last executing test programs:

3.513624578s ago: executing program 2 (id=3393):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x0, 0x41}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000040)={0x1, 0xfff})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.410262589s ago: executing program 2 (id=3396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x1000000)

3.31994734s ago: executing program 1 (id=3399):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
lsm_get_self_attr(0x66, &(0x7f0000001940)={0x0, 0x0, 0x1020, 0x1000, ""/4096}, &(0x7f0000000480)=0x1020, 0x0) (fail_nth: 2)

3.024829841s ago: executing program 1 (id=3400):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f00000000c0), &(0x7f0000000140)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
r3 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x0, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
rt_sigqueueinfo(0x0, 0x38, &(0x7f0000000240)={0x20, 0x4})
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.024179841s ago: executing program 1 (id=3402):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x24, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)

3.005028952s ago: executing program 1 (id=3404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x14)
setresuid(0xee00, 0xee00, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000009c0)=<r6=>0x0, &(0x7f0000000a00)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0x3, &(0x7f0000000000)=@raw=[@map_fd, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f0000000940)='GPL\x00', 0x64e, 0x10, &(0x7f0000000980)=""/16, 0x40f00, 0x49, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000a80)={0x4, 0x0, 0x7f, 0x84c}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000003c0)=0x1)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)

2.945570602s ago: executing program 4 (id=3407):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x64}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000000)='\n', 0x1, 0x20000000, &(0x7f00000000c0)={0xa, 0x4e24, 0x2, @loopback, 0x2}, 0x1c)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xa, 0xfb, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000380))
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(r2, &(0x7f0000000c40)=ANY=[@ANYBLOB="a80106a355cb"], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1}}, 0x40)
sendmmsg$inet6(r1, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1}}], 0x1, 0x20080058)

2.157006107s ago: executing program 1 (id=3420):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000008000008500000006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f84814000000da6a0602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x24044810)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x840)

2.065641977s ago: executing program 1 (id=3421):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000006c0)='./file2\x00', 0x0, &(0x7f0000000700)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0xac7}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@mblk_io_submit}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f0000000100)={0x761, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
socket(0x10, 0x80002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff020)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x30, r3, 0x65aebf9dafbebb59, 0x70bd25, 0x1, {{}, {@val={0x8, 0x12b, 0xffffffff}, @val={0x8}, @val={0xc, 0x99, {0x6, 0x13}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x400c080}, 0x24048840)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYRES16=0x0], 0x44}}, 0x20008000)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = creat(&(0x7f0000000180)='./file0\x00', 0x84)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r5, 0x800, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x48}, @val={0x8, 0x3, r7}, @void}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}}, 0x4000054)
sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240), 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x1c, r3, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40800)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x1000000)

2.030811177s ago: executing program 4 (id=3422):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$key(r0, &(0x7f0000000b00)={0x300, 0x0, &(0x7f0000000400)={&(0x7f0000000800)=ANY=[@ANYBLOB="020a06970300000028bd7008fcd1df250100", @ANYRES8=r1], 0x18}}, 0x40)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f0000000440))
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r6}, 0x10)
io_setup(0x3, &(0x7f0000000340))
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

1.940913628s ago: executing program 4 (id=3423):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x24, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840) (fail_nth: 2)

1.70094808s ago: executing program 4 (id=3424):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}]}], {0x14}}, 0x60}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000000)='\n', 0x1, 0x20000000, &(0x7f00000000c0)={0xa, 0x4e24, 0x2, @loopback, 0x2}, 0x1c)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xa, 0xfb, 0x7ffc1ffb}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000380))
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(r2, &(0x7f0000000c40)=ANY=[@ANYBLOB="a80106a355cb"], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1}}, 0x40)
sendmmsg$inet6(r1, &(0x7f0000000140)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x2, @empty, 0xfffffffe}, 0x1c, &(0x7f0000000b40)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1}}], 0x1, 0x20080058)

1.67216579s ago: executing program 0 (id=3427):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0)

1.60892678s ago: executing program 0 (id=3429):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x0, 0x41}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000040)={0x1, 0xfff})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.473236371s ago: executing program 0 (id=3431):
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
rt_sigaction(0x6, 0x0, 0x0, 0x8, &(0x7f0000001300))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
semget$private(0x0, 0x6, 0x0)
socket$netlink(0x10, 0x3, 0x10)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c", 0x373}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
setsockopt$RDS_CONG_MONITOR(r4, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
recvmmsg(r4, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}, {{0x0, 0x0, 0x0}, 0x1a83}], 0x2, 0x100, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)

1.327552992s ago: executing program 0 (id=3433):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002c00)=ANY=[@ANYBLOB="bf16000000000000b70700000900f0ff4070000000000000500000000000000095000000000000002ba728041598d6fbd30cb599e8c73d24a3aa81d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652ebc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc8ce974a22a550d6fd70800c86ae3b3e05df3ceb9fc474c2a100c788b277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee6f867ddd58211d6ececb0cd2b6d357b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b2c81f96a810b946855c9fc52ac17cbc97a616811a4c2dc3470009b966abaf41939aeca3e7b00c2e9d5db7a34fe2a29ac88c360a878a2b9ab9440c1961e80477166f3f847e855cdddc941d996d61ea0ce23b37e9d21c849d1e1e53087a3b109012e3a3ecbd219265048bf5c72b7ba2806b73323301b4bc94d0e4afde44867d71049a7c89bc615e215571ac910d80a58b5169576ff9906c34d2342806960b6bcb00000000000000000000000000113ee640b9ed1e04a0bfb125204d30990361bf45ef45277a167cd2c2e6ce9138143aa5ea7ee6f7c6d8b00437e070b004c5aa90766538b4fe45a16f14b270904d36eaa87508ac6d46639b3971ac6a88dc531fcc5ffc6b76b334795d88156336a9a452a9022485bb572dacb7aa25f748bc75918a16d9d5ae21004cd799ac4951beb2c6c9b5baf60081b86cc2e31c49f4ea055fb3639036c95c69b1ae60e685d486dbd1d5e7d0daacd73acfc80b9c9c92"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r1 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000017c0)=r0, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newnexthop={0x18, 0x68, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x41f74ddd2b1ea6a9, 0x0, 0x9}}, 0x18}, 0x1, 0x0, 0x0, 0x200608a0}, 0x40040d0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000240)={0x80, 0x8008, 0xc4, 0x0, 0x9, 0x3e})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sched_wake_idle_without_ipi\x00', r4, 0x0, 0x7}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
sendmsg$NL80211_CMD_SET_MPATH(r1, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x80, r7, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x401, 0xc}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x80}, 0x1, 0x0, 0x0, 0x20040000}, 0x48000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b0000000a000000000200000700000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000014d1000000630d2fa589e6e9ad1ce68b71d13dba5665b2319ad657646d22515e78303f4e90d099dae3d842c1c48ccdc4ed13dd4a1c22512c858e5d699ca5e82a0de2e4f5899b0e7198d654231a8ccdf9aa534b093621a87960181a75a23449a0f35f6193dbe8d7e6abc6a01c533afb85b5f29ac696ae9afc83de4a9cc4be14f39b327fd82181b0cba0668805f8df837d28b5bd1f97b74b2ac08dcd106eb064174fe010e0636ecdceac1cb5774ba7991cbae8c20a"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r9}, 0x18)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r10 = inotify_init1(0x800)
inotify_add_watch(r10, &(0x7f0000000080)='./file0/../file0\x00', 0x950009ba)

1.174701113s ago: executing program 0 (id=3435):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
preadv(r0, &(0x7f0000000000), 0x0, 0x6, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_usbip_server_init(0x5)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000004000000b703000008000040850000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
set_mempolicy(0x3, 0x0, 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
ioperm(0x9, 0x9, 0x7)
ppoll(&(0x7f00000012c0)=[{r1, 0x8484}], 0x1, 0x0, 0x0, 0x0)
write$binfmt_aout(r1, 0x0, 0xff2e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0xfe, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x2, @loopback, @loopback}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

846.761825ms ago: executing program 2 (id=3436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
syz_usb_disconnect(r2)

808.020055ms ago: executing program 4 (id=3437):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000000580)={&(0x7f00000005c0)={0x2, 0x4, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000003a80)=[@rdma_args={0x48, 0x114, 0x1, {{0x0, 0x2}, {0x0}, &(0x7f0000003a00)=[{&(0x7f00000016c0)=""/96, 0x60}], 0x1, 0x0, 0x2}}], 0x48, 0x4000000}, 0x0)

748.232616ms ago: executing program 4 (id=3438):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
writev(r0, &(0x7f0000000440)=[{&(0x7f0000000240)="4bde03157888a32dd0e0eb1c779829f1e07e01ce1ca01b37", 0x18}, {&(0x7f0000000300)="c3617155c990328996fdc71ae7b15a38749a2b561489dc1b93d14e57e96ac17258bae8ad6399143d7545ce19f748b1bbdf9cb4ba62e4049d6df644217bdfd5df207b64a3061b67621c5672f46bb43b0b5888fd9a01054815316e4d23ba0bbe471733ddf5a2d3f0861e5b2cb77dcd6114bb55d0b2ea60514f16a66f8afb203faf0377a8a89cd919ef67b815af19e5a6828fe289dea6b328493ac1743687708bf349ac59fa47bbdac40601d3c9ef28614fdc6cf8a7e81f24f5ab42bf9d1ee474f2b16e37a01e2cd3a6590fa4c3c5ed73944ded6a68a3caecbea8f5a4912493ab8c641d2f27ddfa", 0xe6}, {&(0x7f0000001bc0)="bea195bb66d8cbe6d038ab8c7fe3e288ef93b5bde858a71c87328eb18106570ea1c9276998363da648b8d47c568c8f6e805bb41e5f813809795536418b95daf7d40f9dc80110239f1bcedd3a032537b98d048326dd31a3ef4d613acc9c6762bc5eda2fb9e524853847f633dc7e7a96db7341deb15c7599fbcfe6dccbebffb248646b6474f7bd390c3bdfa7e9aa508905b4f48f0255ce5040ced65f7c6f420294015f7f6dd19e1be4e16126ee1cf605e5475baa103bcd2821cd58", 0xba}], 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2", 0xd9}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a3", 0x1a1}], 0x1}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

654.517326ms ago: executing program 3 (id=3440):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x24, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)

627.749777ms ago: executing program 3 (id=3441):
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0x0, 0x41}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000040)={0x1, 0xfff})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

548.608597ms ago: executing program 0 (id=3442):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00'}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001df00000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
poll(&(0x7f0000000100), 0x0, 0x3ff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0xb36000)=nil, 0x7000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e83"], &(0x7f0000000100)='GPL\x00'}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
sysinfo(&(0x7f0000000000)=""/115)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)
keyctl$chown(0x4, r4, 0xee01, 0x0)

536.964877ms ago: executing program 3 (id=3443):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000009772a8195"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000b00)={0x300, 0x0, &(0x7f0000000400)={&(0x7f0000000800)=ANY=[@ANYBLOB="020a06970300000028bd7008fcd1df250100", @ANYRES8=r0], 0x18}}, 0x40)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f0000000440))
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000503, 0x0, &(0x7f0000000480))
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008030)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a84", 0x1b2}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000380)="1d71b177828477901a6902a248c8b1f7278414061a703487be17974059c59a3cc3a3a44129ec4b34873fc525557305ffed4b4504cd73baeda40ddaec3413101bde5f0ea591c9d5a6ac3c8d177f45d95780df72a84fd94ff89d6fa71ea49ed200a132a3e5901b9c135a16ad0774", 0x6d}], 0x1}}], 0x3, 0x480e0)

517.659637ms ago: executing program 3 (id=3444):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

456.379337ms ago: executing program 3 (id=3445):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x60040, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x2)
readv(r1, &(0x7f0000000000)=[{0x0}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

456.097807ms ago: executing program 3 (id=3446):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x1000000)

116.647109ms ago: executing program 2 (id=3447):
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
rt_sigaction(0x6, 0x0, 0x0, 0x8, &(0x7f0000001300))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
semget$private(0x0, 0x6, 0x0)
socket$netlink(0x10, 0x3, 0x10)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dc", 0x3b2}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
setsockopt$RDS_CONG_MONITOR(r4, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
recvmmsg(r4, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}, {{0x0, 0x0, 0x0}, 0x1a83}], 0x2, 0x100, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)

69.68021ms ago: executing program 2 (id=3448):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), r0)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r2, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x20, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x64010102}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x4)
getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000000040)={0x7, 0x7, 0x3}, &(0x7f0000000080)=0x28)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x24, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)

0s ago: executing program 2 (id=3449):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000a40)={{{@in=@multicast1, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast2}, 0x0, @in=@dev}}, &(0x7f0000000440)=0xe8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000800)={0x51c, 0x5, 0x8})
quotactl_fd$Q_GETINFO(r0, 0xffffffff80000503, r1, &(0x7f0000000480))
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000380)={0x43, 0x4, 0x3, 0x3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r7 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r7, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r10, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x8000, 0x0)
sendmsg$tipc(r4, &(0x7f0000000400)={&(0x7f00000008c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008030)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8ef53773c5cbdf4a583f81fdc8719dbe967b0690a3ed3f314c3e2ceebb3e29d00c2c1053d1e8b32d8a8be1bb9786746e0ee564306c80d7045747165005fa3528b5ac1e35e03b69cb54111dfcebc6d585aacdd57c351ef1aa8050274b122a21b47432f17a0cacfd9524d9cb09029e4daefaea47f8cd5a4f1dee71093ebc076363e14f78dd3b129b4b3ae5a7a085297416f1f1a8aeefa517ed1525ec76469b8b469851cc56c6016d9067dac3de3818856014c98ce8f36dac4d8cdb1f25e3c5de7bdab78066d2418c12e0acde73c05fc80a0658c7fbc52812a8423323a", 0x1b5}, {&(0x7f0000000180)="fd8231688a778b3cdddbc99d3a6fe996f1e8104389848416a4590f0e9e6c265d9668e3066fcff8aeadcdbfba9e985139e5386c0c80ed15930f2084cf957ed95b017b181b74dd416f75cdcb320b1c9d5ae26dfdbc8b2f3becad94deeedb89a08ea4cfe21857e442263755d892298dc1db4174cee506acde6bc4118896704e8ea391dbdc848ba38fa27f9bbfe3cba0b84f2534e167b45b6f289e1c155d04f5d88e8ef107b8f261b0c033304f7808d4109ed2989539c6f3dc422fc237bf8f7b048c5e6c22119ddeef59e123795983a4f0251dd35d294181b650e323", 0xda}], 0x2}}, {{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001040)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f58", 0x62}], 0x1}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000300)="674765ac219bd0512ed286397eb318e2ef70756bd0b003e4737cbf75403c40f096cc0cf850eeefd776249d14c938db0e6afa5826a4638d94ad475e0731dcaa97880827d2d3a97697ad03", 0x4a}, {&(0x7f0000000380)="1d71b177828477901a6902a248c8b1f7278414061a703487be17974059c59a3cc3a3a44129ec4b34873fc525557305ffed4b4504cd73baeda40ddaec3413101bde5f0ea591c9d5a6ac3c8d177f45d95780df72a84fd94ff89d6fa71ea49ed200a132a3e5901b9c135a16ad0774f31c24a185ff9f2f07b137", 0x78}], 0x2}}], 0x3, 0x480e0)

kernel console output (not intermixed with test programs):

 T29] audit: type=1400 audit(1762759361.609:21711): avc:  denied  { ioctl } for  pid=10655 comm="syz.2.2638" path="socket:[32910]" dev="sockfs" ino=32910 ioctlcmd=0x8990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  174.692147][T10660] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.711786][T10657] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.732235][T10657] bond0: (slave ip6tnl0): The slave device specified does not support setting the MAC address
[  174.773390][T10657] bond0: (slave ip6tnl0): Error -95 calling set_mac_address
[  175.210646][   T29] audit: type=1326 audit(1762759362.149:21712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.0.2643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  175.257846][   T29] audit: type=1326 audit(1762759362.159:21713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.0.2643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  175.281822][   T29] audit: type=1326 audit(1762759362.159:21714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10703 comm="syz.0.2643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  175.322482][T10711] validate_nla: 2 callbacks suppressed
[  175.322500][T10711] netlink: '+}[@': attribute type 10 has an invalid length.
[  175.352565][T10711] bond0: (slave dummy0): Releasing backup interface
[  175.372223][T10711] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.391746][T10719] netlink: 'syz.0.2643': attribute type 10 has an invalid length.
[  175.394384][T10711] team0: Failed to send options change via netlink (err -105)
[  175.407112][T10711] team0: Port device dummy0 added
[  175.414960][T10719] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.425916][T10719] team0: Failed to send options change via netlink (err -105)
[  175.434008][T10719] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.450074][T10719] team0: Port device dummy0 removed
[  175.458468][T10719] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  175.734238][   T29] audit: type=1326 audit(1762759362.679:21715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.2.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4f6bf6c9 code=0x7ffc0000
[  175.758246][   T29] audit: type=1326 audit(1762759362.679:21716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.2.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4f6bf6c9 code=0x7ffc0000
[  175.781974][   T29] audit: type=1326 audit(1762759362.709:21717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.2.2648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f4e4f6bf6c9 code=0x7ffc0000
[  175.829073][T10731] netlink: '+}[@': attribute type 10 has an invalid length.
[  175.845380][T10731] bond0: (slave dummy0): Releasing backup interface
[  175.854855][T10731] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.864082][T10733] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  175.869100][T10731] team0: Failed to send options change via netlink (err -105)
[  175.870600][T10733] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  175.878077][T10731] team0: Port device dummy0 added
[  175.885872][T10733] vhci_hcd vhci_hcd.0: Device attached
[  175.906149][T10731] netlink: '+}[@': attribute type 10 has an invalid length.
[  175.914220][T10731] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.951638][T10731] team0: Failed to send options change via netlink (err -105)
[  175.959362][T10731] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  175.971384][T10731] team0: Port device dummy0 removed
[  175.979546][T10731] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  176.031240][T10734] vhci_hcd: connection closed
[  176.031404][ T3442] vhci_hcd: stop threads
[  176.040351][ T3442] vhci_hcd: release socket
[  176.044818][ T3442] vhci_hcd: disconnect device
[  176.092661][T10740] serio: Serial port ptm0
[  176.165371][T10743] __nla_validate_parse: 5 callbacks suppressed
[  176.165386][T10743] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2652'.
[  176.312275][T10749] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.363117][T10749] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.403440][T10749] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.457736][T10749] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.609353][   T29] audit: type=1326 audit(1762759363.549:21718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10755 comm="syz.2.2658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e4f6bf6c9 code=0x7ffc0000
[  176.665635][T10757] netlink: '+}[@': attribute type 10 has an invalid length.
[  176.690117][T10757] bond0: (slave dummy0): Releasing backup interface
[  176.703112][T10757] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  176.712104][T10757] team0: Failed to send options change via netlink (err -105)
[  176.719577][T10757] team0: Port device dummy0 added
[  176.735850][T10660] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.747152][T10757] netlink: '+}[@': attribute type 10 has an invalid length.
[  176.761193][T10757] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  176.780861][T10757] team0: Failed to send options change via netlink (err -105)
[  176.792039][T10757] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  176.802326][T10757] team0: Port device dummy0 removed
[  176.811663][T10757] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  176.983459][T10768] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2663'.
[  177.045193][T10660] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.143027][T10660] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.227602][T10776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2665'.
[  177.236567][T10776] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2665'.
[  177.268049][ T3442] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.298375][ T3442] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.307228][   T57] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.321538][   T57] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.351614][   T57] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.381231][   T57] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.394428][   T57] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.410634][   T57] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.527855][T10791] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  177.559752][T10793] FAULT_INJECTION: forcing a failure.
[  177.559752][T10793] name failslab, interval 1, probability 0, space 0, times 0
[  177.573092][T10793] CPU: 1 UID: 0 PID: 10793 Comm: syz.0.2672 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  177.573176][T10793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  177.573190][T10793] Call Trace:
[  177.573197][T10793]  <TASK>
[  177.573205][T10793]  __dump_stack+0x1d/0x30
[  177.573230][T10793]  dump_stack_lvl+0xe8/0x140
[  177.573254][T10793]  dump_stack+0x15/0x1b
[  177.573274][T10793]  should_fail_ex+0x265/0x280
[  177.573367][T10793]  should_failslab+0x8c/0xb0
[  177.573395][T10793]  kmem_cache_alloc_noprof+0x50/0x480
[  177.573442][T10793]  ? audit_log_start+0x342/0x720
[  177.573462][T10793]  audit_log_start+0x342/0x720
[  177.573482][T10793]  ? kstrtouint+0x76/0xc0
[  177.573528][T10793]  audit_seccomp+0x48/0x100
[  177.573558][T10793]  ? __seccomp_filter+0x82d/0x1250
[  177.573589][T10793]  __seccomp_filter+0x83e/0x1250
[  177.573622][T10793]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  177.573660][T10793]  ? vfs_write+0x7e8/0x960
[  177.573722][T10793]  ? __rcu_read_unlock+0x4f/0x70
[  177.573826][T10793]  ? __fget_files+0x184/0x1c0
[  177.573863][T10793]  __secure_computing+0x82/0x150
[  177.573895][T10793]  syscall_trace_enter+0xcf/0x1e0
[  177.573971][T10793]  do_syscall_64+0xac/0x200
[  177.574020][T10793]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  177.574122][T10793]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  177.574233][T10793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.574252][T10793] RIP: 0033:0x7f14e81bf6c9
[  177.574265][T10793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.574281][T10793] RSP: 002b:00007f14e6c1f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0
[  177.574355][T10793] RAX: ffffffffffffffda RBX: 00007f14e8415fa0 RCX: 00007f14e81bf6c9
[  177.574366][T10793] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0040000000000008
[  177.574377][T10793] RBP: 00007f14e6c1f090 R08: 0000000000000000 R09: 0000000000000000
[  177.574390][T10793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.574404][T10793] R13: 00007f14e8416038 R14: 00007f14e8415fa0 R15: 00007ffd18e76528
[  177.574427][T10793]  </TASK>
[  177.831299][T10796] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2674'.
[  177.877805][T10805] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.887817][T10805] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.912962][T10803] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.930401][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2679'.
[  177.934521][T10812] x_tables: duplicate underflow at hook 2
[  177.939439][T10809] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2679'.
[  177.957748][T10805] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  177.964409][T10813] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2678'.
[  177.967647][T10805] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.008000][T10816] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.020134][T10803] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.033723][T10805] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.043687][T10805] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.058322][T10817] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2681'.
[  178.070301][T10816] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.081574][T10817] FAULT_INJECTION: forcing a failure.
[  178.081574][T10817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  178.094703][T10817] CPU: 0 UID: 0 PID: 10817 Comm: syz.0.2681 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  178.094740][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  178.094764][T10817] Call Trace:
[  178.094818][T10817]  <TASK>
[  178.094827][T10817]  __dump_stack+0x1d/0x30
[  178.094924][T10817]  dump_stack_lvl+0xe8/0x140
[  178.094946][T10817]  dump_stack+0x15/0x1b
[  178.094964][T10817]  should_fail_ex+0x265/0x280
[  178.094985][T10817]  should_fail+0xb/0x20
[  178.095001][T10817]  should_fail_usercopy+0x1a/0x20
[  178.095022][T10817]  _copy_from_user+0x1c/0xb0
[  178.095092][T10817]  vsock_connectible_setsockopt+0x590/0x6d0
[  178.095124][T10817]  ? __pfx_vsock_connectible_setsockopt+0x10/0x10
[  178.095188][T10817]  __sys_setsockopt+0x184/0x200
[  178.095224][T10817]  __x64_sys_setsockopt+0x64/0x80
[  178.095258][T10817]  x64_sys_call+0x20ec/0x3000
[  178.095320][T10817]  do_syscall_64+0xd2/0x200
[  178.095370][T10817]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  178.095400][T10817]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  178.095435][T10817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.095456][T10817] RIP: 0033:0x7f14e81bf6c9
[  178.095472][T10817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.095510][T10817] RSP: 002b:00007f14e6bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  178.095529][T10817] RAX: ffffffffffffffda RBX: 00007f14e8416090 RCX: 00007f14e81bf6c9
[  178.095541][T10817] RDX: 0000000000000001 RSI: 0000000000000028 RDI: 0000000000000009
[  178.095553][T10817] RBP: 00007f14e6bfe090 R08: 0000000000000112 R09: 0000000000000000
[  178.095566][T10817] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  178.095578][T10817] R13: 00007f14e8416128 R14: 00007f14e8416090 R15: 00007ffd18e76528
[  178.095598][T10817]  </TASK>
[  178.100063][T10803] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.287883][T10821] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  178.304175][T10805] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  178.313991][T10805] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.330271][T10823] netlink: 'syz.4.2684': attribute type 4 has an invalid length.
[  178.339465][T10816] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.363320][T10825] serio: Serial port ptm0
[  178.371090][T10803] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.391025][   T61] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  178.399268][   T61] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.409580][T10816] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.433798][   T61] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  178.442186][   T61] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.463183][   T61] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  178.471465][   T61] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.497122][   T61] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  178.505385][   T61] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.559336][T10835] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2689'.
[  178.755677][T10852] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  178.871209][ T4967] bond0: (slave syz_tun): Releasing backup interface
[  179.089690][T10864] chnl_net:caif_netlink_parms(): no params data found
[  179.139870][T10864] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.147177][T10864] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.154949][T10864] bridge_slave_0: entered allmulticast mode
[  179.162850][T10864] bridge_slave_0: entered promiscuous mode
[  179.170148][T10864] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.177390][T10864] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.185170][T10864] bridge_slave_1: entered allmulticast mode
[  179.191658][T10864] bridge_slave_1: entered promiscuous mode
[  179.220380][T10910] serio: Serial port ptm0
[  179.222734][T10864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.235787][T10864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.257985][T10864] team0: Port device team_slave_0 added
[  179.264829][T10864] team0: Port device team_slave_1 added
[  179.300847][T10864] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.307828][T10864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  179.333840][T10864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.348966][T10917] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.363983][T10864] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.371047][T10864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  179.396979][T10864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.425340][T10864] hsr_slave_0: entered promiscuous mode
[  179.431563][T10864] hsr_slave_1: entered promiscuous mode
[  179.437450][T10864] debugfs: 'hsr0' already exists in 'hsr'
[  179.443198][T10864] Cannot create hsr debugfs directory
[  179.457775][T10917] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.504842][T10864] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.514697][T10864] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.528167][T10917] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.582342][T10864] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.592158][T10864] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.605366][T10917] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.642369][T10864] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.652350][T10864] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.689483][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  179.701019][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  179.712522][   T57] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  179.723705][   T57] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.733672][T10864] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  179.743617][T10864] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.771191][T10928] x_tables: duplicate underflow at hook 2
[  179.778133][   T29] kauditd_printk_skb: 419 callbacks suppressed
[  179.778149][   T29] audit: type=1326 audit(1762759366.719:22136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.807721][   T29] audit: type=1326 audit(1762759366.719:22137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.830734][   T29] audit: type=1326 audit(1762759366.729:22138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.853764][   T29] audit: type=1326 audit(1762759366.729:22139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.876872][   T29] audit: type=1326 audit(1762759366.729:22140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.899813][   T29] audit: type=1326 audit(1762759366.729:22141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.922794][   T29] audit: type=1326 audit(1762759366.729:22142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.946034][   T29] audit: type=1326 audit(1762759366.729:22143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.969029][   T29] audit: type=1326 audit(1762759366.729:22144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  179.992063][   T29] audit: type=1326 audit(1762759366.729:22145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10927 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  180.412847][T10950] serio: Serial port ptm0
[  181.477315][   T57] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.488517][   T57] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.500175][   T57] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.511945][   T57] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.537963][   T57] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.555601][   T57] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.580291][   T57] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.588727][   T57] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.604727][T10970] __nla_validate_parse: 3 callbacks suppressed
[  181.604740][T10970] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2727'.
[  181.619867][T10970] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2727'.
[  181.695434][T10978] serio: Serial port ptm0
[  181.829024][T10864] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  181.838467][T10864] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  181.852110][T10864] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  181.862144][T10864] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  181.922445][T10864] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.938153][T10864] 8021q: adding VLAN 0 to HW filter on device team0
[  181.951332][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.958425][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.982936][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.990029][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.145913][T10864] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.240043][T11022] netlink: '+}[@': attribute type 10 has an invalid length.
[  182.249980][T11022] bond0: (slave dummy0): Releasing backup interface
[  182.260971][T11022] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  182.274821][T11022] team0: Failed to send options change via netlink (err -105)
[  182.282356][T11022] team0: Port device dummy0 added
[  182.293149][T11022] netlink: '+}[@': attribute type 10 has an invalid length.
[  182.297221][T10864] veth0_vlan: entered promiscuous mode
[  182.311309][T11022] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  182.322045][T11022] team0: Failed to send options change via netlink (err -105)
[  182.329675][T11022] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  182.338823][T11022] team0: Port device dummy0 removed
[  182.346571][T11022] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  182.357158][T10864] veth1_vlan: entered promiscuous mode
[  182.376285][T10864] veth0_macvtap: entered promiscuous mode
[  182.384187][T10864] veth1_macvtap: entered promiscuous mode
[  182.396405][T10864] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.409629][T10864] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.420437][T11030] x_tables: duplicate underflow at hook 2
[  182.422406][   T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.445699][   T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.462569][   T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.465527][T11032] serio: Serial port ptm0
[  182.472197][   T57] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.620435][T11054] block device autoloading is deprecated and will be removed.
[  182.657487][T11061] netlink: 'syz.1.2757': attribute type 6 has an invalid length.
[  182.677544][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  182.685778][T11062] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2756'.
[  183.127148][T11091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2771'.
[  183.136330][T11091] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2771'.
[  183.203450][T11094] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2772'.
[  183.212557][T11094] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2772'.
[  183.280068][T11101] netlink: '+}[@': attribute type 10 has an invalid length.
[  183.289725][T11101] bond0: (slave dummy0): Releasing backup interface
[  183.299674][T11101] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  183.308481][T11101] team0: Failed to send options change via netlink (err -105)
[  183.316275][T11101] team0: Port device dummy0 added
[  183.330750][T11102] Falling back ldisc for ptm1.
[  183.332907][T11101] netlink: '+}[@': attribute type 10 has an invalid length.
[  183.349001][T11101] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  183.360398][T11101] team0: Failed to send options change via netlink (err -105)
[  183.368048][T11101] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  183.377135][T11101] team0: Port device dummy0 removed
[  183.384450][T11101] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  184.264807][T11133] x_tables: duplicate underflow at hook 2
[  184.542911][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2793'.
[  184.552077][T11146] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2793'.
[  184.760747][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  184.761341][ T4005] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  184.801038][T11159] netlink: '+}[@': attribute type 10 has an invalid length.
[  184.811832][T11159] team0: Port device dummy0 added
[  184.818321][T11159] netlink: '+}[@': attribute type 10 has an invalid length.
[  184.826342][T11159] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  184.837068][T11159] team0: Failed to send options change via netlink (err -105)
[  184.845071][T11159] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  184.854410][T11159] team0: Port device dummy0 removed
[  184.862139][T11159] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  184.963580][   T61] Bluetooth: hci0: Frame reassembly failed (-84)
[  184.993735][   T29] kauditd_printk_skb: 496 callbacks suppressed
[  184.993752][   T29] audit: type=1326 audit(1762759371.939:22640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.023671][   T29] audit: type=1326 audit(1762759371.939:22641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.059060][   T29] audit: type=1326 audit(1762759371.989:22642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.082887][   T29] audit: type=1326 audit(1762759371.989:22643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.106845][   T29] audit: type=1326 audit(1762759371.989:22644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.130444][   T29] audit: type=1326 audit(1762759371.989:22645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  185.154362][   T29] audit: type=1326 audit(1762759371.989:22646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fca6a95f703 code=0x7ffc0000
[  185.177887][   T29] audit: type=1326 audit(1762759371.989:22647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fca6a95e17f code=0x7ffc0000
[  185.201374][   T29] audit: type=1326 audit(1762759371.999:22648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fca6a95f757 code=0x7ffc0000
[  185.224866][   T29] audit: type=1326 audit(1762759371.999:22649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.2805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fca6a95df10 code=0x7ffc0000
[  185.282704][T11181] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.323189][T11181] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.372697][T11181] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.415695][T11190] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2814'.
[  185.427033][T11181] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.872979][   T57] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.890561][   T57] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.907782][   T57] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.916479][   T57] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.936414][T11211] netlink: 'syz.1.2823': attribute type 6 has an invalid length.
[  185.969705][T11215] serio: Serial port ptm1
[  186.043077][T11220] x_tables: duplicate underflow at hook 2
[  186.118100][T11230] netlink: '+}[@': attribute type 10 has an invalid length.
[  186.126619][T11229] Falling back ldisc for ptm1.
[  186.140991][T11230] bond0: (slave dummy0): Releasing backup interface
[  186.149987][T11230] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  186.158840][T11230] team0: Failed to send options change via netlink (err -105)
[  186.166443][T11230] team0: Port device dummy0 added
[  186.172643][T11231] netlink: 'syz.0.2829': attribute type 10 has an invalid length.
[  186.185389][T11231] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  186.198380][T11231] team0: Failed to send options change via netlink (err -105)
[  186.206776][T11231] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  186.215884][T11231] team0: Port device dummy0 removed
[  186.225510][T11231] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  186.592698][T11261] FAULT_INJECTION: forcing a failure.
[  186.592698][T11261] name failslab, interval 1, probability 0, space 0, times 0
[  186.605529][T11261] CPU: 0 UID: 0 PID: 11261 Comm: syz.2.2832 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  186.605551][T11261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  186.605561][T11261] Call Trace:
[  186.605565][T11261]  <TASK>
[  186.605571][T11261]  __dump_stack+0x1d/0x30
[  186.605656][T11261]  dump_stack_lvl+0xe8/0x140
[  186.605672][T11261]  dump_stack+0x15/0x1b
[  186.605691][T11261]  should_fail_ex+0x265/0x280
[  186.605707][T11261]  should_failslab+0x8c/0xb0
[  186.605796][T11261]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  186.605899][T11261]  ? sidtab_sid2str_get+0xa0/0x130
[  186.605931][T11261]  kmemdup_noprof+0x2b/0x70
[  186.605957][T11261]  sidtab_sid2str_get+0xa0/0x130
[  186.606018][T11261]  security_sid_to_context_core+0x1eb/0x2e0
[  186.606043][T11261]  security_sid_to_context+0x27/0x40
[  186.606066][T11261]  selinux_lsmprop_to_secctx+0x67/0xf0
[  186.606117][T11261]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  186.606136][T11261]  audit_log_subj_ctx+0xa4/0x3e0
[  186.606154][T11261]  ? skb_put+0xa9/0xf0
[  186.606249][T11261]  audit_log_task_context+0x48/0x70
[  186.606271][T11261]  audit_log_task+0xf4/0x250
[  186.606302][T11261]  ? kstrtouint+0x76/0xc0
[  186.606387][T11261]  audit_seccomp+0x61/0x100
[  186.606445][T11261]  ? __seccomp_filter+0x82d/0x1250
[  186.606471][T11261]  __seccomp_filter+0x83e/0x1250
[  186.606498][T11261]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  186.606595][T11261]  ? vfs_write+0x7e8/0x960
[  186.606618][T11261]  ? __rcu_read_unlock+0x4f/0x70
[  186.606642][T11261]  ? __fget_files+0x184/0x1c0
[  186.606729][T11261]  __secure_computing+0x82/0x150
[  186.606754][T11261]  syscall_trace_enter+0xcf/0x1e0
[  186.606835][T11261]  do_syscall_64+0xac/0x200
[  186.606924][T11261]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  186.606965][T11261]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  186.607052][T11261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.607136][T11261] RIP: 0033:0x7f6c9e40f6c9
[  186.607150][T11261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.607167][T11261] RSP: 002b:00007f6c9ce6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  186.607184][T11261] RAX: ffffffffffffffda RBX: 00007f6c9e665fa0 RCX: 00007f6c9e40f6c9
[  186.607219][T11261] RDX: 0000000000000018 RSI: 0000200000000040 RDI: 0000000000000006
[  186.607230][T11261] RBP: 00007f6c9ce6f090 R08: 0000000000000000 R09: 0000000000000000
[  186.607241][T11261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.607266][T11261] R13: 00007f6c9e666038 R14: 00007f6c9e665fa0 R15: 00007ffdd3c441d8
[  186.607319][T11261]  </TASK>
[  186.918979][T11265] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  186.925523][T11265] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  186.933300][T11265] vhci_hcd vhci_hcd.0: Device attached
[  186.953080][T11267] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  186.992019][ T8493] Bluetooth: hci0: command 0x1003 tx timeout
[  186.998079][ T4005] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  187.068199][T11268] vhci_hcd: connection closed
[  187.068325][ T3442] vhci_hcd: stop threads
[  187.077534][ T3442] vhci_hcd: release socket
[  187.081980][ T3442] vhci_hcd: disconnect device
[  187.153881][T11282] __nla_validate_parse: 1 callbacks suppressed
[  187.153903][T11282] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2841'.
[  187.528719][T11289] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.572692][T11289] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.601885][T11295] Falling back ldisc for ptm0.
[  187.626270][T11289] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.743276][T11289] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.804251][T11324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2850'.
[  187.813294][T11324] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2850'.
[  187.837998][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.853241][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.866249][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.880965][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.941182][T11339] x_tables: duplicate underflow at hook 2
[  187.952660][   T57] Bluetooth: hci0: Frame reassembly failed (-84)
[  188.020309][T11345] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  188.030951][ T8493] Bluetooth: hci1: command 0x1003 tx timeout
[  188.037006][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  188.067197][T11347] netlink: 'syz.4.2858': attribute type 10 has an invalid length.
[  188.075514][T11347] batadv0: entered allmulticast mode
[  188.083513][T11347] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.092331][T11347] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  188.106047][T11347] netlink: 'syz.4.2858': attribute type 10 has an invalid length.
[  188.114114][T11347] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2858'.
[  188.123790][T11347] batadv0: entered promiscuous mode
[  188.131185][T11347] bond0: (slave batadv0): Releasing backup interface
[  188.140497][T11347] bridge0: port 3(batadv0) entered blocking state
[  188.147010][T11347] bridge0: port 3(batadv0) entered disabled state
[  188.177732][T11349] x_tables: duplicate underflow at hook 2
[  188.391229][T11358] serio: Serial port ptm0
[  188.560771][   T12] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  188.570022][   T12] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  188.602135][T11370] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  188.652866][T11374] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  188.659462][T11374] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  188.667237][T11374] vhci_hcd vhci_hcd.0: Device attached
[  188.748029][T11379] netlink: '+}[@': attribute type 10 has an invalid length.
[  188.757477][T11379] bond0: (slave dummy0): Releasing backup interface
[  188.767016][T11379] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  188.769036][T11375] vhci_hcd: connection closed
[  188.776093][T11379] team0: Failed to send options change via netlink (err -105)
[  188.778110][   T57] vhci_hcd: stop threads
[  188.780874][T11379] team0: Port device dummy0 added
[  188.783692][T11379] netlink: '+}[@': attribute type 10 has an invalid length.
[  188.788403][   T57] vhci_hcd: release socket
[  188.793636][T11379] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  188.797684][   T57] vhci_hcd: disconnect device
[  188.825068][T11379] team0: Failed to send options change via netlink (err -105)
[  188.832894][T11379] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  188.841911][T11379] team0: Port device dummy0 removed
[  188.849277][T11379] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  189.055233][T11382] x_tables: duplicate underflow at hook 2
[  189.333453][T11400] netlink: 'syz.0.2877': attribute type 6 has an invalid length.
[  189.354255][ T3442] Bluetooth: hci1: Frame reassembly failed (-84)
[  189.377161][T11402] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  189.666642][T11411] netlink: '+}[@': attribute type 10 has an invalid length.
[  189.680630][T11411] bond0: (slave dummy0): Releasing backup interface
[  189.690355][T11411] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  189.699931][T11411] team0: Failed to send options change via netlink (err -105)
[  189.707488][T11411] team0: Port device dummy0 added
[  189.715847][T11411] netlink: '+}[@': attribute type 10 has an invalid length.
[  189.724314][T11411] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  189.736273][T11411] team0: Failed to send options change via netlink (err -105)
[  189.744426][T11411] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  189.753560][T11411] team0: Port device dummy0 removed
[  189.761302][T11411] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  190.030726][ T8493] Bluetooth: hci0: command 0x1003 tx timeout
[  190.031016][ T4005] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  190.461910][T11421] serio: Serial port ptm1
[  190.596226][T11430] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  190.642105][T11437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2893'.
[  190.652068][T11437] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2893'.
[  190.746461][   T29] kauditd_printk_skb: 624 callbacks suppressed
[  190.746476][   T29] audit: type=1326 audit(1762759377.689:23273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.776341][   T29] audit: type=1326 audit(1762759377.689:23274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.799959][   T29] audit: type=1326 audit(1762759377.689:23275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.823609][   T29] audit: type=1326 audit(1762759377.689:23276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.847294][   T29] audit: type=1326 audit(1762759377.689:23277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.871046][   T29] audit: type=1326 audit(1762759377.689:23278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.894609][   T29] audit: type=1326 audit(1762759377.689:23279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.918331][   T29] audit: type=1326 audit(1762759377.689:23280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  190.942514][T11444] netlink: 'syz.3.2895': attribute type 10 has an invalid length.
[  190.950379][T11444] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2895'.
[  190.950459][T11443] netlink: 'syz.3.2895': attribute type 10 has an invalid length.
[  190.977293][   T29] audit: type=1326 audit(1762759377.699:23281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  191.001068][   T29] audit: type=1326 audit(1762759377.699:23282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11440 comm="syz.1.2894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  191.008979][T11443] batadv0: entered allmulticast mode
[  191.040681][T11443] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.049258][T11443] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  191.070719][T11444] batadv0: entered promiscuous mode
[  191.092542][T11444] bond0: (slave batadv0): Releasing backup interface
[  191.104239][T11444] bridge0: port 3(batadv0) entered blocking state
[  191.110794][T11444] bridge0: port 3(batadv0) entered disabled state
[  191.131084][   T31] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  191.140465][   T31] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  191.227637][T11462] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2904'.
[  191.237050][T11462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2904'.
[  191.266985][T11465] serio: Serial port ptm1
[  191.288388][T11467] SELinux:  Context system_u:object_r:modules_dep_t:s0 is not valid (left unmapped).
[  191.347831][T11473] Falling back ldisc for ptm1.
[  191.391018][ T4005] Bluetooth: hci1: command 0x1003 tx timeout
[  191.391315][   T44] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  191.502811][T11484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2913'.
[  191.538464][T11487] netlink: 'syz.3.2914': attribute type 10 has an invalid length.
[  192.260443][T11525] __nla_validate_parse: 5 callbacks suppressed
[  192.260459][T11525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2930'.
[  192.289173][T11525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2930'.
[  192.543006][T11541] Falling back ldisc for ptm0.
[  192.632542][T11545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2939'.
[  192.693786][T11547] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  192.865365][T11560] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2943'.
[  192.920177][ T4005] Bluetooth: hci0: sending frame failed (-49)
[  192.926439][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  192.965944][T11572] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  193.039830][T11574] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2953'.
[  193.064270][ T3442] Bluetooth: hci0: Frame reassembly failed (-84)
[  193.165750][T11589] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2959'.
[  193.342818][T11599] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  193.403287][T11602] validate_nla: 2 callbacks suppressed
[  193.403302][T11602] netlink: '+}[@': attribute type 10 has an invalid length.
[  193.418175][T11602] bond0: (slave dummy0): Releasing backup interface
[  193.428833][T11602] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.439913][T11602] team0: Failed to send options change via netlink (err -105)
[  193.447521][T11602] team0: Port device dummy0 added
[  193.455967][T11602] netlink: '+}[@': attribute type 10 has an invalid length.
[  193.463923][T11602] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.477571][T11602] team0: Failed to send options change via netlink (err -105)
[  193.486931][T11602] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.496193][T11602] team0: Port device dummy0 removed
[  193.503856][T11602] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  193.695591][T11618] netlink: '+}[@': attribute type 10 has an invalid length.
[  193.705825][T11618] bond0: (slave dummy0): Releasing backup interface
[  193.716456][T11618] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.726079][T11618] team0: Failed to send options change via netlink (err -105)
[  193.733623][T11618] team0: Port device dummy0 added
[  193.763595][T11618] netlink: '+}[@': attribute type 10 has an invalid length.
[  193.774161][T11618] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.786331][T11618] team0: Failed to send options change via netlink (err -105)
[  193.794681][T11618] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  193.804498][T11618] team0: Port device dummy0 removed
[  193.812541][T11618] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  193.905704][T11629] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  193.960139][T11634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2978'.
[  193.969645][T11634] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2978'.
[  194.017954][T11638] netlink: 'syz.2.2980': attribute type 10 has an invalid length.
[  194.026132][T11638] batadv0: entered allmulticast mode
[  194.033779][T11638] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.042150][T11638] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  194.052320][T11638] netlink: 'syz.2.2980': attribute type 10 has an invalid length.
[  194.060186][T11638] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2980'.
[  194.069221][T11638] batadv0: entered promiscuous mode
[  194.075403][T11638] bond0: (slave batadv0): Releasing backup interface
[  194.083906][T11638] bridge0: port 3(batadv0) entered blocking state
[  194.090337][T11638] bridge0: port 3(batadv0) entered disabled state
[  194.227507][T11652] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2987'.
[  194.461942][T11687] serio: Serial port ptm0
[  194.540895][   T37] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  194.550227][   T37] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  194.587880][T11695] x_tables: duplicate underflow at hook 2
[  194.684335][T11706] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  194.690897][T11706] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  194.698542][T11706] vhci_hcd vhci_hcd.0: Device attached
[  194.705412][T11707] vhci_hcd: connection closed
[  194.705620][   T37] vhci_hcd: stop threads
[  194.710382][   T37] vhci_hcd: release socket
[  194.710393][   T37] vhci_hcd: disconnect device
[  194.732269][T11711] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  194.766123][T11714] netlink: 'syz.4.3016': attribute type 10 has an invalid length.
[  194.777547][T11714] batadv0: left promiscuous mode
[  194.782810][T11714] bridge0: port 3(batadv0) entered disabled state
[  194.793717][T11714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.803763][T11718] serio: Serial port ptm0
[  194.809809][T11714] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  194.819609][T11721] netlink: 'syz.4.3016': attribute type 10 has an invalid length.
[  194.827823][T11721] batadv0: entered promiscuous mode
[  194.835287][T11721] bond0: (slave batadv0): Releasing backup interface
[  194.844321][T11721] bridge0: port 3(batadv0) entered blocking state
[  194.850876][T11721] bridge0: port 3(batadv0) entered disabled state
[  194.917600][T11733] x_tables: duplicate underflow at hook 2
[  194.962439][T11738] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  194.998171][T11744] FAULT_INJECTION: forcing a failure.
[  194.998171][T11744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.011345][T11744] CPU: 1 UID: 0 PID: 11744 Comm: syz.1.3029 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  195.011375][T11744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  195.011417][T11744] Call Trace:
[  195.011425][T11744]  <TASK>
[  195.011433][T11744]  __dump_stack+0x1d/0x30
[  195.011461][T11744]  dump_stack_lvl+0xe8/0x140
[  195.011487][T11744]  dump_stack+0x15/0x1b
[  195.011509][T11744]  should_fail_ex+0x265/0x280
[  195.011533][T11744]  should_fail+0xb/0x20
[  195.011593][T11744]  should_fail_usercopy+0x1a/0x20
[  195.011619][T11744]  _copy_from_user+0x1c/0xb0
[  195.011651][T11744]  ___sys_sendmsg+0xc1/0x1d0
[  195.011690][T11744]  __x64_sys_sendmsg+0xd4/0x160
[  195.011711][T11744]  x64_sys_call+0x191e/0x3000
[  195.011738][T11744]  do_syscall_64+0xd2/0x200
[  195.011758][T11744]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  195.011792][T11744]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  195.011834][T11744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.011937][T11744] RIP: 0033:0x7fca6a95f6c9
[  195.011955][T11744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.011974][T11744] RSP: 002b:00007fca693bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.012043][T11744] RAX: ffffffffffffffda RBX: 00007fca6abb5fa0 RCX: 00007fca6a95f6c9
[  195.012060][T11744] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 0000000000000004
[  195.012075][T11744] RBP: 00007fca693bf090 R08: 0000000000000000 R09: 0000000000000000
[  195.012090][T11744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.012101][T11744] R13: 00007fca6abb6038 R14: 00007fca6abb5fa0 R15: 00007ffd967ac3c8
[  195.012118][T11744]  </TASK>
[  195.189666][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  195.190786][ T4005] Bluetooth: hci0: command 0x1003 tx timeout
[  195.229644][T11750] serio: Serial port ptm0
[  195.332051][T11758] netlink: '+}[@': attribute type 10 has an invalid length.
[  195.341321][T11758] bond0: (slave dummy0): Releasing backup interface
[  195.350631][T11758] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.359422][T11758] team0: Failed to send options change via netlink (err -105)
[  195.366945][T11758] team0: Port device dummy0 added
[  195.374388][T11758] netlink: '+}[@': attribute type 10 has an invalid length.
[  195.382788][T11758] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.393577][T11758] team0: Failed to send options change via netlink (err -105)
[  195.403146][T11758] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  195.414533][T11758] team0: Port device dummy0 removed
[  195.420908][T11760] x_tables: duplicate underflow at hook 2
[  195.422456][T11758] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  195.450427][T11763] x_tables: duplicate underflow at hook 2
[  195.487572][T11769] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  195.597676][T11780] batadv0: left promiscuous mode
[  195.602821][T11780] bridge0: port 3(batadv0) entered disabled state
[  195.610592][T11780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.619050][T11780] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  195.629971][T11780] batadv0: entered promiscuous mode
[  195.636387][T11780] bond0: (slave batadv0): Releasing backup interface
[  195.644663][T11780] bridge0: port 3(batadv0) entered blocking state
[  195.651185][T11780] bridge0: port 3(batadv0) entered disabled state
[  195.678494][T11783] serio: Serial port ptm0
[  195.755855][   T29] kauditd_printk_skb: 1133 callbacks suppressed
[  195.755895][   T29] audit: type=1326 audit(1762759382.699:24416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.786124][   T29] audit: type=1326 audit(1762759382.699:24417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.787182][T11792] x_tables: duplicate underflow at hook 2
[  195.809869][   T29] audit: type=1326 audit(1762759382.699:24418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.839058][   T29] audit: type=1326 audit(1762759382.699:24419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.862748][   T29] audit: type=1326 audit(1762759382.699:24420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.866852][T11795] x_tables: duplicate underflow at hook 2
[  195.886466][   T29] audit: type=1326 audit(1762759382.699:24421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.915901][   T29] audit: type=1326 audit(1762759382.699:24422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.939522][   T29] audit: type=1326 audit(1762759382.699:24423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.963243][   T29] audit: type=1326 audit(1762759382.699:24424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  195.965957][T11799] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  195.986839][   T29] audit: type=1326 audit(1762759382.699:24425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11789 comm="syz.3.3049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  196.044036][   T57] Bluetooth: hci0: Frame reassembly failed (-84)
[  196.054016][T11802] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.092298][T11802] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.134118][T11810] batadv0: entered allmulticast mode
[  196.142237][T11810] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.150597][T11810] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  196.160381][T11802] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.171897][T11810] batadv0: entered promiscuous mode
[  196.178037][T11810] bond0: (slave batadv0): Releasing backup interface
[  196.186354][T11810] bridge0: port 3(batadv0) entered blocking state
[  196.192888][T11810] bridge0: port 3(batadv0) entered disabled state
[  196.222630][T11802] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.271189][   T52] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  196.280402][   T52] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  196.298062][   T52] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.309719][   T52] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.321128][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.332412][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.365185][T11817] serio: Serial port ptm1
[  196.435930][T11826] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  196.601290][T11841] FAULT_INJECTION: forcing a failure.
[  196.601290][T11841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.614381][T11841] CPU: 0 UID: 0 PID: 11841 Comm: syz.4.3071 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  196.614413][T11841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  196.614464][T11841] Call Trace:
[  196.614469][T11841]  <TASK>
[  196.614475][T11841]  __dump_stack+0x1d/0x30
[  196.614494][T11841]  dump_stack_lvl+0xe8/0x140
[  196.614511][T11841]  dump_stack+0x15/0x1b
[  196.614526][T11841]  should_fail_ex+0x265/0x280
[  196.614542][T11841]  should_fail+0xb/0x20
[  196.614555][T11841]  should_fail_usercopy+0x1a/0x20
[  196.614632][T11841]  _copy_from_iter+0xd2/0xe80
[  196.614732][T11841]  ? alloc_pages_mpol+0x217/0x260
[  196.614755][T11841]  copy_page_from_iter+0x178/0x2a0
[  196.614835][T11841]  tun_get_user+0x679/0x26e0
[  196.614869][T11841]  ? ref_tracker_alloc+0x1f2/0x2f0
[  196.614951][T11841]  tun_chr_write_iter+0x15e/0x210
[  196.614978][T11841]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  196.615003][T11841]  vfs_write+0x52a/0x960
[  196.615068][T11841]  ksys_write+0xda/0x1a0
[  196.615134][T11841]  __x64_sys_write+0x40/0x50
[  196.615237][T11841]  x64_sys_call+0x2802/0x3000
[  196.615258][T11841]  do_syscall_64+0xd2/0x200
[  196.615281][T11841]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  196.615308][T11841]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  196.615339][T11841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.615433][T11841] RIP: 0033:0x7f24f2abe17f
[  196.615447][T11841] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  196.615463][T11841] RSP: 002b:00007f24f1527000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  196.615480][T11841] RAX: ffffffffffffffda RBX: 00007f24f2d15fa0 RCX: 00007f24f2abe17f
[  196.615492][T11841] RDX: 0000000000000046 RSI: 0000200000000240 RDI: 00000000000000c8
[  196.615503][T11841] RBP: 00007f24f1527090 R08: 0000000000000000 R09: 0000000000000000
[  196.615513][T11841] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  196.615524][T11841] R13: 00007f24f2d16038 R14: 00007f24f2d15fa0 R15: 00007ffe30258318
[  196.615608][T11841]  </TASK>
[  196.850107][T11845] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.894777][T11845] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.951366][T11852] serio: Serial port ptm1
[  197.016940][T11845] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.104011][T11845] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.159687][T11865] x_tables: duplicate underflow at hook 2
[  197.187081][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.211801][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.237235][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.255040][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.399605][T11873] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  197.406162][T11873] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  197.413912][T11873] vhci_hcd vhci_hcd.0: Device attached
[  197.457502][T11879] __nla_validate_parse: 14 callbacks suppressed
[  197.457518][T11879] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3087'.
[  197.498205][T11874] vhci_hcd: connection closed
[  197.498440][   T52] vhci_hcd: stop threads
[  197.507560][   T52] vhci_hcd: release socket
[  197.512039][   T52] vhci_hcd: disconnect device
[  197.538250][T11885] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3089'.
[  197.637393][T11889] batadv0: entered allmulticast mode
[  197.644995][T11889] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.653356][T11889] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  197.665145][T11889] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3091'.
[  197.674277][T11889] batadv0: entered promiscuous mode
[  197.680454][T11889] bond0: (slave batadv0): Releasing backup interface
[  197.689294][T11889] bridge0: port 3(batadv0) entered blocking state
[  197.695851][T11889] bridge0: port 3(batadv0) entered disabled state
[  197.721885][T11894] x_tables: duplicate underflow at hook 2
[  197.816872][T11901] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3096'.
[  197.837936][T11901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3096'.
[  197.911330][   T31] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  197.920575][   T31] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  197.933540][T11911] batadv0: left promiscuous mode
[  197.938681][T11911] bridge0: port 3(batadv0) entered disabled state
[  197.947048][T11911] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.957227][T11911] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  197.977068][T11911] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3099'.
[  197.992575][T11914] bond0: (slave dummy0): Releasing backup interface
[  198.002152][T11914] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.011039][T11914] team0: Failed to send options change via netlink (err -105)
[  198.018532][T11914] team0: Port device dummy0 added
[  198.024191][T11911] batadv0: entered promiscuous mode
[  198.031779][T11911] bond0: (slave batadv0): Releasing backup interface
[  198.040464][T11911] bridge0: port 3(batadv0) entered blocking state
[  198.047123][T11911] bridge0: port 3(batadv0) entered disabled state
[  198.057102][T11914] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.068091][T11914] team0: Failed to send options change via netlink (err -105)
[  198.076729][T11914] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.086550][T11914] team0: Port device dummy0 removed
[  198.088876][T11919] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3103'.
[  198.096152][T11914] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  198.100762][T11919] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3103'.
[  198.118258][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  198.121024][ T4005] Bluetooth: hci0: command 0x1003 tx timeout
[  198.237664][T11929] batadv0: left promiscuous mode
[  198.242848][T11929] bridge0: port 3(batadv0) entered disabled state
[  198.257993][T11929] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.276802][T11929] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  198.288788][T11932] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3108'.
[  198.313823][T11932] batadv0: entered promiscuous mode
[  198.330657][T11932] bond0: (slave batadv0): Releasing backup interface
[  198.341646][T11932] bridge0: port 3(batadv0) entered blocking state
[  198.348161][T11932] bridge0: port 3(batadv0) entered disabled state
[  198.509193][T11934] validate_nla: 15 callbacks suppressed
[  198.509212][T11934] netlink: 'syz.2.3109': attribute type 10 has an invalid length.
[  198.543647][T11934] batadv0: left promiscuous mode
[  198.548809][T11934] bridge0: port 3(batadv0) entered disabled state
[  198.560859][T11934] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.569382][T11934] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  198.579618][T11934] netlink: 'syz.2.3109': attribute type 10 has an invalid length.
[  198.587621][T11934] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3109'.
[  198.591689][T11937] netlink: '+}[@': attribute type 10 has an invalid length.
[  198.597491][T11934] batadv0: entered promiscuous mode
[  198.610184][T11934] bond0: (slave batadv0): Releasing backup interface
[  198.619390][T11934] bridge0: port 3(batadv0) entered blocking state
[  198.626003][T11934] bridge0: port 3(batadv0) entered disabled state
[  198.637686][T11937] bond0: (slave dummy0): Releasing backup interface
[  198.661522][T11939] netlink: 'syz.4.3110': attribute type 10 has an invalid length.
[  198.683252][T11937] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.699119][T11937] team0: Failed to send options change via netlink (err -105)
[  198.706752][T11937] team0: Port device dummy0 added
[  198.770753][   T31] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  198.780048][   T31] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  198.789820][T11939] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.810968][T11939] team0: Failed to send options change via netlink (err -105)
[  198.831104][T11939] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  198.853393][T11939] team0: Port device dummy0 removed
[  198.861563][T11939] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  198.875774][T11948] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.923458][T11948] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.003618][T11948] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.022411][T11968] netlink: 'syz.2.3123': attribute type 6 has an invalid length.
[  199.054238][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  199.060644][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  199.124495][T11948] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.305179][T11973] serio: Serial port ptm1
[  199.480956][T11980] netlink: '+}[@': attribute type 10 has an invalid length.
[  199.504830][T11980] bond0: (slave dummy0): Releasing backup interface
[  199.515942][T11980] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.526549][T11980] team0: Failed to send options change via netlink (err -105)
[  199.534089][T11980] team0: Port device dummy0 added
[  199.565627][T11985] netlink: 'syz.4.3126': attribute type 10 has an invalid length.
[  199.596871][T11987] netlink: 'syz.1.3129': attribute type 10 has an invalid length.
[  199.605159][T11987] batadv0: left promiscuous mode
[  199.610179][T11987] bridge0: port 3(batadv0) entered disabled state
[  199.621195][T11987] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.629684][T11987] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  199.640588][T11987] netlink: 'syz.1.3129': attribute type 10 has an invalid length.
[  199.651485][T11985] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.668692][T11985] team0: Failed to send options change via netlink (err -105)
[  199.676573][T11985] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.685961][T11985] team0: Port device dummy0 removed
[  199.694240][T11985] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  199.703079][T11987] batadv0: entered promiscuous mode
[  199.709329][T11987] bond0: (slave batadv0): Releasing backup interface
[  199.717928][T11987] bridge0: port 3(batadv0) entered blocking state
[  199.724508][T11987] bridge0: port 3(batadv0) entered disabled state
[  199.888525][T12003] netlink: '+}[@': attribute type 10 has an invalid length.
[  199.898103][T12003] bond0: (slave dummy0): Releasing backup interface
[  199.907839][T12003] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.916957][T12003] team0: Failed to send options change via netlink (err -105)
[  199.924489][T12003] team0: Port device dummy0 added
[  199.932422][T12003] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.943559][T12003] team0: Failed to send options change via netlink (err -105)
[  199.951937][T12003] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  199.961121][T12003] team0: Port device dummy0 removed
[  199.969012][T12003] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  200.152255][T12014] x_tables: duplicate underflow at hook 2
[  200.288817][T12019] batadv0: left promiscuous mode
[  200.294000][T12019] bridge0: port 3(batadv0) entered disabled state
[  200.301986][T12019] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.310214][T12019] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  200.319977][T12019] batadv0: entered promiscuous mode
[  200.326210][T12019] bond0: (slave batadv0): Releasing backup interface
[  200.335398][T12019] bridge0: port 3(batadv0) entered blocking state
[  200.341908][T12019] bridge0: port 3(batadv0) entered disabled state
[  200.366550][   T57] Bluetooth: hci1: Frame reassembly failed (-84)
[  200.748640][ T3442] Bluetooth: hci2: Frame reassembly failed (-84)
[  201.061845][T12032] Falling back ldisc for ptm3.
[  201.070791][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  201.578119][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.590728][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.602237][   T57] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.613643][T11948] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.649408][T12063] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  201.656005][T12063] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  201.663708][T12063] vhci_hcd vhci_hcd.0: Device attached
[  201.673144][T11948] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.738566][T12064] vhci_hcd: connection closed
[  201.738657][   T57] vhci_hcd: stop threads
[  201.747838][   T57] vhci_hcd: release socket
[  201.752268][   T57] vhci_hcd: disconnect device
[  201.757983][T11948] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.090390][T12071] batadv0: left promiscuous mode
[  202.095572][T12071] bridge0: port 3(batadv0) entered disabled state
[  202.103660][T12071] 8021q: adding VLAN 0 to HW filter on device batadv0
[  202.111872][T12071] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  202.191957][   T29] kauditd_printk_skb: 754 callbacks suppressed
[  202.191975][   T29] audit: type=1326 audit(1762759389.139:25180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.222590][   T29] audit: type=1326 audit(1762759389.139:25181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.246232][   T29] audit: type=1326 audit(1762759389.139:25182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.269877][   T29] audit: type=1326 audit(1762759389.139:25183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.293615][   T29] audit: type=1326 audit(1762759389.139:25184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.317339][   T29] audit: type=1326 audit(1762759389.139:25185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.341198][   T29] audit: type=1326 audit(1762759389.139:25186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.364967][   T29] audit: type=1326 audit(1762759389.139:25187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.388572][   T29] audit: type=1326 audit(1762759389.139:25188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.412142][   T29] audit: type=1326 audit(1762759389.139:25189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12079 comm="syz.0.3158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  202.435821][ T4005] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  202.442154][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  202.606911][T12095] Falling back ldisc for ptm0.
[  202.750769][ T8493] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  202.756913][ T4005] Bluetooth: hci2: command 0x1003 tx timeout
[  202.972378][T12124] __nla_validate_parse: 4 callbacks suppressed
[  202.972391][T12124] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3164'.
[  203.060705][T12133] x_tables: duplicate underflow at hook 2
[  203.092107][T12135] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3169'.
[  203.188589][T12145] batadv0: left promiscuous mode
[  203.193805][T12145] bridge0: port 3(batadv0) entered disabled state
[  203.201478][T12145] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.209616][T12145] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  203.220778][T12145] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3174'.
[  203.229851][T12145] batadv0: entered promiscuous mode
[  203.236398][T12145] bond0: (slave batadv0): Releasing backup interface
[  203.244766][T12145] bridge0: port 3(batadv0) entered blocking state
[  203.251284][T12145] bridge0: port 3(batadv0) entered disabled state
[  203.316191][T12153] x_tables: duplicate underflow at hook 2
[  203.361908][T12158] x_tables: duplicate underflow at hook 2
[  203.396007][T12160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3181'.
[  203.481131][T12171] FAULT_INJECTION: forcing a failure.
[  203.481131][T12171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  203.494273][T12171] CPU: 0 UID: 0 PID: 12171 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) 
[  203.494341][T12171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  203.494357][T12171] Call Trace:
[  203.494365][T12171]  <TASK>
[  203.494373][T12171]  __dump_stack+0x1d/0x30
[  203.494462][T12171]  dump_stack_lvl+0xe8/0x140
[  203.494490][T12171]  dump_stack+0x15/0x1b
[  203.494514][T12171]  should_fail_ex+0x265/0x280
[  203.494610][T12171]  should_fail+0xb/0x20
[  203.494632][T12171]  should_fail_usercopy+0x1a/0x20
[  203.494660][T12171]  _copy_to_user+0x20/0xa0
[  203.494694][T12171]  simple_read_from_buffer+0xb5/0x130
[  203.494739][T12171]  proc_fail_nth_read+0x10e/0x150
[  203.494799][T12171]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  203.494842][T12171]  vfs_read+0x1a8/0x770
[  203.494945][T12171]  ? __rcu_read_unlock+0x4f/0x70
[  203.494979][T12171]  ? __fget_files+0x184/0x1c0
[  203.495017][T12171]  ksys_read+0xda/0x1a0
[  203.495125][T12171]  __x64_sys_read+0x40/0x50
[  203.495212][T12171]  x64_sys_call+0x27c0/0x3000
[  203.495258][T12171]  do_syscall_64+0xd2/0x200
[  203.495283][T12171]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  203.495328][T12171]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  203.495436][T12171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.495461][T12171] RIP: 0033:0x7f6c9e40e0dc
[  203.495474][T12171] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  203.495494][T12171] RSP: 002b:00007f6c9ce6f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  203.495557][T12171] RAX: ffffffffffffffda RBX: 00007f6c9e665fa0 RCX: 00007f6c9e40e0dc
[  203.495572][T12171] RDX: 000000000000000f RSI: 00007f6c9ce6f0a0 RDI: 0000000000000004
[  203.495586][T12171] RBP: 00007f6c9ce6f090 R08: 0000000000000000 R09: 0000000000000000
[  203.495601][T12171] R10: 0000200000000740 R11: 0000000000000246 R12: 0000000000000001
[  203.495615][T12171] R13: 00007f6c9e666038 R14: 00007f6c9e665fa0 R15: 00007ffdd3c441d8
[  203.495656][T12171]  </TASK>
[  203.718627][   T31] Bluetooth: hci1: Frame reassembly failed (-84)
[  203.734105][T12180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3199'.
[  204.198422][T12191] x_tables: duplicate underflow at hook 2
[  204.302285][T12196] Falling back ldisc for ptm2.
[  204.625525][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3194'.
[  205.125023][T12208] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  205.131569][T12208] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  205.139323][T12208] vhci_hcd vhci_hcd.0: Device attached
[  205.213626][T12209] vhci_hcd: connection closed
[  205.213942][ T3442] vhci_hcd: stop threads
[  205.223092][ T3442] vhci_hcd: release socket
[  205.227522][ T3442] vhci_hcd: disconnect device
[  205.310721][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  205.316841][ T8493] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  205.484050][T12223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3207'.
[  205.635638][T12233] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.673251][T12235] validate_nla: 8 callbacks suppressed
[  205.673328][T12235] netlink: 'syz.3.3213': attribute type 32 has an invalid length.
[  205.686821][T12235] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3213'.
[  205.697342][T12233] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.730095][T12238] netlink: 'syz.3.3214': attribute type 6 has an invalid length.
[  205.744019][T12233] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.793115][T12233] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.803032][   T44] Bluetooth: hci1: command 0x1003 tx timeout
[  205.803100][ T4005] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  205.869704][   T31] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  205.897961][   T31] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  205.907448][   T31] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  205.936207][   T31] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  205.982552][T12258] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.023422][T12259] netlink: '+}[@': attribute type 10 has an invalid length.
[  206.034555][T12258] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.036756][T12262] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  206.050818][T12262] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  206.058570][T12262] vhci_hcd vhci_hcd.0: Device attached
[  206.064403][T12259] bond0: (slave dummy0): Releasing backup interface
[  206.075233][T12265] netlink: 'syz.0.3222': attribute type 10 has an invalid length.
[  206.075409][T12259] team0: Failed to send options change via netlink (err -105)
[  206.090635][T12259] team0: Port device dummy0 added
[  206.098836][T12265] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  206.115053][T12265] team0: Failed to send options change via netlink (err -105)
[  206.122761][T12265] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  206.133055][T12265] team0: Port device dummy0 removed
[  206.143062][T12265] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  206.154353][T12258] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.169647][T12263] vhci_hcd: connection closed
[  206.169718][   T37] vhci_hcd: stop threads
[  206.178770][   T37] vhci_hcd: release socket
[  206.183252][   T37] vhci_hcd: disconnect device
[  206.202403][T12258] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.269347][   T37] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.281013][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.292794][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.304442][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.338730][T12269] netlink: 'syz.2.3226': attribute type 10 has an invalid length.
[  206.338781][T12268] netlink: 'syz.4.3227': attribute type 10 has an invalid length.
[  206.346844][T12269] batadv0: left promiscuous mode
[  206.359622][T12269] bridge0: port 3(batadv0) entered disabled state
[  206.367854][T12269] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.376441][T12269] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  206.385331][T12268] batadv0: left promiscuous mode
[  206.390402][T12268] bridge0: port 3(batadv0) entered disabled state
[  206.398608][T12268] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.406566][T12270] netlink: 'syz.4.3227': attribute type 10 has an invalid length.
[  206.407412][T12268] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  206.414644][T12270] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3227'.
[  206.433004][T12270] batadv0: entered promiscuous mode
[  206.439372][T12270] bond0: (slave batadv0): Releasing backup interface
[  206.448360][T12270] bridge0: port 3(batadv0) entered blocking state
[  206.454941][T12270] bridge0: port 3(batadv0) entered disabled state
[  206.485835][T12276] netlink: 'syz.2.3230': attribute type 10 has an invalid length.
[  206.498049][T12276] netlink: 'syz.2.3230': attribute type 10 has an invalid length.
[  206.506019][T12276] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3230'.
[  206.516897][T12276] batadv0: entered promiscuous mode
[  206.523642][T12276] bond0: (slave batadv0): Releasing backup interface
[  206.531910][T12276] bridge0: port 3(batadv0) entered blocking state
[  206.538376][T12276] bridge0: port 3(batadv0) entered disabled state
[  206.567920][T12283] netlink: 'syz.4.3233': attribute type 6 has an invalid length.
[  206.579089][   T37] Bluetooth: hci1: Frame reassembly failed (-84)
[  206.707285][T12291] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.743316][T12291] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.792964][T12291] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.923012][T12291] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.950770][   T37] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  206.960037][   T37] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  207.031383][T12314] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  207.038015][T12314] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  207.045782][T12314] vhci_hcd vhci_hcd.0: Device attached
[  207.123136][T12315] vhci_hcd: connection closed
[  207.123363][   T37] vhci_hcd: stop threads
[  207.132543][   T37] vhci_hcd: release socket
[  207.136976][   T37] vhci_hcd: disconnect device
[  207.139456][T12319] Falling back ldisc for ptm2.
[  207.699327][   T29] kauditd_printk_skb: 410 callbacks suppressed
[  207.699384][   T29] audit: type=1326 audit(1762759394.639:25600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12326 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  207.729658][   T29] audit: type=1326 audit(1762759394.639:25601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12326 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  207.753358][   T29] audit: type=1326 audit(1762759394.649:25602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12326 comm="syz.0.3253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f14e81bf6c9 code=0x7ffc0000
[  207.782406][T12328] bond0: (slave dummy0): Releasing backup interface
[  207.790813][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  207.791474][T12328] team0: Failed to send options change via netlink (err -105)
[  207.796923][ T8493] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  207.804283][T12328] team0: Port device dummy0 added
[  207.808353][T12328] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  207.826223][T12328] team0: Failed to send options change via netlink (err -105)
[  207.833817][T12328] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  207.842804][T12328] team0: Port device dummy0 removed
[  207.850129][T12328] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  207.936665][   T29] audit: type=1400 audit(1762759394.879:25603): avc:  denied  { write } for  pid=12331 comm="syz.2.3255" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  207.963413][T12334] vhci_hcd: invalid port number 96
[  207.963714][   T29] audit: type=1400 audit(1762759394.909:25604): avc:  denied  { map } for  pid=12331 comm="syz.2.3255" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  207.968559][T12334] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  208.015877][T12337] batadv0: left promiscuous mode
[  208.021041][T12337] bridge0: port 3(batadv0) entered disabled state
[  208.028541][T12337] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.037133][T12337] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  208.046751][T12337] __nla_validate_parse: 3 callbacks suppressed
[  208.046763][T12337] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3256'.
[  208.061970][T12337] batadv0: entered promiscuous mode
[  208.068291][T12337] bond0: (slave batadv0): Releasing backup interface
[  208.077128][T12337] bridge0: port 3(batadv0) entered blocking state
[  208.083700][T12337] bridge0: port 3(batadv0) entered disabled state
[  208.107232][T12339] batadv0: left promiscuous mode
[  208.112439][T12339] bridge0: port 3(batadv0) entered disabled state
[  208.120040][T12339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.128426][T12339] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  208.341595][T12348] batadv0: left promiscuous mode
[  208.346663][T12348] bridge0: port 3(batadv0) entered disabled state
[  208.355371][T12348] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.364278][T12348] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  208.597111][T12349] lo speed is unknown, defaulting to 1000
[  208.602963][T12349] lo speed is unknown, defaulting to 1000
[  208.609261][T12349] lo speed is unknown, defaulting to 1000
[  208.615934][T12349] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  208.624385][T12349] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  208.636233][ T4005] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  208.675369][T12349] lo speed is unknown, defaulting to 1000
[  208.681852][T12349] lo speed is unknown, defaulting to 1000
[  208.688269][T12349] lo speed is unknown, defaulting to 1000
[  208.694618][T12349] lo speed is unknown, defaulting to 1000
[  208.701208][T12349] lo speed is unknown, defaulting to 1000
[  208.707369][T12349] lo speed is unknown, defaulting to 1000
[  208.714085][T12349] lo speed is unknown, defaulting to 1000
[  208.720351][T12349] lo speed is unknown, defaulting to 1000
[  208.857405][T12353] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  208.864028][T12353] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  208.871738][T12353] vhci_hcd vhci_hcd.0: Device attached
[  208.906299][   T29] audit: type=1326 audit(1762759395.839:25605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  208.930232][   T29] audit: type=1326 audit(1762759395.839:25606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  208.954066][   T29] audit: type=1326 audit(1762759395.839:25607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  208.977804][   T29] audit: type=1326 audit(1762759395.849:25608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  209.001554][   T29] audit: type=1326 audit(1762759395.849:25609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12356 comm="syz.3.3263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95834ef6c9 code=0x7ffc0000
[  209.175826][T12354] vhci_hcd: connection closed
[  209.176022][   T57] vhci_hcd: stop threads
[  209.185064][   T57] vhci_hcd: release socket
[  209.189509][   T57] vhci_hcd: disconnect device
[  209.208357][T12361] bond0: (slave dummy0): Releasing backup interface
[  209.218008][T12361] team0: Failed to send options change via netlink (err -105)
[  209.225622][T12361] team0: Port device dummy0 added
[  209.233702][T12361] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  209.244854][T12361] team0: Failed to send options change via netlink (err -105)
[  209.252755][T12361] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  209.262414][T12361] team0: Port device dummy0 removed
[  209.270109][T12361] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  209.444810][T12379] team0: Port device dummy0 added
[  209.451783][T12379] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  209.462387][T12379] team0: Failed to send options change via netlink (err -105)
[  209.469959][T12379] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  209.479056][T12379] team0: Port device dummy0 removed
[  209.486659][T12379] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  209.850362][T12381] lo speed is unknown, defaulting to 1000
[  209.915687][T12381] chnl_net:caif_netlink_parms(): no params data found
[  209.953128][T12381] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.960255][T12381] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.967710][T12381] bridge_slave_0: entered allmulticast mode
[  209.974235][T12381] bridge_slave_0: entered promiscuous mode
[  209.981309][T12381] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.988382][T12381] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.996298][T12381] bridge_slave_1: entered allmulticast mode
[  210.003234][T12381] bridge_slave_1: entered promiscuous mode
[  210.020990][T12381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.031624][T12381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.051829][T12381] team0: Port device team_slave_0 added
[  210.058495][T12381] team0: Port device team_slave_1 added
[  210.075893][T12381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.082886][T12381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  210.108837][T12381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.121117][T12381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.128077][T12381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  210.154096][T12381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.166276][   T57] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.216311][T12381] hsr_slave_0: entered promiscuous mode
[  210.224836][T12381] hsr_slave_1: entered promiscuous mode
[  210.230911][T12381] debugfs: 'hsr0' already exists in 'hsr'
[  210.236664][T12381] Cannot create hsr debugfs directory
[  210.246755][   T57] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.282639][   T57] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.301009][T12413] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3281'.
[  210.319074][T12411] bond0: (slave dummy0): Releasing backup interface
[  210.328027][T12411] team0: Failed to send options change via netlink (err -105)
[  210.335654][T12411] team0: Port device dummy0 added
[  210.357694][   T57] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.369733][T12411] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  210.380769][T12411] team0: Failed to send options change via netlink (err -105)
[  210.388318][T12411] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  210.397373][T12411] team0: Port device dummy0 removed
[  210.405429][T12411] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  210.452328][   T57] bridge_slave_1: left allmulticast mode
[  210.458002][   T57] bridge_slave_1: left promiscuous mode
[  210.463807][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.471670][   T57] bridge_slave_0: left allmulticast mode
[  210.477334][   T57] bridge_slave_0: left promiscuous mode
[  210.483196][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.555265][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.565423][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.575151][   T57] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  210.584635][   T57] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  210.593929][   T57] bond0 (unregistering): Released all slaves
[  210.602642][   T57] bond1 (unregistering): Released all slaves
[  210.611353][   T57] bond2 (unregistering): Released all slaves
[  210.684992][T12422] lo speed is unknown, defaulting to 1000
[  210.724494][   T57] hsr_slave_0: left promiscuous mode
[  210.730581][   T57] hsr_slave_1: left promiscuous mode
[  210.739735][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.747265][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.755619][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.763211][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.784021][   T57] veth1_macvtap: left promiscuous mode
[  210.789695][   T57] veth0_macvtap: left promiscuous mode
[  210.795710][   T57] veth1_vlan: left promiscuous mode
[  210.801057][   T57] veth0_vlan: left promiscuous mode
[  210.870112][   T57] team0 (unregistering): Port device team_slave_1 removed
[  210.881182][   T57] team0 (unregistering): Port device team_slave_0 removed
[  210.939057][ T3442] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.947588][ T3442] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.969798][ T3442] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.982762][ T3442] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.054684][T12381] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  211.086273][T12381] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  211.105559][T12457] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3289'.
[  211.118905][T12381] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  211.122993][T12463] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3291'.
[  211.154094][T12381] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  211.236625][T12479] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.263748][T12480] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3294'.
[  211.279143][T12381] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.300622][T12381] 8021q: adding VLAN 0 to HW filter on device team0
[  211.327568][T12479] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.364281][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.371379][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.388974][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.396119][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.426893][T12479] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.446660][T12381] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  211.457201][T12381] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  211.494761][T12479] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.566691][T12381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.593442][   T57] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.607950][   T57] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.627252][   T57] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.639549][   T57] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.705442][T12381] veth0_vlan: entered promiscuous mode
[  211.716900][T12381] veth1_vlan: entered promiscuous mode
[  211.734918][T12381] veth0_macvtap: entered promiscuous mode
[  211.742493][T12381] veth1_macvtap: entered promiscuous mode
[  211.754521][T12381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  211.767796][T12381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  211.781096][   T31] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.799253][   T31] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  211.829037][   T31] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  211.836058][T12511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3303'.
[  211.837934][   T31] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.916944][T12518] validate_nla: 12 callbacks suppressed
[  211.916963][T12518] netlink: 'syz.0.3273': attribute type 10 has an invalid length.
[  211.931015][T12518] batadv0: entered allmulticast mode
[  211.938183][T12518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.946963][T12518] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  211.983500][T12525] serio: Serial port ptm0
[  212.068243][T12532] x_tables: duplicate underflow at hook 2
[  212.131874][T12540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3315'.
[  212.152038][T12542] netlink: 'syz.1.3316': attribute type 10 has an invalid length.
[  212.160154][T12542] batadv0: left promiscuous mode
[  212.165316][T12542] bridge0: port 3(batadv0) entered disabled state
[  212.174547][T12542] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.183705][T12542] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  212.198178][T12542] netlink: 'syz.1.3316': attribute type 10 has an invalid length.
[  212.206123][T12542] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3316'.
[  212.215604][T12542] batadv0: entered promiscuous mode
[  212.222271][T12542] bond0: (slave batadv0): Releasing backup interface
[  212.231393][T12542] bridge0: port 3(batadv0) entered blocking state
[  212.237862][T12542] bridge0: port 3(batadv0) entered disabled state
[  212.249402][T12549] netlink: 'syz.4.3318': attribute type 10 has an invalid length.
[  212.265728][T12549] batadv0: left promiscuous mode
[  212.270828][T12549] bridge0: port 3(batadv0) entered disabled state
[  212.289757][T12549] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.303546][T12549] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  212.321117][T12548] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3319'.
[  212.330956][T12548] netem: change failed
[  212.380230][T12555] serio: Serial port ptm0
[  212.444033][T12559] x_tables: duplicate underflow at hook 2
[  212.576319][T12574] netlink: 'syz.0.3331': attribute type 10 has an invalid length.
[  212.600529][   T12] Bluetooth: hci0: Frame reassembly failed (-84)
[  212.609126][T12574] netlink: 'syz.0.3331': attribute type 10 has an invalid length.
[  212.617024][T12574] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3331'.
[  212.627040][T12574] batadv0: entered promiscuous mode
[  212.633168][T12574] bond0: (slave batadv0): Releasing backup interface
[  212.643081][T12574] bridge0: port 3(batadv0) entered blocking state
[  212.649590][T12574] bridge0: port 3(batadv0) entered disabled state
[  212.720464][   T29] kauditd_printk_skb: 830 callbacks suppressed
[  212.720478][   T29] audit: type=1326 audit(1762759399.659:26440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12513 comm="syz.2.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6c9e40f6c9 code=0x7ffc0000
[  212.818593][   T29] audit: type=1326 audit(1762759399.759:26441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12513 comm="syz.2.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6c9e40f6c9 code=0x7ffc0000
[  212.845380][T12586] x_tables: duplicate underflow at hook 2
[  212.855616][   T29] audit: type=1326 audit(1762759399.799:26442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.878695][   T29] audit: type=1326 audit(1762759399.799:26443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.901779][   T29] audit: type=1326 audit(1762759399.799:26444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.925010][   T29] audit: type=1326 audit(1762759399.799:26445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.948076][   T29] audit: type=1326 audit(1762759399.799:26446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.971231][   T29] audit: type=1326 audit(1762759399.799:26447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  212.994238][   T29] audit: type=1326 audit(1762759399.799:26448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  213.002034][   T12] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  213.017268][   T29] audit: type=1326 audit(1762759399.799:26449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12585 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca6a95f6c9 code=0x7ffc0000
[  213.026533][   T12] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  213.184369][T12605] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3347'.
[  213.251068][T12615] SELinux:  policydb version -2054264567 does not match my version range 15-35
[  213.254320][T12616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3350'.
[  213.260129][T12615] SELinux: failed to load policy
[  213.592259][   T12] Bluetooth: hci1: Frame reassembly failed (-84)
[  213.947547][   T57] Bluetooth: hci2: Frame reassembly failed (-84)
[  214.191498][T12639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3360'.
[  214.269749][T12645] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3362'.
[  214.670889][ T8493] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  214.670991][ T5197] Bluetooth: hci0: command 0x1003 tx timeout
[  214.707634][T12655] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.742410][T12655] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.779348][T12659] netlink: '+}[@': attribute type 10 has an invalid length.
[  214.788707][T12659] bond0: (slave dummy0): Releasing backup interface
[  214.798006][T12659] team0: Failed to send options change via netlink (err -105)
[  214.805518][T12659] team0: Port device dummy0 added
[  214.815353][T12659] netlink: '+}[@': attribute type 10 has an invalid length.
[  214.816325][T12655] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.834045][T12659] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  214.844783][T12659] team0: Failed to send options change via netlink (err -105)
[  214.852458][T12659] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  214.861645][T12659] team0: Port device dummy0 removed
[  214.869129][T12659] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  214.883570][T12655] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.949085][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.960757][   T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.972622][   T31] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.984207][   T31] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  215.214490][T12668] lo speed is unknown, defaulting to 1000
[  215.289719][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3372'.
[  215.358107][T12678] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3374'.
[  215.367944][T12678] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3374'.
[  215.468406][T12683] netlink: '+}[@': attribute type 10 has an invalid length.
[  215.477997][T12683] bond0: (slave dummy0): Releasing backup interface
[  215.487268][T12683] team0: Failed to send options change via netlink (err -105)
[  215.494780][T12683] team0: Port device dummy0 added
[  215.504236][T12683] netlink: '+}[@': attribute type 10 has an invalid length.
[  215.512113][T12683] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  215.522926][T12683] team0: Failed to send options change via netlink (err -105)
[  215.530468][T12683] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  215.539497][T12683] team0: Port device dummy0 removed
[  215.546861][T12683] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  215.574286][T12686] serio: Serial port ptm0
[  215.630806][ T5197] Bluetooth: hci1: command 0x1003 tx timeout
[  215.630806][ T4005] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  215.676571][T12691] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  215.683116][T12691] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  215.690802][T12691] vhci_hcd vhci_hcd.0: Device attached
[  215.697115][T12692] vhci_hcd: connection closed
[  215.701217][   T31] vhci_hcd: stop threads
[  215.706204][   T31] vhci_hcd: release socket
[  215.710619][   T31] vhci_hcd: disconnect device
[  215.950859][   T44] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  215.952299][ T4005] Bluetooth: hci2: command 0x1003 tx timeout
[  216.019777][T12700] lo speed is unknown, defaulting to 1000
[  216.092750][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3383'.
[  216.174355][T12714] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3386'.
[  216.190016][T12712] netlink: 28 bytes leftover after parsing attributes in process `{/}\…‘"ÀÒÁåXÜe†'.
[  216.200719][T12712] ip6t_srh: unknown srh match flags  4000
[  216.236462][T12716] hsr_slave_0: left promiscuous mode
[  216.244857][T12718] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  216.251447][T12718] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  216.259180][T12718] vhci_hcd vhci_hcd.0: Device attached
[  216.265152][T12716] hsr_slave_1: left promiscuous mode
[  216.361241][T12719] vhci_hcd: connection closed
[  216.361403][   T12] vhci_hcd: stop threads
[  216.370798][   T12] vhci_hcd: release socket
[  216.375384][   T12] vhci_hcd: disconnect device
[  216.420741][T12731] lo speed is unknown, defaulting to 1000
[  216.569413][T12748] FAULT_INJECTION: forcing a failure.
[  216.569413][T12748] name failslab, interval 1, probability 0, space 0, times 0
[  216.582278][T12748] CPU: 1 UID: 0 PID: 12748 Comm: syz.1.3399 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  216.582304][T12748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  216.582360][T12748] Call Trace:
[  216.582368][T12748]  <TASK>
[  216.582376][T12748]  __dump_stack+0x1d/0x30
[  216.582404][T12748]  dump_stack_lvl+0xe8/0x140
[  216.582430][T12748]  dump_stack+0x15/0x1b
[  216.582474][T12748]  should_fail_ex+0x265/0x280
[  216.582497][T12748]  should_failslab+0x8c/0xb0
[  216.582532][T12748]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  216.582570][T12748]  ? __alloc_skb+0x101/0x320
[  216.582623][T12748]  __alloc_skb+0x101/0x320
[  216.582673][T12748]  ? audit_log_start+0x342/0x720
[  216.582699][T12748]  audit_log_start+0x3a0/0x720
[  216.582724][T12748]  ? kstrtouint+0x76/0xc0
[  216.582760][T12748]  audit_seccomp+0x48/0x100
[  216.582859][T12748]  ? __seccomp_filter+0x82d/0x1250
[  216.582892][T12748]  __seccomp_filter+0x83e/0x1250
[  216.582921][T12748]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  216.583060][T12748]  ? vfs_write+0x7e8/0x960
[  216.583143][T12748]  ? __rcu_read_unlock+0x4f/0x70
[  216.583175][T12748]  ? __fget_files+0x184/0x1c0
[  216.583212][T12748]  __secure_computing+0x82/0x150
[  216.583253][T12748]  syscall_trace_enter+0xcf/0x1e0
[  216.583295][T12748]  do_syscall_64+0xac/0x200
[  216.583354][T12748]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  216.583381][T12748]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  216.583421][T12748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.583446][T12748] RIP: 0033:0x7fca6a95f6c9
[  216.583530][T12748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.583546][T12748] RSP: 002b:00007fca693bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001cb
[  216.583581][T12748] RAX: ffffffffffffffda RBX: 00007fca6abb5fa0 RCX: 00007fca6a95f6c9
[  216.583595][T12748] RDX: 0000200000000480 RSI: 0000200000001940 RDI: 0000000000000066
[  216.583608][T12748] RBP: 00007fca693bf090 R08: 0000000000000000 R09: 0000000000000000
[  216.583622][T12748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.583665][T12748] R13: 00007fca6abb6038 R14: 00007fca6abb5fa0 R15: 00007ffd967ac3c8
[  216.583687][T12748]  </TASK>
[  216.939029][T12765] Falling back ldisc for ptm1.
[  216.964123][T12763] lo speed is unknown, defaulting to 1000
[  217.064443][T12774] netlink: 'syz.3.3410': attribute type 10 has an invalid length.
[  217.151594][T12782] netlink: 'syz.3.3414': attribute type 10 has an invalid length.
[  217.224784][T12787] netlink: '+}[@': attribute type 10 has an invalid length.
[  217.238114][T12787] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  217.373423][T12792] lo speed is unknown, defaulting to 1000
[  217.729423][T12798] netlink: 'syz.1.3420': attribute type 10 has an invalid length.
[  217.737575][T12798] batadv0: left promiscuous mode
[  217.742766][T12798] bridge0: port 3(batadv0) entered disabled state
[  217.750462][T12798] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.759189][T12798] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  217.768763][T12798] netlink: 'syz.1.3420': attribute type 10 has an invalid length.
[  217.776662][T12798] batadv0: entered promiscuous mode
[  217.783004][T12798] bond0: (slave batadv0): Releasing backup interface
[  217.791262][T12798] bridge0: port 3(batadv0) entered blocking state
[  217.797753][T12798] bridge0: port 3(batadv0) entered disabled state
[  217.831075][   T31] Bluetooth: hci1: Frame reassembly failed (-84)
[  217.946149][T12804] FAULT_INJECTION: forcing a failure.
[  217.946149][T12804] name failslab, interval 1, probability 0, space 0, times 0
[  217.958892][T12804] CPU: 0 UID: 0 PID: 12804 Comm: syz.4.3423 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  217.958954][T12804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  217.958965][T12804] Call Trace:
[  217.958969][T12804]  <TASK>
[  217.958975][T12804]  __dump_stack+0x1d/0x30
[  217.959003][T12804]  dump_stack_lvl+0xe8/0x140
[  217.959028][T12804]  dump_stack+0x15/0x1b
[  217.959048][T12804]  should_fail_ex+0x265/0x280
[  217.959150][T12804]  should_failslab+0x8c/0xb0
[  217.959187][T12804]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  217.959230][T12804]  ? __alloc_skb+0x101/0x320
[  217.959253][T12804]  __alloc_skb+0x101/0x320
[  217.959277][T12804]  netlink_alloc_large_skb+0xbf/0xf0
[  217.959382][T12804]  netlink_sendmsg+0x3cf/0x6b0
[  217.959445][T12804]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.959460][T12804]  __sock_sendmsg+0x145/0x180
[  217.959480][T12804]  ____sys_sendmsg+0x31e/0x4e0
[  217.959553][T12804]  ___sys_sendmsg+0x17b/0x1d0
[  217.959580][T12804]  __x64_sys_sendmsg+0xd4/0x160
[  217.959641][T12804]  x64_sys_call+0x191e/0x3000
[  217.959715][T12804]  do_syscall_64+0xd2/0x200
[  217.959732][T12804]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  217.959766][T12804]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  217.959853][T12804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.959870][T12804] RIP: 0033:0x7f24f2abf6c9
[  217.959881][T12804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.959899][T12804] RSP: 002b:00007f24f1527038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.959982][T12804] RAX: ffffffffffffffda RBX: 00007f24f2d15fa0 RCX: 00007f24f2abf6c9
[  217.959992][T12804] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000003
[  217.960002][T12804] RBP: 00007f24f1527090 R08: 0000000000000000 R09: 0000000000000000
[  217.960011][T12804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.960020][T12804] R13: 00007f24f2d16038 R14: 00007f24f2d15fa0 R15: 00007ffe30258318
[  217.960036][T12804]  </TASK>
[  218.207417][T12812] __nla_validate_parse: 4 callbacks suppressed
[  218.207449][T12812] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3427'.
[  218.232701][   T29] kauditd_printk_skb: 379 callbacks suppressed
[  218.232736][   T29] audit: type=1326 audit(1762759405.179:26827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.276742][   T29] audit: type=1326 audit(1762759405.179:26828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.300724][   T29] audit: type=1326 audit(1762759405.179:26829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.323914][T12817] lo speed is unknown, defaulting to 1000
[  218.324474][   T29] audit: type=1326 audit(1762759405.179:26830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.353635][   T29] audit: type=1326 audit(1762759405.179:26831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.379370][   T29] audit: type=1326 audit(1762759405.279:26832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.403087][   T29] audit: type=1326 audit(1762759405.309:26833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f24f2abf6c9 code=0x7ffc0000
[  218.426689][   T29] audit: type=1326 audit(1762759405.309:26834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f24f2abf703 code=0x7ffc0000
[  218.450167][   T29] audit: type=1326 audit(1762759405.309:26835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f24f2abe17f code=0x7ffc0000
[  218.473611][   T29] audit: type=1326 audit(1762759405.309:26836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12805 comm="syz.4.3424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f24f2abf757 code=0x7ffc0000
[  218.512284][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  218.561215][T12827] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=104 sclass=netlink_audit_socket pid=12827 comm=syz.0.3433
[  218.633381][T12828] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=36 sclass=netlink_audit_socket pid=12828 comm=syz.0.3433
[  218.652659][T12830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.663628][T12830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.673183][   T31] bridge_slave_1: left allmulticast mode
[  218.678901][   T31] bridge_slave_1: left promiscuous mode
[  218.684799][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.693801][   T31] bridge_slave_0: left allmulticast mode
[  218.699502][   T31] bridge_slave_0: left promiscuous mode
[  218.705624][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.717861][T12832] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  218.724566][T12832] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  218.732318][T12832] vhci_hcd vhci_hcd.0: Device attached
[  218.818818][T12833] vhci_hcd: connection closed
[  218.818972][   T57] vhci_hcd: stop threads
[  218.828081][   T57] vhci_hcd: release socket
[  218.832526][   T57] vhci_hcd: disconnect device
[  218.883190][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.893270][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.903135][   T31] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  218.912673][   T31] bond0 (unregistering): Released all slaves
[  218.921777][   T31] bond1 (unregistering): (slave wireguard0): Releasing backup interface
[  218.930108][   T31] wireguard0: left promiscuous mode
[  218.936462][   T31] bond1 (unregistering): (slave wireguard1): Releasing backup interface
[  218.945868][   T31] bond1 (unregistering): Released all slaves
[  219.005843][   T31] tipc: Left network mode
[  219.027953][   T31] hsr_slave_0: left promiscuous mode
[  219.034037][   T31] hsr_slave_1: left promiscuous mode
[  219.041929][   T31] veth1_macvtap: left promiscuous mode
[  219.047482][   T31] veth0_macvtap: left promiscuous mode
[  219.108554][   T31] team0 (unregistering): Port device team_slave_1 removed
[  219.118821][   T31] team0 (unregistering): Port device team_slave_0 removed
[  219.232058][T12846] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3440'.
[  219.296256][T12848] lo speed is unknown, defaulting to 1000
[  219.396103][T12859] netlink: '+}[@': attribute type 10 has an invalid length.
[  219.405821][T12859] bond0: (slave dummy0): Releasing backup interface
[  219.416041][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  219.420287][T12859] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  219.431881][T12859] team0: Failed to send options change via netlink (err -105)
[  219.439394][T12859] team0: Port device dummy0 added
[  219.447158][T12859] netlink: '+}[@': attribute type 10 has an invalid length.
[  219.455108][T12859] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  219.466222][T12859] team0: Failed to send options change via netlink (err -105)
[  219.473866][T12859] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  219.482794][T12859] team0: Port device dummy0 removed
[  219.490386][T12859] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  219.817519][T12866] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12866 comm=syz.2.3448
[  219.870789][ T4005] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  219.900320][T12868] ==================================================================
[  219.908539][T12868] BUG: KCSAN: data-race in selinux_inode_permission / selinux_inode_permission
[  219.917522][T12868] 
[  219.919844][T12868] write to 0xffff88812f86a734 of 4 bytes by task 12869 on cpu 1:
[  219.927552][T12868]  selinux_inode_permission+0x58f/0x740
[  219.933106][T12868]  security_inode_permission+0x6d/0xb0
[  219.938574][T12868]  inode_permission+0x106/0x310
[  219.943439][T12868]  link_path_walk+0x162/0x900
[  219.948125][T12868]  path_openat+0x1de/0x2170
[  219.952643][T12868]  do_filp_open+0x109/0x230
[  219.957161][T12868]  do_sys_openat2+0xa6/0x110
[  219.961753][T12868]  __x64_sys_openat+0xf2/0x120
[  219.966522][T12868]  x64_sys_call+0x2eab/0x3000
[  219.971217][T12868]  do_syscall_64+0xd2/0x200
[  219.975727][T12868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.981656][T12868] 
[  219.983978][T12868] read to 0xffff88812f86a734 of 4 bytes by task 12868 on cpu 0:
[  219.991601][T12868]  selinux_inode_permission+0x369/0x740
[  219.997167][T12868]  security_inode_permission+0x6d/0xb0
[  220.002645][T12868]  inode_permission+0x106/0x310
[  220.007529][T12868]  link_path_walk+0x162/0x900
[  220.012211][T12868]  path_openat+0x1de/0x2170
[  220.016715][T12868]  do_filp_open+0x109/0x230
[  220.021225][T12868]  io_openat2+0x272/0x390
[  220.025560][T12868]  io_openat+0x1b/0x30
[  220.029627][T12868]  __io_issue_sqe+0xfe/0x2e0
[  220.034238][T12868]  io_issue_sqe+0x56/0xa80
[  220.038661][T12868]  io_submit_sqes+0x675/0x1060
[  220.043428][T12868]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  220.048988][T12868]  __x64_sys_io_uring_enter+0x78/0x90
[  220.054372][T12868]  x64_sys_call+0x2df0/0x3000
[  220.059047][T12868]  do_syscall_64+0xd2/0x200
[  220.063562][T12868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.069464][T12868] 
[  220.071799][T12868] value changed: 0x00000022 -> 0x00000034
[  220.077507][T12868] 
[  220.079824][T12868] Reported by Kernel Concurrency Sanitizer on:
[  220.085971][T12868] CPU: 0 UID: 0 PID: 12868 Comm: syz.2.3449 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  220.095774][T12868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  220.105844][T12868] ==================================================================
[  221.470723][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  221.476787][ T5197] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  228.806261][   T52] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  228.815625][   T52] bond0 (unregistering): Released all slaves
[  228.824346][   T52] bond1 (unregistering): Released all slaves
[  228.833585][   T52] bond2 (unregistering): Released all slaves
[  228.842323][   T52] bond3 (unregistering): Released all slaves
[  228.885725][   T52] tipc: Left network mode
[  228.908429][   T52] hsr_slave_0: left promiscuous mode
[  228.914332][   T52] hsr_slave_1: left promiscuous mode
[  228.921562][   T52] veth1_macvtap: left promiscuous mode
[  228.927105][   T52] veth0_macvtap: left promiscuous mode
[  228.933355][   T52] veth1_vlan: left promiscuous mode
[  228.938774][   T52] veth0_vlan: left promiscuous mode
[  229.004220][   T12] smc: removing ib device syz!