de23d6b6fdbb702488be02b4f7dcfee4627189351584d7b5d69a2289a17eeb0a123814bd7a5d637a1d4720cb0aa43b44c02be5d57b9c98b9096047a982e18db545477725ba908abac9654ef58a363f4a1c605bca13a53001b287b48236bf022b1807906766baf4cf701c9d07be766fd7de47bc19019be353e28ebf6099df7ac6e7051509163d57d31344b34d8dc4c2cb86aa38330118be9815193424957f3696c2958ca42b2555d554ac36f2ace0bec6863345fc2a424bef43019d2d12b002d51c48aa76cea111326787a67b036dd755f16bde746cb8143f94ea458a83e558bf52fa9b649c7ddd324631031f20e986f57b466db62f0b2c959ff3272eac7647d1904074d35c6180dd4c6e43f2e03a82e07a6358dea898a0063a3429b5ff382a8708cd2f798adf58a4dd38013807144200a1de05b397263e1cd67f7a5e29a86edee5d8dc830b77026204027a0e7c87427e1fc3fe05e6d3d023cfcb", 0x1d4}], 0x1}, 0x0)

2.329585981s ago: executing program 2 (id=7460):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r2 = dup2(r1, r1)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x200000a, 0x1, 0x8})
ioctl$BLKTRACESETUP(r2, 0x1276, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setrlimit(0x0, &(0x7f0000000040)={0x4, 0x8})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000001040)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x0, 0x12, 0x600, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "0000000000000019b5115c2aee68d23a465cd431e150c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baeb8989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x2}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.187907685s ago: executing program 4 (id=7465):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=<r5=>r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r4}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="b396a78b5ee8aa107a523e3794b6d98cd8ec1a1ba8b6d36aeacc7322334dd8e203bfc267ff556415aa31233aebcf41bfb139336dc82b43d64b2e8a374cc1f648aec6316cc962ff0556be0ed12a365bd69d2a7b2641b51be44e82421d06e16861e8cf7b81cba0d1534fa767cfccc3a5a3f81a144605376bdabaa6cac15ddd38370cd24ad67a3c4a54fdc469c9445abba3fc02de92631866c89d59f2ceb2455d82e222e9040c7c071248b4fd55d5fe5315e4b87f5e6aaaccdf35e6ebe2af7314a381b58bef", @ANYRESDEC=r1, @ANYRES8=r4, @ANYRESOCT=r0, @ANYRES64, @ANYRES16=r5], 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x4000010)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r8}, 0x10)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
syz_emit_ethernet(0x0, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
io_setup(0x4, &(0x7f00000014c0)=<r11=>0x0)
r12 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r11, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xfffe, r12, 0x0}])
ioctl$SCSI_IOCTL_SEND_COMMAND(r12, 0x1, &(0x7f0000000680)={0x8f, 0x8, 0x3, "0fd7bb09cb72d286907abc424cf6218fa647fa27d4951daadc0ca559cf2101e82e44b0ab05fa4ed45c109f55f73e6a5ad31491089be1c80a26b1c14cfb20808e04d3c36767e3e597eb6daad2c7cd5b5a3bb229b9c424cc4ad70768558b49810f35c8741430f079ca291b46774aae082d5391b52d7aa624f2484a91fec765294513b61fee02bdc344ebc45b8b3e095a"})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000140)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "280991800000598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00000bc000030000000000ff0000e4bacae600", [0x4, 0x40000000000000]}})
socket$netlink(0x10, 0x3, 0x0)

1.926211881s ago: executing program 4 (id=7469):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000100)=ANY=[], 0x8)

1.72769206s ago: executing program 4 (id=7473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000007000000181200000917713a3591cca8ebc4d3a6c49e150c28f8e5d9e952f2e289824713e1b82ac33d73ed28a12156a1a4627ac4", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, 0x0, &(0x7f0000000000), 0x2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r5}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20)
openat$incfs(0xffffffffffffffff, &(0x7f0000000500)='.pending_reads\x00', 0x200, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b70300000000000185"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
rmdir(0x0)

1.72727928s ago: executing program 4 (id=7474):
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r3}, 0x10)
close(r0)

1.708782852s ago: executing program 4 (id=7475):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0xfc1d2000)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
symlink(&(0x7f0000000000)='.\x00', 0x0)
mmap(&(0x7f00003b3000/0x3000)=nil, 0x3000, 0x9, 0xc3072, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r4}, 0x38)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0xc, &(0x7f0000001ec0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="2beae97cead0bf6af1b7a488500edea3044617d44f3697d1a8a881c43a51a4d331bccc418c52bad70d8931fae2a10fd95647abb63e551e0e1c66b9b8b60b81df63a12faaeac9eb5f8516f4fcf556a50db464a9e46d906dc45431fb2a7a7ac89027c0cde4bc2abdd094d2555ac0fa6964b2e41f28e0f89d4dd3ad7a3ba5993cb8e3ca36737025f1ed609e82e153932115987e17f5fdb6f16fe539e5c6c5d997112b2244a6f9791eec05b07228277e4ccac7936bb6f76985f90898e1553a450d194affd74fb0f1af34c3b7eb57a7bd152992087ac0e68f85a37eabffda77d9a5736f18c168aebc0ff1a6d212d4615186c2d9a72d1888c832f71bf08c4cdfe65da4f11b16e875fa150e6cd78a3b95210032da78ed7b0e7c30a3d40cb1e6dc0bbdc53b69980cf6ad8a5a8f3ca1eed0bdecb66553745313a2090f2a317e8061f51544057f28d32faa9a9adb5e5ec29d464365d29dad484d7eac192e5757957481260f8be32b2a26c02c808268b6f0a70e4c41e10503e8f8b36862dbdbc30f0fbff38047fbfd4b5b62b62186c806b10c57a14fc91f606874ae8b4f69e95d09eb817837963afa763803bdc622c5df6b44f1152e99a423c3499f7b0b733f52f469f6313158d2e00e4163e4c5006c10f6a42af024f06d89b549a4c1db8e6f534855e11fb50280d532433b7d3eb8ce49c15d0bc25eb8480becb14f17e35b38670bbf2ab6043b577dad85f3a9d7e5703c41a3b39cc28c6cd1103d900cf4e425dcc4f731aea26f17583a645cc6d4f9eeee246083452d373caf66c62d3bcae233cd87cc1b540f3afc1bbaee123cbf38cb7701ce8ec83154ed6d2b82d74ceb8e45f4b8df183f6e4fbc1998190ce89dd0d3e0a7a352242a56a2b87a60be92d528042df1424ce17efeae47903bb28a76ec0cd6a5b11e994ac8f3b23ca07970d2874080bcbd8e3704f0f9ca4a31600e10655de65360908f2c9b3f1f6807a6c712f71eef5ae50d823cee6689dfee076f0fdec89a12eed25be41578fbc007dfb1b8727ba7b690e0e3d3ef26e1f9db3a9221791151a6dc77f6b7341976d3e835aa62779d940e9bf41dee80fcee0465cf3b1c93ce618f8a0bf57e97a60d74160becb170c7c67686b0cde7c264bb8202edc4cfabd07d83820c5b40abe9d83fcae900457ff8c965fd06f7b446f9a55d23d61ee19cf5082ed952dd2db76715a383200958b0c51756e82b32ba4d6bd5e22598e6b8c219808adae04a1ae63d37281449afbdaa81babdb261176093efafae28eb192111caf3fdae2f0346d172025a3245c2b5a76a8d379bc7639ec9f0c7e2e63a144c31e5031d0200f30aa19e4217c8dd793c68bcf25ad486a01a10c66a462833264a7bae0f9768324f6441f14e819257694beba1d8a9d1e253a3e013c45722bd003780792db40e312fadf34f8e55a86689fb0ad61b3d2854ae8cf22e90aed6a5fbcd275709d900b022b692a3c038a3e0dbaf5be6c2ca85bb3d4e5077b54fd8fbd0ed1d81be6aa177d5bd544c1a0526c3c8533ffe19d264a1c25dc1801c1b7a4728b813c9ba2671c064affd51e556ac3ab97a1a0400c7599056198434159b962cf8efc9ed06bb0a84eebf261e7c1372328ccbde9ede77bb8883ba323f789c85da1da9ac98a51a40f88f4f9c435676dc64b5fb55df51bf19023f3d43ed2df06c6e05fb811f6b5bc663f9b78c371b4aba3225a391269ee236426f42c7bb365b23b17b4a10496396acf9b0f7bdc841cb04ba084f4fa89f51e349b14d12888189341dcd5558c14789c86b2c1c97934f65d0939088780035ea42453620a6bd9abfb6b677ee59f02a7bcdb8804acc119797549eb7f2eb17b2eee682ed111d1b83af3f13f0ba77f6f8b19ce1a053c74c37bd2f89b34368c5374e4b844ac4e43546f540b9e5416590a5f54a5b59f6773753055125a9a056a8d7561b8eafe5acec554a26e8564d497b938ad34e0eeec092a92ca682de68b78f638d6bd76bb124e2a07e003701379c5b21608416c92fa40a7f4286851f9da275fea32037add54841a0794cfb4652f15d0d2b12f730f6a55890b11175c7b6c198755387f81d4623611941e2a0ebe8bc11b079c3815d567fffe44aa4d36e25cbca0616f8c45944e66d776ab61ddc191942a64d80e79083c014e2b3cef6d375c0e5f9e3502b09f60d5f75369fe4dfc16e7b1e38eb3550d8bfe8d4639d30f3e0ab4c4bfe016ed290113657bfca7be932a0faae1a2136e72f026c9d1606a95edb5c4fa0c993f08580668ba35a7b30c134bc967945807a313e14738bee5ccab5ef1880cece49f8e84c2507e62aaa4cf3d1f85f82d8063e4542896d25f92b0197b2330b451946109d5f6576e281277770fbe975f904044195bffd3ee8c742c88b4136b52e860246738aafc026f989ae3d33665c9c6f6484e7ab262d984db406756056f12467bb6810b42abbf326dd096590a3c75380d876b844649f758c736f6cca869a896c01463b9095f79b6925c27c1abe71e4460f8813f6873de354ce6c1931f86b02bf50c025d470ed044f22d3f154952c41bf4649e3952d29a92f68c58771e80c5d547b5a781794f644f714187a03290fe3f7f8b265905952025c7ad2cb38db404c9264d283f9b783f5d134d4ffb79ca3d86835bf0c1d14b6f074ed0bb83935f281bc8ab69bd7fbaf3341a5d3b90ee042fb9c86ca42b55dbc9e3bc9623fdfe9aa4e695bf44f625d0c1c650c1bbc0ea82bbce2fbe66364ab9d33110adbbbd9c121c344894f057af4433328802709f0d2dbab78e25c3debc203c6771f334f94dc3eb2b7fe136993977c78be360a54bedcea7cf7b6c956d047d3e79aa9bb721c200755bf584327dc27051e75c475a70826a8fb0d82ca75e09a143921ef45601e8fbc14057ebd5d5b3828b62f4f14be0a8e069614b680b6ca2d009e16c4e989b3ec0a7fc8b8649006f7476a8cd054ae4482988520d5d8b0f7177841e9cb823e46cd3026dbbc52f64cfdd1bdb87956ece47a828ecd7af555430e9a37c4c70749c09c968729943fb6197c89ec9058cdcd26b4532b6cf2db8f5ac0d012d07298b4645b2b41fd0a585b53ecb57b68b7b295dfd997c46f9f422351cefb23220f6bf7185e49f550d38067caef4ff7ae41cc0f776f3b6643bfba8d1aed80328ff235172170a0a9f571caa862f2a92e70c4130447f45e16b9f54455f201bd75a3c0cdbd87ca2203c2085329bc4629550e121ab75c911a0c5900ed03241a0fcc613d4fb6ddbe542ffe54f65525a1c10ec2d02d78c77b2b2c798a65688489d0766a36c47515fcb26e527dc735e18620277c1f2a7a2d7a408b583e71a9f4a66cd3ddfb3d1e34df0c048767116846efb2e266ab479cfcb7b2763563cf487e89e0258b259387e54f7c41de8d9fc9c63113e95998b95bdeecdd56cd7278d4e34226b95556e03eb63312a8a6c66af2235104c826e8ec9cdd733e2339af70e9b4a6ee11f53b82ea7120262a2942223cdbd5c4cc57f60e2294bc36b12b0fdf9d7b80e0c3e4bafa05446af0f7f1fa5b9289c920c2d863ab44f7646c3c2fbfb380061e90e4f7d303f2edf242c772ae44a7b3ff1d2282bf7ddc66b38704fea96bb7d459793a60eacdf3797d555e95a80667f8684d384c88474089b969cd115b91e1182967392ef51fc154052ee32b8cf4f90001028fac758a8351ff78aa241cd4987cb56dbbd13892469b34d000e39b664dd0f9c4e29853a34544dddb1a8752dcf1035a28d4d2ab0c652cb9ccb7f5f2c12b81a7401074a0e49e15ece690f85f436af6c7d029ae43226c48e96ca60e32037fcc2badb38aa90424c14eb9337e7f7761099c92ed93a826326a0d991adf8ba6bce68663a78b4b286665f3aef3a41e97664a760d89945e40cebf2a435f466ac6f91a056d701cb28820ba98955ceacc89b65359dcf0347017109f23a56a47881a076cbc99f99caa69e3cb85b6b166b4d19675ae223f31edb6953aafa9d7d87f1136a72450287c2cfa4462b4e4991e4f352154789bdd2b82a068b129635e3fdb04f4d3c157d8fd41fa67b5b21ce8d96fe2e6fabd76a5507a32124d73033bb2784590dfa50a7ccdebf0efd8b5402900d19e8a68e0c6251fe7098004990cd96f7ea80193c569eba5ff24d3e158e645415a5b46b4521daa463915f99ac85a380dc09425f017ee4c49d9be4fe78975c4e57fdbf82539fe8aaec7c83903ce53409a8fe8bd51bc7ff899da4523e91c84cf7eafd42545c7abefcc1ed30db6e1358d8044e75d985d6067224eba1fba9c8011d2be3fa93c41bec2c6fdf13e54cc413b2354bfad07572202d9200cf584de46df1ab772cfae5acd8f341e94db03f2b0e0f389f0ad6c3a7b7a3640104a527160d4e7b81d8db687e835e276323eae52abd59379e2beeb753a7340d7c798cd1e66931df35c0b1264a64fac0033e859f87a8e961e1795e617dff865cd5698c6d57801e51e301ae959e06b669ade696c2e14d5d1073997f3b51913ae6628923a6d671d350160c02bfaff97e1c5c179d90f3c12d136535b47b6e1c920d1bc66f913737e55e25810da5dd3c085db205a84b789585f4bcdacf2ea1b96de510d0c16dfe8db937681ec187a9151a4a64072ddb5d479c23fda55cc85d7208fb0bce9f99d722eecc4aede2468870fab44ba030827438f43d63d0bd4e9f4496ccb22b38d0dffbfba9bb6c9499945b5abff5376031ef8266bc0745856110258db5c85faceb1e555fe8bf03b2479c40fd9760fcf7596d1a73fadb1379324f804e86a97ecd743af96a21c303518c7656ee458e767bb7288ad1c38fac8c7ac5d42fa15e4ff6d10aae14268b48d44095711e61c6291486fac5080f655d73e3a815c9860df411d51c7332507288e0f8f9344964ecfd9bc9dcba6f939f5348283d2fcd9dc2c762cf5f71581b31d4e18bd5c314352e30ad9fc4e26f79a7237b6e5d9a0ac75caf810c4e18a2afed6358db8103b7ee7d211a622b8575a3c7814b182653750c87a22cbc3fa16d41e858ea8ea301e5aa4aa56b153d680ee81e99ef613b5d0e86a94a28d7eeb290e1fce6345d374a21034042681e04e994fa3590786c891df90f1233c9387ed76d53fe6ba1f0200cf77ae6a3cdb043f6699e6e9889984e0e65e9395ca6cf6a7a4657e57ed7851e6be02d9a8ebb9187fd3ea61c9378d3ac93e8ff04d6b450251a2648e08a923943b91618ff0e7f11ef09e6a331621c7bf838e52f667b503a94493089d840b5f266f63d3ca9f8e94c9265aac07c613034a02d41b5de79cf72230e9995544079828d37efd0cc4866fa6848e3398490365f8b6c2fe9aeba9df52fe344427b45c9096503f3b8bdf3727249ab2916395caeba6cbbfa2a77a0c7e0d3fed58bafca30fb01947fc1241533207d5cc4c2779cc4589b350ef170aa46925d22b624792c4fbc9d43aac08c4195a16d64b74dccbc04d616a52f41d401a0569bce110d08f7181171a3685d16300f26801b0b5af95b240f7228f7f339763d94e322c2b47c50ef020938c2b19979ef1af85eb7aa2892cd66c9b528a248c35f8b9d73a6fa02b13d0d2f0753ee26750893d29bc63d8e65ebb25ed16eee789bf99d773ef295a6f3a9a8bcf5c0561c5dc4bd4508341bad51730572b57ce6bb776d2445fc877dd3cdedb69b8e62c03c4a20f80d04c22941d0bb3f56bcd94e10b32961987c7f6e7258d0dbd0a9cde612c33198ca27f2a99fff39611f3e8a01bccfc88ee57bfb9baf1a5597eeb610d718037aa4ab438274dee7e26e2adf22429896d49291c57806976928aa1bbf7a3d321e4a0b84bc9c6d57e48a9", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
set_mempolicy(0x8006, 0x0, 0x5)
r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000280), 0xffffffffffffffff)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r7, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYRESDEC=r2, @ANYRESOCT=r5, @ANYRESHEX=r1, @ANYRES64=r4, @ANYRES64=r6, @ANYRES8=r1], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = epoll_create1(0x0)
r9 = timerfd_create(0x0, 0x0)
timerfd_settime(r9, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(r8, &(0x7f0000000240)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f00000001c0)={0x1})
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x642, &(0x7f0000000b40)="$eJzs3U1oG1ceAPD/SLZjO951sizLJrCsIYcEljh2Nmx299I0PTSHHgLNoZRSYmI7NVE+iB1o3EBt6KGFFkrptZRQKPTce8m9t1Joe+u5kJaS0kJbojKjUSLLkr9iSbbn94OR3rwZ6b2/Rk/zZsbPE0BhjaUPpYhDEQ8vJhGjDctGorZwLF/vwY93LqVTEtXq8z8kkeR59fWT/Hl/PjMYEV+cjfhLeXW587cXr0xVqjWvR5xYuHrjxPztxeNzV6cuz1yeuTZ58r+nTk/8b/LU5LbEuT9/3hcR77zxyn9mv6wcT+JMXOh/bTqa4tguYzEWD/MQG/P7IuJ0mmjxuew2eyCEQivn38f+iPhbjEY5m6sZjbm3e1o5oKOq5YgqUFDJZtt/2kGopz9Z9PMBu1a9H1A/tt/YcfCFDvdKuuf+07UDoNXx99XOjcRgdmw0/CBpODKqnds4sA3lp2X8fufwB+kUK85D/PJo6/RtQzntLC1HxN9bxZ9kdTuQRZrGX1pRjyQiJiJiIK/fM09Qh6Qh3YnzMGvZavyliDiTP6f5Z7dY/ljTfLfjB6CYsn1vuiNfShOP939p36Pe/4kW/Z+RFvuurej1/q99/6++vx/MzpGXmvph6ed2vvVb9jdnfPvWuffald/Y/0untPx6X7Ab7i9HHG6K/8002Lz/k8aftNj+6SoXz2ysjGe/+v5cu2W9jr96N+Joy+Ofx73SNLXG9ckTs3OVmYnaY8syPvv8pY/bld/r+NPtP9wm/obtX2p+XfqZ3NhgGZ+ev3u13bKReHmd+EvfDSS1482B7PGj4VenFhZuTkYMJM/lq9SesvyTa9elvk79PdL4jx1p3f5XfP+XV77PUP0ncwNuvHDlQbtljds/SWr1WG/7N1xMfljdYB3aSeOfXn/7r2r/ad67Gyzj5xdv/aPdsrW+/0NPEhgAAAAAAAAUUCm7BpuUxh+lS6Xx8dp42b/GcKlyfX7hX7PXb12bjjiW/T1kf6l+pXu0Np+k85P538PW5082zf87Ig5GxPvloWx+/NL1ynSvgwcAAAAAAAAAAAAAAAAAAIAdYn8+/r9+n+qfyrXx/0BBdPIGc8DOpv1DcWXtf9UtnoAiaLf/n+9yPYDu0/+H4tL+obi0fygu7R+KS/uH4tL+obi0fwAAAADYkw7+8943SUQs/X8om1ID+TIjgmBv619vhYHu1APovnKvKwD0zKNL/zr7UDjr9v9Tv+b/HLDz1QF6IGmVmXUOqms3/nsrXulwAgAAAAAAAAAAAAA66OihhvH/wyvH/29obACwa21i2N9yJ+sBdN8TDNgx1gd2Of/6H4pry8f4g9tbD6B3Wo7/b9C2ud9b75WbLQkAAAAAAAAAAAAAaGckm5LSeD4WeCRKpfHxiD9FxIHoT2bnKjMTEfHniPi63L8vnZ/sdaUBAAAAAAAAAAAAAAAAAABgj5m/vXhlqlKZudmY+G1Vzt5O1O+C2oWynopNviqS7n8sQxHR843SsURfQ04SsZRu+R1RsZvzsTOqkSV6/MMEAAAAAAAAAAAAAAAAAAAF1DD2uLXDH3a5RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQfY/v/78ykazKaU4cab+oKdHrGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3emPAAAA//+y+jZu")
umount2(&(0x7f00000002c0)='./file0\x00', 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x20040)

1.403693982s ago: executing program 1 (id=7481):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1004000)
statx(0xffffffffffffff9c, 0x0, 0x1000, 0x56159817211d7953, &(0x7f0000002500))
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r5}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@ptr={0x0, 0x0, 0x0, 0x2, 0x1}]}, {0x0, [0x2e, 0x5f, 0x0, 0x61]}}, &(0x7f0000000480)=""/122, 0x2a, 0x7a, 0x0, 0x9}, 0x28)

1.378514405s ago: executing program 2 (id=7482):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x503, 0x0, 0xfffffbfc, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)={0x24, r4, 0x1, 0x70bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x855}, 0x80)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x4000000, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0x6, 0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x7, 0x0, 0x1fc, 0x7000000, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x1, 0xffffffff, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x80002, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x6, 0x0, 0x0, 0x272, 0xb, 0xc, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0xe, 0x0, 0x2, 0xfffffffd, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xb9a, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x5e, 0x6, 0x8, 0x0, 0x0, 0x1, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffff, 0xffff8000, 0x0, 0xffffffff, 0x1, 0x0, 0x800009, 0x0, 0x0, 0x8, 0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x2000000, 0x100, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0xb6, 0x0, 0x1, 0x0, 0x7, 0x8, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x9, 0x1, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x2, 0x13, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0xaa, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x26c, 0x4, 0x7, 0x102, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff, 0x2, 0x3, 0x0, 0x19, 0x40000000}, 0x0, 0x100007f, 0x2}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0xc0)

1.160495396s ago: executing program 2 (id=7485):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000f00)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000300)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xa}, 0x50)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000400)={'wpan1\x00'})
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="300e", 0x2, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000000306010219000000000000000a0000010500010007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

1.111595351s ago: executing program 1 (id=7486):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f00000000c0)=r1}, 0x20)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x8000000)

1.089114583s ago: executing program 1 (id=7487):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x11, 0x10, 0x0, 0xffffffffffffff4c}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
timerfd_create(0x5, 0x81000)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0)

985.309053ms ago: executing program 1 (id=7490):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$igmp(0x2, 0x3, 0x2)
r2 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r2, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000440)=@l2tp6={0xa, 0x0, 0x8, @mcast1, 0x3, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000c00)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6f911b51430437121dd9cf63abd44159eab9c28011a8928958aba1c149950f956c204b0b86a7a2b9bcf52354f41f065a8477309e4e93ca5f4ec3e203e888413486449b8bed05f38f1bb5c7a563a8abaa29c98e2124c98954e5a400de23d6b6fdbb702488be02b4f7dcfee4627189351584d7b5d69a2289a17eeb0a123814bd7a5d637a1d4720cb0aa43b44c02be5d57b9c98b9096047a982e18db545477725ba908abac9654ef58a363f4a1c605bca13a53001b287b48236bf022b1807906766baf4cf701c9d07be766fd7de47bc19019be353e28ebf6099df7ac6e7051509163d57d31344b34d8dc4c2cb86aa38330118be9815193424957f3696c2958ca42b2555d554ac36f2ace0bec6863345fc2a424bef43019d2d12b002d51c48aa76cea111326787a67b036dd755f16bde746cb8143f94ea458a83e558bf52fa9b649c7ddd324631031f20e986f57b466db62f0b2c959ff3272eac7647d1904074d35c6180dd4c6e43f2e03a82e07a6358dea898a0063a3429b5ff382a8708cd2f798adf58a4dd38013807144200a1de05b397263e1cd67f7a5e29a86edee5d8dc830b77026204027a0e7c87427e1fc3fe05e6d3d023cfcb", 0x1d4}], 0x1}, 0x0)

950.420277ms ago: executing program 1 (id=7492):
syz_emit_ethernet(0x4a, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x8000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close(0x3)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x48)
pwrite64(r2, &(0x7f0000000100)='2', 0x1, 0x1fecd)
fallocate(0xffffffffffffffff, 0x0, 0x6, 0x2000402)

873.405184ms ago: executing program 1 (id=7494):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0xa, 0xb, 0x42, 0x3e, 0x42}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000140), &(0x7f0000000280)}, 0x20)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r2, &(0x7f00000019c0)=""/4097, 0x1001)

300.556561ms ago: executing program 3 (id=7503):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0xb, &(0x7f00000012c0)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10)
setresuid(0xee01, 0xee00, 0x0)

285.684652ms ago: executing program 0 (id=7504):
syz_emit_ethernet(0x4a, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x8000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close(0x3)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x48)
pwrite64(r2, &(0x7f0000000100)='2', 0x1, 0x1fecd)
fallocate(0xffffffffffffffff, 0x0, 0x6, 0x2000402)

244.474306ms ago: executing program 0 (id=7505):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

179.347102ms ago: executing program 3 (id=7506):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000840)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$kcm(0x10, 0x8e9012f534ea4825, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x1e1e, &(0x7f0000000280)={0x0, 0x86f7, 0x10100}, 0x0, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c"], 0x34c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x101}, 0x18)
r7 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000540)='.log\x00', 0x2ac042, 0x18)
syz_genetlink_get_family_id$batadv(&(0x7f0000000500), r7)
r8 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r8, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e008104df635e731a5bfcd942f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd4f6cfdfe756bc00d08e36655c00"})
ioctl$USBDEVFS_CONTROL(r8, 0xc0185500, &(0x7f00000006c0)={0x2, 0xf, 0x4, 0x1, 0x0, 0x5, 0x0})
syz_pidfd_open(0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x440c0}, 0x4040804)
setreuid(0x0, r9)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
stat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}, {&(0x7f00000009c0)=ANY=[@ANYBLOB="cc0200003100000425bd7000fddbdf25d2004b8090e985c10e41bc16c3afdfa48f5504b1be674defb8e523ca931fc47fca0761f089f12dee7390f97c1afc9919b1fe48e849ff8dfba904c78d93262ae3d33f0064ebf13671c70daa79cc0fe13e298fd364e11960d535c26097d135265e7942c4c5db720b1846c07b77ed5d954b166fd8b48c9e0f6ca471ddfcbb5f163f777786f7a3fbfa7733802ee8c4a951358fe78e1ef7f4dbe179e9502c3354b1cebef86cef6a5c32967a223845ba9396fced3f604240981e8f247067e1349e286bc6c8269ebede928867184559936b04001380000072f367e932248bbb5f84927c213d001b02bcf2d2bd5b90abb49e35b671d5cc9e8646e4ecaf6db0c14b26d2c061e2895d84e85ee2272e330857cf5816d5761dcdb9cbd0815823a9e2e08d59f3a8cac38f824e82d6a380359c14f0b327fd5004cfcb9ba79164d762baff997f2fd16507defa04591b820f92c60d5c85e8eab1cc5c87f6a6027e19ea6adec8a708b47f58365690e1f34b33cc001933f43099cbdb9dc2e741283e1400b300fc0000000000000000000000000000008b004180040037800c001496532832", @ANYRES32=r11, @ANYBLOB="040094807a026c57d2654d115e528c1459241cdf02597f14d35c3655073c5f407b4160b64e80e167c709d80d9da587820eeb0f3c363a773f519c2717597d2217f73d756a1e5262327a0d6705cffb6119d2df818584899aaf8d7b874dbb99330a6d2593829a3125c105c65840af5555000d003f0026e4b56b1866ada1d6000000ae69a5084963450371edc84dc99933e5f3798214db2bbd9046f0ccf707e29850c523bbf617b1d7ef1a551fb4d16bc02c3b80b31afd787c9d7b26e5ddbb196f76b5ae845fa547821e75e7ce9e57909e40c4879551d2f2238d4b261e66380a5ae73b551539b77a6588ca710abc8bcf5659e97a7c436980198477bba636c008a123467d4ebde947f09e3e18471413aacf4976b500"], 0x2cc}], 0x2, 0x0, 0x0, 0x20000001}, 0x0)

179.133723ms ago: executing program 0 (id=7507):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000b400000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000640)='net/fib_trie\x00')
close_range(r1, 0xffffffffffffffff, 0x0)

145.710996ms ago: executing program 0 (id=7508):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4, 0xf}}}, 0x24}}, 0x14000000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x400088c}, 0x4c040)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
socket$packet(0x11, 0x2, 0x300)
r2 = epoll_create1(0x0)
r3 = eventfd2(0x3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000b80)={0x60000012})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000180)={0x20000005})
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f00000001c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}})

109.36251ms ago: executing program 3 (id=7509):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000007000000181200000917713a3591cca8ebc4d3a6c49e150c28f8e5d9e952f2e289824713e1b82ac33d73ed28a12156a1a4627ac4", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, 0x0, &(0x7f0000000000), 0x2}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r5}, &(0x7f00000001c0), &(0x7f0000000200)}, 0x20)
openat$incfs(0xffffffffffffffff, &(0x7f0000000500)='.pending_reads\x00', 0x200, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b70300000000000185"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x18)
rmdir(0x0)

79.812112ms ago: executing program 3 (id=7510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000cc0))

79.214293ms ago: executing program 0 (id=7511):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x14}, 0x0, 0x0, 0x4, 0x1, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x8000000)

66.584063ms ago: executing program 3 (id=7512):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000280), &(0x7f0000000400)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB])

44.309135ms ago: executing program 3 (id=7513):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fchdir(0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000b8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYRES32=r2], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0x5, &(0x7f0000000240)={@broadcast, @empty, 0xfffb, "66c5aff8a7eb3af1f6cec2e7420000008c84aea31700", 0x96bd, 0x1000000, 0x7e, 0x6b}, 0x3c)

41.317716ms ago: executing program 2 (id=7514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x200, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x1570}, 0x1, 0x0, 0x0, 0x20000000}, 0xc800)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}, @TCA_CT_MARK={0x8, 0x10, 0x80000000}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000800)

19.611778ms ago: executing program 4 (id=7515):
r0 = socket(0x40000000015, 0x5, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000080), 0x4)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f00000001c0), 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
request_key(&(0x7f0000000300)='rxrpc\x00', &(0x7f0000000640)={'syz', 0x2}, &(0x7f0000000680)='syzkaller\x00', 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="600000000206010200000000000000000a0000050e0003006269746d61703a697000000005000400000000000900020073797a300000000018002f5805000300060000000c00018025fe12de640100fe050005000200000005000100060000005ef9916efc535e8c"], 0x60}}, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
bind$unix(r5, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0xa96)
r8 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r8, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x4, [0x0, 0x0, <r9=>0x0, 0x0]}, &(0x7f0000000380)=0x14)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000004c0)={0x8, 0x2bc0, 0x2, 0x1282, 0x9, 0x7, 0xfffffffc, 0x6, r9}, &(0x7f0000000500)=0x20)
accept(r5, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a58000000060a010400000000000000000a0000010900010073797a31000000002c0004802800018007000100637400001c0002800500030001000000080002400000001108000440000000150900020073797a32"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x80, &(0x7f0000000880), 0x6, 0x603, &(0x7f0000001200)="$eJzs3c9rHGUfAPDvzCZ5kzZv0768vLwtigEPLUi3SS1WvdjWgz0ULNiDiIeGJqmh2x80KdhaMAUPCgoiXkV68R/wLr17E0G9eRaqSEVBpSuzO9tuNrvpNs3uppnPByZ5nmdm93m+O3kyz8zkyQRQWJPZlzRid8Td00nERNO68aivnMy3u/Pr9TPZkkS1+tovSSR5WWP7JP++Pc+MRsQ3xyL+U1pd7+LVa+dmKtW6dyMOLJ2/dGDx6rX9C+dnzs6dnbswffD5Q4enXpg+NL0hcW7Pvx8/8eoTH7331nPz31b2J3EkTg2/MxstcWyUyZiMu3mIzeVDEXE4S7T5XB43DxXCjt61g/Up5T+PwxHxv5iIUi1XNxELHw60cUBPVUsRVaCgEv0fCqoxDmic23d3Hnyqx6OS/rl9tH4CtDr+ofq1kRitnRttu5M0nRnVr23s3ID6szr+vr7ns2yJFdch/ri3d4Y2oJ5Olm9ExP/bxZ/U2razFmkWf7qiHUlETEXESN6+lx+hDUlTuhfXYday3vjTiDiSf8/Kj62z/smWfL/jB6CYbh3ND+TLWe7+8S8bezTGP9Fm/DPe5ti1HoM+/nUe/zWO96O1a+RpyzgsG7OcbP+Ww60FP35w/JNO9TeP/7Ilq78xFuyH2zci9rTE/34WbD7+yeJP2uz/bJPTR7qr45Xvfj7ead2g46/ejNjb9vzn/qg0S61xf/LA/EJlbqr+tW0dX3395hed6h90/Nn+39Yh/qb9n7a+LvtMLnVZx5cnb57vtG78gfGnPyX5+eZIXvL2zNLS5emIkeREvklT+cG129LYpvEeWfz7nm7f/1f8/N9Y+T5jjV+ZXbj0+rk7ndatZ/833Uy+W+2yDZ1k8c8+eP+v6v9Z2cdd1vH7G1ee7LRurfjHHiUwAAAAAAAAKKC0dg82Scv30mlaLtfny/43tqWVi4tLz8xfvHJhNmJf7e8hh9PGne6Jej7J8tP538M28gdb8s9GxK6I+LQ0VsuXz1yszA46eAAAAAAAAAAAAAAAAAAAANgktufz/xvPqf6tVJ//DxRELx8wB2xu+j8UV63/r3rEE1AEjv9QXPo/FJf+D8Wl/0Nx6f9QXPo/FJf+D8Wl/wMAAADAlrTrqVs/JBGx/OJYbcmM5OvMCIKtbXjQDQAGptTVVkYCsBXdu/Wvi0PhdDX+/zP/54C9bw4wAEm7wtrgoLp257/V9pUAAAAAAAAAAAAAQA/s3d15/r+5wbC1mfYHxdXd/P+NfimwGfjX/1BczvGBB83iH+20wvx/AAAAAAAAAAAAAOib8dqSpOV8LvB4pGm5HPHviNgZw8n8QmVuKiJ2RMT3peF/ZfnpQTcaAAAAAAAAAAAAAAAAAAAAtpjFq9fOzVQqc5ebE3+tKtnaicZTUPtQ10vxkK+KpP8fy1hEDHyn9Cwx1FSSRCxne35TNOzyYmyOZtQSA/7FBAAAAAAAAAAAAAAAAAAABdQ097i9PZ/3uUUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0H/3n//fu8SgYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHk//BAAA//+fsUA2")

16.281268ms ago: executing program 2 (id=7516):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)

0s ago: executing program 0 (id=7517):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='mm_page_free\x00', r0, 0x0, 0xfffffffff7fffffc}, 0xc)
r1 = socket$kcm(0x10, 0x2, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8994, &(0x7f0000001f40)='lo:\x96o8\x14d\xa1\xe3\xd7\\b}\x1f\xa1Y\xad4\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\xf5\a\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xbaUn\x04\'5\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\x06\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\r\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xbf\xe3?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\fr\xf1\xec\xd9CD\x80\xb4^\x8cw;\x87\xea\x8c\x8bJ\x9a\x0ej\x8f\x8e^\xe6\xa6\xaa\x910\fD\xabFU\xa0D;\xd6\xd1\xeer\x9d\x02\xd9\xf7d`\xbfv\x15.\xe4\x82|)K\x99\x98&?\xcd\xe5\xa8\xba~$;g\t\x02\x84+\x90\xab\x816$/\x92\"\xef\xf7\x18\xfaE\xfe\xf7\n\xb2\x7fC\xbb\xbdg#F\n\vu\xe2\xe9\b\xa2\xf1\x94Fb\x92\xc9\xddP\xf0m35+\xdd\xac3\x00\xdd\xfb\b\xc0\x95\xe8\xa5\xec\x9e\xbfA\x7f\xff\xb8\xe2\xe2HNy$\xd4\xc6\x9dd\t\xf6\xed\x10\x15%\r\x1aD\f>\xdcZ\xb9\xd7Z\x88\x9b\xdff[\x90\xfa\x9a{b\xf4Dq')
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x4208, r2)
ptrace$peekuser(0x3, r2, 0x9)
r3 = open(&(0x7f0000000140)='./file1\x00', 0x64842, 0x21)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, 0x0, 0x0)
unshare(0x20040400)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x41, &(0x7f00000004c0)=ANY=[])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket(0x2, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, 0x0, &(0x7f00000007c0))
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r7, 0x84, 0x7d, &(0x7f00000001c0)="9869e874026a7f29ae9c297680e06e5311c26fe7ecef698a61cdd1ee4c4ac8fb3d57cc1492", 0x25)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000240)='nv', 0x2)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000400)="89000000120081ae08060cdc03a6000000000004000000006ee2ffca1b1f0000000004c00e72f750375ed08a563319bf9ed720000000d6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100002400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x8000)
unshare(0x6a040000)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f00000022c0)=@newchain={0x310, 0x64, 0x10, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfffc, 0x5}, {0x2, 0x7}, {0x3, 0xfff2}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @filter_kind_options=@f_u32={{0x8}, {0x24c, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x5a}, @TCA_U32_SEL={0x1e4, 0x5, {0x0, 0x6, 0xe9, 0x7, 0x6, 0xce4, 0x7, 0x101, [{0x67, 0x9, 0x29b5871e, 0x3a3}, {0x8, 0xfffffffd, 0x1, 0x3}, {0x5, 0x5, 0x0, 0x200}, {0x9, 0x8, 0x9, 0x3}, {0x2, 0x0, 0x0, 0x2}, {0x6, 0x1, 0x5, 0x5}, {0x1, 0x5, 0x6, 0x2}, {0xff, 0x0, 0x7, 0x8001}, {0x0, 0xa8a7, 0x3ff, 0xe}, {0x0, 0x7, 0x9be, 0x7}, {0x4, 0x9, 0x2, 0x1}, {0x606ad1ab, 0x800, 0x25, 0x3}, {0x8000, 0x7, 0x80000000, 0x7}, {0x10000, 0x2, 0x4f1, 0x2}, {0x7ff, 0x7, 0x3, 0x9}, {0x7f, 0x6, 0x400, 0xb}, {0x7, 0xfffffff5, 0x9, 0x4}, {0x7, 0xfffffb3e, 0x5, 0x6}, {0x0, 0x3, 0xb36, 0x9}, {0xffff, 0x1000, 0x5, 0x9}, {0xff, 0x80, 0x5}, {0x1, 0x0, 0x8, 0xf}, {0x6, 0x3, 0x40, 0x1ff}, {0x4, 0x2, 0x4, 0x8}, {0x2, 0x8, 0x3ff, 0x49}, {0x6, 0x1000, 0x5, 0x6}, {0x1ff, 0x4, 0x3, 0x9}, {0xffffffff, 0x200, 0x1, 0x80}, {0x2, 0x1d7, 0x6, 0x9}]}}, @TCA_U32_POLICE={0x40, 0x6, [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x7, 0x7fffffff, 0x31, 0x8, {0xa, 0x1, 0x100, 0x81, 0xff, 0x3}, {0xb, 0x1, 0x2, 0x5b6, 0x3, 0x1ff}, 0x7ff, 0x2, 0x8}}]}, @TCA_U32_CLASSID={0x8, 0x1, {0x7, 0x6}}, @TCA_U32_ACT={0x4}, @TCA_U32_DIVISOR={0x8, 0x4, 0x31}, @TCA_U32_FLAGS={0x4e, 0xb, 0x5}]}}, @TCA_CHAIN={0x8, 0xb, 0x5a0bf78c}, @filter_kind_options=@f_bpf={{0x8}, {0x68, 0x2, [@TCA_BPF_FLAGS={0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_FD={0x8, 0x6, r3}, @TCA_BPF_OPS={{0x6, 0x4, 0x6}, {0x34, 0x5, [{0xff, 0x13, 0x9, 0x9}, {0x3, 0x9, 0x1, 0x10001}, {0x6, 0xb, 0x5, 0xda}, {0x40, 0xd, 0xb, 0x1}, {0x800, 0xe7, 0x4, 0x6}, {0x3, 0xb9, 0x3}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_FLAGS_GEN={0x8}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x3}}, @TCA_RATE={0x6, 0x5, {0x8, 0x2a}}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x310}}, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)

kernel console output (not intermixed with test programs):

427043][T27730] CPU: 1 UID: 0 PID: 27730 Comm: syz.3.6426 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  420.427089][T27730] Tainted: [W]=WARN
[  420.427134][T27730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  420.427154][T27730] Call Trace:
[  420.427162][T27730]  <TASK>
[  420.427174][T27730]  __dump_stack+0x1d/0x30
[  420.427259][T27730]  dump_stack_lvl+0xe8/0x140
[  420.427287][T27730]  dump_stack+0x15/0x1b
[  420.427310][T27730]  should_fail_ex+0x265/0x280
[  420.427361][T27730]  should_fail+0xb/0x20
[  420.427501][T27730]  should_fail_usercopy+0x1a/0x20
[  420.427540][T27730]  _copy_from_user+0x1c/0xb0
[  420.427577][T27730]  autofs_dev_ioctl+0xdd/0x6a0
[  420.427629][T27730]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  420.427675][T27730]  __se_sys_ioctl+0xce/0x140
[  420.427737][T27730]  __x64_sys_ioctl+0x43/0x50
[  420.427777][T27730]  x64_sys_call+0x1816/0x3000
[  420.427809][T27730]  do_syscall_64+0xd2/0x200
[  420.427897][T27730]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  420.427936][T27730]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  420.427977][T27730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.428083][T27730] RIP: 0033:0x7fcaa421efc9
[  420.428105][T27730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.428131][T27730] RSP: 002b:00007fcaa2c87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  420.428158][T27730] RAX: ffffffffffffffda RBX: 00007fcaa4475fa0 RCX: 00007fcaa421efc9
[  420.428177][T27730] RDX: 0000200000000440 RSI: 00000000c018937e RDI: 0000000000000004
[  420.428194][T27730] RBP: 00007fcaa2c87090 R08: 0000000000000000 R09: 0000000000000000
[  420.428212][T27730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.428251][T27730] R13: 00007fcaa4476038 R14: 00007fcaa4475fa0 R15: 00007ffd93fac1b8
[  420.428282][T27730]  </TASK>
[  420.575591][T27738] macvlan1: entered promiscuous mode
[  420.673615][T27738] ipvlan0: entered promiscuous mode
[  420.697803][T27738] ipvlan0: left promiscuous mode
[  420.703163][T27738] macvlan1: left promiscuous mode
[  420.738363][T27751] siw: device registration error -23
[  420.789660][T27755] usb usb1: check_ctrlrecip: process 27755 (syz.4.6437) requesting ep 01 but needs 81
[  420.800676][T27755] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  420.814494][T27755] netlink: '+}[@': attribute type 1 has an invalid length.
[  420.915477][T27760] siw: device registration error -23
[  420.974751][T27784] hsr_slave_0: left promiscuous mode
[  420.982981][T27784] hsr_slave_1: left promiscuous mode
[  421.043567][T14368] Bluetooth: hci0: Frame reassembly failed (-84)
[  421.084373][T27789] FAULT_INJECTION: forcing a failure.
[  421.084373][T27789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.097911][T27789] CPU: 1 UID: 0 PID: 27789 Comm: syz.0.6447 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  421.097953][T27789] Tainted: [W]=WARN
[  421.097963][T27789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  421.098052][T27789] Call Trace:
[  421.098062][T27789]  <TASK>
[  421.098072][T27789]  __dump_stack+0x1d/0x30
[  421.098094][T27789]  dump_stack_lvl+0xe8/0x140
[  421.098185][T27789]  dump_stack+0x15/0x1b
[  421.098207][T27789]  should_fail_ex+0x265/0x280
[  421.098309][T27789]  should_fail+0xb/0x20
[  421.098351][T27789]  should_fail_usercopy+0x1a/0x20
[  421.098380][T27789]  strncpy_from_user+0x25/0x230
[  421.098520][T27789]  ? trace_event_buffer_commit+0x196/0x5c0
[  421.098572][T27789]  strncpy_from_user_nofault+0x68/0xf0
[  421.098611][T27789]  bpf_bprintf_prepare+0x888/0xd20
[  421.098649][T27789]  ? bpf_trace_run2+0xf5/0x1c0
[  421.098758][T27789]  bpf_trace_printk+0x84/0x1c0
[  421.098826][T27789]  ? trie_delete_elem+0x5d/0x5b0
[  421.098848][T27789]  ? bpf_trace_run2+0xf5/0x1c0
[  421.098878][T27789]  ? bpf_trace_run2+0x124/0x1c0
[  421.098968][T27789]  bpf_prog_930ede9872f2967c+0x3e/0x44
[  421.098985][T27789]  bpf_trace_run2+0x107/0x1c0
[  421.099017][T27789]  ? __sys_setsockopt+0x18e/0x200
[  421.099056][T27789]  ? __sys_setsockopt+0x18e/0x200
[  421.099136][T27789]  __traceiter_kfree+0x2e/0x50
[  421.099158][T27789]  ? __sys_setsockopt+0x18e/0x200
[  421.099227][T27789]  kfree+0x351/0x400
[  421.099258][T27789]  __sys_setsockopt+0x18e/0x200
[  421.099298][T27789]  __x64_sys_setsockopt+0x64/0x80
[  421.099337][T27789]  x64_sys_call+0x20ec/0x3000
[  421.099416][T27789]  do_syscall_64+0xd2/0x200
[  421.099442][T27789]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  421.099470][T27789]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  421.099502][T27789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.099578][T27789] RIP: 0033:0x7fc419e8efc9
[  421.099593][T27789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.099612][T27789] RSP: 002b:00007fc4188ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  421.099634][T27789] RAX: ffffffffffffffda RBX: 00007fc41a0e5fa0 RCX: 00007fc419e8efc9
[  421.099697][T27789] RDX: 0000000000000001 RSI: 0000000000000065 RDI: 0000000000000005
[  421.099791][T27789] RBP: 00007fc4188ef090 R08: 0000000000000000 R09: 0000000000000000
[  421.099808][T27789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.099824][T27789] R13: 00007fc41a0e6038 R14: 00007fc41a0e5fa0 R15: 00007ffdc9039858
[  421.099850][T27789]  </TASK>
[  421.539273][T27807] FAULT_INJECTION: forcing a failure.
[  421.539273][T27807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.553510][T27807] CPU: 0 UID: 0 PID: 27807 Comm: syz.4.6453 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  421.553559][T27807] Tainted: [W]=WARN
[  421.553567][T27807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  421.553581][T27807] Call Trace:
[  421.553589][T27807]  <TASK>
[  421.553598][T27807]  __dump_stack+0x1d/0x30
[  421.553622][T27807]  dump_stack_lvl+0xe8/0x140
[  421.553653][T27807]  dump_stack+0x15/0x1b
[  421.553670][T27807]  should_fail_ex+0x265/0x280
[  421.553708][T27807]  should_fail+0xb/0x20
[  421.553762][T27807]  should_fail_usercopy+0x1a/0x20
[  421.553793][T27807]  _copy_from_user+0x1c/0xb0
[  421.553821][T27807]  memdup_user+0x5e/0xd0
[  421.553871][T27807]  strndup_user+0x68/0xb0
[  421.553897][T27807]  perf_ioctl+0x58a/0x12e0
[  421.553944][T27807]  ? ioctl_has_perm+0x289/0x2a0
[  421.553981][T27807]  ? do_vfs_ioctl+0x866/0xe10
[  421.554002][T27807]  ? selinux_file_ioctl+0x308/0x3a0
[  421.554082][T27807]  ? __fget_files+0x184/0x1c0
[  421.554111][T27807]  ? __pfx_perf_ioctl+0x10/0x10
[  421.554137][T27807]  __se_sys_ioctl+0xce/0x140
[  421.554157][T27807]  __x64_sys_ioctl+0x43/0x50
[  421.554213][T27807]  x64_sys_call+0x1816/0x3000
[  421.554313][T27807]  do_syscall_64+0xd2/0x200
[  421.554340][T27807]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  421.554444][T27807]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  421.554472][T27807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.554498][T27807] RIP: 0033:0x7f4e22efefc9
[  421.554562][T27807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.554583][T27807] RSP: 002b:00007f4e21967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  421.554674][T27807] RAX: ffffffffffffffda RBX: 00007f4e23155fa0 RCX: 00007f4e22efefc9
[  421.554688][T27807] RDX: 0000200000000000 RSI: 0000000040082406 RDI: 0000000000000003
[  421.554701][T27807] RBP: 00007f4e21967090 R08: 0000000000000000 R09: 0000000000000000
[  421.554715][T27807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  421.554728][T27807] R13: 00007f4e23156038 R14: 00007f4e23155fa0 R15: 00007fff2f3350e8
[  421.554749][T27807]  </TASK>
[  421.559323][T27809] usb usb1: check_ctrlrecip: process 27809 (syz.0.6454) requesting ep 01 but needs 81
[  421.574504][T27810] siw: device registration error -23
[  421.582531][T27809] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  421.804282][T27809] netlink: '+}[@': attribute type 1 has an invalid length.
[  421.933679][T27826] ipvlan2: entered promiscuous mode
[  422.201212][T27855] siw: device registration error -23
[  422.474388][T27867] __nla_validate_parse: 16 callbacks suppressed
[  422.474406][T27867] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6477'.
[  422.501101][T27866] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6479'.
[  422.873242][T27903] netlink: 68 bytes leftover after parsing attributes in process `syz.3.6490'.
[  423.033738][T27931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6498'.
[  423.042770][T27931] validate_nla: 1 callbacks suppressed
[  423.042785][T27931] netlink: 'syz.1.6498': attribute type 30 has an invalid length.
[  423.081081][ T3679] Bluetooth: hci0: command 0x1003 tx timeout
[  423.087282][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  423.117667][T27945] netlink: 68 bytes leftover after parsing attributes in process `syz.3.6504'.
[  423.228640][T27965] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6514'.
[  423.295766][T27974] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6518'.
[  423.410890][T27990] FAULT_INJECTION: forcing a failure.
[  423.410890][T27990] name failslab, interval 1, probability 0, space 0, times 0
[  423.423811][T27990] CPU: 0 UID: 0 PID: 27990 Comm: syz.4.6525 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  423.423846][T27990] Tainted: [W]=WARN
[  423.423853][T27990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  423.423869][T27990] Call Trace:
[  423.423915][T27990]  <TASK>
[  423.423926][T27990]  __dump_stack+0x1d/0x30
[  423.423956][T27990]  dump_stack_lvl+0xe8/0x140
[  423.423993][T27990]  dump_stack+0x15/0x1b
[  423.424012][T27990]  should_fail_ex+0x265/0x280
[  423.424057][T27990]  should_failslab+0x8c/0xb0
[  423.424085][T27990]  __kmalloc_noprof+0xa5/0x570
[  423.424197][T27990]  ? unregister_netdevice_many_notify+0x596/0x1690
[  423.424239][T27990]  ? unlist_netdevice+0x2cc/0x320
[  423.424282][T27990]  unregister_netdevice_many_notify+0x596/0x1690
[  423.424399][T27990]  ? __queue_delayed_work+0x165/0x1e0
[  423.424431][T27990]  ? queue_delayed_work_on+0x106/0x170
[  423.424466][T27990]  unregister_netdevice_queue+0x1f5/0x220
[  423.424556][T27990]  __tun_detach+0x82c/0xb30
[  423.424600][T27990]  ? __pfx_tun_chr_close+0x10/0x10
[  423.424749][T27990]  tun_chr_close+0x5a/0x100
[  423.424802][T27990]  __fput+0x29b/0x650
[  423.424846][T27990]  fput_close_sync+0x6e/0x120
[  423.424933][T27990]  __x64_sys_close+0x56/0xf0
[  423.424965][T27990]  x64_sys_call+0x273c/0x3000
[  423.424995][T27990]  do_syscall_64+0xd2/0x200
[  423.425029][T27990]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  423.425111][T27990]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  423.425141][T27990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.425171][T27990] RIP: 0033:0x7f4e22efefc9
[  423.425191][T27990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  423.425295][T27990] RSP: 002b:00007f4e21967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  423.425320][T27990] RAX: ffffffffffffffda RBX: 00007f4e23155fa0 RCX: 00007f4e22efefc9
[  423.425337][T27990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  423.425354][T27990] RBP: 00007f4e21967090 R08: 0000000000000000 R09: 0000000000000000
[  423.425370][T27990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.425386][T27990] R13: 00007f4e23156038 R14: 00007f4e23155fa0 R15: 00007fff2f3350e8
[  423.425406][T27990]  </TASK>
[  423.677688][T27994] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  423.688237][T27994] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.725261][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  423.725277][   T29] audit: type=1400 audit(423.695:14232): avc:  denied  { bind } for  pid=27992 comm="syz.1.6527" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  423.752599][   T29] audit: type=1400 audit(423.695:14233): avc:  denied  { node_bind } for  pid=27992 comm="syz.1.6527" saddr=255.255.255.255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  423.787820][T27994] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  423.799031][T27994] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.817083][T28005] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6532'.
[  423.827640][T28006] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6533'.
[  423.868010][T27994] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  423.879486][T27994] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.947186][T27994] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  423.958704][T27994] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.018832][T28017] bridge0: port 2(batadv3) entered blocking state
[  424.025841][T28017] bridge0: port 2(batadv3) entered disabled state
[  424.041856][T28017] batadv3: entered allmulticast mode
[  424.066102][T28017] batadv3: entered promiscuous mode
[  424.105226][T14370] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  424.113605][T14370] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  424.141303][T14370] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  424.142139][   T29] audit: type=1326 audit(424.105:14234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.150152][T14370] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  424.199833][   T29] audit: type=1326 audit(424.155:14235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.224254][   T29] audit: type=1326 audit(424.155:14236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.248073][   T29] audit: type=1326 audit(424.155:14237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.261140][T14370] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  424.271517][   T29] audit: type=1326 audit(424.155:14238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.271627][   T29] audit: type=1326 audit(424.155:14239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.271747][   T29] audit: type=1326 audit(424.155:14240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.271790][   T29] audit: type=1326 audit(424.155:14241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28028 comm="syz.3.6543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaa421efc9 code=0x7ffc0000
[  424.376424][T14370] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  424.385683][T14370] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  424.394142][T14370] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.471223][T28039] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6548'.
[  424.521074][T14370] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  424.530626][T14370] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  424.708323][T28064] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=28064 comm=syz.3.6557
[  425.051353][T28078] lo speed is unknown, defaulting to 1000
[  425.699241][T28098] FAULT_INJECTION: forcing a failure.
[  425.699241][T28098] name failslab, interval 1, probability 0, space 0, times 0
[  425.712115][T28098] CPU: 1 UID: 0 PID: 28098 Comm: syz.1.6571 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  425.712190][T28098] Tainted: [W]=WARN
[  425.712199][T28098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  425.712217][T28098] Call Trace:
[  425.712225][T28098]  <TASK>
[  425.712236][T28098]  __dump_stack+0x1d/0x30
[  425.712264][T28098]  dump_stack_lvl+0xe8/0x140
[  425.712348][T28098]  dump_stack+0x15/0x1b
[  425.712365][T28098]  should_fail_ex+0x265/0x280
[  425.712420][T28098]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  425.712448][T28098]  should_failslab+0x8c/0xb0
[  425.712486][T28098]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  425.712529][T28098]  ? shmem_alloc_inode+0x34/0x50
[  425.712551][T28098]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  425.712576][T28098]  shmem_alloc_inode+0x34/0x50
[  425.712603][T28098]  alloc_inode+0x40/0x170
[  425.712629][T28098]  new_inode+0x1d/0xe0
[  425.712722][T28098]  shmem_get_inode+0x244/0x750
[  425.712779][T28098]  __shmem_file_setup+0x113/0x210
[  425.712838][T28098]  shmem_file_setup+0x3b/0x50
[  425.712873][T28098]  __se_sys_memfd_create+0x2c3/0x590
[  425.712898][T28098]  __x64_sys_memfd_create+0x31/0x40
[  425.712919][T28098]  x64_sys_call+0x2ac2/0x3000
[  425.713003][T28098]  do_syscall_64+0xd2/0x200
[  425.713101][T28098]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  425.713140][T28098]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  425.713165][T28098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.713252][T28098] RIP: 0033:0x7f661e1befc9
[  425.713269][T28098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.713288][T28098] RSP: 002b:00007f661cc1ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  425.713314][T28098] RAX: ffffffffffffffda RBX: 00000000000005ad RCX: 00007f661e1befc9
[  425.713328][T28098] RDX: 00007f661cc1eef0 RSI: 0000000000000000 RDI: 00007f661e242960
[  425.713341][T28098] RBP: 0000200000000180 R08: 00007f661cc1ebb7 R09: 00007f661cc1ee40
[  425.713354][T28098] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  425.713411][T28098] R13: 00007f661cc1eef0 R14: 00007f661cc1eeb0 R15: 0000200000001480
[  425.713450][T28098]  </TASK>
[  425.716304][T28100] netlink: 'syz.2.6572': attribute type 30 has an invalid length.
[  425.843883][T28105] bridge0: port 4(batadv2) entered blocking state
[  425.955935][T28105] bridge0: port 4(batadv2) entered disabled state
[  425.973032][T28105] batadv2: entered allmulticast mode
[  425.979296][T28105] batadv2: entered promiscuous mode
[  426.261483][T28131] netlink: 'syz.2.6586': attribute type 1 has an invalid length.
[  426.346232][T14390] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  426.353665][T28145] SELinux: failed to load policy
[  426.356025][T14390] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  426.393474][T28146] netlink: 'syz.2.6593': attribute type 30 has an invalid length.
[  426.524372][T28155] macvlan1: entered promiscuous mode
[  426.542728][T28155] ipvlan0: entered promiscuous mode
[  426.570810][T28155] ipvlan0: left promiscuous mode
[  426.587146][T28155] macvlan1: left promiscuous mode
[  426.808631][T28181] FAULT_INJECTION: forcing a failure.
[  426.808631][T28181] name failslab, interval 1, probability 0, space 0, times 0
[  426.821744][T28181] CPU: 1 UID: 0 PID: 28181 Comm: syz.3.6609 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  426.821787][T28181] Tainted: [W]=WARN
[  426.821795][T28181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  426.821811][T28181] Call Trace:
[  426.821818][T28181]  <TASK>
[  426.821827][T28181]  __dump_stack+0x1d/0x30
[  426.821922][T28181]  dump_stack_lvl+0xe8/0x140
[  426.821945][T28181]  dump_stack+0x15/0x1b
[  426.821961][T28181]  should_fail_ex+0x265/0x280
[  426.821997][T28181]  ? ip6_setup_cork+0x113/0x7a0
[  426.822030][T28181]  should_failslab+0x8c/0xb0
[  426.822131][T28181]  __kmalloc_cache_noprof+0x4c/0x4a0
[  426.822241][T28181]  ? sk_setup_caps+0x50d/0x560
[  426.822275][T28181]  ip6_setup_cork+0x113/0x7a0
[  426.822309][T28181]  ip6_make_skb+0xff/0x4a0
[  426.822398][T28181]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  426.822427][T28181]  udpv6_sendmsg+0x14d6/0x15b0
[  426.822449][T28181]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  426.822474][T28181]  ? __rcu_read_unlock+0x4f/0x70
[  426.822570][T28181]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  426.822590][T28181]  inet6_sendmsg+0xac/0xd0
[  426.822617][T28181]  __sock_sendmsg+0x8b/0x180
[  426.822640][T28181]  ____sys_sendmsg+0x345/0x4e0
[  426.822713][T28181]  ___sys_sendmsg+0x17b/0x1d0
[  426.822767][T28181]  __sys_sendmmsg+0x178/0x300
[  426.822816][T28181]  __x64_sys_sendmmsg+0x57/0x70
[  426.822915][T28181]  x64_sys_call+0x1c4a/0x3000
[  426.822939][T28181]  do_syscall_64+0xd2/0x200
[  426.823015][T28181]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  426.823051][T28181]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  426.823135][T28181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  426.823157][T28181] RIP: 0033:0x7fcaa421efc9
[  426.823174][T28181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  426.823194][T28181] RSP: 002b:00007fcaa2c87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  426.823214][T28181] RAX: ffffffffffffffda RBX: 00007fcaa4475fa0 RCX: 00007fcaa421efc9
[  426.823228][T28181] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[  426.823241][T28181] RBP: 00007fcaa2c87090 R08: 0000000000000000 R09: 0000000000000000
[  426.823313][T28181] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  426.823326][T28181] R13: 00007fcaa4476038 R14: 00007fcaa4475fa0 R15: 00007ffd93fac1b8
[  426.823347][T28181]  </TASK>
[  427.079985][T28184] macvlan1: entered promiscuous mode
[  427.088020][T28184] ipvlan0: entered promiscuous mode
[  427.128866][T28188] SELinux: failed to load policy
[  427.166871][T28184] ipvlan0: left promiscuous mode
[  427.181238][T28184] macvlan1: left promiscuous mode
[  427.414090][T28226] FAULT_INJECTION: forcing a failure.
[  427.414090][T28226] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.428021][T28226] CPU: 0 UID: 0 PID: 28226 Comm: syz.1.6630 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  427.428062][T28226] Tainted: [W]=WARN
[  427.428070][T28226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  427.428131][T28226] Call Trace:
[  427.428139][T28226]  <TASK>
[  427.428147][T28226]  __dump_stack+0x1d/0x30
[  427.428169][T28226]  dump_stack_lvl+0xe8/0x140
[  427.428194][T28226]  dump_stack+0x15/0x1b
[  427.428215][T28226]  should_fail_ex+0x265/0x280
[  427.428297][T28226]  should_fail+0xb/0x20
[  427.428332][T28226]  should_fail_usercopy+0x1a/0x20
[  427.428361][T28226]  _copy_to_user+0x20/0xa0
[  427.428436][T28226]  simple_read_from_buffer+0xb5/0x130
[  427.428468][T28226]  proc_fail_nth_read+0x10e/0x150
[  427.428558][T28226]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  427.428587][T28226]  vfs_read+0x1a8/0x770
[  427.428612][T28226]  ? __rcu_read_unlock+0x4f/0x70
[  427.428644][T28226]  ? __fget_files+0x184/0x1c0
[  427.428739][T28226]  ksys_read+0xda/0x1a0
[  427.428766][T28226]  __x64_sys_read+0x40/0x50
[  427.428864][T28226]  x64_sys_call+0x27c0/0x3000
[  427.428890][T28226]  do_syscall_64+0xd2/0x200
[  427.428916][T28226]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  427.428955][T28226]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  427.428986][T28226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.429016][T28226] RIP: 0033:0x7f661e1bd9dc
[  427.429036][T28226] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  427.429141][T28226] RSP: 002b:00007f661cc1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  427.429166][T28226] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1bd9dc
[  427.429183][T28226] RDX: 000000000000000f RSI: 00007f661cc1f0a0 RDI: 0000000000000004
[  427.429199][T28226] RBP: 00007f661cc1f090 R08: 0000000000000000 R09: 0000000000000000
[  427.429216][T28226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  427.429231][T28226] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  427.429253][T28226]  </TASK>
[  428.056091][T28279] macvlan1: entered promiscuous mode
[  428.091167][T28279] ipvlan0: entered promiscuous mode
[  428.109619][T28279] ipvlan0: left promiscuous mode
[  428.121844][T28279] macvlan1: left promiscuous mode
[  428.215602][T28298] SELinux: failed to load policy
[  428.259743][T28308] __nla_validate_parse: 4 callbacks suppressed
[  428.259778][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.275398][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.284761][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.322088][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.331648][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.340897][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.356311][T28320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6665'.
[  428.373611][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.382950][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.392716][T28308] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6662'.
[  428.458227][T28331] macvlan1: entered promiscuous mode
[  428.465293][T28331] ipvlan0: entered promiscuous mode
[  428.471847][T28331] ipvlan0: left promiscuous mode
[  428.477603][T28331] macvlan1: left promiscuous mode
[  428.583954][T28351] bridge0: port 5(batadv4) entered blocking state
[  428.590545][T28351] bridge0: port 5(batadv4) entered disabled state
[  428.597358][T28351] batadv4: entered allmulticast mode
[  428.603690][T28351] batadv4: entered promiscuous mode
[  428.708626][T28369] netlink: 'syz.1.6688': attribute type 30 has an invalid length.
[  428.787883][T28377] usb usb1: check_ctrlrecip: process 28377 (syz.2.6692) requesting ep 01 but needs 81
[  428.798078][T28377] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  428.809114][T28377] netlink: '+}[@': attribute type 1 has an invalid length.
[  428.879778][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  428.879798][   T29] audit: type=1326 audit(428.845:14413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28386 comm="syz.2.6696" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffaf804efc9 code=0x0
[  429.079778][T28403] netlink: 'syz.3.6703': attribute type 30 has an invalid length.
[  429.090015][   T31] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  429.099504][   T31] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  429.272582][   T29] audit: type=1400 audit(429.245:14414): avc:  denied  { write } for  pid=28393 comm="syz.1.6699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  429.558911][T28425] lo speed is unknown, defaulting to 1000
[  429.559824][T28440] netlink: 'syz.0.6718': attribute type 30 has an invalid length.
[  429.581238][T14342] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  429.593449][T14342] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  429.609074][T14342] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  429.672703][   T31] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  430.074665][   T29] audit: type=1326 audit(430.045:14415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.099523][   T29] audit: type=1326 audit(430.045:14416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.122813][   T29] audit: type=1326 audit(430.045:14417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.147449][   T29] audit: type=1326 audit(430.045:14418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.171154][   T29] audit: type=1326 audit(430.045:14419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.194695][   T29] audit: type=1326 audit(430.045:14420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.218259][   T29] audit: type=1326 audit(430.045:14421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.241757][   T29] audit: type=1326 audit(430.045:14422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28448 comm="syz.0.6720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  430.381077][T28463] kernel profiling enabled (shift: 8)
[  430.392544][ T3400] IPVS: starting estimator thread 0...
[  430.487390][T28481] siw: device registration error -23
[  430.493107][T28468] IPVS: using max 2208 ests per chain, 110400 per kthread
[  431.004574][T28524] bridge0: port 5(batadv3) entered blocking state
[  431.011175][T28524] bridge0: port 5(batadv3) entered disabled state
[  431.061269][T28524] batadv3: entered allmulticast mode
[  431.077703][T28524] batadv3: entered promiscuous mode
[  431.097576][T28527] netlink: 'syz.3.6752': attribute type 30 has an invalid length.
[  431.491040][T14372] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  431.500670][T14372] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  431.566148][T28544] macvlan1: entered promiscuous mode
[  431.574947][T28544] ipvlan0: entered promiscuous mode
[  431.581250][T28544] ipvlan0: left promiscuous mode
[  431.587013][T28544] macvlan1: left promiscuous mode
[  431.848933][T28562] FAULT_INJECTION: forcing a failure.
[  431.848933][T28562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.862449][T28562] CPU: 1 UID: 0 PID: 28562 Comm: syz.1.6766 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  431.862541][T28562] Tainted: [W]=WARN
[  431.862551][T28562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  431.862569][T28562] Call Trace:
[  431.862579][T28562]  <TASK>
[  431.862590][T28562]  __dump_stack+0x1d/0x30
[  431.862620][T28562]  dump_stack_lvl+0xe8/0x140
[  431.862648][T28562]  dump_stack+0x15/0x1b
[  431.862670][T28562]  should_fail_ex+0x265/0x280
[  431.862718][T28562]  should_fail+0xb/0x20
[  431.862800][T28562]  should_fail_usercopy+0x1a/0x20
[  431.862829][T28562]  strncpy_from_user+0x25/0x230
[  431.862869][T28562]  ? avc_has_extended_perms+0x73d/0x940
[  431.862946][T28562]  strncpy_from_user_nofault+0x68/0xf0
[  431.862997][T28562]  bpf_probe_read_compat_str+0xb4/0x130
[  431.863040][T28562]  bpf_prog_95f2e3557e98b35e+0x3e/0x44
[  431.863061][T28562]  bpf_trace_run2+0x107/0x1c0
[  431.863150][T28562]  ? proc_ioctl+0x3a4/0x400
[  431.863194][T28562]  ? proc_ioctl+0x3a4/0x400
[  431.863225][T28562]  kfree+0x351/0x400
[  431.863307][T28562]  ? ioctl_has_perm+0x257/0x2a0
[  431.863349][T28562]  proc_ioctl+0x3a4/0x400
[  431.863383][T28562]  proc_ioctl_default+0x71/0xa0
[  431.863433][T28562]  usbdev_ioctl+0xe8b/0x1700
[  431.863469][T28562]  ? __pfx_usbdev_ioctl+0x10/0x10
[  431.863497][T28562]  __se_sys_ioctl+0xce/0x140
[  431.863542][T28562]  __x64_sys_ioctl+0x43/0x50
[  431.863568][T28562]  x64_sys_call+0x1816/0x3000
[  431.863597][T28562]  do_syscall_64+0xd2/0x200
[  431.863633][T28562]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  431.863723][T28562]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  431.863797][T28562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.863828][T28562] RIP: 0033:0x7f661e1befc9
[  431.863847][T28562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.863878][T28562] RSP: 002b:00007f661cc1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.863900][T28562] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1befc9
[  431.863913][T28562] RDX: 0000200000000200 RSI: 00000000c0105512 RDI: 0000000000000009
[  431.863940][T28562] RBP: 00007f661cc1f090 R08: 0000000000000000 R09: 0000000000000000
[  431.863957][T28562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.864010][T28562] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  431.864038][T28562]  </TASK>
[  432.316552][T28585] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1541 sclass=netlink_route_socket pid=28585 comm=syz.3.6774
[  432.519940][T28608] bridge0: port 6(batadv4) entered blocking state
[  432.527111][T28608] bridge0: port 6(batadv4) entered disabled state
[  432.535386][T28608] batadv4: entered allmulticast mode
[  432.541454][T28612] SELinux: failed to load policy
[  432.541824][T28608] batadv4: entered promiscuous mode
[  432.776726][T28648] SELinux: failed to load policy
[  432.828477][T28659] FAULT_INJECTION: forcing a failure.
[  432.828477][T28659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.842798][T28659] CPU: 1 UID: 0 PID: 28659 Comm: syz.1.6800 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  432.842874][T28659] Tainted: [W]=WARN
[  432.842883][T28659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  432.842898][T28659] Call Trace:
[  432.842906][T28659]  <TASK>
[  432.842960][T28659]  __dump_stack+0x1d/0x30
[  432.842988][T28659]  dump_stack_lvl+0xe8/0x140
[  432.843009][T28659]  dump_stack+0x15/0x1b
[  432.843026][T28659]  should_fail_ex+0x265/0x280
[  432.843066][T28659]  should_fail+0xb/0x20
[  432.843106][T28659]  should_fail_usercopy+0x1a/0x20
[  432.843130][T28659]  _copy_to_user+0x20/0xa0
[  432.843215][T28659]  simple_read_from_buffer+0xb5/0x130
[  432.843243][T28659]  proc_fail_nth_read+0x10e/0x150
[  432.843283][T28659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  432.843332][T28659]  vfs_read+0x1a8/0x770
[  432.843354][T28659]  ? __rcu_read_unlock+0x4f/0x70
[  432.843387][T28659]  ? __fget_files+0x184/0x1c0
[  432.843422][T28659]  ksys_read+0xda/0x1a0
[  432.843455][T28659]  __x64_sys_read+0x40/0x50
[  432.843486][T28659]  x64_sys_call+0x27c0/0x3000
[  432.843513][T28659]  do_syscall_64+0xd2/0x200
[  432.843539][T28659]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  432.843567][T28659]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  432.843609][T28659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.843632][T28659] RIP: 0033:0x7f661e1bd9dc
[  432.843648][T28659] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  432.843667][T28659] RSP: 002b:00007f661cc1f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  432.843704][T28659] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1bd9dc
[  432.843718][T28659] RDX: 000000000000000f RSI: 00007f661cc1f0a0 RDI: 0000000000000004
[  432.843731][T28659] RBP: 00007f661cc1f090 R08: 0000000000000000 R09: 0000000000000000
[  432.843743][T28659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.843758][T28659] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  432.843824][T28659]  </TASK>
[  432.905411][T28661] lo speed is unknown, defaulting to 1000
[  433.031431][   T52] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  433.076805][   T52] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  433.118710][T28673] FAULT_INJECTION: forcing a failure.
[  433.118710][T28673] name failslab, interval 1, probability 0, space 0, times 0
[  433.131716][T28673] CPU: 1 UID: 0 PID: 28673 Comm: syz.0.6804 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  433.131826][T28673] Tainted: [W]=WARN
[  433.131833][T28673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  433.131881][T28673] Call Trace:
[  433.131889][T28673]  <TASK>
[  433.131898][T28673]  __dump_stack+0x1d/0x30
[  433.131926][T28673]  dump_stack_lvl+0xe8/0x140
[  433.131951][T28673]  dump_stack+0x15/0x1b
[  433.131973][T28673]  should_fail_ex+0x265/0x280
[  433.132097][T28673]  should_failslab+0x8c/0xb0
[  433.132145][T28673]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  433.132224][T28673]  ? __alloc_skb+0x101/0x320
[  433.132313][T28673]  __alloc_skb+0x101/0x320
[  433.132347][T28673]  netlink_alloc_large_skb+0xbf/0xf0
[  433.132379][T28673]  netlink_sendmsg+0x3cf/0x6b0
[  433.132454][T28673]  ? __pfx_netlink_sendmsg+0x10/0x10
[  433.132566][T28673]  __sock_sendmsg+0x145/0x180
[  433.132595][T28673]  ____sys_sendmsg+0x31e/0x4e0
[  433.132635][T28673]  ___sys_sendmsg+0x17b/0x1d0
[  433.132693][T28673]  __x64_sys_sendmsg+0xd4/0x160
[  433.132799][T28673]  x64_sys_call+0x191e/0x3000
[  433.132826][T28673]  do_syscall_64+0xd2/0x200
[  433.132856][T28673]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  433.132937][T28673]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  433.132969][T28673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.132999][T28673] RIP: 0033:0x7fc419e8efc9
[  433.133019][T28673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.133044][T28673] RSP: 002b:00007fc4188ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  433.133084][T28673] RAX: ffffffffffffffda RBX: 00007fc41a0e5fa0 RCX: 00007fc419e8efc9
[  433.133101][T28673] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  433.133117][T28673] RBP: 00007fc4188ef090 R08: 0000000000000000 R09: 0000000000000000
[  433.133141][T28673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.133158][T28673] R13: 00007fc41a0e6038 R14: 00007fc41a0e5fa0 R15: 00007ffdc9039858
[  433.133184][T28673]  </TASK>
[  433.346882][T28677] __nla_validate_parse: 17 callbacks suppressed
[  433.346902][T28677] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6806'.
[  433.397716][T28683] bridge0: port 6(batadv5) entered blocking state
[  433.404750][T28683] bridge0: port 6(batadv5) entered disabled state
[  433.413146][T28683] batadv5: entered allmulticast mode
[  433.419262][T28683] batadv5: entered promiscuous mode
[  433.444342][T28686] IPv6: NLM_F_CREATE should be specified when creating new route
[  433.456644][T28686] syzkaller1: entered promiscuous mode
[  433.462484][T28686] syzkaller1: entered allmulticast mode
[  433.480053][T28689] SELinux: failed to load policy
[  433.529683][T28695] FAULT_INJECTION: forcing a failure.
[  433.529683][T28695] name failslab, interval 1, probability 0, space 0, times 0
[  433.543014][T28695] CPU: 0 UID: 0 PID: 28695 Comm: syz.3.6814 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  433.543055][T28695] Tainted: [W]=WARN
[  433.543063][T28695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  433.543082][T28695] Call Trace:
[  433.543089][T28695]  <TASK>
[  433.543099][T28695]  __dump_stack+0x1d/0x30
[  433.543191][T28695]  dump_stack_lvl+0xe8/0x140
[  433.543216][T28695]  dump_stack+0x15/0x1b
[  433.543238][T28695]  should_fail_ex+0x265/0x280
[  433.543280][T28695]  should_failslab+0x8c/0xb0
[  433.543396][T28695]  kmem_cache_alloc_noprof+0x50/0x480
[  433.543432][T28695]  ? alloc_empty_file+0x76/0x200
[  433.543469][T28695]  alloc_empty_file+0x76/0x200
[  433.543594][T28695]  alloc_file_pseudo+0xc6/0x160
[  433.543635][T28695]  __shmem_file_setup+0x1de/0x210
[  433.543683][T28695]  shmem_file_setup+0x3b/0x50
[  433.543726][T28695]  __se_sys_memfd_create+0x2c3/0x590
[  433.543757][T28695]  __x64_sys_memfd_create+0x31/0x40
[  433.543786][T28695]  x64_sys_call+0x2ac2/0x3000
[  433.543846][T28695]  do_syscall_64+0xd2/0x200
[  433.543876][T28695]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  433.543923][T28695]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  433.544017][T28695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.544047][T28695] RIP: 0033:0x7fcaa421efc9
[  433.544067][T28695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.544090][T28695] RSP: 002b:00007fcaa2c86d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  433.544160][T28695] RAX: ffffffffffffffda RBX: 000000000000105b RCX: 00007fcaa421efc9
[  433.544173][T28695] RDX: 00007fcaa2c86dec RSI: 0000000000000000 RDI: 00007fcaa42a2960
[  433.544188][T28695] RBP: 0000200000000000 R08: 00007fcaa2c86b07 R09: 0000000000000000
[  433.544204][T28695] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[  433.544219][T28695] R13: 00007fcaa2c86dec R14: 00007fcaa2c86df0 R15: 00007ffd93fac1b8
[  433.544242][T28695]  </TASK>
[  433.901206][T14350] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  433.910587][T14350] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  433.989702][T28727] macvlan1: entered promiscuous mode
[  433.998775][T28727] ipvlan0: entered promiscuous mode
[  434.005445][T28727] ipvlan0: left promiscuous mode
[  434.010731][T28727] macvlan1: left promiscuous mode
[  434.037333][T28731] bridge0: port 7(batadv5) entered blocking state
[  434.043974][T28731] bridge0: port 7(batadv5) entered disabled state
[  434.057742][   T29] kauditd_printk_skb: 281 callbacks suppressed
[  434.057806][   T29] audit: type=1400 audit(434.025:14704): avc:  denied  { create } for  pid=28729 comm="syz.1.6829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  434.091309][T28731] batadv5: entered allmulticast mode
[  434.097855][T28731] batadv5: entered promiscuous mode
[  434.109191][T28735] bridge0: port 7(batadv6) entered blocking state
[  434.115884][T28735] bridge0: port 7(batadv6) entered disabled state
[  434.131129][T28735] batadv6: entered allmulticast mode
[  434.137119][T28735] batadv6: entered promiscuous mode
[  434.164219][T28737] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6832'.
[  434.176176][   T29] audit: type=1400 audit(434.135:14705): avc:  denied  { ioctl } for  pid=28736 comm="syz.1.6832" path="socket:[81306]" dev="sockfs" ino=81306 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  434.212734][T28741] FAULT_INJECTION: forcing a failure.
[  434.212734][T28741] name failslab, interval 1, probability 0, space 0, times 0
[  434.226217][T28741] CPU: 0 UID: 0 PID: 28741 Comm: syz.2.6833 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  434.226259][T28741] Tainted: [W]=WARN
[  434.226309][T28741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  434.226330][T28741] Call Trace:
[  434.226338][T28741]  <TASK>
[  434.226346][T28741]  __dump_stack+0x1d/0x30
[  434.226429][T28741]  dump_stack_lvl+0xe8/0x140
[  434.226455][T28741]  dump_stack+0x15/0x1b
[  434.226477][T28741]  should_fail_ex+0x265/0x280
[  434.226540][T28741]  should_failslab+0x8c/0xb0
[  434.226570][T28741]  kmem_cache_alloc_noprof+0x50/0x480
[  434.226606][T28741]  ? alloc_empty_file+0x76/0x200
[  434.226715][T28741]  alloc_empty_file+0x76/0x200
[  434.226754][T28741]  path_openat+0x68/0x2170
[  434.226781][T28741]  ? _parse_integer_limit+0x170/0x190
[  434.226839][T28741]  ? _parse_integer+0x27/0x40
[  434.226920][T28741]  ? kstrtoull+0x111/0x140
[  434.226963][T28741]  ? kstrtouint+0x76/0xc0
[  434.227009][T28741]  do_filp_open+0x109/0x230
[  434.227050][T28741]  do_sys_openat2+0xa6/0x110
[  434.227114][T28741]  __x64_sys_creat+0x65/0x90
[  434.227141][T28741]  x64_sys_call+0x2da3/0x3000
[  434.227176][T28741]  do_syscall_64+0xd2/0x200
[  434.227209][T28741]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  434.227240][T28741]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  434.227304][T28741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.227329][T28741] RIP: 0033:0x7ffaf804efc9
[  434.227346][T28741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.227371][T28741] RSP: 002b:00007ffaf6ab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  434.227431][T28741] RAX: ffffffffffffffda RBX: 00007ffaf82a5fa0 RCX: 00007ffaf804efc9
[  434.227449][T28741] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000e00
[  434.227466][T28741] RBP: 00007ffaf6ab7090 R08: 0000000000000000 R09: 0000000000000000
[  434.227531][T28741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.227544][T28741] R13: 00007ffaf82a6038 R14: 00007ffaf82a5fa0 R15: 00007ffff7c9a238
[  434.227564][T28741]  </TASK>
[  434.462052][T28748] v: renamed from ip6_vti0 (while UP)
[  434.530311][T28754] siw: device registration error -23
[  434.541355][T14392] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  434.551086][T14392] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  434.579600][T28758] siw: device registration error -23
[  434.613913][T14392] batman_adv: batadv6: No IGMP Querier present - multicast optimizations disabled
[  434.623623][T14392] batman_adv: batadv6: No MLD Querier present - multicast optimizations disabled
[  434.748841][T28773] bridge0: port 8(batadv6) entered blocking state
[  434.755470][T28773] bridge0: port 8(batadv6) entered disabled state
[  434.762546][T28773] batadv6: entered allmulticast mode
[  434.768675][T28773] batadv6: entered promiscuous mode
[  434.890356][T28787] atomic_op ffff888110fb5528 conn xmit_atomic 0000000000000000
[  434.898340][   T29] audit: type=1400 audit(434.855:14706): avc:  denied  { write } for  pid=28785 comm="syz.3.6848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  434.922206][T28787] vlan2: entered allmulticast mode
[  434.927642][T28787] bridge_slave_0: entered allmulticast mode
[  435.018717][T28797] netlink: 532 bytes leftover after parsing attributes in process `syz.3.6853'.
[  435.029383][T28797] usb usb1: check_ctrlrecip: process 28797 (syz.3.6853) requesting ep 01 but needs 81
[  435.039366][T28797] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  435.047792][T28797] netlink: '+}[@': attribute type 1 has an invalid length.
[  435.055253][T28797] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  435.071895][T28799] bridge0: port 4(batadv2) entered blocking state
[  435.078599][T28799] bridge0: port 4(batadv2) entered disabled state
[  435.101922][T28799] batadv2: entered allmulticast mode
[  435.112522][T28799] batadv2: entered promiscuous mode
[  435.236101][T28801] xt_connbytes: Forcing CT accounting to be enabled
[  435.243554][T28801] set match dimension is over the limit!
[  435.251094][T14392] batman_adv: batadv6: No IGMP Querier present - multicast optimizations disabled
[  435.260646][T14392] batman_adv: batadv6: No MLD Querier present - multicast optimizations disabled
[  435.322951][   T29] audit: type=1326 audit(435.295:14707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28812 comm="syz.2.6859" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffaf804efc9 code=0x0
[  435.363923][T28815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6860'.
[  435.478323][T28824] netlink: 'GPL': attribute type 13 has an invalid length.
[  435.497882][T28829] bridge0: port 9(batadv7) entered blocking state
[  435.504752][T28829] bridge0: port 9(batadv7) entered disabled state
[  435.521801][T28829] batadv7: entered allmulticast mode
[  435.539675][T28829] batadv7: entered promiscuous mode
[  435.579610][   T52] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  435.589028][   T52] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  435.755296][   T52] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.764859][   T52] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.798374][   T52] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.808243][   T52] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.829356][T28844] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6873'.
[  435.841844][   T52] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.851369][   T52] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.866688][   T52] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  435.875883][   T52] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  435.904779][T28848] bridge0: port 4(batadv3) entered blocking state
[  435.911945][T28848] bridge0: port 4(batadv3) entered disabled state
[  435.935430][T28848] batadv3: entered allmulticast mode
[  435.963646][T28848] batadv3: entered promiscuous mode
[  435.971083][T14392] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  435.980534][T14392] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  436.421052][T14392] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  436.430345][T14392] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  436.602065][T28888] macvlan1: entered promiscuous mode
[  436.623788][T28888] ipvlan0: entered promiscuous mode
[  436.632535][T28888] ipvlan0: left promiscuous mode
[  436.637921][T28888] macvlan1: left promiscuous mode
[  436.671903][   T29] audit: type=1400 audit(436.645:14708): avc:  denied  { read } for  pid=28894 comm="syz.1.6887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  436.734030][T28899] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6889'.
[  436.755270][T28903] bridge0: port 10(batadv8) entered blocking state
[  436.762173][T28903] bridge0: port 10(batadv8) entered disabled state
[  436.779068][   T29] audit: type=1326 audit(436.735:14709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28898 comm="syz.2.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf804efc9 code=0x7ffc0000
[  436.802711][   T29] audit: type=1326 audit(436.735:14710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28898 comm="syz.2.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffaf804efc9 code=0x7ffc0000
[  436.826328][   T29] audit: type=1326 audit(436.735:14711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28898 comm="syz.2.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf804efc9 code=0x7ffc0000
[  436.840738][T28903] batadv8: entered allmulticast mode
[  436.849898][   T29] audit: type=1326 audit(436.735:14712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28898 comm="syz.2.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffaf804efc9 code=0x7ffc0000
[  436.855901][T28903] batadv8: entered promiscuous mode
[  436.879593][   T29] audit: type=1326 audit(436.735:14713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28898 comm="syz.2.6889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf804efc9 code=0x7ffc0000
[  436.935470][T28911] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  436.964383][T28911] SELinux: failed to load policy
[  437.007768][T28925] vlan2: entered allmulticast mode
[  437.020661][T28924] netlink: 532 bytes leftover after parsing attributes in process `syz.0.6899'.
[  437.073815][T28935] bridge0: port 5(batadv3) entered blocking state
[  437.080394][T28935] bridge0: port 5(batadv3) entered disabled state
[  437.093210][T28935] batadv3: entered allmulticast mode
[  437.099665][T28935] batadv3: entered promiscuous mode
[  437.126599][T28924] usb usb1: check_ctrlrecip: process 28924 (syz.0.6899) requesting ep 01 but needs 81
[  437.146268][T28924] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  437.148342][T28943] bridge0: port 8(batadv7) entered blocking state
[  437.160440][T28943] bridge0: port 8(batadv7) entered disabled state
[  437.163055][T28924] netlink: '+}[@': attribute type 1 has an invalid length.
[  437.167876][T28943] batadv7: entered allmulticast mode
[  437.174812][T28924] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  437.196178][T28943] batadv7: entered promiscuous mode
[  437.261130][T14372] batman_adv: batadv8: No IGMP Querier present - multicast optimizations disabled
[  437.270624][T14372] batman_adv: batadv8: No MLD Querier present - multicast optimizations disabled
[  437.303228][T28955] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  437.314626][T28955] SELinux: failed to load policy
[  437.456929][T28976] macvlan1: entered promiscuous mode
[  437.489527][T28976] ipvlan0: entered promiscuous mode
[  437.500184][T28976] ipvlan0: left promiscuous mode
[  437.507170][T28976] macvlan1: left promiscuous mode
[  437.529233][T28984] bridge0: port 9(batadv8) entered blocking state
[  437.536812][T28984] bridge0: port 9(batadv8) entered disabled state
[  437.543970][T28984] batadv8: entered allmulticast mode
[  437.550249][T28984] batadv8: entered promiscuous mode
[  437.571490][T14370] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  437.581728][T14370] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  437.624648][T28996] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  437.634612][T28996] SELinux: failed to load policy
[  437.661219][T14358] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  437.670733][T14358] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  437.728537][T29003] netlink: 124 bytes leftover after parsing attributes in process `syz.0.6928'.
[  437.903339][T29025] macvlan1: entered promiscuous mode
[  437.910119][T29025] ipvlan0: entered promiscuous mode
[  437.950659][T29025] ipvlan0: left promiscuous mode
[  437.985562][T29025] macvlan1: left promiscuous mode
[  438.033999][T14382] batman_adv: batadv8: No IGMP Querier present - multicast optimizations disabled
[  438.043333][T14382] batman_adv: batadv8: No MLD Querier present - multicast optimizations disabled
[  438.102857][T29031] FAULT_INJECTION: forcing a failure.
[  438.102857][T29031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.116393][T29031] CPU: 1 UID: 0 PID: 29031 Comm: syz.4.6937 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  438.116445][T29031] Tainted: [W]=WARN
[  438.116453][T29031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  438.116468][T29031] Call Trace:
[  438.116475][T29031]  <TASK>
[  438.116484][T29031]  __dump_stack+0x1d/0x30
[  438.116506][T29031]  dump_stack_lvl+0xe8/0x140
[  438.116591][T29031]  dump_stack+0x15/0x1b
[  438.116608][T29031]  should_fail_ex+0x265/0x280
[  438.116652][T29031]  should_fail+0xb/0x20
[  438.116686][T29031]  should_fail_usercopy+0x1a/0x20
[  438.116706][T29031]  _copy_from_user+0x1c/0xb0
[  438.116742][T29031]  memdup_user+0x5e/0xd0
[  438.116818][T29031]  autofs_dev_ioctl+0x167/0x6a0
[  438.116855][T29031]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  438.116918][T29031]  __se_sys_ioctl+0xce/0x140
[  438.116945][T29031]  __x64_sys_ioctl+0x43/0x50
[  438.116990][T29031]  x64_sys_call+0x1816/0x3000
[  438.117011][T29031]  do_syscall_64+0xd2/0x200
[  438.117042][T29031]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  438.117076][T29031]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  438.117122][T29031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.117150][T29031] RIP: 0033:0x7f4e22efefc9
[  438.117166][T29031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.117185][T29031] RSP: 002b:00007f4e21967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  438.117277][T29031] RAX: ffffffffffffffda RBX: 00007f4e23155fa0 RCX: 00007f4e22efefc9
[  438.117294][T29031] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000006
[  438.117311][T29031] RBP: 00007f4e21967090 R08: 0000000000000000 R09: 0000000000000000
[  438.117329][T29031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.117345][T29031] R13: 00007f4e23156038 R14: 00007f4e23155fa0 R15: 00007fff2f3350e8
[  438.117369][T29031]  </TASK>
[  438.324891][T29029] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  438.374058][T29029] SELinux: failed to load policy
[  438.506596][T29060] macvlan1: entered promiscuous mode
[  438.515769][T29060] ipvlan0: entered promiscuous mode
[  438.538022][T29060] ipvlan0: left promiscuous mode
[  438.556819][T29060] macvlan1: left promiscuous mode
[  438.654021][T29075] FAULT_INJECTION: forcing a failure.
[  438.654021][T29075] name failslab, interval 1, probability 0, space 0, times 0
[  438.667092][T29075] CPU: 0 UID: 0 PID: 29075 Comm: syz.3.6953 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  438.667135][T29075] Tainted: [W]=WARN
[  438.667150][T29075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  438.667167][T29075] Call Trace:
[  438.667175][T29075]  <TASK>
[  438.667186][T29075]  __dump_stack+0x1d/0x30
[  438.667234][T29075]  dump_stack_lvl+0xe8/0x140
[  438.667260][T29075]  dump_stack+0x15/0x1b
[  438.667282][T29075]  should_fail_ex+0x265/0x280
[  438.667352][T29075]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  438.667429][T29075]  should_failslab+0x8c/0xb0
[  438.667471][T29075]  kmem_cache_alloc_lru_noprof+0x55/0x490
[  438.667506][T29075]  ? debugfs_alloc_inode+0x34/0x40
[  438.667525][T29075]  ? lookup_noperm+0xc9/0x180
[  438.667589][T29075]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  438.667610][T29075]  debugfs_alloc_inode+0x34/0x40
[  438.667679][T29075]  alloc_inode+0x40/0x170
[  438.667702][T29075]  new_inode+0x1d/0xe0
[  438.667729][T29075]  __debugfs_create_file+0x109/0x330
[  438.667842][T29075]  debugfs_create_file_full+0x3f/0x60
[  438.667883][T29075]  ? __pfx_vlan_setup+0x10/0x10
[  438.667946][T29075]  ref_tracker_dir_debugfs+0x100/0x1e0
[  438.667997][T29075]  alloc_netdev_mqs+0x1a7/0xa50
[  438.668056][T29075]  rtnl_create_link+0x239/0x710
[  438.668097][T29075]  rtnl_newlink_create+0x14c/0x620
[  438.668130][T29075]  ? security_capable+0x83/0x90
[  438.668166][T29075]  ? netlink_ns_capable+0x86/0xa0
[  438.668269][T29075]  rtnl_newlink+0xf29/0x12d0
[  438.668306][T29075]  ? xas_load+0x413/0x430
[  438.668338][T29075]  ? __rcu_read_unlock+0x4f/0x70
[  438.668367][T29075]  ? xa_load+0xb1/0xe0
[  438.668404][T29075]  ? __rcu_read_unlock+0x4f/0x70
[  438.668428][T29075]  ? avc_has_perm_noaudit+0x1b1/0x200
[  438.668478][T29075]  ? cred_has_capability+0x210/0x280
[  438.668578][T29075]  ? selinux_capable+0x31/0x40
[  438.668605][T29075]  ? security_capable+0x83/0x90
[  438.668647][T29075]  ? ns_capable+0x7d/0xb0
[  438.668674][T29075]  ? __pfx_rtnl_newlink+0x10/0x10
[  438.668726][T29075]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  438.668750][T29075]  ? avc_has_perm_noaudit+0x1b1/0x200
[  438.668789][T29075]  netlink_rcv_skb+0x123/0x220
[  438.668817][T29075]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  438.668882][T29075]  rtnetlink_rcv+0x1c/0x30
[  438.668899][T29075]  netlink_unicast+0x5c0/0x690
[  438.668929][T29075]  netlink_sendmsg+0x58b/0x6b0
[  438.668972][T29075]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.669040][T29075]  __sock_sendmsg+0x145/0x180
[  438.669066][T29075]  ____sys_sendmsg+0x31e/0x4e0
[  438.669123][T29075]  ___sys_sendmsg+0x17b/0x1d0
[  438.669168][T29075]  __x64_sys_sendmsg+0xd4/0x160
[  438.669210][T29075]  x64_sys_call+0x191e/0x3000
[  438.669295][T29075]  do_syscall_64+0xd2/0x200
[  438.669401][T29075]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  438.669437][T29075]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  438.669474][T29075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.669497][T29075] RIP: 0033:0x7fcaa421efc9
[  438.669581][T29075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.669606][T29075] RSP: 002b:00007fcaa2c87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.669632][T29075] RAX: ffffffffffffffda RBX: 00007fcaa4475fa0 RCX: 00007fcaa421efc9
[  438.669645][T29075] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000f
[  438.669658][T29075] RBP: 00007fcaa2c87090 R08: 0000000000000000 R09: 0000000000000000
[  438.669675][T29075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.669692][T29075] R13: 00007fcaa4476038 R14: 00007fcaa4475fa0 R15: 00007ffd93fac1b8
[  438.669718][T29075]  </TASK>
[  438.669769][T29075] debugfs: out of free dentries, can not create file 'netdev@ffff88810b502550'
[  439.050443][T29075] 8021q: VLANs not supported on vcan0
[  439.060246][T29087] vlan2: entered allmulticast mode
[  439.154699][T29089] bridge0: port 2(batadv1) entered blocking state
[  439.161435][T29089] bridge0: port 2(batadv1) entered disabled state
[  439.197286][T29089] batadv1: entered allmulticast mode
[  439.221926][T29089] batadv1: entered promiscuous mode
[  439.434596][T29117] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  439.455052][T29117] SELinux: failed to load policy
[  439.520842][T29125] bridge0: port 10(batadv9) entered blocking state
[  439.527924][T29125] bridge0: port 10(batadv9) entered disabled state
[  439.543771][T29125] batadv9: entered allmulticast mode
[  439.552137][T29125] batadv9: entered promiscuous mode
[  439.592389][T29132] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6979'.
[  439.651085][T14394] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  439.660738][T14394] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  439.752641][T29150] macvlan1: entered promiscuous mode
[  439.769396][T29150] ipvlan0: entered promiscuous mode
[  439.779232][T29150] ipvlan0: left promiscuous mode
[  439.795205][T29150] macvlan1: left promiscuous mode
[  439.888415][T29163] vlan2: entered allmulticast mode
[  439.986290][T29173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6997'.
[  440.021407][T14346] batman_adv: batadv9: No IGMP Querier present - multicast optimizations disabled
[  440.031323][T14346] batman_adv: batadv9: No MLD Querier present - multicast optimizations disabled
[  440.052078][T29177] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  440.060547][T29177] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  440.080296][T29179] SELinux:  policydb string S does not match my string SE Linux
[  440.088507][T29179] SELinux: failed to load policy
[  440.157308][T29187] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7003'.
[  440.169147][   T29] kauditd_printk_skb: 41 callbacks suppressed
[  440.169163][   T29] audit: type=1326 audit(440.135:14755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.241044][   T29] audit: type=1326 audit(440.145:14756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.264310][   T29] audit: type=1326 audit(440.185:14757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.287900][   T29] audit: type=1326 audit(440.185:14758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.312591][   T29] audit: type=1326 audit(440.185:14759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.335806][   T29] audit: type=1326 audit(440.185:14760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.359224][   T29] audit: type=1326 audit(440.185:14761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.382495][   T29] audit: type=1326 audit(440.185:14762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.406810][   T29] audit: type=1326 audit(440.185:14763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.430380][   T29] audit: type=1326 audit(440.185:14764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29185 comm="syz.1.7003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  440.729817][T29230] netlink: 532 bytes leftover after parsing attributes in process `syz.0.7020'.
[  440.741282][T29230] usb usb1: check_ctrlrecip: process 29230 (syz.0.7020) requesting ep 01 but needs 81
[  440.762463][T29230] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  440.772834][T29230] netlink: '+}[@': attribute type 1 has an invalid length.
[  440.780507][T29230] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  440.804667][T29232] bridge0: port 6(batadv4) entered blocking state
[  440.811327][T29232] bridge0: port 6(batadv4) entered disabled state
[  440.818603][T29232] batadv4: entered allmulticast mode
[  440.825256][T29232] batadv4: entered promiscuous mode
[  440.859060][T29234] vlan2: entered allmulticast mode
[  440.864469][T29234] dummy0: entered allmulticast mode
[  440.882388][T29237] macvlan1: entered promiscuous mode
[  440.889752][T29237] ipvlan0: entered promiscuous mode
[  440.896522][T29237] ipvlan0: left promiscuous mode
[  440.903042][T29237] macvlan1: left promiscuous mode
[  441.055632][T29249] macvlan1: entered promiscuous mode
[  441.083801][T29249] ipvlan0: entered promiscuous mode
[  441.109127][T29249] ipvlan0: left promiscuous mode
[  441.120021][T29249] macvlan1: left promiscuous mode
[  441.195817][T29257] netlink: 532 bytes leftover after parsing attributes in process `syz.1.7033'.
[  441.249061][T29257] usb usb1: check_ctrlrecip: process 29257 (syz.1.7033) requesting ep 01 but needs 81
[  441.285556][T29257] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  441.301215][T14381] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  441.310562][T14381] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  441.354497][T29260] netlink: '+}[@': attribute type 1 has an invalid length.
[  441.361864][T29260] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  441.487184][T29266] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7036'.
[  441.631512][T29270] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  441.640644][T29272] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  441.648969][T29272] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  442.158592][T29327] FAULT_INJECTION: forcing a failure.
[  442.158592][T29327] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.172855][T29327] CPU: 0 UID: 0 PID: 29327 Comm: syz.1.7060 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  442.172893][T29327] Tainted: [W]=WARN
[  442.172912][T29327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  442.172925][T29327] Call Trace:
[  442.172932][T29327]  <TASK>
[  442.172943][T29327]  __dump_stack+0x1d/0x30
[  442.173022][T29327]  dump_stack_lvl+0xe8/0x140
[  442.173042][T29327]  dump_stack+0x15/0x1b
[  442.173060][T29327]  should_fail_ex+0x265/0x280
[  442.173103][T29327]  should_fail+0xb/0x20
[  442.173201][T29327]  should_fail_usercopy+0x1a/0x20
[  442.173225][T29327]  strncpy_from_user+0x25/0x230
[  442.173275][T29327]  ? kmem_cache_alloc_noprof+0x242/0x480
[  442.173343][T29327]  ? getname_flags+0x80/0x3b0
[  442.173432][T29327]  getname_flags+0xae/0x3b0
[  442.173465][T29327]  do_sys_openat2+0x60/0x110
[  442.173511][T29327]  __x64_sys_openat+0xf2/0x120
[  442.173535][T29327]  x64_sys_call+0x2eab/0x3000
[  442.173628][T29327]  do_syscall_64+0xd2/0x200
[  442.173658][T29327]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  442.173686][T29327]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  442.173717][T29327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.173787][T29327] RIP: 0033:0x7f661e1befc9
[  442.173803][T29327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.173827][T29327] RSP: 002b:00007f661cc1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  442.173853][T29327] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1befc9
[  442.173881][T29327] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[  442.173898][T29327] RBP: 00007f661cc1f090 R08: 0000000000000000 R09: 0000000000000000
[  442.173915][T29327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  442.173931][T29327] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  442.173955][T29327]  </TASK>
[  442.460501][T29336] FAULT_INJECTION: forcing a failure.
[  442.460501][T29336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.474305][T29336] CPU: 0 UID: 0 PID: 29336 Comm: syz.1.7063 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  442.474405][T29336] Tainted: [W]=WARN
[  442.474413][T29336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  442.474428][T29336] Call Trace:
[  442.474436][T29336]  <TASK>
[  442.474445][T29336]  __dump_stack+0x1d/0x30
[  442.474470][T29336]  dump_stack_lvl+0xe8/0x140
[  442.474493][T29336]  dump_stack+0x15/0x1b
[  442.474513][T29336]  should_fail_ex+0x265/0x280
[  442.474577][T29336]  should_fail+0xb/0x20
[  442.474611][T29336]  should_fail_usercopy+0x1a/0x20
[  442.474712][T29336]  _copy_from_user+0x1c/0xb0
[  442.474740][T29336]  ____sys_sendmsg+0x1c5/0x4e0
[  442.474779][T29336]  ___sys_sendmsg+0x17b/0x1d0
[  442.474847][T29336]  __x64_sys_sendmsg+0xd4/0x160
[  442.474959][T29336]  x64_sys_call+0x191e/0x3000
[  442.474984][T29336]  do_syscall_64+0xd2/0x200
[  442.475014][T29336]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  442.475046][T29336]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  442.475152][T29336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.475177][T29336] RIP: 0033:0x7f661e1befc9
[  442.475233][T29336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.475255][T29336] RSP: 002b:00007f661cc1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  442.475278][T29336] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1befc9
[  442.475293][T29336] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  442.475384][T29336] RBP: 00007f661cc1f090 R08: 0000000000000000 R09: 0000000000000000
[  442.475398][T29336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  442.475413][T29336] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  442.475435][T29336]  </TASK>
[  443.158290][T29378] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  443.164966][T29378] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  443.172779][T29378] vhci_hcd vhci_hcd.0: Device attached
[  443.218476][T29378] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(7)
[  443.225225][T29378] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  443.233025][T29378] vhci_hcd vhci_hcd.0: Device attached
[  443.312883][T29385] vhci_hcd: connection closed
[  443.313160][T14373] vhci_hcd: stop threads
[  443.322357][T14373] vhci_hcd: release socket
[  443.326815][T14373] vhci_hcd: disconnect device
[  443.334946][T29379] vhci_hcd: connection closed
[  443.346105][T14373] vhci_hcd: stop threads
[  443.356287][T14373] vhci_hcd: release socket
[  443.361003][T14373] vhci_hcd: disconnect device
[  443.416178][T29395] SELinux:  policydb string SE Li does not match my string SE Linux
[  443.434153][T29368] team0 (unregistering): Port device team_slave_0 removed
[  443.435832][T29395] SELinux: failed to load policy
[  443.456576][T29368] team0 (unregistering): Port device team_slave_1 removed
[  443.615228][T29409] siw: device registration error -23
[  443.708137][T29413] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7093'.
[  443.974969][T29438] macvlan1: entered promiscuous mode
[  443.981650][T29438] ipvlan0: entered promiscuous mode
[  443.987718][T29438] ipvlan0: left promiscuous mode
[  443.992914][T29438] macvlan1: left promiscuous mode
[  444.003440][T29439] bridge0: port 3(batadv0) entered blocking state
[  444.010188][T29439] bridge0: port 3(batadv0) entered disabled state
[  444.017316][T29439] batadv0: entered allmulticast mode
[  444.024198][T29439] batadv0: entered promiscuous mode
[  444.108310][T29449] bridge0: port 11(batadv9) entered blocking state
[  444.115526][T29449] bridge0: port 11(batadv9) entered disabled state
[  444.124676][T29449] batadv9: entered allmulticast mode
[  444.163684][T29449] batadv9: entered promiscuous mode
[  444.248012][T29456] FAULT_INJECTION: forcing a failure.
[  444.248012][T29456] name failslab, interval 1, probability 0, space 0, times 0
[  444.259279][T29471] macvlan1: entered promiscuous mode
[  444.261489][T29456] CPU: 1 UID: 0 PID: 29456 Comm: syz.2.7112 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  444.261589][T29456] Tainted: [W]=WARN
[  444.261599][T29456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  444.261618][T29456] Call Trace:
[  444.261627][T29456]  <TASK>
[  444.261638][T29456]  __dump_stack+0x1d/0x30
[  444.261689][T29456]  dump_stack_lvl+0xe8/0x140
[  444.261715][T29456]  dump_stack+0x15/0x1b
[  444.261740][T29456]  should_fail_ex+0x265/0x280
[  444.261800][T29456]  should_failslab+0x8c/0xb0
[  444.261887][T29456]  kmem_cache_alloc_noprof+0x50/0x480
[  444.261926][T29456]  ? audit_log_start+0x342/0x720
[  444.262085][T29456]  audit_log_start+0x342/0x720
[  444.262150][T29456]  ? kstrtouint+0x76/0xc0
[  444.262223][T29456]  audit_seccomp+0x48/0x100
[  444.262265][T29456]  ? __seccomp_filter+0x82d/0x1250
[  444.262303][T29456]  __seccomp_filter+0x83e/0x1250
[  444.262375][T29456]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  444.262418][T29456]  ? vfs_write+0x7e8/0x960
[  444.262457][T29456]  ? __rcu_read_unlock+0x4f/0x70
[  444.262493][T29456]  ? __fget_files+0x184/0x1c0
[  444.262582][T29456]  __secure_computing+0x82/0x150
[  444.262658][T29456]  syscall_trace_enter+0xcf/0x1e0
[  444.262698][T29456]  do_syscall_64+0xac/0x200
[  444.262740][T29456]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  444.262922][T29456]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  444.262968][T29456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.262999][T29456] RIP: 0033:0x7ffaf804efc9
[  444.263022][T29456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.263097][T29456] RSP: 002b:00007ffaf6ab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  444.263125][T29456] RAX: ffffffffffffffda RBX: 00007ffaf82a5fa0 RCX: 00007ffaf804efc9
[  444.263144][T29456] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[  444.263183][T29456] RBP: 00007ffaf6ab7090 R08: 0000000000000001 R09: 0000000000000004
[  444.263197][T29456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.263209][T29456] R13: 00007ffaf82a6038 R14: 00007ffaf82a5fa0 R15: 00007ffff7c9a238
[  444.263232][T29456]  </TASK>
[  444.492243][T29471] ipvlan0: entered promiscuous mode
[  444.498366][T29471] ipvlan0: left promiscuous mode
[  444.503975][T29471] macvlan1: left promiscuous mode
[  444.511189][T14400] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  444.520760][T14400] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  444.594821][T29483] netlink: 532 bytes leftover after parsing attributes in process `syz.2.7121'.
[  444.606502][T29483] usb usb1: check_ctrlrecip: process 29483 (syz.2.7121) requesting ep 01 but needs 81
[  444.616245][T14369] batman_adv: batadv9: No IGMP Querier present - multicast optimizations disabled
[  444.616300][T29483] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  444.625635][T14369] batman_adv: batadv9: No MLD Querier present - multicast optimizations disabled
[  444.639429][T29483] netlink: '+}[@': attribute type 1 has an invalid length.
[  444.649770][T29483] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  444.653322][T29487] SELinux:  policydb version 0 does not match my version range 15-35
[  444.666912][T29487] SELinux: failed to load policy
[  444.712467][T29493] bridge0: port 12(batadv10) entered blocking state
[  444.719373][T29493] bridge0: port 12(batadv10) entered disabled state
[  444.727239][T29493] batadv10: entered allmulticast mode
[  444.733936][T29493] batadv10: entered promiscuous mode
[  444.905940][T29524] SELinux:  policydb version 0 does not match my version range 15-35
[  444.914530][T29524] SELinux: failed to load policy
[  444.956951][T29528] bridge0: port 5(batadv4) entered blocking state
[  444.963631][T29528] bridge0: port 5(batadv4) entered disabled state
[  444.974249][T29528] batadv4: entered allmulticast mode
[  444.980479][T29528] batadv4: entered promiscuous mode
[  445.055561][T29544] FAULT_INJECTION: forcing a failure.
[  445.055561][T29544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  445.068748][T29544] CPU: 1 UID: 0 PID: 29544 Comm: syz.3.7146 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  445.068841][T29544] Tainted: [W]=WARN
[  445.068851][T29544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  445.068868][T29544] Call Trace:
[  445.068878][T29544]  <TASK>
[  445.068888][T29544]  __dump_stack+0x1d/0x30
[  445.068918][T29544]  dump_stack_lvl+0xe8/0x140
[  445.068943][T29544]  dump_stack+0x15/0x1b
[  445.068965][T29544]  should_fail_ex+0x265/0x280
[  445.069031][T29544]  should_fail+0xb/0x20
[  445.069072][T29544]  should_fail_usercopy+0x1a/0x20
[  445.069176][T29544]  _copy_from_user+0x1c/0xb0
[  445.069208][T29544]  ___sys_sendmsg+0xc1/0x1d0
[  445.069264][T29544]  __x64_sys_sendmsg+0xd4/0x160
[  445.069352][T29544]  x64_sys_call+0x191e/0x3000
[  445.069381][T29544]  do_syscall_64+0xd2/0x200
[  445.069413][T29544]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  445.069502][T29544]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  445.069591][T29544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.069670][T29544] RIP: 0033:0x7fcaa421efc9
[  445.069690][T29544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.069850][T29544] RSP: 002b:00007fcaa2c87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  445.069874][T29544] RAX: ffffffffffffffda RBX: 00007fcaa4475fa0 RCX: 00007fcaa421efc9
[  445.069890][T29544] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000005
[  445.069929][T29544] RBP: 00007fcaa2c87090 R08: 0000000000000000 R09: 0000000000000000
[  445.069974][T29544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.069991][T29544] R13: 00007fcaa4476038 R14: 00007fcaa4475fa0 R15: 00007ffd93fac1b8
[  445.070017][T29544]  </TASK>
[  445.250785][T14369] batman_adv: batadv10: No IGMP Querier present - multicast optimizations disabled
[  445.260314][T14369] batman_adv: batadv10: No MLD Querier present - multicast optimizations disabled
[  445.288993][T29548] vti0: entered allmulticast mode
[  445.303168][T29551] SELinux:  policydb version 0 does not match my version range 15-35
[  445.312404][T29551] SELinux: failed to load policy
[  445.384571][   T29] kauditd_printk_skb: 358 callbacks suppressed
[  445.384599][   T29] audit: type=1326 audit(445.355:15121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.427000][   T29] audit: type=1326 audit(445.395:15122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.450403][   T29] audit: type=1326 audit(445.395:15123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.473763][   T29] audit: type=1326 audit(445.395:15124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.474625][   T52] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  445.497105][   T29] audit: type=1326 audit(445.395:15125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.506949][   T52] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  445.540133][   T29] audit: type=1326 audit(445.395:15126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.563614][   T29] audit: type=1326 audit(445.395:15127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.586878][   T29] audit: type=1326 audit(445.395:15128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.610368][   T29] audit: type=1326 audit(445.395:15129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  445.633685][   T29] audit: type=1326 audit(445.395:15130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29562 comm="syz.0.7153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc419e90ee7 code=0x7ffc0000
[  445.727109][T29577] bridge0: port 13(batadv11) entered blocking state
[  445.734376][T29577] bridge0: port 13(batadv11) entered disabled state
[  445.741837][T29577] batadv11: entered allmulticast mode
[  445.748188][T29577] batadv11: entered promiscuous mode
[  445.861611][T29592] FAULT_INJECTION: forcing a failure.
[  445.861611][T29592] name failslab, interval 1, probability 0, space 0, times 0
[  445.874684][T29592] CPU: 0 UID: 0 PID: 29592 Comm: syz.0.7161 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  445.874777][T29592] Tainted: [W]=WARN
[  445.874787][T29592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  445.874824][T29592] Call Trace:
[  445.874833][T29592]  <TASK>
[  445.874843][T29592]  __dump_stack+0x1d/0x30
[  445.874872][T29592]  dump_stack_lvl+0xe8/0x140
[  445.874898][T29592]  dump_stack+0x15/0x1b
[  445.874919][T29592]  should_fail_ex+0x265/0x280
[  445.875019][T29592]  ? do_proc_control+0x1d6/0x8b0
[  445.875049][T29592]  should_failslab+0x8c/0xb0
[  445.875148][T29592]  __kmalloc_cache_noprof+0x4c/0x4a0
[  445.875190][T29592]  do_proc_control+0x1d6/0x8b0
[  445.875241][T29592]  ? should_fail_ex+0xdb/0x280
[  445.875278][T29592]  proc_control+0x71/0xa0
[  445.875332][T29592]  usbdev_ioctl+0x93c/0x1700
[  445.875367][T29592]  ? __pfx_usbdev_ioctl+0x10/0x10
[  445.875411][T29592]  __se_sys_ioctl+0xce/0x140
[  445.875430][T29592]  __x64_sys_ioctl+0x43/0x50
[  445.875452][T29592]  x64_sys_call+0x1816/0x3000
[  445.875481][T29592]  do_syscall_64+0xd2/0x200
[  445.875581][T29592]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  445.875610][T29592]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  445.875641][T29592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.875670][T29592] RIP: 0033:0x7fc419e8efc9
[  445.875688][T29592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.875748][T29592] RSP: 002b:00007fc4188ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.875823][T29592] RAX: ffffffffffffffda RBX: 00007fc41a0e5fa0 RCX: 00007fc419e8efc9
[  445.875896][T29592] RDX: 0000200000000180 RSI: 00000000c0185500 RDI: 0000000000000006
[  445.875911][T29592] RBP: 00007fc4188ef090 R08: 0000000000000000 R09: 0000000000000000
[  445.875923][T29592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.875998][T29592] R13: 00007fc41a0e6038 R14: 00007fc41a0e5fa0 R15: 00007ffdc9039858
[  445.876022][T29592]  </TASK>
[  446.107729][T29600] macvlan1: entered promiscuous mode
[  446.153328][T29600] ipvlan0: entered promiscuous mode
[  446.181768][T29600] ipvlan0: left promiscuous mode
[  446.198667][T29600] macvlan1: left promiscuous mode
[  446.211126][T14369] batman_adv: batadv11: No IGMP Querier present - multicast optimizations disabled
[  446.220494][T14369] batman_adv: batadv11: No MLD Querier present - multicast optimizations disabled
[  446.734098][T29623] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  446.743332][T29623] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  447.188449][T29668] macvlan1: entered promiscuous mode
[  447.214739][T29668] ipvlan0: entered promiscuous mode
[  447.221208][T29668] ipvlan0: left promiscuous mode
[  447.226737][T29668] macvlan1: left promiscuous mode
[  447.256406][T29674] bridge0: port 6(batadv5) entered blocking state
[  447.263151][T29674] bridge0: port 6(batadv5) entered disabled state
[  447.269952][T29674] batadv5: entered allmulticast mode
[  447.276133][T29674] batadv5: entered promiscuous mode
[  447.284220][T29676] netlink: 532 bytes leftover after parsing attributes in process `syz.3.7198'.
[  447.296274][T29676] usb usb1: check_ctrlrecip: process 29676 (syz.3.7198) requesting ep 01 but needs 81
[  447.307876][T29676] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  447.327777][T29676] netlink: '+}[@': attribute type 1 has an invalid length.
[  447.335424][T29676] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  447.456324][T29694] bridge0: port 4(batadv2) entered blocking state
[  447.463183][T29694] bridge0: port 4(batadv2) entered disabled state
[  447.472736][T29694] batadv2: entered allmulticast mode
[  447.479041][T29694] batadv2: entered promiscuous mode
[  447.494173][T29697] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  447.502867][T29697] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  447.537739][T29704] netlink: 532 bytes leftover after parsing attributes in process `syz.4.7212'.
[  447.550060][T29704] usb usb1: check_ctrlrecip: process 29704 (syz.4.7212) requesting ep 01 but needs 81
[  447.561699][T29704] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  447.570422][T29704] netlink: '+}[@': attribute type 1 has an invalid length.
[  447.578016][T29704] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  447.739196][T29734] netlink: 532 bytes leftover after parsing attributes in process `syz.2.7226'.
[  447.751564][T29734] usb usb1: check_ctrlrecip: process 29734 (syz.2.7226) requesting ep 01 but needs 81
[  447.761670][T29734] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  447.771049][   T52] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  447.772039][T29734] netlink: '+}[@': attribute type 1 has an invalid length.
[  447.781183][   T52] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  447.798844][T29734] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  447.877612][T29752] bridge0: port 7(batadv5) entered blocking state
[  447.884946][T29752] bridge0: port 7(batadv5) entered disabled state
[  447.892965][T29752] batadv5: entered allmulticast mode
[  447.899549][T29752] batadv5: entered promiscuous mode
[  447.961069][  T415] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[  447.971685][  T415] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[  448.326224][T29793] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7253'.
[  448.417291][T14369] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  448.426732][T14369] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  448.831985][T29816] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  448.840696][T29816] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  450.310701][T29888] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  450.319114][T29888] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  450.355047][T29892] macvlan1: entered promiscuous mode
[  450.367599][T29892] ipvlan0: entered promiscuous mode
[  450.381574][T29892] ipvlan0: left promiscuous mode
[  450.387405][T29892] macvlan1: left promiscuous mode
[  450.423092][T29900] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  450.431565][T29900] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  450.621426][T29910] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  450.630040][T29910] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  450.785919][T29931] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7308'.
[  450.843604][   T29] kauditd_printk_skb: 225 callbacks suppressed
[  450.843625][   T29] audit: type=1400 audit(450.815:15356): avc:  denied  { execute } for  pid=29937 comm="syz.2.7310" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=85347 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  450.998207][T29955] FAULT_INJECTION: forcing a failure.
[  450.998207][T29955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  451.012084][T29955] CPU: 0 UID: 0 PID: 29955 Comm: syz.2.7317 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  451.012180][T29955] Tainted: [W]=WARN
[  451.012189][T29955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  451.012206][T29955] Call Trace:
[  451.012215][T29955]  <TASK>
[  451.012226][T29955]  __dump_stack+0x1d/0x30
[  451.012253][T29955]  dump_stack_lvl+0xe8/0x140
[  451.012356][T29955]  dump_stack+0x15/0x1b
[  451.012427][T29955]  should_fail_ex+0x265/0x280
[  451.012609][T29955]  should_fail+0xb/0x20
[  451.012697][T29955]  should_fail_usercopy+0x1a/0x20
[  451.012730][T29955]  _copy_from_iter+0xd2/0xe80
[  451.012843][T29955]  ? __build_skb_around+0x1ab/0x200
[  451.012874][T29955]  ? __alloc_skb+0x223/0x320
[  451.012911][T29955]  netlink_sendmsg+0x471/0x6b0
[  451.013048][T29955]  ? __pfx_netlink_sendmsg+0x10/0x10
[  451.013121][T29955]  __sock_sendmsg+0x145/0x180
[  451.013150][T29955]  ____sys_sendmsg+0x31e/0x4e0
[  451.013188][T29955]  ___sys_sendmsg+0x17b/0x1d0
[  451.013322][T29955]  __x64_sys_sendmsg+0xd4/0x160
[  451.013358][T29955]  x64_sys_call+0x191e/0x3000
[  451.013380][T29955]  do_syscall_64+0xd2/0x200
[  451.013485][T29955]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  451.013595][T29955]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  451.013626][T29955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.013688][T29955] RIP: 0033:0x7ffaf804efc9
[  451.013709][T29955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.013741][T29955] RSP: 002b:00007ffaf6ab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  451.013765][T29955] RAX: ffffffffffffffda RBX: 00007ffaf82a5fa0 RCX: 00007ffaf804efc9
[  451.013835][T29955] RDX: 0000000000000000 RSI: 0000200000006280 RDI: 0000000000000005
[  451.013879][T29955] RBP: 00007ffaf6ab7090 R08: 0000000000000000 R09: 0000000000000000
[  451.013895][T29955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.013912][T29955] R13: 00007ffaf82a6038 R14: 00007ffaf82a5fa0 R15: 00007ffff7c9a238
[  451.013937][T29955]  </TASK>
[  451.572283][   T29] audit: type=1326 audit(451.535:15357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.595874][   T29] audit: type=1326 audit(451.535:15358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.619135][   T29] audit: type=1326 audit(451.535:15359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.642388][   T29] audit: type=1326 audit(451.535:15360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.666319][   T29] audit: type=1326 audit(451.535:15361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.690153][   T29] audit: type=1326 audit(451.535:15362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f661e1b5e67 code=0x7ffc0000
[  451.713325][   T29] audit: type=1326 audit(451.535:15363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f661e15b099 code=0x7ffc0000
[  451.737033][   T29] audit: type=1326 audit(451.535:15364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.761313][   T29] audit: type=1326 audit(451.535:15365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29965 comm="syz.1.7320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f661e1befc9 code=0x7ffc0000
[  451.902958][T29979] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  451.915898][T29979] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  451.928702][T29979] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  451.954533][T29979] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  452.244142][T30012] vlan1: entered allmulticast mode
[  452.249560][T30012] bridge_slave_0: entered allmulticast mode
[  452.702336][T30032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7342'.
[  452.731658][T29991] syz.2.7329 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  452.745879][T29991] CPU: 1 UID: 0 PID: 29991 Comm: syz.2.7329 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  452.745941][T29991] Tainted: [W]=WARN
[  452.745948][T29991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  452.745962][T29991] Call Trace:
[  452.745970][T29991]  <TASK>
[  452.745978][T29991]  __dump_stack+0x1d/0x30
[  452.746001][T29991]  dump_stack_lvl+0xe8/0x140
[  452.746069][T29991]  dump_stack+0x15/0x1b
[  452.746086][T29991]  dump_header+0x81/0x220
[  452.746120][T29991]  oom_kill_process+0x342/0x400
[  452.746398][T29991]  out_of_memory+0x979/0xb80
[  452.746438][T29991]  try_charge_memcg+0x610/0xa10
[  452.746472][T29991]  charge_memcg+0x51/0xc0
[  452.746509][T29991]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  452.746536][T29991]  __read_swap_cache_async+0x17b/0x2d0
[  452.746627][T29991]  swap_cluster_readahead+0x262/0x3c0
[  452.746654][T29991]  swapin_readahead+0xde/0x6f0
[  452.746675][T29991]  ? mod_memcg_lruvec_state+0x1fc/0x2c0
[  452.746707][T29991]  ? __rcu_read_unlock+0x34/0x70
[  452.746734][T29991]  ? __rcu_read_unlock+0x4f/0x70
[  452.746785][T29991]  ? swap_cache_get_folio+0x277/0x280
[  452.746838][T29991]  do_swap_page+0x2ae/0x2370
[  452.746863][T29991]  ? css_rstat_updated+0xb7/0x240
[  452.746899][T29991]  ? __pfx_default_wake_function+0x10/0x10
[  452.746950][T29991]  handle_mm_fault+0x9a5/0x2be0
[  452.746976][T29991]  ? vma_start_read+0x141/0x1f0
[  452.747013][T29991]  do_user_addr_fault+0x630/0x1080
[  452.747040][T29991]  exc_page_fault+0x62/0xa0
[  452.747105][T29991]  asm_exc_page_fault+0x26/0x30
[  452.747127][T29991] RIP: 0033:0x7ffaf7f258ec
[  452.747144][T29991] Code: 66 0f 1f 44 00 00 69 3d c6 fd ea 00 e8 03 00 00 48 8d 1d c7 06 38 00 e8 42 96 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  452.747164][T29991] RSP: 002b:00007ffff7c9a3a0 EFLAGS: 00010287
[  452.747199][T29991] RAX: 0000000000000000 RBX: 00007ffaf82a6090 RCX: 0000000000000000
[  452.747212][T29991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555587c59808
[  452.747267][T29991] RBP: 00007ffaf82a7da0 R08: 0000000000000000 R09: 7fffffffffffffff
[  452.747280][T29991] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000006e8e2
[  452.747293][T29991] R13: 00007ffaf82a6090 R14: ffffffffffffffff R15: 00007ffff7c9a4b0
[  452.747314][T29991]  </TASK>
[  452.747323][T29991] memory: usage 307200kB, limit 307200kB, failcnt 1725
[  452.787150][T30035] bridge0: port 5(batadv3) entered blocking state
[  452.787377][T29991] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[  452.792085][T30035] bridge0: port 5(batadv3) entered disabled state
[  452.796437][T29991] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  452.796458][T29991] Memory cgroup stats for /syz2:
[  453.020666][T29991] cache 0
[  453.025928][T30035] batadv3: entered allmulticast mode
[  453.029084][T29991] rss 0
[  453.037377][T29991] shmem 0
[  453.040344][T29991] mapped_file 0
[  453.043866][T29991] dirty 0
[  453.046829][T29991] writeback 0
[  453.050134][T29991] workingset_refault_anon 13874
[  453.054574][T30035] batadv3: entered promiscuous mode
[  453.055071][T29991] workingset_refault_file 3346
[  453.065535][T29991] swap 212992
[  453.068848][T29991] swapcached 8192
[  453.072758][T29991] pgpgin 1095259
[  453.076310][T29991] pgpgout 1095257
[  453.080155][T29991] pgfault 1194091
[  453.083899][T29991] pgmajfault 2500
[  453.087650][T29991] inactive_anon 4096
[  453.091604][T29991] active_anon 4096
[  453.095418][T29991] inactive_file 0
[  453.099064][T29991] active_file 0
[  453.102648][T29991] unevictable 0
[  453.106132][T29991] hierarchical_memory_limit 314572800
[  453.111754][T29991] hierarchical_memsw_limit 9223372036854771712
[  453.118344][T29991] total_cache 0
[  453.122256][T29991] total_rss 0
[  453.125571][T29991] total_shmem 0
[  453.129166][T29991] total_mapped_file 0
[  453.133365][T29991] total_dirty 0
[  453.137253][T29991] total_writeback 0
[  453.141224][T29991] total_workingset_refault_anon 13874
[  453.146655][T29991] total_workingset_refault_file 3346
[  453.152080][T29991] total_swap 212992
[  453.155955][T29991] total_swapcached 8192
[  453.160567][T29991] total_pgpgin 1095259
[  453.164702][T29991] total_pgpgout 1095257
[  453.169448][T29991] total_pgfault 1194091
[  453.173683][T29991] total_pgmajfault 2500
[  453.177941][T29991] total_inactive_anon 4096
[  453.182545][T29991] total_active_anon 4096
[  453.187263][T29991] total_inactive_file 0
[  453.191525][T29991] total_active_file 0
[  453.195535][T29991] total_unevictable 0
[  453.199628][T29991] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.7329,pid=29991,uid=0
[  453.214872][T29991] Memory cgroup out of memory: Killed process 29991 (syz.2.7329) total-vm:96052kB, anon-rss:1132kB, file-rss:22472kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  453.291404][   T52] batman_adv: batadv3: No IGMP Querier present - multicast optimizations disabled
[  453.300836][   T52] batman_adv: batadv3: No MLD Querier present - multicast optimizations disabled
[  453.571351][T30062] bridge0: port 8(batadv6) entered blocking state
[  453.577880][T30062] bridge0: port 8(batadv6) entered disabled state
[  453.584754][T30062] batadv6: entered allmulticast mode
[  453.590771][T30062] batadv6: entered promiscuous mode
[  453.797185][T30078] siw: device registration error -23
[  454.016094][T30104] bridge0: port 6(batadv4) entered blocking state
[  454.023274][T30104] bridge0: port 6(batadv4) entered disabled state
[  454.051234][T30104] batadv4: entered allmulticast mode
[  454.057502][T30104] batadv4: entered promiscuous mode
[  454.071224][T14369] batman_adv: batadv6: No IGMP Querier present - multicast optimizations disabled
[  454.074275][T30106] vlan2: entered allmulticast mode
[  454.080574][T14369] batman_adv: batadv6: No MLD Querier present - multicast optimizations disabled
[  454.183616][T30120] FAULT_INJECTION: forcing a failure.
[  454.183616][T30120] name failslab, interval 1, probability 0, space 0, times 0
[  454.202868][T30120] CPU: 0 UID: 0 PID: 30120 Comm: syz.1.7372 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  454.202912][T30120] Tainted: [W]=WARN
[  454.202922][T30120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  454.202937][T30120] Call Trace:
[  454.202943][T30120]  <TASK>
[  454.202975][T30120]  __dump_stack+0x1d/0x30
[  454.202999][T30120]  dump_stack_lvl+0xe8/0x140
[  454.203088][T30120]  dump_stack+0x15/0x1b
[  454.203117][T30120]  should_fail_ex+0x265/0x280
[  454.203159][T30120]  should_failslab+0x8c/0xb0
[  454.203240][T30120]  kmem_cache_alloc_noprof+0x50/0x480
[  454.203334][T30120]  ? getname_flags+0x80/0x3b0
[  454.203371][T30120]  getname_flags+0x80/0x3b0
[  454.203400][T30120]  getname_uflags+0x21/0x30
[  454.203428][T30120]  __x64_sys_execveat+0x5d/0x90
[  454.203456][T30120]  x64_sys_call+0x1fec/0x3000
[  454.203485][T30120]  do_syscall_64+0xd2/0x200
[  454.203572][T30120]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  454.203596][T30120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.203623][T30120] RIP: 0033:0x7f661e1befc9
[  454.203641][T30120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.203660][T30120] RSP: 002b:00007f661cc1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  454.203825][T30120] RAX: ffffffffffffffda RBX: 00007f661e415fa0 RCX: 00007f661e1befc9
[  454.203838][T30120] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  454.203850][T30120] RBP: 00007f661cc1f090 R08: 0000000000001000 R09: 0000000000000000
[  454.203863][T30120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.203877][T30120] R13: 00007f661e416038 R14: 00007f661e415fa0 R15: 00007ffffcb4bb48
[  454.203928][T30120]  </TASK>
[  454.504312][T30123] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7373'.
[  454.531101][   T52] batman_adv: batadv4: No IGMP Querier present - multicast optimizations disabled
[  454.540686][   T52] batman_adv: batadv4: No MLD Querier present - multicast optimizations disabled
[  454.575261][T30138] bridge0: port 14(batadv12) entered blocking state
[  454.582295][T30138] bridge0: port 14(batadv12) entered disabled state
[  454.589889][T30138] batadv12: entered allmulticast mode
[  454.597718][T30138] batadv12: entered promiscuous mode
[  454.646725][T30145] bridge0: port 7(batadv6) entered blocking state
[  454.654139][T30145] bridge0: port 7(batadv6) entered disabled state
[  454.661079][T30145] batadv6: entered allmulticast mode
[  454.667136][T30145] batadv6: entered promiscuous mode
[  454.726756][T30146] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  454.735415][T30146] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  455.091050][   T52] batman_adv: batadv12: No IGMP Querier present - multicast optimizations disabled
[  455.100493][   T52] batman_adv: batadv12: No MLD Querier present - multicast optimizations disabled
[  455.151818][   T52] batman_adv: batadv6: No IGMP Querier present - multicast optimizations disabled
[  455.161397][   T52] batman_adv: batadv6: No MLD Querier present - multicast optimizations disabled
[  455.255766][T30130] syz.4.7377 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  455.270226][T30130] CPU: 1 UID: 0 PID: 30130 Comm: syz.4.7377 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  455.270271][T30130] Tainted: [W]=WARN
[  455.270281][T30130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  455.270303][T30130] Call Trace:
[  455.270311][T30130]  <TASK>
[  455.270382][T30130]  __dump_stack+0x1d/0x30
[  455.270410][T30130]  dump_stack_lvl+0xe8/0x140
[  455.270438][T30130]  dump_stack+0x15/0x1b
[  455.270461][T30130]  dump_header+0x81/0x220
[  455.270531][T30130]  oom_kill_process+0x342/0x400
[  455.270563][T30130]  out_of_memory+0x979/0xb80
[  455.270602][T30130]  try_charge_memcg+0x610/0xa10
[  455.270709][T30130]  obj_cgroup_charge_pages+0xa6/0x150
[  455.270781][T30130]  __memcg_kmem_charge_page+0x9f/0x170
[  455.270819][T30130]  __alloc_frozen_pages_noprof+0x188/0x360
[  455.270922][T30130]  alloc_pages_mpol+0xb3/0x260
[  455.270987][T30130]  alloc_pages_noprof+0x90/0x130
[  455.271016][T30130]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  455.271083][T30130]  __kvmalloc_node_noprof+0x483/0x670
[  455.271131][T30130]  ? ip_set_alloc+0x24/0x30
[  455.271319][T30130]  ? ip_set_alloc+0x24/0x30
[  455.271427][T30130]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  455.271466][T30130]  ip_set_alloc+0x24/0x30
[  455.271495][T30130]  hash_netiface_create+0x282/0x740
[  455.271593][T30130]  ? __pfx_hash_netiface_create+0x10/0x10
[  455.271625][T30130]  ip_set_create+0x3cc/0x970
[  455.271667][T30130]  ? __nla_parse+0x40/0x60
[  455.271695][T30130]  nfnetlink_rcv_msg+0x4c6/0x590
[  455.271822][T30130]  netlink_rcv_skb+0x123/0x220
[  455.271859][T30130]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  455.271901][T30130]  nfnetlink_rcv+0x167/0x16c0
[  455.272043][T30130]  ? kmem_cache_free+0xe4/0x3d0
[  455.272078][T30130]  ? __kfree_skb+0x109/0x150
[  455.272112][T30130]  ? nlmon_xmit+0x4f/0x60
[  455.272145][T30130]  ? consume_skb+0x49/0x150
[  455.272244][T30130]  ? nlmon_xmit+0x4f/0x60
[  455.272322][T30130]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  455.272432][T30130]  ? __dev_queue_xmit+0x1200/0x2000
[  455.272473][T30130]  ? __dev_queue_xmit+0x182/0x2000
[  455.272517][T30130]  ? ref_tracker_free+0x37d/0x3e0
[  455.272590][T30130]  ? __netlink_deliver_tap+0x4dc/0x500
[  455.272649][T30130]  netlink_unicast+0x5c0/0x690
[  455.272689][T30130]  netlink_sendmsg+0x58b/0x6b0
[  455.272735][T30130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  455.272846][T30130]  __sock_sendmsg+0x145/0x180
[  455.272956][T30130]  ____sys_sendmsg+0x31e/0x4e0
[  455.273028][T30130]  ___sys_sendmsg+0x17b/0x1d0
[  455.273100][T30130]  __x64_sys_sendmsg+0xd4/0x160
[  455.273144][T30130]  x64_sys_call+0x191e/0x3000
[  455.273233][T30130]  do_syscall_64+0xd2/0x200
[  455.273265][T30130]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  455.273345][T30130]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  455.273383][T30130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.273413][T30130] RIP: 0033:0x7f4e22efefc9
[  455.273436][T30130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  455.273461][T30130] RSP: 002b:00007f4e21967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  455.273481][T30130] RAX: ffffffffffffffda RBX: 00007f4e23155fa0 RCX: 00007f4e22efefc9
[  455.273496][T30130] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  455.273585][T30130] RBP: 00007f4e22f81f91 R08: 0000000000000000 R09: 0000000000000000
[  455.273601][T30130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  455.273617][T30130] R13: 00007f4e23156038 R14: 00007f4e23155fa0 R15: 00007fff2f3350e8
[  455.273643][T30130]  </TASK>
[  455.625373][T30130] memory: usage 307200kB, limit 307200kB, failcnt 1055
[  455.632371][T30130] memory+swap: usage 307420kB, limit 9007199254740988kB, failcnt 0
[  455.640618][T30130] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  455.648232][T30130] Memory cgroup stats for /syz4:
[  455.648583][T30130] cache 0
[  455.656692][T30130] rss 0
[  455.659519][T30130] shmem 0
[  455.662673][T30130] mapped_file 0
[  455.666439][T30130] dirty 0
[  455.669567][T30130] writeback 0
[  455.673171][T30130] workingset_refault_anon 16352
[  455.678067][T30130] workingset_refault_file 1739
[  455.683102][T30130] swap 225280
[  455.686596][T30130] swapcached 0
[  455.690001][T30130] pgpgin 1104890
[  455.693953][T30130] pgpgout 1104890
[  455.695484][T30183] bridge0: port 7(batadv5) entered blocking state
[  455.697614][T30130] pgfault 1228943
[  455.697627][T30130] pgmajfault 2391
[  455.697637][T30130] inactive_anon 0
[  455.704341][T30183] bridge0: port 7(batadv5) entered disabled state
[  455.707817][T30130] active_anon 0
[  455.707830][T30130] inactive_file 0
[  455.713104][T30183] batadv5: entered allmulticast mode
[  455.715473][T30130] active_file 0
[  455.715485][T30130] unevictable 0
[  455.715495][T30130] hierarchical_memory_limit 314572800
[  455.722997][T30183] batadv5: entered promiscuous mode
[  455.725697][T30130] hierarchical_memsw_limit 9223372036854771712
[  455.725714][T30130] total_cache 0
[  455.725796][T30130] total_rss 0
[  455.725812][T30130] total_shmem 0
[  455.725821][T30130] total_mapped_file 0
[  455.725830][T30130] total_dirty 0
[  455.725839][T30130] total_writeback 0
[  455.725848][T30130] total_workingset_refault_anon 16352
[  455.787534][T30130] total_workingset_refault_file 1739
[  455.793375][T30130] total_swap 225280
[  455.797278][T30130] total_swapcached 0
[  455.801467][T30130] total_pgpgin 1104890
[  455.805757][T30130] total_pgpgout 1104890
[  455.809927][T30130] total_pgfault 1228943
[  455.814222][T30130] total_pgmajfault 2391
[  455.818594][T30130] total_inactive_anon 0
[  455.822991][T30130] total_active_anon 0
[  455.827140][T30130] total_inactive_file 0
[  455.831323][T30130] total_active_file 0
[  455.835396][T30130] total_unevictable 0
[  455.839481][T30130] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.7377,pid=30129,uid=0
[  455.854539][T30130] Memory cgroup out of memory: Killed process 30129 (syz.4.7377) total-vm:94076kB, anon-rss:1136kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  456.104413][T30203] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7408'.
[  456.145085][T30216] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  456.153766][T30216] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  456.201104][T14369] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[  456.210760][T14369] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[  456.302623][   T29] kauditd_printk_skb: 188 callbacks suppressed
[  456.302639][   T29] audit: type=1326 audit(456.275:15554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.337652][   T29] audit: type=1326 audit(456.275:15555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.360979][   T29] audit: type=1326 audit(456.305:15556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.384983][   T29] audit: type=1326 audit(456.305:15557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.409131][   T29] audit: type=1326 audit(456.305:15558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.432504][   T29] audit: type=1326 audit(456.305:15559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.456638][   T29] audit: type=1326 audit(456.305:15560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.479935][   T29] audit: type=1326 audit(456.305:15561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.503566][   T29] audit: type=1326 audit(456.305:15562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.527898][   T29] audit: type=1326 audit(456.305:15563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30227 comm="syz.0.7415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc419e8efc9 code=0x7ffc0000
[  456.816765][T30265] bridge0: port 8(batadv7) entered blocking state
[  456.823676][T30265] bridge0: port 8(batadv7) entered disabled state
[  456.830742][T30265] batadv7: entered allmulticast mode
[  456.837902][T30265] batadv7: entered promiscuous mode
[  456.922714][T30273] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  456.931307][T30273] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  457.015550][T30282] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7433'.
[  457.286061][T30306] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  457.294731][T30306] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  457.343296][T14390] batman_adv: batadv7: No IGMP Querier present - multicast optimizations disabled
[  457.352621][T14390] batman_adv: batadv7: No MLD Querier present - multicast optimizations disabled
[  457.564308][T30320] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7449'.
[  457.743911][T30324] siw: device registration error -23
[  457.836592][T30329] lo speed is unknown, defaulting to 1000
[  458.053954][T30353] block device autoloading is deprecated and will be removed.
[  458.098220][T30329] serio: Serial port ptm0
[  458.149098][T30363] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7464'.
[  458.235253][T30371] siw: device registration error -23
[  458.428908][T30377] vlan2: entered allmulticast mode
[  458.445138][T30374] bridge0: port 9(batadv8) entered blocking state
[  458.451827][T30374] bridge0: port 9(batadv8) entered disabled state
[  458.469426][T30378] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  458.498141][T30374] batadv8: entered allmulticast mode
[  458.504320][T30374] batadv8: entered promiscuous mode
[  458.634600][T30390] siw: device registration error -23
[  458.777828][T30395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7477'.
[  458.951694][T14362] batman_adv: batadv8: No IGMP Querier present - multicast optimizations disabled
[  458.961434][T14362] batman_adv: batadv8: No MLD Querier present - multicast optimizations disabled
[  459.160453][T30415] vlan2: entered allmulticast mode
[  459.253480][T30421] ip6tnl1: entered promiscuous mode
[  459.258826][T30421] ip6tnl1: entered allmulticast mode
[  459.311861][T30425] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  459.320206][T30425] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  459.467579][T30389] syz.4.7475 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  459.482459][T30389] CPU: 1 UID: 0 PID: 30389 Comm: syz.4.7475 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  459.482570][T30389] Tainted: [W]=WARN
[  459.482579][T30389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  459.482605][T30389] Call Trace:
[  459.482611][T30389]  <TASK>
[  459.482619][T30389]  __dump_stack+0x1d/0x30
[  459.482645][T30389]  dump_stack_lvl+0xe8/0x140
[  459.482678][T30389]  dump_stack+0x15/0x1b
[  459.482700][T30389]  dump_header+0x81/0x220
[  459.482739][T30389]  oom_kill_process+0x342/0x400
[  459.482841][T30389]  out_of_memory+0x979/0xb80
[  459.482878][T30389]  try_charge_memcg+0x610/0xa10
[  459.482912][T30389]  obj_cgroup_charge_pages+0xa6/0x150
[  459.483029][T30389]  __memcg_kmem_charge_page+0x9f/0x170
[  459.483075][T30389]  __alloc_frozen_pages_noprof+0x188/0x360
[  459.483113][T30389]  alloc_pages_mpol+0xb3/0x260
[  459.483272][T30389]  alloc_pages_noprof+0x90/0x130
[  459.483353][T30389]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  459.483405][T30389]  __kvmalloc_node_noprof+0x483/0x670
[  459.483438][T30389]  ? ip_set_alloc+0x24/0x30
[  459.483468][T30389]  ? ip_set_alloc+0x24/0x30
[  459.483538][T30389]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  459.483572][T30389]  ip_set_alloc+0x24/0x30
[  459.483666][T30389]  hash_netiface_create+0x282/0x740
[  459.483700][T30389]  ? __pfx_hash_netiface_create+0x10/0x10
[  459.483735][T30389]  ip_set_create+0x3cc/0x970
[  459.483876][T30389]  ? __nla_parse+0x40/0x60
[  459.483908][T30389]  nfnetlink_rcv_msg+0x4c6/0x590
[  459.483965][T30389]  netlink_rcv_skb+0x123/0x220
[  459.484007][T30389]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  459.484048][T30389]  nfnetlink_rcv+0x167/0x16c0
[  459.484078][T30389]  ? kmem_cache_free+0xe4/0x3d0
[  459.484118][T30389]  ? __kfree_skb+0x109/0x150
[  459.484164][T30389]  ? nlmon_xmit+0x4f/0x60
[  459.484196][T30389]  ? consume_skb+0x49/0x150
[  459.484227][T30389]  ? nlmon_xmit+0x4f/0x60
[  459.484286][T30389]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  459.484328][T30389]  ? __dev_queue_xmit+0x1200/0x2000
[  459.484368][T30389]  ? __dev_queue_xmit+0x182/0x2000
[  459.484434][T30389]  ? ref_tracker_free+0x37d/0x3e0
[  459.484493][T30389]  ? __netlink_deliver_tap+0x4dc/0x500
[  459.484626][T30389]  netlink_unicast+0x5c0/0x690
[  459.484671][T30389]  netlink_sendmsg+0x58b/0x6b0
[  459.484715][T30389]  ? __pfx_netlink_sendmsg+0x10/0x10
[  459.484825][T30389]  __sock_sendmsg+0x145/0x180
[  459.484854][T30389]  ____sys_sendmsg+0x31e/0x4e0
[  459.484899][T30389]  ___sys_sendmsg+0x17b/0x1d0
[  459.484958][T30389]  __x64_sys_sendmsg+0xd4/0x160
[  459.485046][T30389]  x64_sys_call+0x191e/0x3000
[  459.485073][T30389]  do_syscall_64+0xd2/0x200
[  459.485185][T30389]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  459.485218][T30389]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  459.485241][T30389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.485305][T30389] RIP: 0033:0x7f4e22efefc9
[  459.485322][T30389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  459.485388][T30389] RSP: 002b:00007f4e21967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  459.485414][T30389] RAX: ffffffffffffffda RBX: 00007f4e23155fa0 RCX: 00007f4e22efefc9
[  459.485430][T30389] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  459.485443][T30389] RBP: 00007f4e22f81f91 R08: 0000000000000000 R09: 0000000000000000
[  459.485459][T30389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  459.485475][T30389] R13: 00007f4e23156038 R14: 00007f4e23155fa0 R15: 00007fff2f3350e8
[  459.485495][T30389]  </TASK>
[  459.485502][T30389] memory: usage 307200kB, limit 307200kB, failcnt 1506
[  459.529680][T30436] netlink: 532 bytes leftover after parsing attributes in process `syz.3.7495'.
[  459.531087][T30389] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
[  459.553747][T30436] usb usb1: check_ctrlrecip: process 30436 (syz.3.7495) requesting ep 01 but needs 81
[  459.555602][T30389] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  459.562616][T30436] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  459.567237][T30389] Memory cgroup stats for /syz4
[  459.575329][T30436] netlink: '+}[@': attribute type 1 has an invalid length.
[  459.577042][T30389] :
[  459.582882][T30436] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  459.597410][T30389] cache 0
[  459.916710][T30389] rss 0
[  459.919503][T30389] shmem 0
[  459.922703][T30389] mapped_file 0
[  459.926194][T30389] dirty 0
[  459.929183][T30389] writeback 0
[  459.932601][T30389] workingset_refault_anon 16433
[  459.937464][T30389] workingset_refault_file 2104
[  459.942281][T30389] swap 221184
[  459.945845][T30389] swapcached 4096
[  459.949591][T30389] pgpgin 1111099
[  459.953218][T30389] pgpgout 1111098
[  459.957043][T30389] pgfault 1235922
[  459.961199][T30389] pgmajfault 2451
[  459.964848][T30389] inactive_anon 0
[  459.968579][T30389] active_anon 4096
[  459.972562][T30389] inactive_file 0
[  459.976215][T30389] active_file 0
[  459.979743][T30389] unevictable 0
[  459.983420][T30389] hierarchical_memory_limit 314572800
[  459.989780][T30389] hierarchical_memsw_limit 9223372036854771712
[  459.995988][T30389] total_cache 0
[  459.999478][T30389] total_rss 0
[  460.002809][T30389] total_shmem 0
[  460.006282][T30389] total_mapped_file 0
[  460.010283][T30389] total_dirty 0
[  460.013835][T30389] total_writeback 0
[  460.017931][T30389] total_workingset_refault_anon 16433
[  460.023561][T30389] total_workingset_refault_file 2104
[  460.029043][T30389] total_swap 221184
[  460.033115][T30389] total_swapcached 4096
[  460.037286][T30389] total_pgpgin 1111099
[  460.041469][T30389] total_pgpgout 1111098
[  460.045837][T30389] total_pgfault 1235922
[  460.050130][T30389] total_pgmajfault 2451
[  460.054338][T30389] total_inactive_anon 0
[  460.058639][T30389] total_active_anon 4096
[  460.062925][T30389] total_inactive_file 0
[  460.067183][T30389] total_active_file 0
[  460.071358][T30389] total_unevictable 0
[  460.075639][T30389] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.7475,pid=30388,uid=0
[  460.090587][T30389] Memory cgroup out of memory: Killed process 30388 (syz.4.7475) total-vm:96124kB, anon-rss:1260kB, file-rss:22612kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  460.135774][T30462] netlink: 532 bytes leftover after parsing attributes in process `syz.3.7506'.
[  460.155089][T30462] usb usb1: check_ctrlrecip: process 30462 (syz.3.7506) requesting ep 01 but needs 81
[  460.165750][T30462] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[  460.191219][T30462] netlink: '+}[@': attribute type 1 has an invalid length.
[  460.198653][T30462] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[  460.345094][T30485] ==================================================================
[  460.353229][T30485] BUG: KCSAN: data-race in dequeue_signal / ptrace_check_attach
[  460.361164][T30485] 
[  460.363591][T30485] read-write to 0xffff888102476838 of 8 bytes by task 30486 on cpu 1:
[  460.371769][T30485]  dequeue_signal+0x309/0x3b0
[  460.376565][T30485]  get_signal+0x376/0xf70
[  460.380907][T30485]  arch_do_signal_or_restart+0x96/0x440
[  460.386480][T30485]  exit_to_user_mode_loop+0x77/0x110
[  460.391869][T30485]  do_syscall_64+0x1d6/0x200
[  460.396619][T30485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.402645][T30485] 
[  460.404973][T30485] read to 0xffff888102476838 of 8 bytes by task 30485 on cpu 0:
[  460.413227][T30485]  ptrace_check_attach+0xaa/0x290
[  460.418533][T30485]  __se_sys_ptrace+0xd3/0x2c0
[  460.423253][T30485]  __x64_sys_ptrace+0x55/0x70
[  460.428056][T30485]  x64_sys_call+0x2870/0x3000
[  460.432743][T30485]  do_syscall_64+0xd2/0x200
[  460.437282][T30485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.443360][T30485] 
[  460.445692][T30485] value changed: 0x0000000000000000 -> 0x0000000008010000
[  460.452800][T30485] 
[  460.455128][T30485] Reported by Kernel Concurrency Sanitizer on:
[  460.461306][T30485] CPU: 0 UID: 0 PID: 30485 Comm: syz.0.7517 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  460.472788][T30485] Tainted: [W]=WARN
[  460.476590][T30485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  460.486740][T30485] ==================================================================