last executing test programs:

1.963200852s ago: executing program 0 (id=3908):
perf_event_open(0x0, 0x0, 0x200000000000000, 0xffffffffffffffff, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f0000005880)=[{0x5, 0x0, 0x0, 0xfd, @time={0x8001, 0x7}, {}, {0xe}, @control={0x8, 0x5, 0x6}}], 0x1c)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
socket$inet_tcp(0x2, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x107041, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
getpeername$packet(r2, 0x0, &(0x7f0000000f00))
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000012c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=0x0, @ANYBLOB="20002bbd7000fcdbdf25150000003400018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800030000000000140001800800010011e5c10db26db74ea04280ab219a0ab531181434a90f1e6a09674dc367787d543676dd96b235372c6968c4167f59253a1e6d868ccb07e5989557bf2721b657323c2e4ad801b72720e6b7e878b3bf2409241f334ebad53a6a4ffdd7fafd31ca51cad5ff8ea8e319ac0f1ef3e5fd32f42060c2e25fbde78a5c68776a4adbad5b1f3e7c12f3647283617646b12b57fe0714a15706155fd81e11c95090052452878f1e0ad87f5097cfe60287add3c2ace532a740ee8c6fd0f413b50f3932721d5c6be552f5006985f97bb5609101631aaac337fd7710b370e2f6d4f2724b3138de62dd118bba0ccdbaca09b81c8f290995bc438189", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="3000018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="0800030002000000140002007465616d5f736c6176655f31000000002800018008000100", @ANYRES32=0x0, @ANYBLOB="140002006272696467653000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="4400018008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002006970766c616e300000000000000000001c00018008000100", @ANYRES32=0x0, @ANYBLOB='\b\x00', @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="1c00018008000100", @ANYRES32, @ANYBLOB="08000300010000000800030002000000"], 0x130}, 0x1, 0x0, 0x0, 0xc080}, 0x808)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000100)={0x8, 0x8, 0x3, 0x7, 0x1c4d7d48})
write$cgroup_devices(r3, 0x0, 0x26)
socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'xfrm0\x00'})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x103843, 0x3f)

1.938968732s ago: executing program 0 (id=3910):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext={0x2000000000000000, 0x8}, 0x1000, 0x5dd8, 0x100000, 0x5, 0x0, 0xb, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x52d, &(0x7f0000001500)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVgWO+AOQEIJKnDhxQeLGBQnlT0BIlcgdAQIhSOHAARg0s7Ops8wmtrIfqf37Se/uO+/szvO8G+/sOx+ZCeDUeiEi3oyIuYh4KSIWy/a0LHHQL/nrPrz73npe8ua3/5ZEUrZFFNV7zpVvm+8/Veru7V9ba7dbO+V0s7d9o9nd27+0tb222dpsXV9ZWX519bXVV1Yvj6Wfeb9e/9qffvT9n3399V9/8d3fX/nLxe/kSX+1nD/o1/gUn17cKR7r+WdxTy0idsYbbGbmyv7UZ50IAABHko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/bGQvw7icgAAACAE+uNiFiIJG2U5wIsRJo2Gv1zeD8TT6TtTrf3haud3esb+byIpainV7farcvlObVLUU/y6eWi/tH0y0PTKxHxVET8cPFsMd1Y77Q3Zr3zAwAAAE6Jc0Pb//9c7G//AwAAACfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAABOtG+89VZessH9rzfe2du91nnn0kare62xvbveWO/s3GhsdjqbxTX7th+0rHpEtDudG1+K2L3Z7LW6vWZ3b//Kdmf3eu/KlvsHAgAAwKw89fztO0lEHHz5bFFyZ/KHuRFvcK4AnBjpcV78x8nlAUzfqJ/5IzgzzjyA6avNOgFgdg5mnQAwa/dd6qNiUHD45J379hn8ZnI5AQAA43Xhs7fvfLfi+H+tPJ8fOLmOdfwfOFEe4fg/8DHn+D+cXvVjjQBuTTATYFYedquPkRfvqDr+X3lmcJY9dFkAAMBELRTl+bRRHgtciDRtNCKeLP6rfz25utVuXY6IT0bE7xbrn8inl4t3Jm4PCAAAAAAAAAAAAAAAAAAAAAAAAABHlGVJZAAAAMCJFpH+OSnv/3Vh8fzC8P6BM8m/FqO8pde7P3n7xzfXer2d5bz97/fae++X7S/PYg8GAAAAnEa1B84dbKcPtuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJw+vPve+qBMM+5fvxIRS1XxazFfPM9HPSKe+EcStUPvSyJibgzxD25FxNNV8ZM8rVgqsxiOn0bE2enEfzbLssr458YQH06z2/n6582q718aLxTP1d//Wlke1X3rvzO/PDQnvbf+mxux/nvyiDGe+eAXzZHxb0U8U6te/wziJyPiv1i1wIoP5dvf2t//v8b+wiP7acSFyt+f5L5Yzd72jWZ3b//S1vbaZmuzdX1lZfnV1ddWX1m93Ly61W6Vj1Uh4gfP/uq/Q9H/k/UV/Y8R8Zce0v/zeaV+qDEbDlMG++Dm3U/3q/WhRRTxL75Y/ff39APi538Tny9/B/L5Fwb1g379sOd+/tvnKhMr42+M6P/D/v0vjlrokJe++b0/HPGlAMAUdPf2r621262diVfez7JsWrGOXon0qC8uhotT/cSmWxmM7iYWYv5x6emUK+cfjzSOUxnHni0AAOBx89Ggf9aZAAAAAAAAAAAAAAAAAAAAwOnV3Yt00pcTG455MJuuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA80P8CAAD//yOS2ac=")
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x3}, {}, {0x3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.190159833s ago: executing program 2 (id=3930):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000280)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="080028bd7000ffdbdf254b0000000c00a600fffeffffffffffff0c00a600050000000000000008000300030000000c00a700020000142f00000008000300010000000800030cd591e9e10003000000"], 0x50}, 0x1, 0x0, 0x0, 0x40008e0}, 0x2000080)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="7800000010000305000000000000000000cf0100", @ANYRES32=0x0, @ANYBLOB="83000000000000002000128008000100677265001400028008000700e0"], 0x78}}, 0x0)

1.164568423s ago: executing program 2 (id=3931):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
shutdown(r0, 0x1)

1.103857314s ago: executing program 2 (id=3932):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000300), 0xffffffffffffffff)
write$binfmt_aout(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
syz_open_pts(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = memfd_create(&(0x7f0000000540)='\x14\xf8\x1di\x9e\xe7a\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\xe6@:\xc8k\xc5\xe3\xf6Q\x84=\xfa\x81\f\x05t\x10\x0e\xcf^9\xbe\\x\xed*\x16T\xe4\x8c\xb0\xc3\xc7\x12]\xf0\xad\x04\xad\x89Q\x81^\x8b\x9f\xf5\x00\xa7\xd4\a\x06\xefnB0wg\x90\x8d\x05\xab\x03\x8f\x85}\xc6Pv\x1dd\xbc\xea\xd6\xf0\xe0,\xb8\xdcpm\xc5\xe9\x1a\x06\x00\xba\xe3\x049h\xc0lB\x1aV\x170\xe1\xc8\xcd<P\x00\xa6\f\xe1\x97\xe9\xed\xc0`\x12<\xbf^\xef\xd8\x89\xd5\x85\xc2\xef`4\x9c\x05\xcfZWS\x90\")\x92+*\xa66\xde.\xbe\xf7\xc0\xff\x94Y\xd6T\xe7TJ\xb06\xc0\xb7Ns\xae/\nO\xb6\xbbsA%\xd8\xe3\xfe\x0f%C\xfdQ\x18]\x88Z7B\x9a2if/\xcf\x96\xae\xb5ELxz\x82\r\x0fLEbOt#\xaf=v,\xd9C\xe7\xec\xf6\x8d\x88\x17B\xe8\xa8\x9b\xf8+\f\xa0|\xd8.V\xb7\xdd\xfev\xd8w\x8e\x83\x11\xd3\x1d\x95\x0e\x13\x8c\x93\xaf\x04@\xa7\f}\'\xf8bFz\xce\xae\x11\x00\xd6_\xc3\x80\xb4`+\xa8\xd7M\xcd\xef\x95>K}\xde\x9d\xc6\x8d\x97\xdb&\x19\xdcc\x06\xa9 \xd8\xb3Km\xe8\xdcu\xb8\x94\x8a\xf6&\xf8O\x80;\\\x1e\x13;\xc4\a\x8cd\xe9\xf8V\x9b\x19\x9a\xad\xe4\xa1\'\x82?\x9a<0A\xc7\xda\xff\x8aR\x19\x9fh\x81\xd7}\x1ei~\xa7|Lq\xe2\xdf\xf2q\x1d\xabB\xe3\xe0\xbd\xe3\xdc\xa9\xc9\xbaxo\xbb\xc9b\xec8\xca\xe6\x8a\xf4X\"D\x02\xd7\f\xf0\xba\xdf\xb5\xdc\xaa\x0f\x1f\xc1b:\xc3+\xceL%t&\xc1\xcd\xf4\xd5\xc2\x82\xd6\x98\x95\xcd\xd9~\x80@\xdd\x89\xc3\xa3P \xb7\x1f\xf6j\x8da\xab\x9f\xb1\xa0\xceC`vI\x84\xd9\x03\xb7JUX\xa2\xfd\x97pbZc0\x00\x8c+\xe2&&\xacZd\xd8y3;\xa3\xfb\xca\xa4Rz\xd3K\x1e\xdf\x05u\xcbw\x82\x97}\x91<\x11\xa3\x93`\xf4\x82\xa3\x83p%\x91:Og<\x88\xbf]o\x17l\x9f,\x89\xaf\xab\x15\xaf\x12m\x95;\x92\xbd\xe2^;\x16\xac\xda\x9b\xbc\v\xaa\xcb\x118\\\xcb\x93\x00'/582, 0x6)
lseek(r3, 0x5, 0x0)
r4 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@generic={&(0x7f00000000c0)='./file0\x00'}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xd, &(0x7f00000003c0)=ANY=[@ANYRESHEX, @ANYBLOB="16ca1b936c48ffc45526649ebf991fbc8213e3d96481e73a5c309c3e8363a9dac86e7b6962fa782fd1397f09e6a981c07d3e255a03fa1ae90a2e9a21151313b6b9d3255bea0623f886bd702aabcecab0cbf37e0afe43af8a27da0ec3a891c644dc7ca9407cf280ad6829c64f471827757657b33d46ea1d84a695334f65be15b9def20a473496ea2b86210dabffff27b89af1d0b6bbc276c9052b62c9d9b6f25fdc6731bbf3379ab9404853f3f755634c49613ebab31e5b0e655e5b85954ff62d3cf09415a84c66b7", @ANYRES8, @ANYRESOCT, @ANYBLOB="f1b7fefb0eaa61a742a31b7ff106d42e75808abf3e2edefc00400a16d74c328700cb2d8670a90f7ad34b201fba46e861766045a336dc062cf1d176a25e0106049e465c1291009c24e04508b02ee2eca26a234b2e1923ca5a466037156ada1b3a34f1150da4d69e7bb7bc358011479f7b8689ef2fb939a27167094e781673dcce38ae6e662a7fc667bec67022c3a22e27c82d03689e8929e07431a854303a6c621d5fbe2aa660cfc86362288e"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)

1.103465944s ago: executing program 4 (id=3933):
perf_event_open(0x0, 0x0, 0x200000000000000, 0xffffffffffffffff, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f0000005880)=[{0x5, 0x0, 0x0, 0xfd, @time={0x8001, 0x7}, {}, {0xe}, @control={0x8, 0x5, 0x6}}], 0x1c)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
socket$inet_tcp(0x2, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x107041, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
getpeername$packet(r2, 0x0, &(0x7f0000000f00))
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000012c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=0x0, @ANYBLOB="20002bbd7000fcdbdf25150000003400018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800030000000000140001800800010011e5c10db26db74ea04280ab219a0ab531181434a90f1e6a09674dc367787d543676dd96b235372c6968c4167f59253a1e6d868ccb07e5989557bf2721b657323c2e4ad801b72720e6b7e878b3bf2409241f334ebad53a6a4ffdd7fafd31ca51cad5ff8ea8e319ac0f1ef3e5fd32f42060c2e25fbde78a5c68776a4adbad5b1f3e7c12f3647283617646b12b57fe0714a15706155fd81e11c95090052452878f1e0ad87f5097cfe60287add3c2ace532a740ee8c6fd0f413b50f3932721d5c6be552f5006985f97bb5609101631aaac337fd7710b370e2f6d4f2724b3138de62dd118bba0ccdbaca09b81c8f290995bc438189", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="3000018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="0800030002000000140002007465616d5f736c6176655f31000000002800018008000100", @ANYRES32=0x0, @ANYBLOB="140002006272696467653000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="4400018008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002006970766c616e300000000000000000001c00018008000100", @ANYRES32=0x0, @ANYBLOB="080001", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="1c00018008000100", @ANYRES32, @ANYBLOB="08000300010000000800030002000000"], 0x130}, 0x1, 0x0, 0x0, 0xc080}, 0x808)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000100)={0x8, 0x8, 0x3, 0x7, 0x1c4d7d48})
write$cgroup_devices(r3, 0x0, 0x26)
socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'xfrm0\x00'})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x103843, 0x3f)

1.092936064s ago: executing program 4 (id=3934):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000002c0))
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
preadv(r2, &(0x7f0000000780)=[{&(0x7f0000000080)=""/116, 0x74}], 0x1, 0x8, 0xfffffffe)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='mm_page_alloc\x00', r3}, 0x10)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000000)={0x3, 0x200, "fe0140", 0x0, 0xf})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800e6e03162b4eb000000000000000000000000000009000000007b000000612e61005845d3f940ad243605c0a2635f12e26b8f2aa7014648f62a5308eadbeef4cd5d1b499a7569874796a76e02582057a2948f926d53018deb36e907dc63e7f628d0022fa4b7fd40e491c85c405b95cbf8a816a28aa349ae04df695f1cc57ca8ae0b3a"], 0x0, 0x21, 0x0, 0x1, 0x3, 0x0, @void, @value}, 0x28)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6, 0x0, 0x1}, 0x18)
r7 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r7, 0x2284, &(0x7f0000000080))

971.761486ms ago: executing program 3 (id=3936):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000300)='./file0\x00', 0xe5)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000001880)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e84b928ecb96e0e4e781bfca4c928c956321dd51400000000000020011584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26cfbb2eb91e40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a63d070000930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299dea6c08073dd0c47b9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8303985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725436101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35cfe7d498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c17d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f", 0x45b)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45b], 0x0, 0x0, 0x1, 0x1, r3}}, 0x40)

964.600486ms ago: executing program 0 (id=3937):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe4c)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x84101)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vxcan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x114df, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1000, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
io_uring_enter(r3, 0x3516, 0xad30, 0x2, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = gettid()
sendmsg$unix(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000", @ANYRES32=r8, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r11=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {}, {0x9}}}, 0x24}}, 0x0)

963.732577ms ago: executing program 4 (id=3938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'veth0_virt_wifi\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r2)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x77359400}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000ffdbdf25010000000c00018008000100", @ANYRES32=r3], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000)
mq_notify(r7, &(0x7f0000000280)={0x0, 0xd, 0x2, @tid=r5})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000380)={'ip6tnl0\x00', r3, 0x2f, 0xb9, 0xa, 0x7, 0x0, @remote, @mcast1, 0x7, 0x8, 0x0, 0x4}})
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sync()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r9}, 0x18)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r10}, 0x18)
io_uring_setup(0x3300, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r10})

948.151637ms ago: executing program 2 (id=3939):
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000680), 0x80c02, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x40040, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, <r2=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x1f, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f00000001c0)='GPL\x00', 0x7ffffff9, 0x4, &(0x7f0000000380)=""/4, 0x41000, 0x4c, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x11, 0xc, 0x1, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x10, 0x400fff, @void, @value}, 0x94)
write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0x1000)

913.623987ms ago: executing program 2 (id=3940):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

913.185627ms ago: executing program 3 (id=3941):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000280)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="080028bd7000ffdbdf254b0000000c00a600fffeffffffffffff0c00a600050000000000000008000300030000000c00a700020000142f00000008000300010000000800030cd591e9e10003000000"], 0x50}, 0x1, 0x0, 0x0, 0x40008e0}, 0x2000080)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="7800000010000305000000000000000000cf0100", @ANYRES32=0x0, @ANYBLOB="83000000000000002000128008000100677265001400028008000700e0"], 0x78}}, 0x0)

904.884518ms ago: executing program 0 (id=3942):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000002c00000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

891.901687ms ago: executing program 2 (id=3943):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x492492492492846, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000004"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000280)='GPL\x00', 0x4, 0x3c, &(0x7f00000002c0)=""/60, 0x1e00, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000008000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r1}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
mknodat$null(r5, &(0x7f00000006c0)='.\x00', 0xc000, 0x103)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r6 = io_uring_setup(0x3eee, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r0, 0x200}], 0x1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000340)={0x0, 0x79af, 0x80, 0x8000, 0x335}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000180)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x40, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x40, 0x1})
syz_socket_connect_nvme_tcp()

868.942068ms ago: executing program 3 (id=3944):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
shutdown(0xffffffffffffffff, 0x1)

867.492548ms ago: executing program 0 (id=3945):
perf_event_open(0x0, 0x0, 0x200000000000000, 0xffffffffffffffff, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
write$sndseq(0xffffffffffffffff, &(0x7f0000005880)=[{0x5, 0x0, 0x0, 0xfd, @time={0x8001, 0x7}, {}, {0xe}, @control={0x8, 0x5, 0x6}}], 0x1c)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
socket$inet_tcp(0x2, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4fb, &(0x7f0000000500)="$eJzs3U1vW1kZAODXzpeTyUwywywAIaYMAwVVdRJ3JhrNAoYVQqgSokuQ2pC4URQ7jmKnNKGL9j8gUYkVLPkBrLviJyDYsYEFEh8RqKnE4qJ7bbduajduk9hp/DzS1b3nnmu/5yS559hvEp8ARtaliLgfEZMRcSsi5lrnc60tPm9u6XWPD+6tHh7cW81Fktz4Vy6rT89Fx2NSb7WesxARP/5+xM9yL8at7+1vrlQq5Z1mcXqhUd1eqO/tX92orqyX18tbpdLy0vLip9c+KZ1aXz+oTjYPxtIGfvsXabNmW3Wd/ThNza5PPI2TGo+IH55FsCEYa/VnctgN4bXkI+K9iPgwu//nYiz7bgIAF1mSzEUy11kGAC66fJYDy+WLrVzAbOTzxWIzh/d+zOQrtXrjyu3a7tZaM1c2HxP52xuV8mIrVzgfE7m0vJQdPyuXjpSvRcS7EfHLqemsXFytVdaG+cIHAEbYW0fm//9ONed/AOCCKwy7AQDAwJn/AWD0mP8BYPSY/wFg9Jj/AWD0mP8BYPSY/wFgpPzo+vV0Sw5bn3+9dmdvd7N25+paub5ZrO6uFldrO9vF9VptPfvMnupxz1ep1baXPo7du/Pf2a43Fup7+zertd2txs3sc71vlicG0isA4GXe/eDRn3MRcf+z6WyLjrUczNVwseWH3QBgaMaG3QBgaKz2BaPrBO/xpQfgguiyRO9zChExffTqJEmSs20WcIYuf0n+H0ZVR/7fXwHDiJH/h9HVb/7/uPwA8OZJkly/a/5HvxcCAOebHD/Q4/39e63971q/HPjp2tErHp5lqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8a6//W2ytBT4b+XyxGPF2RMzHRO72RqW8GBHvRMSfpiam0vLSkNsMAJxU/u+51vpfl+c+mj1aO5l7MpXtI+Lnv77xq7srjcbOH9Pz/356vvGwdb40jPYDAMdpz9PZvuON/OODe6vtbZDt+cf3IqLQjH94MBmHT+OPx3i2L8RERMz8J9cqN+U6chcncf9BRHyxW/9zMZvlQJornx6Nn8Z+e6Dx88/Fz2d1zX36tfjCK0dO5k6h+fBGe5SOP593u//ycSnbd7//C9kIdXKt8S99qtXDbAx8Fr89/o31GP8u9Rvj4z/8oHk0/WLdg4gvj0e0Yx92jD/t+Lke8T/qM/5fvvLVD3vVJb+JuBzd43fGWmhUtxfqe/tXN6or6+X18laptLy0vPjptU9KC1mOeqH3bPDPz66806su7f9Mj/iFY/r/jT77/9v/3frJ114S/1tf7xY/H++/JH46J36zz/grM78v9KpL46917X9b7/5f6TP+X/+2/8Ky4QDA8NT39jdXKpXyziAP2i8kBhrUwQU4SH9qzkEzuh58d1CxJuOVHpUkrxWr14hxGlk34Dxo3utJeScingy7MQAAAAAAAAAAAAAAQFeD+I+lYfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi+v/AQAA//+XC86k")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x107041, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
getpeername$packet(r2, 0x0, &(0x7f0000000f00))
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000012c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=0x0, @ANYBLOB="20002bbd7000fcdbdf25150000003400018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800030000000000140001800800010011e5c10db26db74ea04280ab219a0ab531181434a90f1e6a09674dc367787d543676dd96b235372c6968c4167f59253a1e6d868ccb07e5989557bf2721b657323c2e4ad801b72720e6b7e878b3bf2409241f334ebad53a6a4ffdd7fafd31ca51cad5ff8ea8e319ac0f1ef3e5fd32f42060c2e25fbde78a5c68776a4adbad5b1f3e7c12f3647283617646b12b57fe0714a15706155fd81e11c95090052452878f1e0ad87f5097cfe60287add3c2ace532a740ee8c6fd0f413b50f3932721d5c6be552f5006985f97bb5609101631aaac337fd7710b370e2f6d4f2724b3138de62dd118bba0ccdbaca09b81c8f290995bc438189", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="3000018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="0800030002000000140002007465616d5f736c6176655f31000000002800018008000100", @ANYRES32=0x0, @ANYBLOB="140002006272696467653000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="4400018008000100", @ANYRES32=0x0, @ANYBLOB="140002007465616d5f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="140002006970766c616e300000000000000000001c00018008000100", @ANYRES32=0x0, @ANYBLOB="080001", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="1c00018008000100", @ANYRES32, @ANYBLOB="08000300010000000800030002000000"], 0x130}, 0x1, 0x0, 0x0, 0xc080}, 0x808)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000100)={0x8, 0x8, 0x3, 0x7, 0x1c4d7d48})
write$cgroup_devices(r3, 0x0, 0x26)
socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'xfrm0\x00'})
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x103843, 0x3f)

838.132148ms ago: executing program 3 (id=3946):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, 0x0)

837.046428ms ago: executing program 0 (id=3947):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r5}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x2, @perf_config_ext={0x2000000000000000, 0x8}, 0x1000, 0x5dd8, 0x100000, 0x5, 0x0, 0xb, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x52d, &(0x7f0000001500)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVgWO+AOQEIJKnDhxQeLGBQnlT0BIlcgdAQIhSOHAARg0s7Ops8wmtrIfqf37Se/uO+/szvO8G+/sOx+ZCeDUeiEi3oyIuYh4KSIWy/a0LHHQL/nrPrz73npe8ua3/5ZEUrZFFNV7zpVvm+8/Veru7V9ba7dbO+V0s7d9o9nd27+0tb222dpsXV9ZWX519bXVV1Yvj6Wfeb9e/9qffvT9n3399V9/8d3fX/nLxe/kSX+1nD/o1/gUn17cKR7r+WdxTy0idsYbbGbmyv7UZ50IAABHko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/bGQvw7icgAAACAE+uNiFiIJG2U5wIsRJo2Gv1zeD8TT6TtTrf3haud3esb+byIpainV7farcvlObVLUU/y6eWi/tH0y0PTKxHxVET8cPFsMd1Y77Q3Zr3zAwAAAE6Jc0Pb//9c7G//AwAAACfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAABOtG+89VZessH9rzfe2du91nnn0kare62xvbveWO/s3GhsdjqbxTX7th+0rHpEtDudG1+K2L3Z7LW6vWZ3b//Kdmf3eu/KlvsHAgAAwKw89fztO0lEHHz5bFFyZ/KHuRFvcK4AnBjpcV78x8nlAUzfqJ/5IzgzzjyA6avNOgFgdg5mnQAwa/dd6qNiUHD45J379hn8ZnI5AQAA43Xhs7fvfLfi+H+tPJ8fOLmOdfwfOFEe4fg/8DHn+D+cXvVjjQBuTTATYFYedquPkRfvqDr+X3lmcJY9dFkAAMBELRTl+bRRHgtciDRtNCKeLP6rfz25utVuXY6IT0bE7xbrn8inl4t3Jm4PCAAAAAAAAAAAAAAAAAAAAAAAAABHlGVJZAAAAMCJFpH+OSnv/3Vh8fzC8P6BM8m/FqO8pde7P3n7xzfXer2d5bz97/fae++X7S/PYg8GAAAAnEa1B84dbKcPtuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJw+vPve+qBMM+5fvxIRS1XxazFfPM9HPSKe+EcStUPvSyJibgzxD25FxNNV8ZM8rVgqsxiOn0bE2enEfzbLssr458YQH06z2/n6582q718aLxTP1d//Wlke1X3rvzO/PDQnvbf+mxux/nvyiDGe+eAXzZHxb0U8U6te/wziJyPiv1i1wIoP5dvf2t//v8b+wiP7acSFyt+f5L5Yzd72jWZ3b//S1vbaZmuzdX1lZfnV1ddWX1m93Ly61W6Vj1Uh4gfP/uq/Q9H/k/UV/Y8R8Zce0v/zeaV+qDEbDlMG++Dm3U/3q/WhRRTxL75Y/ff39APi538Tny9/B/L5Fwb1g379sOd+/tvnKhMr42+M6P/D/v0vjlrokJe++b0/HPGlAMAUdPf2r621262diVfez7JsWrGOXon0qC8uhotT/cSmWxmM7iYWYv5x6emUK+cfjzSOUxnHni0AAOBx89Ggf9aZAAAAAAAAAAAAAAAAAAAAwOnV3Yt00pcTG455MJuuAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA80P8CAAD//yOS2ac=")
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x3}, {}, {0x3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)

783.756629ms ago: executing program 3 (id=3948):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000002c0))
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
preadv(r2, &(0x7f0000000780)=[{&(0x7f0000000080)=""/116, 0x74}], 0x1, 0x8, 0xfffffffe)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000080)='mm_page_alloc\x00', r3}, 0x10)
ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000000)={0x3, 0x200, "fe0140", 0x0, 0xf})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb01001800e6e03162b4eb000000000000000000000000000009000000007b000000612e61005845d3f940ad243605c0a2635f12e26b8f2aa7014648f62a5308eadbeef4cd5d1b499a7569874796a76e02582057a2948f926d53018deb36e907dc63e7f628d0022fa4b7fd40e491c85c405b95cbf8a816a28aa349ae04df695f1cc57ca8ae0b3a"], 0x0, 0x21, 0x0, 0x1, 0x3, 0x0, @void, @value}, 0x28)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))

781.027279ms ago: executing program 3 (id=3949):
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x10)
statx(0xffffffffffffff9c, 0x0, 0x6800, 0x10, 0x0)
poll(&(0x7f0000b2c000)=[{r2, 0x600, 0x300}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

430.237324ms ago: executing program 1 (id=3950):
r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f0000000800), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x1ff00000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
keyctl$unlink(0x9, r0, r1)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0e00000039"], 0x20)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r3, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x1, 0x1, 0x0, 0x2000004}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24000001}, 0x1004)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000040)="23c5d3409ca617112b1fe83b9832d842d31a0a90c9fd7a195aea58aa72fd1c70edf08b2f365f2d463c276e847e5857e3d830161cb71129c041010038f5cd60d5938f342a5edae975b71cd5694d44f10699eb70ce5c6ae47a13b501d4b0cd8f5dacbc7ea40d8ee18e68580948119fda636f0b4b58c7f2", 0x76}, {&(0x7f00000000c0)="7631e4fdda5402ff263c5f1ae245257c939a1ba45082a5cc9b63c04d48dd3abf2fd8c7b1af797352a2f760114c712d6f9abe937a9357c6d5b8cf74e09b116c9dc1d7d8ad287db7886890d5d4ef6aa4325f2c743d80aa347b336fb621adf1e7835c5f2128470f3481ed9afc8a7d26796ec8ce4488246a244a31cfe624556a40513ac2787bbb3873581d9be8e603ea89d7fc4da66d53f0adf2e9964b296c1256", 0x9f}, {&(0x7f0000000380)="e64b404e9c6c95b4d2e48e9b26ead0ea00fe5e944bd57748d99a83db7b4765eee76ecb2a31235c48b51c82fd4acd383b898c6aa2938d28f03adfc24fb2aea1f5f3db7a8587a188f67a817847a5eea930ee3fde9121f2509b9c0344ed5ba7c2bbbbf3f49d15e012c88894231de9119c15d345a8b1cb47c73ad6530a2b685a0bb891f2aa3dd4fb5fa0cdadec9929f0023973e63ad98585cd673bd31b230ea79e70faed803bfff6d415a0c80afe878945b143fd08bd9ec4d0db5e8aa7c0d9f5c1c6662e2a3fc8a722b9ff10cb880666cd377b797b95de936f1634934541e104cf3546b0dbc888aa017a1a9d7164eb6c5c2ec7835949c258fa5c8a322f894444e99c668321b1af42d5bd5ab984c03a057dc1a9f6f32739cc6ec80d3a0ea5f775c731f6e30e4012f68e1306868b8537e068b5ca59175c65e34bb7c5abb4e4ad19c3b8acc9f6e1c65961698ce0f6d37ad197dd8e25b4bd58a1ac18bf78fc92a28f4753a2ec5b4f7f127d80d2fb308a2a82154639134ad77646f72f7f9abee35eea11d50ba0a67e445b7cf198b03d7fe285307505d5e4b0d6bf6c2dfd389166addff2d6e94075988541037275cab5a98c66b0e6829ac8e4ab0a412ddc925ec19dfdba29af1d510abdc50030f540cfcc3d6d8fdd6bb7b1cf0c640ae20647ee0547353f95e82bf2eee8808bd028800573b17bc263afd907a29e4079765bb5aede01ad4435dbf00011d12ae8cf317a9dd3bba3715ed9e72d562ce3b18bde07aa6b4397649eeaf00528a826676b528b608814c0440cba1b4e328b44c575375bf0ccd772a2e13185918bb4837f339dc8963dbbaa666a2500b9a3d3afefac93f9f34cfb81a07d28ce745029ee567ffd4d14227c737948510180a624f65a571a55d7abd28f70fdb4053e7cfad38eac4c029708b097259a617543390c6d4bb6d15afff02e847b2351805b6c525eb5e6ae75803655560fe115c8d2978ad6dda075b9b810504e216cda7638dec5bdd2cac2ffb047d23a138e6f57ce1d5284ffd684ff6c3827482521d015f585cb6c05d78ff2e117f6496eb37c23047874b6e7c7a444a4131a4fecbd513014069872551a3e65b43567475e8733e3ae9fd5a2054759d83b76c87d6ad78d0427f6fd4e9cb09caa8fb0d211cfe0186585e4bb183d9cff98cd428ce3f68abc95e4d6dd8dbedf13a9bfdc3934a06a648bce53e3aedf0966cd52da82a546cded47b269e5a86d4a6617b92d52794349731bf6ad1d97b663b90cf20b9844a5702c5f41939cb30960dda6db0e8c3b453a57cc61a460468a535700e74521744fd264575609936dd7d897c82d79c2c5610949053db30dfe77755fab0722c59daab2cd711851aa0856af9ba544e29266955b80254dae24bced526480e20f32e30f1f2e15d61378cf769886c17f4fbe57bd2bf6b5c6cb443799020f21598ff6e82058f4f2bc8ab977285c9259ed307acb366e581914bf11d9a031ad9c26513322700ea485ed6c64d5d2fa8728a578e4575bd58f3ed4335b0731a3f88bb0d6e612a7b80b0b546e6447e8661d040b7ebd4f47a664c437821656031994c187c1897d697b5b659ca07ecc7e108404a00d7ef30420b41a9dde4c96344c521083fdc5b7172d3979439fd4850309ee1a9407ccdc505f8c7a92cdd7622841bcce72b2802f1c77c0e9571627df7a281ced3ea2f088de75d21dfa2ab8831a6ad18a1529fb624289d8be5667a1637d75c273cd84963fe5fcb34e183d48055f71047251167203644a60bea24881b3683954fc8893a6587e7195724fe281c48547f286b1add3397a0eac5221192afa1e48788f57afe606ca3621c68a476096189d164a6a3e7e9b3811e490f7da7de4a462315ee4f98c47b0e06673a240f064ac56faf461ccc109792beb84c39f9f60dfc196daa2a62055c523db0f83c8244c0e8caac11826cea90d98d679cbcff56c71427f49f7ee08e7049d5f0a0471428313d7e9c07b698be9cb9124db119a2de947d1f6e1c1550e94973092bf5dffb7122203a1bb5c20eac2670cf570506f5a96413bea7caaabe6209a81028e3c3bc407e9e1f56ec8c0483655ccbc8587e0d325cd80828bb867a23eacb5a5ce6b73ff58c73781b57f66c83bb0115cf5e1b5f052663d17e081de52b73ebb16c162028e0c06c0393b42aa08f62be2c9ec7be250599c1d1020ff73723543c414ea052f18a26f7df380b21d4c90b897a73918344fb745b3435a2dfda513f6b836323f1b966a3608e3146e17dd9c67dff53c871b0f67fc331879431f237f356fe0b25007d73963eee2f06a998f41adb91698993c404ca9a1e698f192f2041865b1eb38dca9959d1fdfa69a2b1179f6a9224c766947157e9b008e395fc1e6bf5ad0f80f6ca25f8c405ca6b8a767b64ca23be72dc247a0783f07ad3a1a703268cbd02df267c65db0d6fd723d3329509cf5e69e2fbb0742186ee5967c47b44d560ae75a63d37708711f9105887e1eba6be52fe86d40f90261b55215bc4b43189b3c8beec2b9171894220b8993020d6f2efea46dd88ae2093423ae78de3233e76bfe00c41634656ac36ea82549fbd6b4be1b826a51a792961731f1c105495d318d6be5bf766139af284a2694719f00095d5776d87bc1cfffa38b056ba715705b0dfc51451f08df95afefb9ca2716589e8ee2c202cb7b01f582dc7e3a9f509f5977cf80a0dffad358e9bfeb51d6702e2a15fdf6a9c5b6c04df8cf7dc39f2773c15a5c1dc58d67cef36b798f615afa693a11aadf9397afcd8220231aff4dd9fd2dd928b1beaf510e552d230120d408c47dca3e459cfde8d338a02f1ff561461b2eedfb00eb10713e1a1a012e60ff07307fdf7be6f8f491bcbed96801535a9712b5eafea58ce825521b050371af36a70daa2591acdc5e1d4f59537f9eb6357a22a8f0318de1a99c91cbea2a927738276989b3288387a4ea5933eb46fa608cec39826a63eaeede50ff59cd98e77027cd850d43e961c77467b4a0ec402ba873c3573ec57419d9db0aced6c0ddc74716b00b9b3dd7e8cd276f617cb2bf10b93d994c9c63a2ccc731e41e7073755c3158ebe157f11f0999d52fb1180c2c19184e7b8325e24c3035c55b20f756dbe3ebdb7cc3daa14f98a4e09ccecb2684f3d2817e7a9eaaf25d2f9b6ee9307003138498dd1aabe6f0c14bfbef9db7f613bbf2b2c60ddce27b2a7e78a67d71577fd5ba2172c011d7104876555787bdb51b8f67bfc0edefdaaf73f56597f149ff360ebafbc24d5f5826e5d24e2fc5cb5b0db0acc9a6d97576f6be9f43257bff3051f1dce95ecabf9dd7cfbc9cb0dfa939cfc00ebeec75bf939a82e75a1bf2cb527d4b82dfaba6a568994c582ed753610f1faea4bb6ae6204acfd823808c7f48c2f8c9beaa8033863d6ae1f164bd1302f96e56a67a4997779a3d9bff018dda25ea5ae459b4144e0ab8e50d1e6ec47a35a26437617ab51d6ec3d6df7ffa0fdfda6333c18ab84f85e17c5925abf7945bc4825b478b004bd7d1d7f394b7acc0317ebadf4e1ae9da1d08816cf429ab9c646b0cef3eb3d53836927a6790a045ce488776e2649163e1f123d9d924ef3439f47540d44375e295341a6df5d5d5dd234bf337457dea6229faff9ab9420ba53219126d19365c93f8f0278809e595245d85f3ee5c2e85b48d23a3b4bb92bb87165d1b2f50465222058cb8ba9ec3df2ddbcbfaab672fbf15ee6c553b7993777917dacc3354d0a61af26191a40e26357d81f3586481cee44cc9150cb1f6ab3640d0e5d3c860aeff38cd2823b7ca4c8b8df588fd2d8be58ecee3d24b9f1dc440e95bc0c66be4bb7146ed97b86ea2d3ec6e6e1e48ce8ad55e2fffc36158249e53e7aeafcb1a8edb344e0f8e4a55953300b6c56a1ba249a35d3b0ce715a8bfc0bc270e3ce33ecb998cb3357680ab4d33250dc90dd7e16920969fb78f28b1830065d0f7e654b390fbb30de606d46f0a0fe94b55304b5023c01ef1a570d56a0699b672acee72772a17fe69dcc8a4f1f7e9dd7a8e628a16809ecf39aea3d7174955e085c1147c06a94fe14cc26a061fde390b620488b49a040a67c4e31664c802141837b59981153bcfef8003de4604ae6ff80e6a61d902420ecb686851b9b789e07465434d4e66152d988a253f8b027096ee5cbbd01624b93c985e028cc6fb8786e93b6d9fc2cded9aa37b43a366e621041f5bdb261343b6679a1dec930051bbfa02c4c2cf2d677d2e91c916200d3030471fe066f771c4e44c86b58195cbb4378698bdcac86389f8f01da6d383815344bec1490134273e23254da002402e66b96ba2e987feb03c18cb9a4cbc2653fe9003fa74afd14a87741ab30292c8822e94b5067da619b3a798afc06ac97747c8ffbe4676a42aa952c54401d887e54910e620947adff96f7a5434740770401d3ea8ea9aaecd488b5e6b3bb2c23de544e044ce6e45577ac889dd79edfcf8fe84599ed8f23c83a8d0c6922531187a03780047ba142b287dcef3399fa2c45990dac39c1f04d1ea363caa949ae226aec9f347952b1d05b9d6ff666a0c5f9debbb4664bf67b4c407674b2afdadb092e898dedf79997e3736a75a67145c828c7e7e370e77f17884b71a34af36617a5ade22d104db6788efc639bfd272e48453dda54c9601c2148e46c8f5ef6f87be01791e229e1884a71c0ac89f0cf9946b3b37baafd13aa5da1107cfcd3a1177fb9a0f1e7e779de4eaa9237becd863a968c290dc1e1762956ccbe8c2bcfd4af5eacc51df200688bbe554b3886874eb51f8374f089196440c2e5d88b6dad99aead32b9798f2a13e0dba929521fc1b591e4999c812554eef2e19c375a2cbec49fb6b936cce688bf3544a9e2bf51ffbde918f0de01ef570e92535a38db2934f9208d8516730a824187da4c6e6663de5fa75e6a490b5e9d281a18d228d6e710370d2d043b34f834979d79e695e887d86f9ec2db3702f9d8d4f72a7e89810aa9d76e0c5eade3836c1eeec56bcd2058149dccfeca0996a25419acac344bfdc5e790e0a4287e0a4a0d41ceafe812d0995e38a130302a4df0444a337e083431d0c567493b257ce380c6acc3d699ce035374a69a24011ba1d4eafbfbcc450a1943fd025e95eea585b91559dfa5236944c4cb5ed689cbd50d23264c54a05e788dbc68b9938f2fa777d6e4a02e6f6b65c39f3f3a435369052ea9782a439826a64dfa971360d20db614a40ea04f5acc0dd2849639b0a65340ab497674939caeec9d448e440df6916f3292fdb907ea0149cfd2ce78306104991856e500eb32b710f71c5a821ac372489d4962ea0efe6e59d56f74e7d5ecfc94138a921216b1422122f4e0fac2b05a7b7e82fe447639dd0656603e43c18a41e7ab8fbd2e0f3be40f30eb015e3bef59b6a8db2bb6db8d07d1bbe42c9856ea72d4227095f3bd1af05e9783392903aa5eb9a82bf7edd216f162a9d8420b3f61f30d60546835c45c121b714e56eace4fd1f348c222a1747ac8a8a6166b1b4a93d3c8fa5f19218b28899fe893bbb3cab6915dc73714ae86d660fb028e8bf2004732ab5264fa8f0ddf7fe862a74046a9fcf46aed16234668fe3a5e550b80d1a9ed0b0b88062a37f70c194829925935886d7b7132aba1f232f8d7e76324934363816b81e84c073e8bfdb29cb77d6c7d25632a8e18327ac5dc945c1930b8c1fc76a450036df23855cbab25c876842414ae8f13c98a9c39c766c0a3f18312a2da03b39e5c6ac58190a7c072b83f9b695ed14690c4f22dc135084baa4a730f4aa8bca628551535f335cfbda5deb8cc2b39b56b15b7dc6708237", 0x1000}, {&(0x7f0000000180)="8d66ff2d7fbeee151a380f0ef1", 0xd}, {&(0x7f00000001c0)="26d53bfa0179e1", 0x7}], 0x5}, 0x0)

381.807275ms ago: executing program 1 (id=3951):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000b560e5600000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

325.773366ms ago: executing program 1 (id=3952):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe4c)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x84101)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vxcan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x114df, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1000, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
io_uring_enter(r3, 0x3516, 0xad30, 0x2, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = gettid()
sendmsg$unix(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000140000000000000001000000010000", @ANYRES32=r8, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r11=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {}, {0x9}}}, 0x24}}, 0x0)

209.859817ms ago: executing program 1 (id=3953):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', r1, 0x0, 0x6}, 0x18)
syz_open_dev$usbmon(&(0x7f00000000c0), 0xcfae, 0x84102)

181.400518ms ago: executing program 1 (id=3954):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r0}, &(0x7f0000000400), &(0x7f00000004c0)=r1}, 0x20)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x3d17, 0x0, 0x200, 0x8, 0xd, "7e12105588e633bbb1df022dc0e10232d211ee"})
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000006c0)=0xd)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @empty}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x6, 0x2, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x2a}, {[@rr={0x7, 0x0, 0x24, [@multicast1, @local]}]}}}}}}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000000)={0x2a, 0x0, 0x2}, 0xc)
mremap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil)
bind$qrtr(r5, &(0x7f00000000c0)={0x2a, 0x1, 0x4000}, 0xc)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000003f6b008500000050000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
prctl$PR_CAP_AMBIENT(0x2f, 0x2, 0x1)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
setns(r8, 0x24020000)
syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0)

90.891659ms ago: executing program 4 (id=3955):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000002c00000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a001307000000000000001cac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

90.414399ms ago: executing program 4 (id=3956):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000280)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16, @ANYBLOB="080028bd7000ffdbdf254b0000000c00a600fffeffffffffffff0c00a600050000000000000008000300030000000c00a700020000142f00000008000300010000000800030cd591e9e10003000000"], 0x50}, 0x1, 0x0, 0x0, 0x40008e0}, 0x2000080)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="7800000010000305000000000000000000cf0100", @ANYRES32=0x0, @ANYBLOB="83000000000000002000128008000100677265001400028008000700e0"], 0x78}}, 0x0)

64.727179ms ago: executing program 4 (id=3957):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(0xffffffffffffffff, &(0x7f0000000380)={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
shutdown(0xffffffffffffffff, 0x1)

0s ago: executing program 1 (id=3958):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
creat(&(0x7f0000000300)='./file0\x00', 0xe5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45b], 0x0, 0x0, 0x1, 0x1, r2}}, 0x40)

kernel console output (not intermixed with test programs):

72 callbacks suppressed
[  188.450161][   T29] audit: type=1326 audit(1747249888.451:4862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  188.482725][   T29] audit: type=1326 audit(1747249888.451:4863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  188.541722][   T29] audit: type=1326 audit(1747249888.541:4864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  188.546734][T11785] SELinux: syz.4.2991 (11785) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  188.566755][   T29] audit: type=1326 audit(1747249888.541:4865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f91e857e9a3 code=0x7ffc0000
[  188.649802][   T29] audit: type=1326 audit(1747249888.591:4866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f91e857d41f code=0x7ffc0000
[  188.649886][   T29] audit: type=1326 audit(1747249888.591:4867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f91e857e9f7 code=0x7ffc0000
[  188.649928][   T29] audit: type=1326 audit(1747249888.611:4868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91e857d2d0 code=0x7ffc0000
[  188.650087][   T29] audit: type=1326 audit(1747249888.611:4869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11775 comm="syz.0.2989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f91e857d5ca code=0x7ffc0000
[  188.680926][T11786] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2992'.
[  188.702939][T11786] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  188.713446][   T29] audit: type=1326 audit(1747249888.681:4870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11780 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  188.753586][T11788] program syz.2.2993 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  188.764106][   T29] audit: type=1326 audit(1747249888.681:4871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11780 comm="syz.1.2992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  188.790289][T11790] 9pnet_fd: Insufficient options for proto=fd
[  189.028919][T11801] FAULT_INJECTION: forcing a failure.
[  189.028919][T11801] name failslab, interval 1, probability 0, space 0, times 0
[  189.042731][T11801] CPU: 1 UID: 0 PID: 11801 Comm: syz.2.2998 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  189.042908][T11801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  189.042957][T11801] Call Trace:
[  189.042965][T11801]  <TASK>
[  189.042972][T11801]  __dump_stack+0x1d/0x30
[  189.043004][T11801]  dump_stack_lvl+0xe8/0x140
[  189.043025][T11801]  dump_stack+0x15/0x1b
[  189.043046][T11801]  should_fail_ex+0x265/0x280
[  189.043087][T11801]  should_failslab+0x8c/0xb0
[  189.043177][T11801]  kmem_cache_alloc_noprof+0x50/0x310
[  189.043202][T11801]  ? skb_clone+0x151/0x1f0
[  189.043231][T11801]  skb_clone+0x151/0x1f0
[  189.043298][T11801]  __netlink_deliver_tap+0x2c9/0x500
[  189.043323][T11801]  netlink_unicast+0x64c/0x670
[  189.043365][T11801]  netlink_sendmsg+0x58b/0x6b0
[  189.043402][T11801]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.043486][T11801]  __sock_sendmsg+0x142/0x180
[  189.043604][T11801]  ____sys_sendmsg+0x31e/0x4e0
[  189.043635][T11801]  ___sys_sendmsg+0x17b/0x1d0
[  189.043675][T11801]  __x64_sys_sendmsg+0xd4/0x160
[  189.043706][T11801]  x64_sys_call+0x2999/0x2fb0
[  189.043755][T11801]  do_syscall_64+0xd0/0x1a0
[  189.043798][T11801]  ? clear_bhb_loop+0x40/0x90
[  189.043828][T11801]  ? clear_bhb_loop+0x40/0x90
[  189.043853][T11801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.043924][T11801] RIP: 0033:0x7fd39240e969
[  189.044009][T11801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.044026][T11801] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.044123][T11801] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  189.044134][T11801] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  189.044145][T11801] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  189.044156][T11801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.044177][T11801] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  189.044267][T11801]  </TASK>
[  189.265653][T11801] netlink: 'syz.2.2998': attribute type 30 has an invalid length.
[  189.318819][T11796] tmpfs: Bad value for 'size'
[  189.364901][T11810] netlink: 'syz.2.3000': attribute type 3 has an invalid length.
[  189.448093][T11818] SELinux: syz.2.3004 (11818) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  189.469203][T11821] pim6reg1: entered promiscuous mode
[  189.474609][T11821] pim6reg1: entered allmulticast mode
[  189.604963][T11828] tipc: Enabling of bearer <eth:macvlan1> rejected, already enabled
[  189.637346][T11829] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  189.792647][T11831] 9pnet_fd: Insufficient options for proto=fd
[  189.924670][T11838] pim6reg1: entered promiscuous mode
[  189.930324][T11838] pim6reg1: entered allmulticast mode
[  190.077303][T11846] 9pnet: Could not find request transport: fd0x0000000000000003
[  190.136889][T11853] SELinux: syz.1.3017 (11853) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  190.144299][T11850] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  190.157298][T11850] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  190.165377][T11850] vhci_hcd vhci_hcd.0: Device attached
[  190.172222][T11855] 1�X���: renamed from 
60�X���
[  190.189364][T11855] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  190.256984][T11851] vhci_hcd: connection closed
[  190.257200][   T37] vhci_hcd: stop threads
[  190.266409][   T37] vhci_hcd: release socket
[  190.270857][   T37] vhci_hcd: disconnect device
[  190.349309][T11859] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11859 comm=syz.1.3019
[  190.361970][T11859] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=11859 comm=syz.1.3019
[  190.405832][T11859] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.428385][T11859] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.455656][T11859] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20000
[  190.551586][T11863] 9pnet_fd: Insufficient options for proto=fd
[  191.435480][T11884] tipc: Enabling of bearer <eth:macvlan1> rejected, already enabled
[  191.503693][T11886] SELinux: syz.2.3028 (11886) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  191.611522][T11890] 9pnet_fd: Insufficient options for proto=fd
[  192.498187][T11915] SELinux: syz.0.3041 (11915) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  192.528721][T11917] capability: warning: `syz.0.3042' uses deprecated v2 capabilities in a way that may be insecure
[  192.540555][T11917] 9pnet_rdma: rdma_create_trans (11917): problem binding to privport: 13
[  192.550335][T11917] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11917 comm=syz.0.3042
[  192.586774][T11919] FAULT_INJECTION: forcing a failure.
[  192.586774][T11919] name failslab, interval 1, probability 0, space 0, times 0
[  192.599899][T11919] CPU: 0 UID: 0 PID: 11919 Comm: syz.0.3043 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  192.599924][T11919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  192.599936][T11919] Call Trace:
[  192.599942][T11919]  <TASK>
[  192.599948][T11919]  __dump_stack+0x1d/0x30
[  192.599975][T11919]  dump_stack_lvl+0xe8/0x140
[  192.599992][T11919]  dump_stack+0x15/0x1b
[  192.600006][T11919]  should_fail_ex+0x265/0x280
[  192.600080][T11919]  ? audit_log_d_path+0x8d/0x150
[  192.600142][T11919]  should_failslab+0x8c/0xb0
[  192.600169][T11919]  __kmalloc_cache_noprof+0x4c/0x320
[  192.600231][T11919]  audit_log_d_path+0x8d/0x150
[  192.600266][T11919]  audit_log_d_path_exe+0x42/0x70
[  192.600294][T11919]  audit_log_task+0x1e9/0x250
[  192.600321][T11919]  audit_seccomp+0x61/0x100
[  192.600359][T11919]  ? __seccomp_filter+0x68c/0x10d0
[  192.600378][T11919]  __seccomp_filter+0x69d/0x10d0
[  192.600398][T11919]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  192.600471][T11919]  ? vfs_write+0x75e/0x8d0
[  192.600494][T11919]  ? kmem_cache_free+0xdd/0x2f0
[  192.600518][T11919]  __secure_computing+0x82/0x150
[  192.600538][T11919]  syscall_trace_enter+0xcf/0x1e0
[  192.600620][T11919]  do_syscall_64+0xaa/0x1a0
[  192.600642][T11919]  ? clear_bhb_loop+0x40/0x90
[  192.600661][T11919]  ? clear_bhb_loop+0x40/0x90
[  192.600680][T11919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.600706][T11919] RIP: 0033:0x7f91e857e969
[  192.600718][T11919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.600734][T11919] RSP: 002b:00007f91e6be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d
[  192.600749][T11919] RAX: ffffffffffffffda RBX: 00007f91e87a5fa0 RCX: 00007f91e857e969
[  192.600760][T11919] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000009
[  192.600770][T11919] RBP: 00007f91e6be7090 R08: 0000000000000000 R09: 0000000000000000
[  192.600858][T11919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.600887][T11919] R13: 0000000000000000 R14: 00007f91e87a5fa0 R15: 00007ffd8d893948
[  192.600904][T11919]  </TASK>
[  192.933552][T11928] __nla_validate_parse: 3 callbacks suppressed
[  192.933569][T11928] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3047'.
[  193.043064][T11940] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  193.084339][T11936] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3050'.
[  193.105468][T11941] pim6reg1: entered promiscuous mode
[  193.111143][T11941] pim6reg1: entered allmulticast mode
[  193.272047][T11949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3054'.
[  193.285238][T11949] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3054'.
[  193.298274][T11949] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x7
[  193.840456][T11955] vlan0: entered allmulticast mode
[  193.897162][   T29] kauditd_printk_skb: 454 callbacks suppressed
[  193.897176][   T29] audit: type=1400 audit(1747249893.901:5326): avc:  denied  { read } for  pid=11958 comm="syz.3.3058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  193.936787][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3058'.
[  193.940364][T11963] vlan0: entered allmulticast mode
[  193.946913][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3058'.
[  193.962225][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3058'.
[  193.989500][T11968] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3060'.
[  193.999358][T11968] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3060'.
[  194.056843][T11972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3063'.
[  194.071412][   T29] audit: type=1326 audit(1747249894.071:5327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.102804][   T29] audit: type=1326 audit(1747249894.101:5328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.128342][   T29] audit: type=1326 audit(1747249894.101:5329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.153656][   T29] audit: type=1326 audit(1747249894.101:5330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.156818][T11975] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  194.183240][   T29] audit: type=1326 audit(1747249894.101:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.185547][   T29] audit: type=1326 audit(1747249894.161:5332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.241651][   T29] audit: type=1326 audit(1747249894.161:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.267888][   T29] audit: type=1326 audit(1747249894.161:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.294720][   T29] audit: type=1326 audit(1747249894.161:5335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11969 comm="syz.3.3062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff77b5de969 code=0x7ffc0000
[  194.344732][T11981] vlan0: entered allmulticast mode
[  194.399272][T11987] vlan0: entered allmulticast mode
[  194.404937][T11987] batadv0: entered allmulticast mode
[  194.483194][T11996] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  194.579299][T12003] FAULT_INJECTION: forcing a failure.
[  194.579299][T12003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.594581][T12003] CPU: 1 UID: 0 PID: 12003 Comm: syz.0.3076 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  194.594612][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  194.594624][T12003] Call Trace:
[  194.594631][T12003]  <TASK>
[  194.594638][T12003]  __dump_stack+0x1d/0x30
[  194.594664][T12003]  dump_stack_lvl+0xe8/0x140
[  194.594750][T12003]  dump_stack+0x15/0x1b
[  194.594765][T12003]  should_fail_ex+0x265/0x280
[  194.594857][T12003]  should_fail+0xb/0x20
[  194.594884][T12003]  should_fail_usercopy+0x1a/0x20
[  194.594902][T12003]  _copy_from_user+0x1c/0xb0
[  194.594982][T12003]  ___sys_sendmsg+0xc1/0x1d0
[  194.595016][T12003]  __x64_sys_sendmsg+0xd4/0x160
[  194.595040][T12003]  x64_sys_call+0x2999/0x2fb0
[  194.595059][T12003]  do_syscall_64+0xd0/0x1a0
[  194.595159][T12003]  ? clear_bhb_loop+0x40/0x90
[  194.595184][T12003]  ? clear_bhb_loop+0x40/0x90
[  194.595205][T12003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.595247][T12003] RIP: 0033:0x7f91e857e969
[  194.595266][T12003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.595308][T12003] RSP: 002b:00007f91e6be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.595386][T12003] RAX: ffffffffffffffda RBX: 00007f91e87a5fa0 RCX: 00007f91e857e969
[  194.595397][T12003] RDX: 0000000000004000 RSI: 0000200000000000 RDI: 0000000000000003
[  194.595408][T12003] RBP: 00007f91e6be7090 R08: 0000000000000000 R09: 0000000000000000
[  194.595419][T12003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.595430][T12003] R13: 0000000000000000 R14: 00007f91e87a5fa0 R15: 00007ffd8d893948
[  194.595498][T12003]  </TASK>
[  194.955005][T12021] vlan0: entered allmulticast mode
[  194.964379][T12015] tmpfs: Bad value for 'size'
[  195.135979][T12041] ref_ctr_offset mismatch. inode: 0x11e offset: 0x7 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0
[  195.215013][T12047] tmpfs: Bad value for 'size'
[  195.251180][T12051] vlan0: entered allmulticast mode
[  195.332211][T12062] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12062 comm=syz.0.3104
[  195.346232][T12062] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12062 comm=syz.0.3104
[  195.434419][T12066] 9pnet: Could not find request transport: fd0x0000000000000003
[  195.753356][T12080] block device autoloading is deprecated and will be removed.
[  195.839268][T12090] netlink: 'syz.4.3116': attribute type 10 has an invalid length.
[  195.976066][T12096] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  195.983460][T12096] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  195.997109][T12096] vhci_hcd vhci_hcd.0: Device attached
[  196.008855][T12096] 0�X���: renamed from 
61�X���
[  196.037846][T12096] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  196.057129][T12097] vhci_hcd: connection closed
[  196.057374][   T37] vhci_hcd: stop threads
[  196.066856][   T37] vhci_hcd: release socket
[  196.071799][   T37] vhci_hcd: disconnect device
[  196.306071][T12102] FAULT_INJECTION: forcing a failure.
[  196.306071][T12102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.319660][T12102] CPU: 0 UID: 0 PID: 12102 Comm: syz.2.3120 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  196.319706][T12102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  196.319718][T12102] Call Trace:
[  196.319723][T12102]  <TASK>
[  196.319730][T12102]  __dump_stack+0x1d/0x30
[  196.319750][T12102]  dump_stack_lvl+0xe8/0x140
[  196.319767][T12102]  dump_stack+0x15/0x1b
[  196.319781][T12102]  should_fail_ex+0x265/0x280
[  196.319886][T12102]  should_fail+0xb/0x20
[  196.319920][T12102]  should_fail_usercopy+0x1a/0x20
[  196.319939][T12102]  _copy_from_iter+0xcf/0xdd0
[  196.319956][T12102]  ? __build_skb_around+0x1a0/0x200
[  196.320035][T12102]  ? __alloc_skb+0x223/0x320
[  196.320065][T12102]  netlink_sendmsg+0x471/0x6b0
[  196.320085][T12102]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.320103][T12102]  __sock_sendmsg+0x142/0x180
[  196.320206][T12102]  ____sys_sendmsg+0x31e/0x4e0
[  196.320227][T12102]  ___sys_sendmsg+0x17b/0x1d0
[  196.320260][T12102]  __x64_sys_sendmsg+0xd4/0x160
[  196.320283][T12102]  x64_sys_call+0x2999/0x2fb0
[  196.320302][T12102]  do_syscall_64+0xd0/0x1a0
[  196.320426][T12102]  ? clear_bhb_loop+0x40/0x90
[  196.320444][T12102]  ? clear_bhb_loop+0x40/0x90
[  196.320463][T12102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.320489][T12102] RIP: 0033:0x7fd39240e969
[  196.320511][T12102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.320526][T12102] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.320543][T12102] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  196.320553][T12102] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  196.320564][T12102] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  196.320646][T12102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.320683][T12102] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  196.320706][T12102]  </TASK>
[  196.549815][T12104] syzkaller1: entered promiscuous mode
[  196.555476][T12104] syzkaller1: entered allmulticast mode
[  196.602917][T12104] hsr0: entered promiscuous mode
[  196.603074][T12104] macsec1: entered promiscuous mode
[  196.603217][T12104] macsec1: entered allmulticast mode
[  196.603233][T12104] hsr0: entered allmulticast mode
[  196.603249][T12104] hsr_slave_0: entered allmulticast mode
[  196.603266][T12104] hsr_slave_1: entered allmulticast mode
[  196.608613][T12104] hsr0: left allmulticast mode
[  196.642109][T12104] hsr_slave_0: left allmulticast mode
[  196.642137][T12104] hsr_slave_1: left allmulticast mode
[  196.657415][T12119] netlink: 'syz.4.3126': attribute type 4 has an invalid length.
[  196.657595][T12117] program syz.0.3123 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  196.686972][T12119] /dev/loop4: Can't lookup blockdev
[  196.709794][T12122] SELinux: syz.1.3127 (12122) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  196.799776][T12128] ref_ctr going negative. vaddr: 0x200000ffc018, curr val: -17644, delta: 1
[  196.799806][T12128] ref_ctr increment failed for inode: 0xc62 offset: 0x2 ref_ctr_offset: 0x18 of mm: 0xffff8881090a0000
[  196.840268][T12128] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1
[  196.840291][T12128] ref_ctr decrement failed for inode: 0xc62 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8881090a0000
[  196.840321][T12128] uprobe: syz.3.3130:12128 failed to unregister, leaking uprobe
[  196.921540][T12134] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  197.009930][T12152] Cannot find add_set index 0 as target
[  197.098237][T12162] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  197.117808][T12165] ref_ctr going negative. vaddr: 0x200000ffc018, curr val: -17644, delta: 1
[  197.127638][T12165] ref_ctr increment failed for inode: 0xc5 offset: 0x2 ref_ctr_offset: 0x18 of mm: 0xffff88811ca6b180
[  197.164174][T12165] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1
[  197.164200][T12165] ref_ctr decrement failed for inode: 0xc5 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88811ca6b180
[  197.164238][T12165] uprobe: syz.1.3146:12165 failed to unregister, leaking uprobe
[  197.206916][T12173] program syz.2.3147 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  197.213796][ T4238] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  197.237680][ T4238] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  197.376346][T12184] FAULT_INJECTION: forcing a failure.
[  197.376346][T12184] name failslab, interval 1, probability 0, space 0, times 0
[  197.390758][T12184] CPU: 0 UID: 0 PID: 12184 Comm: syz.2.3153 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  197.390787][T12184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  197.390830][T12184] Call Trace:
[  197.390836][T12184]  <TASK>
[  197.390846][T12184]  __dump_stack+0x1d/0x30
[  197.390873][T12184]  dump_stack_lvl+0xe8/0x140
[  197.390917][T12184]  dump_stack+0x15/0x1b
[  197.390939][T12184]  should_fail_ex+0x265/0x280
[  197.390982][T12184]  should_failslab+0x8c/0xb0
[  197.391072][T12184]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  197.391103][T12184]  ? sidtab_sid2str_get+0xa0/0x130
[  197.391141][T12184]  kmemdup_noprof+0x2b/0x70
[  197.391164][T12184]  sidtab_sid2str_get+0xa0/0x130
[  197.391273][T12184]  security_sid_to_context_core+0x1eb/0x2e0
[  197.391311][T12184]  security_sid_to_context+0x27/0x40
[  197.391348][T12184]  selinux_lsmprop_to_secctx+0x67/0xf0
[  197.391452][T12184]  security_lsmprop_to_secctx+0x43/0x80
[  197.391475][T12184]  audit_log_task_context+0x77/0x190
[  197.391585][T12184]  audit_log_task+0xf4/0x250
[  197.391615][T12184]  audit_seccomp+0x61/0x100
[  197.391648][T12184]  ? __seccomp_filter+0x68c/0x10d0
[  197.391749][T12184]  __seccomp_filter+0x69d/0x10d0
[  197.391772][T12184]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  197.391884][T12184]  ? vfs_write+0x75e/0x8d0
[  197.391952][T12184]  ? __rcu_read_unlock+0x4f/0x70
[  197.391989][T12184]  ? __fget_files+0x184/0x1c0
[  197.392025][T12184]  __secure_computing+0x82/0x150
[  197.392100][T12184]  syscall_trace_enter+0xcf/0x1e0
[  197.392127][T12184]  do_syscall_64+0xaa/0x1a0
[  197.392150][T12184]  ? clear_bhb_loop+0x40/0x90
[  197.392170][T12184]  ? clear_bhb_loop+0x40/0x90
[  197.392190][T12184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.392274][T12184] RIP: 0033:0x7fd39240e969
[  197.392287][T12184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.392304][T12184] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000078
[  197.392321][T12184] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  197.392332][T12184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  197.392343][T12184] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  197.392353][T12184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.392364][T12184] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  197.392415][T12184]  </TASK>
[  197.871987][T12204] ref_ctr going negative. vaddr: 0x200000ffc018, curr val: -17644, delta: 1
[  197.881157][T12204] ref_ctr increment failed for inode: 0xc1a offset: 0x2 ref_ctr_offset: 0x18 of mm: 0xffff88811ca6a680
[  197.933125][T12204] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1
[  197.941599][T12204] ref_ctr decrement failed for inode: 0xc1a offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88811ca6a680
[  197.954537][T12204] uprobe: syz.4.3161:12204 failed to unregister, leaking uprobe
[  198.065376][T12214] __nla_validate_parse: 23 callbacks suppressed
[  198.065393][T12214] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3165'.
[  198.098059][T12216] netlink: 'syz.1.3166': attribute type 13 has an invalid length.
[  198.165224][T12216] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.173286][T12216] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.247475][T12216] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.258474][T12216] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.288744][T12216] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.298134][T12216] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.307628][T12216] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.317103][T12216] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.412971][T12231] 9pnet: Could not find request transport: fd0x0000000000000003
[  198.479559][T12234] 9pnet: Could not find request transport: fd0xffffffffffffffff
[  198.726943][T12244] SELinux: syz.1.3174 (12244) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  198.800370][ T4238] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  198.819539][ T4238] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  199.043386][T12253] vlan0: entered allmulticast mode
[  199.069665][T12255] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3177'.
[  199.136988][   T29] kauditd_printk_skb: 507 callbacks suppressed
[  199.137004][   T29] audit: type=1400 audit(2000000002.040:5842): avc:  denied  { read } for  pid=12257 comm="syz.3.3178" path="socket:[33904]" dev="sockfs" ino=33904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  199.207025][   T29] audit: type=1400 audit(2000000002.110:5843): avc:  denied  { read } for  pid=12261 comm="syz.3.3180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  199.323248][T12271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3182'.
[  199.347404][   T29] audit: type=1326 audit(2000000002.250:5844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.371986][   T29] audit: type=1326 audit(2000000002.250:5845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.494802][   T29] audit: type=1326 audit(2000000002.250:5846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.522185][   T29] audit: type=1326 audit(2000000002.250:5847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.549633][   T29] audit: type=1326 audit(2000000002.250:5848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.576998][   T29] audit: type=1326 audit(2000000002.300:5849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.603143][   T29] audit: type=1326 audit(2000000002.300:5850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.628091][   T29] audit: type=1326 audit(2000000002.300:5851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12265 comm="syz.0.3182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  199.754962][T12280] infiniband syz2: set down
[  199.760106][T12280] infiniband syz2: added veth0_to_bond
[  199.778346][T12280] RDS/IB: syz2: added
[  199.782690][T12280] smc: adding ib device syz2 with port count 1
[  199.791479][T12280] smc:    ib device syz2 port 1 has pnetid 
[  200.458303][  T381] bridge_slave_1: left allmulticast mode
[  200.464312][  T381] bridge_slave_1: left promiscuous mode
[  200.470370][  T381] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.495758][  T381] bridge_slave_0: left allmulticast mode
[  200.501466][  T381] bridge_slave_0: left promiscuous mode
[  200.507444][  T381] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.507572][T12296] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3190'.
[  200.726556][  T381] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  200.740919][  T381] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.768308][  T381] bond0 (unregistering): Released all slaves
[  200.789023][T12299] vlan0: entered allmulticast mode
[  200.826580][  T381] tipc: Left network mode
[  200.951843][T12308] pim6reg1: entered promiscuous mode
[  200.957999][T12308] pim6reg1: entered allmulticast mode
[  201.048065][T12310] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3194'.
[  201.058744][T12310] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3194'.
[  201.083617][  T381] batman_adv: batadv0: Removing interface: batadv_slave_0
[  201.091762][  T381] batman_adv: batadv0: Removing interface: batadv_slave_1
[  201.154710][  T381] team0 (unregistering): Port device team_slave_1 removed
[  201.311212][  T381] team0 (unregistering): Port device team_slave_0 removed
[  201.388628][T12320] vlan0: entered allmulticast mode
[  201.508503][T12327] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3199'.
[  201.519304][T12329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.529602][T12329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.555906][T12273] chnl_net:caif_netlink_parms(): no params data found
[  201.675959][T12273] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.684038][T12273] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.722714][T12273] bridge_slave_0: entered allmulticast mode
[  201.756044][T12273] bridge_slave_0: entered promiscuous mode
[  201.803081][T12273] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.810478][T12273] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.853537][T12273] bridge_slave_1: entered allmulticast mode
[  201.860219][T12273] bridge_slave_1: entered promiscuous mode
[  202.033766][T12273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  202.060001][T12273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.122141][T12273] team0: Port device team_slave_0 added
[  202.149727][T12273] team0: Port device team_slave_1 added
[  202.187246][T12273] batman_adv: batadv0: Adding interface: batadv_slave_0
[  202.195477][T12273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.223113][T12273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  202.253830][T12342] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3203'.
[  202.446149][T12273] batman_adv: batadv0: Adding interface: batadv_slave_1
[  202.453540][T12273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.480720][T12273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.493469][T12345] FAULT_INJECTION: forcing a failure.
[  202.493469][T12345] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.507603][T12345] CPU: 1 UID: 0 PID: 12345 Comm: syz.2.3204 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  202.507639][T12345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  202.507655][T12345] Call Trace:
[  202.507664][T12345]  <TASK>
[  202.507674][T12345]  __dump_stack+0x1d/0x30
[  202.507737][T12345]  dump_stack_lvl+0xe8/0x140
[  202.507761][T12345]  dump_stack+0x15/0x1b
[  202.507782][T12345]  should_fail_ex+0x265/0x280
[  202.507842][T12345]  should_fail+0xb/0x20
[  202.507878][T12345]  should_fail_usercopy+0x1a/0x20
[  202.507903][T12345]  _copy_from_iter+0xcf/0xdd0
[  202.507978][T12345]  ? __build_skb_around+0x1a0/0x200
[  202.508011][T12345]  ? __alloc_skb+0x223/0x320
[  202.508049][T12345]  netlink_sendmsg+0x471/0x6b0
[  202.508072][T12345]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.508146][T12345]  __sock_sendmsg+0x142/0x180
[  202.508174][T12345]  ____sys_sendmsg+0x31e/0x4e0
[  202.508197][T12345]  ___sys_sendmsg+0x17b/0x1d0
[  202.508264][T12345]  __x64_sys_sendmsg+0xd4/0x160
[  202.508297][T12345]  x64_sys_call+0x2999/0x2fb0
[  202.508324][T12345]  do_syscall_64+0xd0/0x1a0
[  202.508496][T12345]  ? clear_bhb_loop+0x40/0x90
[  202.508550][T12345]  ? clear_bhb_loop+0x40/0x90
[  202.508572][T12345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.508598][T12345] RIP: 0033:0x7fd39240e969
[  202.508614][T12345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.508691][T12345] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.508787][T12345] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  202.508803][T12345] RDX: 0000000004000004 RSI: 0000200000000080 RDI: 0000000000000003
[  202.508888][T12345] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  202.508900][T12345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.508912][T12345] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  202.508936][T12345]  </TASK>
[  202.827012][T12273] hsr_slave_0: entered promiscuous mode
[  202.833827][T12273] hsr_slave_1: entered promiscuous mode
[  202.839829][T12273] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  202.862963][T12273] Cannot create hsr debugfs directory
[  202.914262][T12349] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  203.038076][T12353] vlan0: entered allmulticast mode
[  203.290281][T12273] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  203.316167][T12273] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  203.341892][T12273] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  203.369877][T12273] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  203.418145][T12368] vlan0: entered allmulticast mode
[  203.455571][T12371] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3215'.
[  203.465595][T12371] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3215'.
[  203.499394][T12273] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.525048][T12373] pim6reg1: entered promiscuous mode
[  203.530524][T12373] pim6reg1: entered allmulticast mode
[  203.553986][T12273] 8021q: adding VLAN 0 to HW filter on device team0
[  203.586333][ T3345] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.594212][ T3345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.620199][T12375] ref_ctr going negative. vaddr: 0x200000ffc018, curr val: -17644, delta: 1
[  203.630092][T12375] ref_ctr increment failed for inode: 0x12c offset: 0x2 ref_ctr_offset: 0x18 of mm: 0xffff88811ca68580
[  203.659023][T12273] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  203.670488][T12273] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  203.693271][T12375] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: 0, delta: -1
[  203.703072][T12375] ref_ctr decrement failed for inode: 0x12c offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88811ca68580
[  203.717594][T12375] uprobe: syz.1.3216:12375 failed to unregister, leaking uprobe
[  203.741993][ T3345] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.749780][ T3345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  203.982637][T12273] 8021q: adding VLAN 0 to HW filter on device batadv0
[  204.289543][ T3393] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  204.381208][ T3393] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  204.397823][   T29] kauditd_printk_skb: 292 callbacks suppressed
[  204.397839][   T29] audit: type=1326 audit(2000000007.300:6144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.441773][   T29] audit: type=1326 audit(2000000007.300:6145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.470925][   T29] audit: type=1326 audit(2000000007.310:6146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb639c2e9a3 code=0x7ffc0000
[  204.498528][   T29] audit: type=1326 audit(2000000007.310:6147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb639c2e9a3 code=0x7ffc0000
[  204.525308][   T29] audit: type=1326 audit(2000000007.310:6148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.534511][T12273] veth0_vlan: entered promiscuous mode
[  204.551439][   T29] audit: type=1326 audit(2000000007.310:6149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.584368][   T29] audit: type=1326 audit(2000000007.310:6150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.608021][T12400] vlan0: entered allmulticast mode
[  204.610833][   T29] audit: type=1326 audit(2000000007.310:6151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.641340][   T29] audit: type=1326 audit(2000000007.310:6152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.665617][   T29] audit: type=1326 audit(2000000007.310:6153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12392 comm="syz.4.3219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fb639c2e969 code=0x7ffc0000
[  204.696434][T12273] veth1_vlan: entered promiscuous mode
[  204.715264][T12273] veth0_macvtap: entered promiscuous mode
[  204.724857][T12273] veth1_macvtap: entered promiscuous mode
[  204.736848][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.748493][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.758789][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.769769][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.780757][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.791915][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.804415][T12273] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.813757][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.824784][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.835311][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.846127][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.856615][T12273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.867993][T12273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.890183][T12273] batman_adv: batadv0: Interface activated: batadv_slave_1
[  204.909868][T12273] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  204.918862][T12273] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  204.927773][T12273] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  204.936727][T12273] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.952388][T12411] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12411 comm=syz.2.3225
[  204.965635][T12411] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12411 comm=syz.2.3225
[  205.036868][T12416] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  205.056298][T12419] netlink: 'syz.2.3227': attribute type 10 has an invalid length.
[  205.064224][T12419] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3227'.
[  205.088518][T12421] tipc: Enabling of bearer <eth:macvlan1> rejected, already enabled
[  205.104553][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3229'.
[  205.113884][T12423] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.121318][T12423] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.141034][T12423] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.148959][T12423] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.163884][T12424] pim6reg1: entered promiscuous mode
[  205.169260][T12424] pim6reg1: entered allmulticast mode
[  205.307291][T12429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3231'.
[  205.348781][T12435] netlink: 'syz.2.3232': attribute type 10 has an invalid length.
[  205.356928][T12435] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3232'.
[  205.419283][T12437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3234'.
[  206.101632][T12458] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3241'.
[  206.111420][T12458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3241'.
[  206.239134][T12461] program syz.0.3242 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  206.679354][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3243'.
[  206.883449][T12487] pim6reg1: entered promiscuous mode
[  206.886517][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  206.889147][T12487] pim6reg1: entered allmulticast mode
[  206.946957][   T23] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  207.001412][T12488] fido_id[12488]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  207.096866][T12493] 9pnet_fd: Insufficient options for proto=fd
[  207.542852][T12507] 9pnet_fd: Insufficient options for proto=fd
[  207.616657][T12512] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  207.855691][T12519] netlink: 'syz.0.3263': attribute type 10 has an invalid length.
[  207.940715][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  207.949139][   T10] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  207.976291][T12530] pim6reg1: entered promiscuous mode
[  207.982474][T12530] pim6reg1: entered allmulticast mode
[  208.010311][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  208.022825][   T10] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  208.131380][T12540] can: request_module (can-proto-0) failed.
[  208.141050][T12543] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  208.243083][T12550] FAULT_INJECTION: forcing a failure.
[  208.243083][T12550] name failslab, interval 1, probability 0, space 0, times 0
[  208.258557][T12550] CPU: 0 UID: 0 PID: 12550 Comm: syz.1.3274 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  208.258626][T12550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  208.258643][T12550] Call Trace:
[  208.258652][T12550]  <TASK>
[  208.258663][T12550]  __dump_stack+0x1d/0x30
[  208.258693][T12550]  dump_stack_lvl+0xe8/0x140
[  208.258719][T12550]  dump_stack+0x15/0x1b
[  208.258740][T12550]  should_fail_ex+0x265/0x280
[  208.258857][T12550]  should_failslab+0x8c/0xb0
[  208.258897][T12550]  __kvmalloc_node_noprof+0x126/0x4d0
[  208.258927][T12550]  ? rhashtable_init_noprof+0x316/0x4f0
[  208.259005][T12550]  rhashtable_init_noprof+0x316/0x4f0
[  208.259034][T12550]  rhltable_init_noprof+0x1d/0x40
[  208.259061][T12550]  nf_tables_newtable+0x522/0xea0
[  208.259137][T12550]  nfnetlink_rcv+0xb99/0x1690
[  208.259251][T12550]  netlink_unicast+0x5a1/0x670
[  208.259286][T12550]  netlink_sendmsg+0x58b/0x6b0
[  208.259310][T12550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  208.259377][T12550]  __sock_sendmsg+0x142/0x180
[  208.259415][T12550]  ____sys_sendmsg+0x31e/0x4e0
[  208.259448][T12550]  ___sys_sendmsg+0x17b/0x1d0
[  208.259623][T12550]  __x64_sys_sendmsg+0xd4/0x160
[  208.259713][T12550]  x64_sys_call+0x2999/0x2fb0
[  208.259770][T12550]  do_syscall_64+0xd0/0x1a0
[  208.259802][T12550]  ? clear_bhb_loop+0x40/0x90
[  208.259847][T12550]  ? clear_bhb_loop+0x40/0x90
[  208.259876][T12550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.259903][T12550] RIP: 0033:0x7fe0ef3ce969
[  208.259925][T12550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.259949][T12550] RSP: 002b:00007fe0eda37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  208.259974][T12550] RAX: ffffffffffffffda RBX: 00007fe0ef5f5fa0 RCX: 00007fe0ef3ce969
[  208.259996][T12550] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003
[  208.260012][T12550] RBP: 00007fe0eda37090 R08: 0000000000000000 R09: 0000000000000000
[  208.260028][T12550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.260044][T12550] R13: 0000000000000000 R14: 00007fe0ef5f5fa0 R15: 00007ffc3724f338
[  208.260072][T12550]  </TASK>
[  208.537585][T12555] __nla_validate_parse: 7 callbacks suppressed
[  208.537607][T12555] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3275'.
[  208.553708][T12555] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3275'.
[  208.562672][T12556] vlan0: entered allmulticast mode
[  208.630732][ T3390] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  208.653446][ T3390] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  208.669778][T12563] vlan0: entered allmulticast mode
[  208.702678][T12565] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  208.709519][T12565] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  208.717812][T12565] vhci_hcd vhci_hcd.0: Device attached
[  208.728884][T12565] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3281'.
[  208.746439][T12565] 0�X���: renamed from caif0
[  208.804553][T12566] fido_id[12566]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  208.835886][T12565] 0�X���: entered allmulticast mode
[  208.841390][T12565] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  208.861573][T12569] vhci_hcd: connection closed
[  208.861916][   T12] vhci_hcd: stop threads
[  208.872055][   T12] vhci_hcd: release socket
[  208.876768][   T12] vhci_hcd: disconnect device
[  208.891954][T12577] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  209.205508][T12588] FAULT_INJECTION: forcing a failure.
[  209.205508][T12588] name failslab, interval 1, probability 0, space 0, times 0
[  209.219673][T12588] CPU: 0 UID: 0 PID: 12588 Comm: syz.2.3289 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  209.219710][T12588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  209.219726][T12588] Call Trace:
[  209.219735][T12588]  <TASK>
[  209.219947][T12588]  __dump_stack+0x1d/0x30
[  209.219975][T12588]  dump_stack_lvl+0xe8/0x140
[  209.220170][T12588]  dump_stack+0x15/0x1b
[  209.220239][T12588]  should_fail_ex+0x265/0x280
[  209.220283][T12588]  ? rtnl_newlink+0x5c/0x12d0
[  209.220315][T12588]  should_failslab+0x8c/0xb0
[  209.220407][T12588]  __kmalloc_cache_noprof+0x4c/0x320
[  209.220504][T12588]  rtnl_newlink+0x5c/0x12d0
[  209.220537][T12588]  ? trace_reschedule_exit+0xd/0xc0
[  209.220568][T12588]  ? page_counter_cancel+0xe1/0x1e0
[  209.220627][T12588]  ? __rcu_read_unlock+0x4f/0x70
[  209.220648][T12588]  ? cgroup_rstat_updated+0xa3/0x510
[  209.220745][T12588]  ? __refill_stock+0x96/0xd0
[  209.220780][T12588]  ? cgroup_rstat_updated+0xa3/0x510
[  209.220813][T12588]  ? xas_load+0x413/0x430
[  209.220834][T12588]  ? xas_load+0x413/0x430
[  209.220899][T12588]  ? __memcg_slab_free_hook+0xb7/0x1c0
[  209.220932][T12588]  ? __kfree_skb+0x109/0x150
[  209.220951][T12588]  ? __rcu_read_unlock+0x4f/0x70
[  209.221067][T12588]  ? avc_has_perm_noaudit+0x1b1/0x200
[  209.221097][T12588]  ? selinux_capable+0x1f9/0x270
[  209.221129][T12588]  ? security_capable+0x83/0x90
[  209.221162][T12588]  ? ns_capable+0x7d/0xb0
[  209.221185][T12588]  ? __pfx_rtnl_newlink+0x10/0x10
[  209.221266][T12588]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  209.221305][T12588]  netlink_rcv_skb+0x120/0x220
[  209.221388][T12588]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  209.221428][T12588]  rtnetlink_rcv+0x1c/0x30
[  209.221457][T12588]  netlink_unicast+0x5a1/0x670
[  209.221525][T12588]  netlink_sendmsg+0x58b/0x6b0
[  209.221554][T12588]  ? __pfx_netlink_sendmsg+0x10/0x10
[  209.221580][T12588]  __sock_sendmsg+0x142/0x180
[  209.221686][T12588]  ____sys_sendmsg+0x31e/0x4e0
[  209.221711][T12588]  ___sys_sendmsg+0x17b/0x1d0
[  209.221793][T12588]  __x64_sys_sendmsg+0xd4/0x160
[  209.221823][T12588]  x64_sys_call+0x2999/0x2fb0
[  209.221850][T12588]  do_syscall_64+0xd0/0x1a0
[  209.221937][T12588]  ? clear_bhb_loop+0x40/0x90
[  209.221964][T12588]  ? clear_bhb_loop+0x40/0x90
[  209.222095][T12588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.222172][T12588] RIP: 0033:0x7fd39240e969
[  209.222193][T12588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.222216][T12588] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  209.222288][T12588] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  209.222300][T12588] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000005
[  209.222391][T12588] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  209.222407][T12588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.222423][T12588] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  209.222444][T12588]  </TASK>
[  209.298431][ T3390] vhci_hcd: vhci_device speed not set
[  209.303311][T12586] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3288'.
[  209.561894][T12586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3288'.
[  209.594568][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  209.594583][   T29] audit: type=1326 audit(2000000012.500:6291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12590 comm="syz.0.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  209.627994][   T29] audit: type=1326 audit(2000000012.500:6292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12590 comm="syz.0.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  209.676214][T12594] 9pnet_fd: Insufficient options for proto=fd
[  209.743422][T12597] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3292'.
[  209.755532][   T29] audit: type=1326 audit(2000000012.500:6293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12590 comm="syz.0.3291" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  209.822060][T12600] vlan0: entered allmulticast mode
[  209.822560][T12602] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3296'.
[  209.869300][   T29] audit: type=1326 audit(2000000012.770:6294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  209.914191][   T29] audit: type=1326 audit(2000000012.800:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  209.940056][   T29] audit: type=1326 audit(2000000012.800:6296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  209.964658][   T29] audit: type=1326 audit(2000000012.800:6297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  209.988642][   T29] audit: type=1326 audit(2000000012.800:6298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  210.013434][   T29] audit: type=1326 audit(2000000012.800:6299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  210.040155][   T29] audit: type=1326 audit(2000000012.800:6300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12607 comm="syz.2.3298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd39240e969 code=0x7ffc0000
[  210.065064][T12612] pim6reg1: entered promiscuous mode
[  210.070576][T12612] pim6reg1: entered allmulticast mode
[  210.152322][T12617] sd 0:0:1:0: device reset
[  210.181372][T12625] 9pnet_fd: Insufficient options for proto=fd
[  210.210494][T12628] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  210.217214][T12628] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  210.225426][T12628] vhci_hcd vhci_hcd.0: Device attached
[  210.233952][T12628] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3303'.
[  210.244878][T12628] 0�X���: renamed from caif0
[  210.422717][T12628] 0�X���: entered allmulticast mode
[  210.430427][T12628] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  210.472840][ T3391] usb 3-1: new high-speed USB device number 6 using vhci_hcd
[  210.479019][T12647] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3312'.
[  210.491796][T12631] vhci_hcd: connection reset by peer
[  210.492162][   T12] vhci_hcd: stop threads
[  210.492173][   T12] vhci_hcd: release socket
[  210.492187][   T12] vhci_hcd: disconnect device
[  210.545719][T12651] program syz.2.3311 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  210.728428][T12661] pim6reg1: entered promiscuous mode
[  210.734557][T12661] pim6reg1: entered allmulticast mode
[  210.960880][T12642] chnl_net:caif_netlink_parms(): no params data found
[  211.213533][T12642] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.221092][T12642] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.231490][T12642] bridge_slave_0: entered allmulticast mode
[  211.232052][T12642] bridge_slave_0: entered promiscuous mode
[  211.235130][T12691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3321'.
[  211.238073][T12642] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.238112][T12642] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.239355][T12642] bridge_slave_1: entered allmulticast mode
[  211.240135][T12642] bridge_slave_1: entered promiscuous mode
[  211.273898][T12642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.275170][T12642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.309026][T12642] team0: Port device team_slave_0 added
[  211.309985][T12642] team0: Port device team_slave_1 added
[  211.338479][T12694] vlan0: entered allmulticast mode
[  211.360875][T12642] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.360893][T12642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.360988][T12642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.361741][T12642] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.361753][T12642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.361817][T12642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.398760][T12642] hsr_slave_0: entered promiscuous mode
[  211.399360][T12642] hsr_slave_1: entered promiscuous mode
[  211.399887][T12642] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.543667][T12642] Cannot create hsr debugfs directory
[  211.626095][T12701] vlan0: entered allmulticast mode
[  211.688164][T12705] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  211.694882][T12705] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  211.703523][T12705] vhci_hcd vhci_hcd.0: Device attached
[  211.715443][T12642] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.728551][T12705] 1�X���: renamed from 
60�X���
[  211.770031][T12705] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  211.772062][T12707] vhci_hcd: connection closed
[  211.790627][   T31] vhci_hcd: stop threads
[  211.790641][   T31] vhci_hcd: release socket
[  211.790651][   T31] vhci_hcd: disconnect device
[  211.798706][T12642] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.835890][T12711] program syz.0.3323 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  211.860099][T12642] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.896594][T12642] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.950880][T12642] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  211.960111][T12642] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  211.969220][T12642] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  211.978845][T12642] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  212.039992][T12642] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.069682][T12722] tipc: Resetting bearer <eth:macvlan1>
[  212.081874][T12722] tipc: Disabling bearer <eth:macvlan1>
[  212.093557][T12724] vlan0: entered allmulticast mode
[  212.120640][T12642] 8021q: adding VLAN 0 to HW filter on device team0
[  212.130415][ T3345] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.137633][ T3345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.150208][ T3345] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.157746][ T3345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.186182][T12642] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  212.208362][ T2968] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  212.235933][ T2968] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  212.239920][T12732] sd 0:0:1:0: device reset
[  212.285017][T12642] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.315549][T12742] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  212.459652][T12764] program syz.0.3343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  212.499866][T12642] veth0_vlan: entered promiscuous mode
[  212.502020][T12642] veth1_vlan: entered promiscuous mode
[  212.520087][T12642] veth0_macvtap: entered promiscuous mode
[  212.523923][T12642] veth1_macvtap: entered promiscuous mode
[  212.532067][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.532092][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.532103][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.532115][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.532126][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.532139][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.532721][T12642] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.539483][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.651446][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.651464][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.651479][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.651494][T12642] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.651592][T12642] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.653261][T12642] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.676926][T12777] program syz.2.3349 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  212.685202][T12642] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.730091][T12642] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.730124][T12642] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.748227][T12642] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.855460][T12788] syz.1.3350 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  212.899922][ T3390] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  212.923055][ T3390] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  213.208827][T12813] random: crng reseeded on system resumption
[  213.944930][T12841] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  214.179965][T12851] __nla_validate_parse: 15 callbacks suppressed
[  214.180073][T12851] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3377'.
[  214.233064][T12860] dvmrp1: entered allmulticast mode
[  214.251228][T12862] 9pnet: Could not find request transport: fd0x0000000000000003
[  214.262616][T12860] dvmrp1: left allmulticast mode
[  214.434275][T12889] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3392'.
[  214.437816][T12894] 9pnet: Could not find request transport: fd0x0000000000000003
[  214.512008][T12901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3397'.
[  214.524623][T12899] tmpfs: Bad value for 'size'
[  214.561330][T12907] vlan2: entered allmulticast mode
[  214.567463][T12907] batadv0: entered allmulticast mode
[  214.598698][T12911] 9pnet: Could not find request transport: fd0x0000000000000003
[  214.606946][T12907] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3399'.
[  214.616581][T12907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3399'.
[  214.700707][   T29] kauditd_printk_skb: 605 callbacks suppressed
[  214.700722][   T29] audit: type=1400 audit(2000000017.600:6904): avc:  denied  { read } for  pid=12921 comm="syz.3.3405" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  214.728627][   T29] audit: type=1400 audit(2000000017.610:6905): avc:  denied  { ioctl } for  pid=12921 comm="syz.3.3405" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  215.131970][T12926] 9pnet: Could not find request transport: fd0x0000000000000003
[  215.199146][T12931] capability: warning: `syz.0.3408' uses 32-bit capabilities (legacy support in use)
[  215.214463][T12932] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  215.290394][T12935] tmpfs: Bad value for 'size'
[  215.344933][T12937] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3410'.
[  215.394864][T12943] 9pnet_fd: Insufficient options for proto=fd
[  215.431102][T12945] vlan0: entered allmulticast mode
[  215.543348][T12947] netlink: 56537 bytes leftover after parsing attributes in process `gtp'.
[  215.612793][ T3391] vhci_hcd: vhci_device speed not set
[  215.634106][T12953] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  215.641081][T12953] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  215.649624][T12953] vhci_hcd vhci_hcd.0: Device attached
[  215.658895][T12953] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3417'.
[  215.669593][T12953] 0�X���: renamed from 
61�X���
[  215.699111][T12953] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  215.720334][T12957] vhci_hcd: connection closed
[  215.720737][ T7614] vhci_hcd: stop threads
[  215.731068][ T7614] vhci_hcd: release socket
[  215.735707][ T7614] vhci_hcd: disconnect device
[  216.334253][T12976] netlink: 'syz.2.3426': attribute type 10 has an invalid length.
[  216.334276][T12976] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3426'.
[  216.375280][T12979] program syz.3.3425 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.390138][T12978] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3427'.
[  216.390176][T12978] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.390217][T12978] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.391003][T12978] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.391028][T12978] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.448823][T12981] vlan2: entered allmulticast mode
[  216.549482][ T2968] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  216.580760][T12991] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  216.587557][T12991] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  216.597117][T12991] vhci_hcd vhci_hcd.0: Device attached
[  216.608691][ T2968] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  216.640210][   T29] audit: type=1326 audit(2000000019.540:6906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.664980][   T29] audit: type=1326 audit(2000000019.540:6907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.689998][   T29] audit: type=1326 audit(2000000019.540:6908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.716086][   T29] audit: type=1326 audit(2000000019.540:6909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.741515][   T29] audit: type=1326 audit(2000000019.540:6910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.768861][T13003] 0�X���: renamed from caif0
[  216.783961][T13003] 0�X���: entered allmulticast mode
[  216.789418][T13003] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  216.794584][T12998] fido_id[12998]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  216.820147][   T29] audit: type=1326 audit(2000000019.600:6911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.846446][   T29] audit: type=1326 audit(2000000019.600:6912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.885259][   T29] audit: type=1326 audit(2000000019.750:6913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13001 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f975d05e969 code=0x7ffc0000
[  216.909654][T12994] vhci_hcd: connection closed
[  216.912012][   T37] vhci_hcd: stop threads
[  216.922190][   T37] vhci_hcd: release socket
[  216.927304][   T37] vhci_hcd: disconnect device
[  216.986529][T13016] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  217.286141][T13042] sd 0:0:1:0: device reset
[  217.494548][T13051] pim6reg1: entered promiscuous mode
[  217.500051][T13051] pim6reg1: entered allmulticast mode
[  217.901585][T13054] vlan0: entered allmulticast mode
[  218.752218][T13074] 9pnet: Could not find request transport: 0xffffffffffffffff
[  218.876140][T13077] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  218.882892][T13077] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  218.890757][T13077] vhci_hcd vhci_hcd.0: Device attached
[  218.963262][T13082] 1�X���: renamed from 
60�X���
[  218.972184][T13082] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  219.034144][T13078] vhci_hcd: connection closed
[  219.035715][   T31] vhci_hcd: stop threads
[  219.044764][   T31] vhci_hcd: release socket
[  219.049496][   T31] vhci_hcd: disconnect device
[  219.082818][T13084] 9pnet: Could not find request transport: fd0x0000000000000003
[  219.189740][T13091] pim6reg1: entered promiscuous mode
[  219.196495][T13091] pim6reg1: entered allmulticast mode
[  219.351624][T13099] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  219.358663][T13099] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  219.367257][T13099] vhci_hcd vhci_hcd.0: Device attached
[  219.398611][T13099] __nla_validate_parse: 8 callbacks suppressed
[  219.398704][T13099] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3471'.
[  219.399276][T13099] 1�X���: renamed from 
60�X���
[  219.469714][T13099] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  219.495195][T13101] vhci_hcd: connection closed
[  219.495339][   T12] vhci_hcd: stop threads
[  219.504666][   T12] vhci_hcd: release socket
[  219.509489][   T12] vhci_hcd: disconnect device
[  219.627474][ T3391] vhci_hcd: vhci_device speed not set
[  219.627764][T13115] sd 0:0:1:0: device reset
[  220.348961][T13131] pim6reg1: entered promiscuous mode
[  220.354485][T13131] pim6reg1: entered allmulticast mode
[  220.525779][T13137] vlan0: entered allmulticast mode
[  220.558634][T13139] program syz.2.3483 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.788432][T13153] vlan0: entered allmulticast mode
[  220.810255][T13157] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  220.817122][T13157] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  220.828085][T13157] vhci_hcd vhci_hcd.0: Device attached
[  220.836211][T13157] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3493'.
[  220.847007][T13157] 0�X���: renamed from caif0
[  220.878282][T13157] 0�X���: entered allmulticast mode
[  220.884278][T13157] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  220.902257][T13158] vhci_hcd: connection closed
[  220.902515][ T7614] vhci_hcd: stop threads
[  220.911718][ T7614] vhci_hcd: release socket
[  220.916613][ T7614] vhci_hcd: disconnect device
[  220.947149][   T29] kauditd_printk_skb: 673 callbacks suppressed
[  220.947163][   T29] audit: type=1326 audit(2000000023.850:7587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  220.992699][   T29] audit: type=1326 audit(2000000023.880:7588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.016727][   T29] audit: type=1326 audit(2000000023.880:7589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.041072][   T29] audit: type=1326 audit(2000000023.880:7590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.066278][   T29] audit: type=1326 audit(2000000023.880:7591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.089881][   T29] audit: type=1326 audit(2000000023.880:7592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.113461][   T29] audit: type=1326 audit(2000000023.880:7593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.137841][   T29] audit: type=1326 audit(2000000023.880:7594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.162041][   T29] audit: type=1326 audit(2000000023.880:7595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  221.185816][   T29] audit: type=1326 audit(2000000023.880:7596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13163 comm="syz.1.3495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  222.354862][T13171] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3497'.
[  222.413309][T13177] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  222.456312][T13179] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3500'.
[  222.465716][T13179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3500'.
[  222.533332][T13181] tmpfs: Bad value for 'size'
[  222.562760][T13192] program syz.4.3504 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  222.682591][T13201] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3509'.
[  222.682619][T13201] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3509'.
[  222.682635][T13201] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3509'.
[  222.682701][T13201] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3509'.
[  222.682720][T13201] netlink: 'syz.1.3509': attribute type 6 has an invalid length.
[  222.735009][T13203] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  222.735040][T13203] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  222.735338][T13203] vhci_hcd vhci_hcd.0: Device attached
[  222.737033][T13203] netlink: 3 bytes leftover after parsing attributes in process `syz.0.3511'.
[  222.738073][T13203] 0�X���: renamed from 
61�X���
[  222.816274][T13203] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  222.851922][T13206] vhci_hcd: connection closed
[  222.852168][ T7614] vhci_hcd: stop threads
[  222.852180][ T7614] vhci_hcd: release socket
[  222.852194][ T7614] vhci_hcd: disconnect device
[  223.231594][T13213] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  223.353651][T13218] IPv6: Can't replace route, no match found
[  224.119571][T13230] infiniband syz!: set down
[  224.125259][T13230] infiniband syz!: added team_slave_0
[  224.159757][T13241] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  224.173445][T13230] RDS/IB: syz!: added
[  224.182223][T13230] smc: adding ib device syz! with port count 1
[  224.213948][T13230] smc:    ib device syz! port 1 has pnetid 
[  224.390554][T13251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.399421][T13251] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.601195][T13261] __nla_validate_parse: 2 callbacks suppressed
[  224.601218][T13261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3531'.
[  224.898232][T13281] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  225.119373][T13288] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  225.157219][T13290] FAULT_INJECTION: forcing a failure.
[  225.157219][T13290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.171770][T13290] CPU: 1 UID: 0 PID: 13290 Comm: syz.1.3541 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  225.171808][T13290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  225.171824][T13290] Call Trace:
[  225.171833][T13290]  <TASK>
[  225.171843][T13290]  __dump_stack+0x1d/0x30
[  225.171870][T13290]  dump_stack_lvl+0xe8/0x140
[  225.171991][T13290]  dump_stack+0x15/0x1b
[  225.172012][T13290]  should_fail_ex+0x265/0x280
[  225.172054][T13290]  should_fail+0xb/0x20
[  225.172082][T13290]  should_fail_usercopy+0x1a/0x20
[  225.172124][T13290]  _copy_from_user+0x1c/0xb0
[  225.172146][T13290]  kstrtouint_from_user+0x69/0xf0
[  225.172194][T13290]  ? avc_policy_seqno+0x15/0x30
[  225.172221][T13290]  proc_fail_nth_write+0x50/0x160
[  225.172296][T13290]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  225.172341][T13290]  vfs_write+0x266/0x8d0
[  225.172373][T13290]  ? __cond_resched+0x4e/0x90
[  225.172481][T13290]  ksys_write+0xda/0x1a0
[  225.172506][T13290]  __x64_sys_write+0x40/0x50
[  225.172541][T13290]  x64_sys_call+0x2cdd/0x2fb0
[  225.172568][T13290]  do_syscall_64+0xd0/0x1a0
[  225.172597][T13290]  ? clear_bhb_loop+0x40/0x90
[  225.172680][T13290]  ? clear_bhb_loop+0x40/0x90
[  225.172701][T13290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.172727][T13290] RIP: 0033:0x7fe0ef3cd41f
[  225.172743][T13290] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  225.172812][T13290] RSP: 002b:00007fe0eda37030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  225.172836][T13290] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe0ef3cd41f
[  225.172874][T13290] RDX: 0000000000000001 RSI: 00007fe0eda370a0 RDI: 000000000000000b
[  225.172885][T13290] RBP: 00007fe0eda37090 R08: 0000000000000000 R09: 0000000000000000
[  225.172901][T13290] R10: 0000000000000086 R11: 0000000000000293 R12: 0000000000000001
[  225.172916][T13290] R13: 0000000000000000 R14: 00007fe0ef5f5fa0 R15: 00007ffc3724f338
[  225.172967][T13290]  </TASK>
[  225.422805][T13292] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3539'.
[  225.432129][T13292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3539'.
[  225.538396][T13305] vlan2: entered allmulticast mode
[  225.539290][T13306] program syz.2.3544 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  225.721549][T13326] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  225.725362][T13325] vlan0: entered allmulticast mode
[  225.728503][T13326] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  225.739385][T13326] vhci_hcd vhci_hcd.0: Device attached
[  225.750682][T13326] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3553'.
[  225.763658][T13331] tmpfs: Bad value for 'size'
[  225.775260][T13326] 1�X���: renamed from 
60�X���
[  225.790839][T13332] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3554'.
[  225.801596][T13332] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3554'.
[  225.824207][T13326] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  225.846406][T13327] vhci_hcd: connection closed
[  225.856570][ T5011] vhci_hcd: stop threads
[  225.866490][ T5011] vhci_hcd: release socket
[  225.871024][ T5011] vhci_hcd: disconnect device
[  225.888139][T13339] vlan0: entered allmulticast mode
[  225.922799][ T3390] vhci_hcd: vhci_device speed not set
[  225.956736][   T29] kauditd_printk_skb: 1460 callbacks suppressed
[  225.956752][   T29] audit: type=1326 audit(2000000028.860:9057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  225.997865][   T29] audit: type=1326 audit(2000000028.860:9058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.023921][   T29] audit: type=1326 audit(2000000028.860:9059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.050924][   T29] audit: type=1326 audit(2000000028.860:9060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.077286][   T29] audit: type=1326 audit(2000000028.860:9061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.102862][   T29] audit: type=1326 audit(2000000028.860:9062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.108107][T13351] vlan2: entered allmulticast mode
[  226.127896][   T29] audit: type=1326 audit(2000000028.860:9063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.4.3560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  226.169130][T13348] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3561'.
[  226.181615][T13348] netlink: 'syz.0.3561': attribute type 1 has an invalid length.
[  226.273425][T13354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3563'.
[  226.357740][   T29] audit: type=1326 audit(2000000029.250:9064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  226.383141][   T29] audit: type=1326 audit(2000000029.250:9065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  226.407244][   T29] audit: type=1326 audit(2000000029.250:9066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13359 comm="syz.0.3565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91e857e969 code=0x7ffc0000
[  226.505824][T13363] program syz.4.3564 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  226.551888][T13368] vlan0: entered allmulticast mode
[  226.603818][T13365] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3568'.
[  226.603896][T13365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3568'.
[  226.630632][T13374] vlan0: entered allmulticast mode
[  226.840223][T13398] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  226.846893][T13398] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  226.855961][T13398] vhci_hcd vhci_hcd.0: Device attached
[  226.889986][T13398] 1�X���: renamed from 
60�X���
[  226.947047][T13398] A link change request failed with some changes committed already. Interface 
61�X��� may have been left with an inconsistent configuration, please check.
[  226.966935][T13405] vlan0: entered allmulticast mode
[  226.984933][T13401] vhci_hcd: connection closed
[  226.987216][T13266] vhci_hcd: stop threads
[  226.998507][T13266] vhci_hcd: release socket
[  227.003386][T13266] vhci_hcd: disconnect device
[  227.025425][T13411] FAULT_INJECTION: forcing a failure.
[  227.025425][T13411] name failslab, interval 1, probability 0, space 0, times 0
[  227.039310][T13411] CPU: 0 UID: 0 PID: 13411 Comm: syz.4.3584 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  227.039348][T13411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  227.039364][T13411] Call Trace:
[  227.039371][T13411]  <TASK>
[  227.039380][T13411]  __dump_stack+0x1d/0x30
[  227.039406][T13411]  dump_stack_lvl+0xe8/0x140
[  227.039426][T13411]  dump_stack+0x15/0x1b
[  227.039446][T13411]  should_fail_ex+0x265/0x280
[  227.039494][T13411]  should_failslab+0x8c/0xb0
[  227.039534][T13411]  kmem_cache_alloc_noprof+0x50/0x310
[  227.039559][T13411]  ? vm_area_alloc+0x2c/0xb0
[  227.039590][T13411]  vm_area_alloc+0x2c/0xb0
[  227.039619][T13411]  mmap_region+0x81f/0x1470
[  227.039680][T13411]  do_mmap+0x9de/0xc20
[  227.039714][T13411]  vm_mmap_pgoff+0x17a/0x2e0
[  227.039747][T13411]  ksys_mmap_pgoff+0xc2/0x310
[  227.039779][T13411]  ? __x64_sys_mmap+0x49/0x70
[  227.039803][T13411]  x64_sys_call+0x1602/0x2fb0
[  227.039823][T13411]  do_syscall_64+0xd0/0x1a0
[  227.039849][T13411]  ? clear_bhb_loop+0x40/0x90
[  227.039877][T13411]  ? clear_bhb_loop+0x40/0x90
[  227.039904][T13411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.039925][T13411] RIP: 0033:0x7f83d486e9a3
[  227.039944][T13411] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  227.039966][T13411] RSP: 002b:00007f83d2ed6d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  227.039990][T13411] RAX: ffffffffffffffda RBX: 000000000000059b RCX: 00007f83d486e9a3
[  227.040006][T13411] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  227.040021][T13411] RBP: 0000200000000002 R08: 00000000ffffffff R09: 0000000000000000
[  227.040037][T13411] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000007
[  227.040048][T13411] R13: 00007f83d2ed6dec R14: 00007f83d2ed6df0 R15: 00007ffe4a563d58
[  227.040068][T13411]  </TASK>
[  227.052814][ T1048] vhci_hcd: vhci_device speed not set
[  227.392315][T13414] vlan0: entered allmulticast mode
[  227.401324][T13415] netlink: 'syz.4.3585': attribute type 1 has an invalid length.
[  227.410452][T13415] netlink: 'syz.4.3585': attribute type 2 has an invalid length.
[  227.613360][T13427] program syz.0.3588 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  227.707196][T13431] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  227.840964][T13439] vlan0: entered allmulticast mode
[  227.853811][T13437] tmpfs: Bad value for 'size'
[  228.043185][T13448] sd 0:0:1:0: device reset
[  228.231484][T13465] program syz.2.3606 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  228.441017][T13476] sd 0:0:1:0: device reset
[  229.076330][T13506] vhci_hcd: invalid port number 96
[  229.082486][T13506] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  229.250465][T13520] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  229.263568][T13522] sd 0:0:1:0: device reset
[  229.410394][T13539] FAULT_INJECTION: forcing a failure.
[  229.410394][T13539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.423799][T13539] CPU: 0 UID: 0 PID: 13539 Comm: syz.2.3633 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  229.423837][T13539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  229.423890][T13539] Call Trace:
[  229.423904][T13539]  <TASK>
[  229.423912][T13539]  __dump_stack+0x1d/0x30
[  229.423971][T13539]  dump_stack_lvl+0xe8/0x140
[  229.423995][T13539]  dump_stack+0x15/0x1b
[  229.424015][T13539]  should_fail_ex+0x265/0x280
[  229.424088][T13539]  should_fail+0xb/0x20
[  229.424197][T13539]  should_fail_usercopy+0x1a/0x20
[  229.424220][T13539]  _copy_to_user+0x20/0xa0
[  229.424249][T13539]  simple_read_from_buffer+0xb5/0x130
[  229.424283][T13539]  proc_fail_nth_read+0x100/0x140
[  229.424377][T13539]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.424432][T13539]  vfs_read+0x19d/0x6f0
[  229.424470][T13539]  ? __rcu_read_unlock+0x4f/0x70
[  229.424491][T13539]  ? __fget_files+0x184/0x1c0
[  229.424521][T13539]  ksys_read+0xda/0x1a0
[  229.424549][T13539]  __x64_sys_read+0x40/0x50
[  229.424652][T13539]  x64_sys_call+0x2d77/0x2fb0
[  229.424679][T13539]  do_syscall_64+0xd0/0x1a0
[  229.424707][T13539]  ? clear_bhb_loop+0x40/0x90
[  229.424782][T13539]  ? clear_bhb_loop+0x40/0x90
[  229.424842][T13539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.424885][T13539] RIP: 0033:0x7fd39240d37c
[  229.424916][T13539] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  229.424935][T13539] RSP: 002b:00007fd390a77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  229.425003][T13539] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240d37c
[  229.425015][T13539] RDX: 000000000000000f RSI: 00007fd390a770a0 RDI: 0000000000000004
[  229.425057][T13539] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  229.425072][T13539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.425087][T13539] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  229.425112][T13539]  </TASK>
[  230.092496][T13557] __nla_validate_parse: 14 callbacks suppressed
[  230.092517][T13557] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3638'.
[  230.174377][T13556] sd 0:0:1:0: device reset
[  230.332663][T13568] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3644'.
[  230.342798][T13568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3644'.
[  230.374082][T13573] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3647'.
[  230.420995][T13578] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3649'.
[  231.569646][T13597] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  232.409697][T13593] geneve0: entered allmulticast mode
[  232.542764][   T29] kauditd_printk_skb: 334 callbacks suppressed
[  232.542782][   T29] audit: type=1326 audit(2000000035.440:9401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13604 comm="syz.4.3657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  232.576751][   T29] audit: type=1326 audit(2000000035.440:9402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13604 comm="syz.4.3657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  232.630899][T13605] sd 0:0:1:0: device reset
[  232.666103][   T29] audit: type=1326 audit(2000000035.450:9403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13601 comm="syz.1.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  232.690827][   T29] audit: type=1326 audit(2000000035.450:9404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13601 comm="syz.1.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  232.715070][   T29] audit: type=1326 audit(2000000035.450:9405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13601 comm="syz.1.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  232.739194][   T29] audit: type=1326 audit(2000000035.450:9406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13604 comm="syz.4.3657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  232.763800][   T29] audit: type=1326 audit(2000000035.450:9407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13604 comm="syz.4.3657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  232.788903][   T29] audit: type=1326 audit(2000000035.450:9408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13604 comm="syz.4.3657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  232.816036][   T29] audit: type=1326 audit(2000000035.450:9409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13601 comm="syz.1.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  232.829860][T13616] 9pnet: Could not find request transport: fd0x0000000000000003
[  232.843667][   T29] audit: type=1326 audit(2000000035.450:9410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13601 comm="syz.1.3656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  233.018891][T13629] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3665'.
[  233.156607][T13645] vlan0: entered allmulticast mode
[  233.536874][T13655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3675'.
[  233.788614][T13666] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3681'.
[  234.037274][T13690] pim6reg: entered allmulticast mode
[  234.063148][T13695] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3694'.
[  234.127629][T13706] vlan0: entered allmulticast mode
[  234.241590][T13716] vlan0: entered allmulticast mode
[  234.268162][T13718] sd 0:0:1:0: device reset
[  234.293089][T13719] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3703'.
[  234.370792][T13724] io-wq is not configured for unbound workers
[  234.778446][T13735] vlan0: entered allmulticast mode
[  235.008151][T13748] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  235.241215][T13760] __nla_validate_parse: 6 callbacks suppressed
[  235.241237][T13760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3721'.
[  235.429901][T13767] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3713'.
[  235.439200][T13767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3713'.
[  235.707973][T13783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3728'.
[  235.739654][T13787] program syz.0.3727 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  235.866801][T13791] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3730'.
[  235.905087][T13793] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3731'.
[  235.973603][T13805] FAULT_INJECTION: forcing a failure.
[  235.973603][T13805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.986875][T13805] CPU: 0 UID: 0 PID: 13805 Comm: syz.3.3736 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  235.986911][T13805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  235.986927][T13805] Call Trace:
[  235.986935][T13805]  <TASK>
[  235.986944][T13805]  __dump_stack+0x1d/0x30
[  235.986971][T13805]  dump_stack_lvl+0xe8/0x140
[  235.986994][T13805]  dump_stack+0x15/0x1b
[  235.987028][T13805]  should_fail_ex+0x265/0x280
[  235.987070][T13805]  should_fail+0xb/0x20
[  235.987150][T13805]  should_fail_usercopy+0x1a/0x20
[  235.987184][T13805]  _copy_from_user+0x1c/0xb0
[  235.987213][T13805]  btf_new_fd+0x20a/0x790
[  235.987306][T13805]  bpf_btf_load+0x112/0x130
[  235.987338][T13805]  __sys_bpf+0x561/0x790
[  235.987381][T13805]  __x64_sys_bpf+0x41/0x50
[  235.987474][T13805]  x64_sys_call+0x2478/0x2fb0
[  235.987505][T13805]  do_syscall_64+0xd0/0x1a0
[  235.987528][T13805]  ? clear_bhb_loop+0x40/0x90
[  235.987583][T13805]  ? clear_bhb_loop+0x40/0x90
[  235.987610][T13805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.987637][T13805] RIP: 0033:0x7f975d05e969
[  235.987656][T13805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.987679][T13805] RSP: 002b:00007f975b6c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  235.987701][T13805] RAX: ffffffffffffffda RBX: 00007f975d285fa0 RCX: 00007f975d05e969
[  235.987725][T13805] RDX: 0000000000000028 RSI: 0000200000000740 RDI: 0000000000000012
[  235.987737][T13805] RBP: 00007f975b6c7090 R08: 0000000000000000 R09: 0000000000000000
[  235.987748][T13805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.987759][T13805] R13: 0000000000000001 R14: 00007f975d285fa0 R15: 00007ffc39143758
[  235.987809][T13805]  </TASK>
[  236.193260][T13810] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3734'.
[  236.203301][T13802] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  236.210255][T13802] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  236.218609][T13802] vhci_hcd vhci_hcd.0: Device attached
[  236.243059][T13810] 0�X���: renamed from 
61�X���
[  236.250288][T13810] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  236.291595][T13809] vhci_hcd: connection closed
[  236.301547][   T31] vhci_hcd: stop threads
[  236.301563][   T31] vhci_hcd: release socket
[  236.301574][   T31] vhci_hcd: disconnect device
[  236.335987][T13826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3743'.
[  236.356439][T13824] program syz.0.3740 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  236.440908][T13834] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3745'.
[  236.452307][T13835] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  237.125038][T13846] vhci_hcd: invalid port number 96
[  237.130830][T13846] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  237.202880][T13844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3748'.
[  237.300612][T13855] sd 0:0:1:0: device reset
[  237.460963][T13871] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  237.460993][T13871] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  237.461131][T13871] vhci_hcd vhci_hcd.0: Device attached
[  237.463313][T13871] 0�X���: renamed from 
61�X���
[  237.504745][T13871] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  237.507588][T13872] vhci_hcd: connection closed
[  237.507807][T13266] vhci_hcd: stop threads
[  237.507819][T13266] vhci_hcd: release socket
[  237.507829][T13266] vhci_hcd: disconnect device
[  237.543723][T13879] program syz.1.3756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.563371][T13880] pim6reg1: entered promiscuous mode
[  237.576316][T13880] pim6reg1: entered allmulticast mode
[  237.581178][T13878] sd 0:0:1:0: device reset
[  237.611981][T13882] vlan0: entered allmulticast mode
[  237.700419][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  237.700437][   T29] audit: type=1400 audit(2000000040.600:9889): avc:  denied  { lock } for  pid=13886 comm="syz.0.3763" path="socket:[39613]" dev="sockfs" ino=39613 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  237.795413][   T29] audit: type=1400 audit(2000000040.690:9890): avc:  denied  { create } for  pid=13886 comm="syz.0.3763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  237.817227][   T29] audit: type=1400 audit(2000000040.690:9891): avc:  denied  { bind } for  pid=13886 comm="syz.0.3763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  237.844073][   T29] audit: type=1326 audit(2000000040.750:9892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13892 comm="syz.1.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  237.871324][   T29] audit: type=1326 audit(2000000040.750:9893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13892 comm="syz.1.3766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0ef3ce969 code=0x7ffc0000
[  237.896348][   T29] audit: type=1326 audit(2000000040.780:9894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13895 comm="syz.4.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  237.920508][   T29] audit: type=1326 audit(2000000040.780:9895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13895 comm="syz.4.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  237.922132][T13896] sd 0:0:1:0: device reset
[  237.945351][   T29] audit: type=1326 audit(2000000040.780:9896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13895 comm="syz.4.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  237.973631][   T29] audit: type=1326 audit(2000000040.780:9897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13895 comm="syz.4.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  237.997315][   T29] audit: type=1326 audit(2000000040.780:9898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13895 comm="syz.4.3768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  238.118161][T13913] netlink: 'syz.3.3776': attribute type 15 has an invalid length.
[  238.139704][T13913] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  238.150834][T13917] veth0_macvtap: left promiscuous mode
[  238.208047][T13923] netlink: 'syz.3.3779': attribute type 15 has an invalid length.
[  238.218810][T13925] sd 0:0:1:0: device reset
[  238.297109][T13939] pim6reg1: entered promiscuous mode
[  238.302873][T13939] pim6reg1: entered allmulticast mode
[  238.318977][T13938] vlan0: entered allmulticast mode
[  238.406314][T13943] program syz.2.3787 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  238.429520][T13946] vlan0: entered allmulticast mode
[  238.501389][T13950] FAULT_INJECTION: forcing a failure.
[  238.501389][T13950] name failslab, interval 1, probability 0, space 0, times 0
[  238.515285][T13950] CPU: 0 UID: 0 PID: 13950 Comm: syz.4.3790 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  238.515316][T13950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  238.515332][T13950] Call Trace:
[  238.515345][T13950]  <TASK>
[  238.515356][T13950]  __dump_stack+0x1d/0x30
[  238.515409][T13950]  dump_stack_lvl+0xe8/0x140
[  238.515433][T13950]  dump_stack+0x15/0x1b
[  238.515452][T13950]  should_fail_ex+0x265/0x280
[  238.515491][T13950]  ? alloc_pipe_info+0xae/0x350
[  238.515580][T13950]  should_failslab+0x8c/0xb0
[  238.515617][T13950]  __kmalloc_cache_noprof+0x4c/0x320
[  238.515641][T13950]  alloc_pipe_info+0xae/0x350
[  238.515675][T13950]  splice_direct_to_actor+0x592/0x680
[  238.515730][T13950]  ? kstrtouint_from_user+0x9f/0xf0
[  238.515801][T13950]  ? __pfx_direct_splice_actor+0x10/0x10
[  238.515831][T13950]  ? __rcu_read_unlock+0x4f/0x70
[  238.515859][T13950]  ? get_pid_task+0x96/0xd0
[  238.515885][T13950]  ? avc_policy_seqno+0x15/0x30
[  238.515965][T13950]  do_splice_direct+0xda/0x150
[  238.515992][T13950]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  238.516020][T13950]  do_sendfile+0x380/0x640
[  238.516096][T13950]  __x64_sys_sendfile64+0x105/0x150
[  238.516134][T13950]  x64_sys_call+0xb39/0x2fb0
[  238.516204][T13950]  do_syscall_64+0xd0/0x1a0
[  238.516234][T13950]  ? clear_bhb_loop+0x40/0x90
[  238.516260][T13950]  ? clear_bhb_loop+0x40/0x90
[  238.516284][T13950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.516344][T13950] RIP: 0033:0x7f83d486e969
[  238.516364][T13950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.516391][T13950] RSP: 002b:00007f83d2ed7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  238.516415][T13950] RAX: ffffffffffffffda RBX: 00007f83d4a95fa0 RCX: 00007f83d486e969
[  238.516460][T13950] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000006
[  238.516475][T13950] RBP: 00007f83d2ed7090 R08: 0000000000000000 R09: 0000000000000000
[  238.516487][T13950] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  238.516500][T13950] R13: 0000000000000000 R14: 00007f83d4a95fa0 R15: 00007ffe4a563d58
[  238.516520][T13950]  </TASK>
[  238.800020][T13955] team0 (unregistering): Port device team_slave_0 removed
[  238.808776][T13955] team0 (unregistering): Port device team_slave_1 removed
[  238.821745][T13957] sd 0:0:1:0: device reset
[  238.889340][T13966] FAULT_INJECTION: forcing a failure.
[  238.889340][T13966] name failslab, interval 1, probability 0, space 0, times 0
[  238.902237][T13966] CPU: 1 UID: 0 PID: 13966 Comm: syz.0.3797 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  238.902273][T13966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  238.902290][T13966] Call Trace:
[  238.902299][T13966]  <TASK>
[  238.902308][T13966]  __dump_stack+0x1d/0x30
[  238.902329][T13966]  dump_stack_lvl+0xe8/0x140
[  238.902418][T13966]  dump_stack+0x15/0x1b
[  238.902511][T13966]  should_fail_ex+0x265/0x280
[  238.902554][T13966]  should_failslab+0x8c/0xb0
[  238.902591][T13966]  kmem_cache_alloc_noprof+0x50/0x310
[  238.902615][T13966]  ? dst_alloc+0xbd/0x100
[  238.902671][T13966]  dst_alloc+0xbd/0x100
[  238.902686][T13966]  ? fib_multipath_hash+0xb82/0x1100
[  238.902774][T13966]  ip_route_output_key_hash_rcu+0xebb/0x13d0
[  238.902807][T13966]  ? mntput_no_expire+0x6f/0x3d0
[  238.902829][T13966]  ip_route_output_key_hash+0x7a/0xb0
[  238.902859][T13966]  dccp_v4_connect+0x3b4/0x7b0
[  238.902905][T13966]  dccp_v6_connect+0x3f9/0x8b0
[  238.902945][T13966]  __inet_stream_connect+0x169/0x7e0
[  238.902975][T13966]  ? _raw_spin_unlock_bh+0x36/0x40
[  238.903009][T13966]  ? release_sock+0x116/0x150
[  238.903082][T13966]  ? _raw_spin_unlock_bh+0x36/0x40
[  238.903125][T13966]  ? lock_sock_nested+0x112/0x140
[  238.903157][T13966]  ? selinux_netlbl_socket_connect+0x115/0x130
[  238.903243][T13966]  inet_stream_connect+0x44/0x70
[  238.903280][T13966]  ? __pfx_inet_stream_connect+0x10/0x10
[  238.903312][T13966]  __sys_connect+0x1f2/0x2b0
[  238.903404][T13966]  __x64_sys_connect+0x3f/0x50
[  238.903499][T13966]  x64_sys_call+0x1daa/0x2fb0
[  238.903576][T13966]  do_syscall_64+0xd0/0x1a0
[  238.903607][T13966]  ? clear_bhb_loop+0x40/0x90
[  238.903630][T13966]  ? clear_bhb_loop+0x40/0x90
[  238.903650][T13966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.903715][T13966] RIP: 0033:0x7f91e857e969
[  238.903747][T13966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.903767][T13966] RSP: 002b:00007f91e6be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  238.903852][T13966] RAX: ffffffffffffffda RBX: 00007f91e87a5fa0 RCX: 00007f91e857e969
[  238.903868][T13966] RDX: 000000000000001c RSI: 0000200000000140 RDI: 0000000000000003
[  238.903884][T13966] RBP: 00007f91e6be7090 R08: 0000000000000000 R09: 0000000000000000
[  238.903899][T13966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.903914][T13966] R13: 0000000000000000 R14: 00007f91e87a5fa0 R15: 00007ffd8d893948
[  238.903938][T13966]  </TASK>
[  239.187058][T13969] vlan0: entered allmulticast mode
[  239.341747][T13981] program syz.4.3799 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.425516][T13985] tipc: Enabling of bearer <eth:macvlan1> rejected, failed to enable media
[  239.632064][T14000] 9pnet_fd: p9_fd_create_tcp (14000): problem connecting socket to 127.0.0.1
[  239.746578][T14009] vlan0: entered allmulticast mode
[  240.011386][T14029] Q�6��\b��Y�4��: renamed from lo (while UP)
[  240.144069][T14027] xt_CT: You must specify a L4 protocol and not use inversions on it
[  240.301401][T14035] tmpfs: Bad value for 'size'
[  240.907616][T14064] vlan0: entered allmulticast mode
[  240.929834][T14066] sd 0:0:1:0: device reset
[  240.965245][T14069] __nla_validate_parse: 17 callbacks suppressed
[  240.965266][T14069] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3835'.
[  240.980693][T14069] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3835'.
[  241.253243][T14094] sd 0:0:1:0: device reset
[  241.325644][T14109] sd 0:0:1:0: device reset
[  241.365891][T14114] FAULT_INJECTION: forcing a failure.
[  241.365891][T14114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.379358][T14114] CPU: 1 UID: 0 PID: 14114 Comm: syz.3.3856 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  241.379393][T14114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  241.379408][T14114] Call Trace:
[  241.379416][T14114]  <TASK>
[  241.379424][T14114]  __dump_stack+0x1d/0x30
[  241.379449][T14114]  dump_stack_lvl+0xe8/0x140
[  241.379472][T14114]  dump_stack+0x15/0x1b
[  241.379525][T14114]  should_fail_ex+0x265/0x280
[  241.379564][T14114]  should_fail+0xb/0x20
[  241.379622][T14114]  should_fail_usercopy+0x1a/0x20
[  241.379646][T14114]  _copy_to_user+0x20/0xa0
[  241.379685][T14114]  simple_read_from_buffer+0xb5/0x130
[  241.379716][T14114]  proc_fail_nth_read+0x100/0x140
[  241.379748][T14114]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  241.379856][T14114]  vfs_read+0x19d/0x6f0
[  241.379884][T14114]  ? __rcu_read_unlock+0x4f/0x70
[  241.379918][T14114]  ? __fget_files+0x184/0x1c0
[  241.380023][T14114]  ksys_read+0xda/0x1a0
[  241.380056][T14114]  __x64_sys_read+0x40/0x50
[  241.380083][T14114]  x64_sys_call+0x2d77/0x2fb0
[  241.380110][T14114]  do_syscall_64+0xd0/0x1a0
[  241.380212][T14114]  ? clear_bhb_loop+0x40/0x90
[  241.380334][T14114]  ? clear_bhb_loop+0x40/0x90
[  241.380421][T14114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.380446][T14114] RIP: 0033:0x7f975d05d37c
[  241.380461][T14114] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  241.380551][T14114] RSP: 002b:00007f975b6c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  241.380573][T14114] RAX: ffffffffffffffda RBX: 00007f975d285fa0 RCX: 00007f975d05d37c
[  241.380585][T14114] RDX: 000000000000000f RSI: 00007f975b6c70a0 RDI: 0000000000000004
[  241.380597][T14114] RBP: 00007f975b6c7090 R08: 0000000000000000 R09: 0000000000000000
[  241.380608][T14114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.380620][T14114] R13: 0000000000000000 R14: 00007f975d285fa0 R15: 00007ffc39143758
[  241.380639][T14114]  </TASK>
[  241.636998][T14123] vlan0: entered allmulticast mode
[  241.843671][T14152] FAULT_INJECTION: forcing a failure.
[  241.843671][T14152] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  241.849922][T14153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3872'.
[  241.857123][T14152] CPU: 0 UID: 0 PID: 14152 Comm: syz.2.3873 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  241.857262][T14152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  241.857280][T14152] Call Trace:
[  241.857288][T14152]  <TASK>
[  241.857299][T14152]  __dump_stack+0x1d/0x30
[  241.857338][T14152]  dump_stack_lvl+0xe8/0x140
[  241.857364][T14152]  dump_stack+0x15/0x1b
[  241.857386][T14152]  should_fail_ex+0x265/0x280
[  241.857487][T14152]  should_fail_alloc_page+0xf2/0x100
[  241.857529][T14152]  __alloc_frozen_pages_noprof+0xff/0x360
[  241.857571][T14152]  alloc_pages_mpol+0xb3/0x250
[  241.857658][T14152]  folio_alloc_mpol_noprof+0x39/0x80
[  241.857707][T14152]  shmem_get_folio_gfp+0x3cf/0xd40
[  241.857763][T14152]  shmem_write_begin+0xa8/0x190
[  241.857871][T14152]  generic_perform_write+0x181/0x490
[  241.857920][T14152]  shmem_file_write_iter+0xc5/0xf0
[  241.857964][T14152]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  241.858056][T14152]  vfs_write+0x49d/0x8d0
[  241.858098][T14152]  ksys_write+0xda/0x1a0
[  241.858135][T14152]  __x64_sys_write+0x40/0x50
[  241.858203][T14152]  x64_sys_call+0x2cdd/0x2fb0
[  241.858231][T14152]  do_syscall_64+0xd0/0x1a0
[  241.858262][T14152]  ? clear_bhb_loop+0x40/0x90
[  241.858289][T14152]  ? clear_bhb_loop+0x40/0x90
[  241.858318][T14152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.858408][T14152] RIP: 0033:0x7fd39240e969
[  241.858429][T14152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.858497][T14152] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  241.858521][T14152] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  241.858564][T14152] RDX: 0000000000032600 RSI: 0000200000000380 RDI: 0000000000000006
[  241.858580][T14152] RBP: 00007fd390a77090 R08: 0000000000000000 R09: 0000000000000000
[  241.858591][T14152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.858627][T14152] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  241.858655][T14152]  </TASK>
[  241.894810][T14150] vhci_hcd: invalid port number 96
[  241.895822][T14157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3870'.
[  241.899991][T14150] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  242.243500][T14174] program syz.1.3879 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.265251][T14175] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3878'.
[  242.274664][T14175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3878'.
[  242.577076][T14190] dccp_invalid_packet: P.Data Offset(172) too large
[  242.758646][T14194] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3886'.
[  242.790392][   T29] kauditd_printk_skb: 371 callbacks suppressed
[  242.790488][   T29] audit: type=1400 audit(2000000045.690:10268): avc:  denied  { mount } for  pid=14197 comm="syz.4.3887" name="/" dev="configfs" ino=1203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  242.836394][   T29] audit: type=1400 audit(2000000045.740:10269): avc:  denied  { search } for  pid=14197 comm="syz.4.3887" name="/" dev="configfs" ino=1203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  242.860130][   T29] audit: type=1400 audit(2000000045.740:10270): avc:  denied  { read } for  pid=14197 comm="syz.4.3887" name="/" dev="configfs" ino=1203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  242.882796][   T29] audit: type=1400 audit(2000000045.740:10271): avc:  denied  { open } for  pid=14197 comm="syz.4.3887" path="/" dev="configfs" ino=1203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  242.908464][T14205] pim6reg1: entered promiscuous mode
[  242.914263][T14205] pim6reg1: entered allmulticast mode
[  242.969799][   T29] audit: type=1326 audit(2000000045.870:10272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  242.994509][T14214] pim6reg1: entered promiscuous mode
[  242.994531][T14214] pim6reg1: entered allmulticast mode
[  243.005726][   T29] audit: type=1326 audit(2000000045.870:10273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  243.030688][   T29] audit: type=1326 audit(2000000045.870:10274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  243.055454][   T29] audit: type=1326 audit(2000000045.870:10275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  243.079882][   T29] audit: type=1326 audit(2000000045.870:10276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  243.103559][   T29] audit: type=1326 audit(2000000045.870:10277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14212 comm="syz.4.3893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d486e969 code=0x7ffc0000
[  243.175546][T14224] SELinux: syz.3.3898 (14224) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  243.285083][T14232] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3900'.
[  243.300223][T14235] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3901'.
[  243.309560][T14235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3901'.
[  243.439405][T14258] pim6reg1: entered promiscuous mode
[  243.444864][T14258] pim6reg1: entered allmulticast mode
[  243.790436][T14282] FAULT_INJECTION: forcing a failure.
[  243.790436][T14282] name failslab, interval 1, probability 0, space 0, times 0
[  243.803626][T14282] CPU: 1 UID: 0 PID: 14282 Comm: syz.2.3919 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  243.803654][T14282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  243.803668][T14282] Call Trace:
[  243.803676][T14282]  <TASK>
[  243.803685][T14282]  __dump_stack+0x1d/0x30
[  243.803775][T14282]  dump_stack_lvl+0xe8/0x140
[  243.803851][T14282]  dump_stack+0x15/0x1b
[  243.803936][T14282]  should_fail_ex+0x265/0x280
[  243.804010][T14282]  should_failslab+0x8c/0xb0
[  243.804038][T14282]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  243.804104][T14282]  ? __d_alloc+0x3d/0x350
[  243.804128][T14282]  __d_alloc+0x3d/0x350
[  243.804151][T14282]  d_alloc+0x2e/0x100
[  243.804203][T14282]  lookup_one_qstr_excl_raw+0x95/0x1b0
[  243.804248][T14282]  do_renameat2+0x38e/0xab0
[  243.804299][T14282]  __x64_sys_renameat2+0x7e/0x90
[  243.804375][T14282]  x64_sys_call+0x2bf6/0x2fb0
[  243.804415][T14282]  do_syscall_64+0xd0/0x1a0
[  243.804439][T14282]  ? clear_bhb_loop+0x40/0x90
[  243.804495][T14282]  ? clear_bhb_loop+0x40/0x90
[  243.804522][T14282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.804545][T14282] RIP: 0033:0x7fd39240e969
[  243.804563][T14282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.804586][T14282] RSP: 002b:00007fd390a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  243.804604][T14282] RAX: ffffffffffffffda RBX: 00007fd392635fa0 RCX: 00007fd39240e969
[  243.804641][T14282] RDX: 0000000000000006 RSI: 0000200000000140 RDI: 0000000000000006
[  243.804657][T14282] RBP: 00007fd390a77090 R08: 0000000000000001 R09: 0000000000000000
[  243.804672][T14282] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000001
[  243.804688][T14282] R13: 0000000000000000 R14: 00007fd392635fa0 R15: 00007fff42ba37e8
[  243.804712][T14282]  </TASK>
[  244.095829][T14299] sd 0:0:1:0: device reset
[  244.125072][T14302] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14302 comm=syz.4.3927
[  244.137749][T14302] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14302 comm=syz.4.3927
[  244.549254][T14351] sd 0:0:1:0: device reset
[  245.320740][T14340] ==================================================================
[  245.329075][T14340] BUG: KCSAN: data-race in fasync_remove_entry / sock_wake_async
[  245.337086][T14340] 
[  245.339418][T14340] write to 0xffff888106da0d58 of 8 bytes by task 14341 on cpu 0:
[  245.347154][T14340]  fasync_remove_entry+0xcc/0x120
[  245.352215][T14340]  fasync_helper+0x97/0xc0
[  245.356667][T14340]  sock_fasync+0x58/0xc0
[  245.361315][T14340]  __fput+0x5e6/0x650
[  245.365429][T14340]  ____fput+0x1c/0x30
[  245.369525][T14340]  task_work_run+0x131/0x1a0
[  245.374288][T14340]  resume_user_mode_work+0x6a/0x70
[  245.379515][T14340]  syscall_exit_to_user_mode+0x77/0xb0
[  245.385001][T14340]  do_syscall_64+0xdd/0x1a0
[  245.389526][T14340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.395538][T14340] 
[  245.397966][T14340] read to 0xffff888106da0d58 of 8 bytes by task 14340 on cpu 1:
[  245.405886][T14340]  sock_wake_async+0x29/0x110
[  245.410607][T14340]  unix_write_space+0x13b/0x140
[  245.415930][T14340]  sock_wfree+0x14b/0x3c0
[  245.420928][T14340]  unix_destruct_scm+0xc3/0xf0
[  245.427200][T14340]  skb_release_head_state+0xb7/0x1a0
[  245.433153][T14340]  __kfree_skb+0x18/0x150
[  245.437853][T14340]  sk_skb_reason_drop+0xbd/0x270
[  245.442824][T14340]  unix_release_sock+0x5d3/0x720
[  245.448211][T14340]  unix_release+0x58/0x80
[  245.452851][T14340]  sock_close+0x6b/0x150
[  245.457210][T14340]  __fput+0x29b/0x650
[  245.461738][T14340]  ____fput+0x1c/0x30
[  245.466709][T14340]  task_work_run+0x131/0x1a0
[  245.471472][T14340]  resume_user_mode_work+0x6a/0x70
[  245.476729][T14340]  syscall_exit_to_user_mode+0x77/0xb0
[  245.482211][T14340]  do_syscall_64+0xdd/0x1a0
[  245.486733][T14340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.492694][T14340] 
[  245.495021][T14340] value changed: 0xffff8881165a24b0 -> 0x0000000000000000
[  245.502133][T14340] 
[  245.504461][T14340] Reported by Kernel Concurrency Sanitizer on:
[  245.510727][T14340] CPU: 1 UID: 0 PID: 14340 Comm: syz.2.3943 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(voluntary) 
[  245.523601][T14340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  245.533757][T14340] ==================================================================