last executing test programs:

19.876942475s ago: executing program 4 (id=341):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x22, &(0x7f0000000080)=[{0x8, 0x88, 0x5, 0x400}]})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r2], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e7578"], 0x43)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
syz_emit_ethernet(0xfffffffffffffde8, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000140)={0x0, 0x1}, &(0x7f00000001c0)=0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x40040}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000003c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r6, 0x8982, &(0x7f0000000400)={0x0, 'nicvf0\x00', {0x5}, 0x8000})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0x9}, &(0x7f0000000300)=0x8)

18.90884527s ago: executing program 4 (id=368):
syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
syz_read_part_table(0x61f, &(0x7f00000003c0)="$eJzs3L+LFGcYAOB372527hTuLCyCTTxrISiWXhFlb2OwkDUhcFjkJ0G46gIHG7K4wSuSKxS3EJtAGglsCl2r6BVWEf0HglgYhC1sAqZJYoqbMLNzt3uwBEIWQvB5iu97Z+ad9/0+mPab4H9tKpIyytJieuPDv0v/JhaGF+14t1tbPpNlWfZORCUuRBKLyXwvImYiejdGqsaRiNg/Uujmt/u2vv71raT75Hwy2qAdaRzIc6uRlyzNjVtL+s93y6TdWnqwcHljrX4lv6i3+tvvRdx+UWvcPbvZ6U0npz/O71+KeFjmzxTj3NTO+x/MxJ4npdkxrb4chpXR/jsfx8XH9Vb/RvfZse1D9ekfPj358vDW1fvHI9bzyuei+NiHqv9u3yP9s1LRf33x2kqnderonYPXTzTvPWo8n/4jm4/88aDl1N7Xk8msAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACASbmVDxvVuNJcuvi43up/9dPv2e0Xtcbds5ud3tvV008rg7yHZf5MOX8Wzfg8kohYjdX4JNbGl39tN5rfjVYqo/2XHixc3lirD/r/uS/i2bHtQ3ndky+Xt67eP15kVWI2n6YmuvUx/Vv99cVrK53WqaN3Dl4/0bz3qPF8epC3msZHxXYjIp38MgAAAAAAAAAAAAAAAAAAAHjF1ZbPHD73ZuNAHl+YjYhfvihO2Wfp3PdRnLwfOFLOT9PBUf6bs4N/AXSfnP+t+v6Pmz+Xh+LbkUY7IvZ/l0TE67t9LhXjzt8DIhlW5r/0VwAAAP//P8uKpg==")
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NFC_CMD_SE_IO(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000a00)={0x14c, r1, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@NFC_ATTR_SE_APDU={0xcc, 0x19, "06238cd28bf0ced807762d10ec9c9f2ac631396973c27ec9b3df05c3bf219f8122420ddb18524a99eebebc421579b9ac8baed0d48ee10f1772d78de4fe397eef4d33793b9b75fd522e02546cce21fdd66e11ec9d3174d7f67ee9628daaf3ce226ea713bd8670a574fc78fb09bf99542e97fbc5ca1387d6c5a5ca24daef90833aaf0a5662a7f02b0620a32c12fa9d675788c22dca879e9ba18b3f2eeab15bf2b7169f656b0a27bcd4f274d3ef6ac65e299791ebd716075ac8c2db20d4ef0e44cae0e7d947a6b1e459"}, @NFC_ATTR_SE_APDU={0x6b, 0x19, "c3392c3ff73c4897f2c21a177ba99144f32fc92ca8fd670b48b4f438e3a8cace65871eec4f396556c793607c76ce0f09acc935a16df7321a0ee1547deda38b207ce949b082168724f725d1c9efa03f24c11ae912e3675c03bdeba4657f91b5fae927e469e70955"}]}, 0x14c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000340), 0x0, 0x41)
ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f0000000b80)=""/147)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x49)
preadv2(r3, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

18.869392531s ago: executing program 4 (id=371):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, 0x0, &(0x7f0000001600))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfd, 0x0, 0x7ffc9ffb}]})

18.819463852s ago: executing program 4 (id=375):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
rt_tgsigqueueinfo(0x0, 0x0, 0x24, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x2205080, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x18, 0x68, 0xa898cf170ab9f9b9, 0x1, 0x0, {0xa, 0x0, 0x4}}, 0x18}, 0x1, 0x0, 0x0, 0x84}, 0x40)

18.751811783s ago: executing program 4 (id=379):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000001740)='./bus\x00', 0x81)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0xfd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0xffffffbe, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f00000001c0)='cpu>20\t&&')
r5 = open(&(0x7f0000000100)='./bus\x00', 0x86602, 0x330269f53da8c4ce)
socket$nl_route(0x10, 0x3, 0x0)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x50000, 0x0, 0x0)

18.30411086s ago: executing program 4 (id=385):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x209b, 0x3, 0x0, 0x7ffffff9}, 0x10)
write(r0, &(0x7f00000000c0)="1800000016005f0227fffffffffffff80700000001000000", 0x18) (fail_nth: 8)

18.28667466s ago: executing program 32 (id=385):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x209b, 0x3, 0x0, 0x7ffffff9}, 0x10)
write(r0, &(0x7f00000000c0)="1800000016005f0227fffffffffffff80700000001000000", 0x18) (fail_nth: 8)

2.715049468s ago: executing program 0 (id=689):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x5}, 0x18)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

2.713314558s ago: executing program 0 (id=690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_clone(0x22023500, 0x0, 0x20010, 0x0, 0x0, 0x0) (fail_nth: 15)

2.355331013s ago: executing program 0 (id=694):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioperm(0x0, 0xd, 0x4000000000000020)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX=0x0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000003c0)={0xffffffff}, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
process_vm_writev(0x0, &(0x7f0000001c80), 0x1000000000000098, &(0x7f0000001d80), 0x0, 0x0)

2.339080863s ago: executing program 0 (id=696):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={<r4=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r3, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000380)='b', 0x1}], 0x1, &(0x7f0000000cc0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="ca4a8dec3ceaef8f655b81697f501fdee8477f9637c8c79d1942281e73cbf300cfca79c954e9ff4e5f9923f4b578a452075676a6ddad7bfdcde1434eeba8f239da72997127b9ea6915ab5352955ee35f26843446e9b1d5394f95b372e367ba10298471d71806825f5ab78f06c8d596d1926a63e819250da9b3bf7d2db801d2c78aeefc87c770ef518504bcd8572a56d421a989d7b437c007cd64bb9bde4ba882a30000000000000000e89c02e2adbf40e9648d891409ae21aa06851bde0d93e63f7ede42b299be4f3120c18590eeea579a12fee1"], 0x18, 0x20040000}}], 0x1, 0x4)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_mount_image$msdos(&(0x7f0000000280), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000000000)=ANY=[], 0x1, 0x2d5, &(0x7f0000000840)="$eJzs3M9r024cwPFP263p9mU/ToOvFx8URC9h1qMKq2MDsaB0i6gHIWOZltZ2JkVTEczZ0/6O4dGbIB697L/wNgTZaSgYWZN0afbLzWUd2/sFW57kk6f9JE8Ln6fwZP3RyovakqMvmS3JFpRkRTzZFBmXqkReTgTbvIhkOv9Dt4viybXJVxvv5x4/uVcql2cqSs2W5m8UlVKjFz+/fvvh0pfWfw8/jmqarI0/Xf9R/LY2sfb/+u/551VHVR3VaLaUqRaazZa5ULfUYtWp6Uo9qFumY6lqw7HsnvhSvbm83FZmY3FkeNm2HEeZjbbKSlu1mqoQZtVQuq6rkeGtdkHOkfyhexirlYpZSiUZnBq2XTJHRGSoIFO9EWO1XzkBAID+2bv+z3bPyYTbbLL+Fzmg/n8XnjX6aZ/6f0COUv/npFv/16xO/d+y28p8Zlbj9T/29df1vxffyaaXEI4qEx+iOz0h2y4N7d7ppx9IHD5Xs2YAAAAAAAAAAAAAAAAAAAAAAE6/Td8f831/bGvriYgf7msikgv3Pd8fC87W4l1ZJXAGxMffj/1p4QBH+/3OE+mILdwriHz3XMM1Mp1tEJ+9W56ZVB2xhX8brmvkuvHrQVzF41MyKMNBfLq4S9w18nL1ctB/KzZ9vxyPr7jGkCwmcu1dreSlcDcAAAAAADibdNU13j1YkO78XteVJsm4bLi/oln49u8Difn9gFwYOLnrAAAAAAAAe3Oih/s67Tc1s1637FQbufTfItn4euheIged4wc/jkhv6KavHUvOuR2vvKNRmRNJ/9ZdOWwvTU54cA9sDIYf7395nei70o+ryCeP3Dq2t/Az0W0Z7LnAgoTfAgAAAABny/Z8IDqS6W9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcQyfxDLN+XyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWvwJAAD//7pTv3w=")
r8 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0xa4)
splice(r2, 0x0, r6, 0x0, 0x39000, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
write$cgroup_pid(r5, &(0x7f00000003c0)=r4, 0x12)
r10 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=@newqdisc={0x24}, 0x24}}, 0x846)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
getpeername$packet(r10, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0x14)
sendmmsg(r11, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r12, &(0x7f0000000e00)=[{{&(0x7f0000000140)={0xa, 0x0, 0x4c44b40e, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000001040)="81", 0x1}], 0x1}}, {{&(0x7f00000002c0)={0xa, 0x4e21, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0x78b}, 0x75, &(0x7f0000000c40)=[{&(0x7f0000000300)="871289", 0x3}], 0x1}}], 0x2, 0x20000004)
setsockopt(r12, 0x84, 0x11, &(0x7f0000000040)="020000000980ffff", 0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'nicvf0\x00'})
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000e80)=ANY=[@ANYRES32=r8, @ANYRES64=r9, @ANYBLOB="972f6c874b3d3ee8a28b8b29a9c47610647f39f4d22661571694ea18b966cb5634faafc2f1f0a9267547ef2234b93652e1", @ANYRESDEC=r7, @ANYRESHEX, @ANYRES16=r7, @ANYRESDEC=r13, @ANYRES32=r6, @ANYRES16=r14, @ANYBLOB="441722631405c9d543ba3a70b2c356813ae5b59e9cab584b2f7f0df3e820317d75ef73cc47fc0cb9565b28cb6a0780ae14ba6fbac6932a489493636ec06f6abed3dfccbea65d62a894fd6f79ec3d982e4ed809f2d58381003c4a364e7332320e9ccf1524eea41bebe6d611515194d3b260dc35bf"], &(0x7f0000000500)='syzkaller\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r15}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)

2.216682405s ago: executing program 2 (id=700):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x5}, 0x18)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

2.185000316s ago: executing program 2 (id=702):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740), 0x100001be}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
recvfrom(r0, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f00000001c0), 0x8100, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x7, 0x1f, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, [@alu={0x4, 0x0, 0x5, 0x8, 0x4, 0x0, 0xfffffffffffffffc}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xe}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @exit, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000280)='GPL\x00', 0x41, 0xf4, &(0x7f0000000840)=""/244, 0x40f00, 0x74, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x4, 0x5, 0xfffffff8, 0x3}, 0x10, 0x0, r2, 0x7, 0x0, &(0x7f00000009c0)=[{0x0, 0x4, 0xb, 0xa}, {0x4, 0x1, 0xb, 0x4}, {0x0, 0x4, 0x10}, {0x4, 0x1, 0x10, 0x4}, {0x2, 0x4, 0x8, 0x6}, {0x3, 0x1, 0x8, 0xc}, {0x0, 0x3, 0x8, 0xc}], 0x10, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='vnet_tx_trigger\x00', r2, 0x0, 0x4}, 0xccdae7eecd82c9a5)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r5, &(0x7f00000025c0)=[{0x0}], 0x1)
socket$inet6(0x10, 0x3, 0x0)
r6 = socket$inet6(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b40200000000000061114a0000000000850000008b0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x16, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x21)
r8 = open(&(0x7f00000000c0)='.\x00', 0x5a080, 0x8)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r10, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
getdents(r8, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$ENABLE_STATS(0x20, &(0x7f0000000040), 0x4)
msgctl$IPC_INFO(0x0, 0x3, &(0x7f0000000580)=""/216)
sendto$inet6(r6, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

1.975751729s ago: executing program 3 (id=707):
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r0}, 0x10)
pipe(&(0x7f00000007c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe070066ec", 0xff3b}], 0x4e, 0x1)

1.97256761s ago: executing program 3 (id=708):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x1a, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x766, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@generic={0x4, 0x6, 0x7, 0x4, 0xa3ee}, @generic={0x6, 0x3, 0x8, 0x8, 0x10000000}, @call={0x85, 0x0, 0x0, 0x78}, @ringbuf_query, @initr0={0x18, 0x0, 0x0, 0x0, 0x92, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x33, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x3, 0xe, 0xffffff81, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x3, @void, @value}, 0x94)
r1 = eventfd2(0x7, 0x0)
io_cancel(0x0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x400, r0, &(0x7f0000000540)="5ff7be4c7b7c910ed9491d036ebb4582969ffc8771cdf38be1c3e46e138a98c6fde31d49dd380f59e8dda56152c679367d5445c45749099ab79eade108022455c70e5b504939dc66b1c57a2211df7af0119bc44643e277d863755679574c1cb6759dfe54c06daa6453f16a15c5c859c75675d139f2c69de2693e62efa1afb9851746eb405ab25684384d1f0e789a91954b57", 0x92, 0x100000000, 0x0, 0x30826b292a70ceb1, r1}, &(0x7f0000000400))
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000880)=ANY=[@ANYRESHEX, @ANYBLOB="8ccb2cbc5780abe6b20bb15b8735d270314ddf0050e507d64c6b87745d4d0d9005d48e4638824f61149cbd1ff854fe8b5ed1348b1c279871bcc833", @ANYBLOB="009c000000000000b70401800800000085000000000095000000000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x72, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x400000, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x2c060000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000003c0)={'erspan0\x00', &(0x7f0000000640)={'tunl0\x00', <r6=>0x0, 0x40, 0x40, 0x9, 0x81, {{0x7, 0x4, 0x1, 0x5, 0x1c, 0x67, 0x0, 0x1, 0x4, 0x0, @broadcast, @loopback, {[@cipso={0x86, 0x6}]}}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r6, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
eventfd(0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x2, 0x7, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x0, 0x6}, 0x0, 0x0, 0x802000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$tun(0xffffffffffffff9c, 0x0, 0x1, 0x0)
unshare(0x2c020400)
unshare(0xc000000)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
lseek(r8, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xa, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000500000008000000000000850000000f0000001801000020646c250000000000000000000600008b000000bfa100000000000007010000f8ffffffb702000008100000da03000000000000850000006c0000049504ae30aa3f54d04b8385c8eab684bc24bedfe79369da83df58181d26119abef75c9a63d6896f0b1993ee4143796263229cf9713b4c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a320000000008004100727865001400330076657468305f746f5f626f6e64"], 0x38}, 0x1, 0x0, 0x0, 0x20000854}, 0x0)

1.532673086s ago: executing program 5 (id=712):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r0, 0x0, 0x80001}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x9}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {0x80}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x15, 0x0, 0x48510}, {0x0, 0x8000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0x0, 0x200}, {}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x2, 0x0, 0x20000000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x8000}, {0x0, 0xe3, 0x10000}, {0x0, 0x80000000, 0x0, 0x7dff800}], [{}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {0x5, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) (fail_nth: 2)

1.515193457s ago: executing program 1 (id=713):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000680)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) (async)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000680)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x290) (async)
close_range(r1, 0xffffffffffffffff, 0x0) (async)

1.231741201s ago: executing program 1 (id=714):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x68e}, 0x18)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f0000000c00)={0x14, 0x0, 0x0}, 0x0)
r2 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x100000000000000, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x4000, 0x0, 0x90, [], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00'/72]}, 0xc0)

1.211086661s ago: executing program 2 (id=715):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000003400128009000100766c616e00000000240002800c0002001f0000001f0000000600050088a80000", @ANYRES32=r2], 0x64}, 0x1, 0x0, 0x0, 0x600}, 0x0)

1.210772291s ago: executing program 5 (id=716):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[], 0x310)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00')
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000300)=""/79, 0x4f}], 0x1, 0x80000001, 0x1)

1.159862222s ago: executing program 0 (id=717):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000001740)={0x0, 0x4, 0x0, 0x0, @vifc_lcl_addr=@broadcast, @loopback}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='btrfs_find_cluster\x00', r0, 0x0, 0xb}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r2)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000200), &(0x7f0000000800)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
personality(0x5400004)

1.159309832s ago: executing program 5 (id=718):
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5"], &(0x7f0000000280)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r0}, 0x10)
pipe(&(0x7f00000007c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe070066ec", 0xff3b}], 0x4e, 0x1)

1.158900742s ago: executing program 2 (id=719):
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
sigaltstack(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
remap_file_pages(&(0x7f000051c000/0x400000)=nil, 0x400d00, 0x51c, 0x0, 0x0)

987.638915ms ago: executing program 5 (id=720):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_socket_connect_nvme_tcp()
r2 = getuid()
r3 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0)
process_madvise(r3, &(0x7f0000000180)=[{&(0x7f0000000080)="752394f9be800de53004ef266b79ef56562667435cb1192ba24e191398a9f1acea5a5028774a1ea637fb50e46eed40df229833ddfe5da3538885bbece2615116c455f024fd92558f6c7ffcb3e45ec48ded2ce086e7496d3af5ec425c1191bafac215e543074065bf0918ec599e5adc2b5f27b3fc00cd128a7e44d9bf66ea36abd3146ecaecbad8f4819ea5c7ff8d9986233bf4564f8db5cfaa0498e91da84f3a64db7b7c0e1302030390656ad717e62521de16e04200336843afe00e243966c626460aedc10b222e86eb0c958ff2b894e310181e363b0024fa0ee51545729af7e9a82cd5e1f4866e12cef96d0f7f537e6d44eec2", 0xf4}], 0x1, 0xe, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0xfc, 0x0, 0x8, 0x70bd2a, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x17000}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x40000000}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9611}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xffff94cd}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x4800}, 0x20040881)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, r2, 0x0)

956.794546ms ago: executing program 5 (id=721):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000080000000000000000fd00181100004c10cc9d54a03c898e7332ded2343f0fe7f7a9a5311a8572a72a140b529de2b6e05d117799be18192035587638646ea730c5635ef22fe54314e5c907d45d51272cacaabf2781553a117b5dd111275d5b8ce5df9016597252cda4f926c2a5e960df7aec0e61eb19ff908018aaff03ebf35e8b4c5552e9a29bbbdf51030177ea34167e2f687800308224ef6d48d1d9ab00000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000ddff00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = eventfd(0x800a6)
write$eventfd(r4, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
read$eventfd(r4, &(0x7f0000000040), 0x8)
listen(r0, 0x3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000041c00000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffff46ea, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = syz_io_uring_setup(0x48a5, &(0x7f0000000080)={0x0, 0x9e92, 0x10100}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000140)=<r9=>0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r10, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r10, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r10, 0x11a, 0x2, &(0x7f00000004c0)=@gcm_256={{0x304}, "19deacba3944ef77", "69873784b35a93030014d5cd0a5ebc3ce861c14d4cd6be97d5a6078ee8262b13", '\x006\x00', "27711188733413b9"}, 0x38)
syz_io_uring_submit(r8, r9, &(0x7f0000000280)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0})
io_uring_enter(r7, 0xa3d, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)

919.664636ms ago: executing program 3 (id=722):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000180)=0xc927) (fail_nth: 2)

831.368738ms ago: executing program 2 (id=723):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@RTM_NEWMDB={0x18, 0x55, 0x1e5, 0x0, 0x2, {0x7, r3}}, 0x18}}, 0x20044050)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x28000010)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
kexec_load(0x5, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000240)="9376c38951dd0daec2de1e32f8e24e3ee617d031908fa9f9e9df55d14109ec9571a85fd88473bc1f68c22ba98c877c88b89f61165ca9da78c1bc166e68cc6a137635343b60876205cedbe589ad971bea7c09e04dd425ed", 0x57, 0x1, 0x9}], 0x0)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000200))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r9, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000840)={0x18, 0x1, 0x2, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@CTA_EXPECT_MASTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x4024)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f0000000000)={0x8001, 0x6, 0x4800, 0x8000, 0xb9, 0x1})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f00000004c0)={{0x80}, 'port0\x00', 0x8, 0x100075, 0xffefffff, 0x4, 0x1ff, 0x0, 0x0, 0x0, 0x6})
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="60000000100039042cbd7000eaffffff000003e4", @ANYRES32=r10, @ANYBLOB="001100000000000040001280080001007369740034000280050009002900000008000200ac1414bb08000c0000000100"], 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b40)=ANY=[@ANYBLOB="300000001e000100000000000000000007000000", @ANYRES32=r11, @ANYBLOB="000000000a0005000000000000000000080009"], 0x30}}, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})

830.764547ms ago: executing program 3 (id=724):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
futex(0x0, 0x85, 0xfffffffc, 0x0, 0x0, 0xc5fffffd)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x8919d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x68040200)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))
ftruncate(0xffffffffffffffff, 0x2007ffc)
ioctl$sock_SIOCBRADDBR(r2, 0x89a0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, 0x0, 0x0}, 0x20)
chdir(&(0x7f0000000380)='./file1\x00')
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYRES32=r1], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='cachefiles_mark_failed\x00', r8}, 0xfffffffffffffd92)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)

578.972151ms ago: executing program 1 (id=725):
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_adjtime(0xb00000000000000, &(0x7f0000000040)={0x37db, 0x538d28a0, 0x0, 0x0, 0x0, 0x81})

488.882523ms ago: executing program 0 (id=726):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0xffd7})

445.037044ms ago: executing program 1 (id=727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x4001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01032757c38d085641a726"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x8840)

444.257464ms ago: executing program 1 (id=728):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x800, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x2)

427.248864ms ago: executing program 2 (id=729):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={<r4=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r3, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000000380)='b', 0x1}], 0x1, &(0x7f0000000cc0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="ca4a8dec3ceaef8f655b81697f501fdee8477f9637c8c79d1942281e73cbf300cfca79c954e9ff4e5f9923f4b578a452075676a6ddad7bfdcde1434eeba8f239da72997127b9ea6915ab5352955ee35f26843446e9b1d5394f95b372e367ba10298471d71806825f5ab78f06c8d596d1926a63e819250da9b3bf7d2db801d2c78aeefc87c770ef518504bcd8572a56d421a989d7b437c007cd64bb9bde4ba882a30000000000000000e89c02e2adbf40e9648d891409ae21aa06851bde0d93e63f7ede42b299be4f3120c18590eeea579a12fee1"], 0x18, 0x20040000}}], 0x1, 0x4)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_mount_image$msdos(&(0x7f0000000280), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000000000)=ANY=[], 0x1, 0x2d5, &(0x7f0000000840)="$eJzs3M9r024cwPFP263p9mU/ToOvFx8URC9h1qMKq2MDsaB0i6gHIWOZltZ2JkVTEczZ0/6O4dGbIB697L/wNgTZaSgYWZN0afbLzWUd2/sFW57kk6f9JE8Ln6fwZP3RyovakqMvmS3JFpRkRTzZFBmXqkReTgTbvIhkOv9Dt4viybXJVxvv5x4/uVcql2cqSs2W5m8UlVKjFz+/fvvh0pfWfw8/jmqarI0/Xf9R/LY2sfb/+u/551VHVR3VaLaUqRaazZa5ULfUYtWp6Uo9qFumY6lqw7HsnvhSvbm83FZmY3FkeNm2HEeZjbbKSlu1mqoQZtVQuq6rkeGtdkHOkfyhexirlYpZSiUZnBq2XTJHRGSoIFO9EWO1XzkBAID+2bv+z3bPyYTbbLL+Fzmg/n8XnjX6aZ/6f0COUv/npFv/16xO/d+y28p8Zlbj9T/29df1vxffyaaXEI4qEx+iOz0h2y4N7d7ppx9IHD5Xs2YAAAAAAAAAAAAAAAAAAAAAAE6/Td8f831/bGvriYgf7msikgv3Pd8fC87W4l1ZJXAGxMffj/1p4QBH+/3OE+mILdwriHz3XMM1Mp1tEJ+9W56ZVB2xhX8brmvkuvHrQVzF41MyKMNBfLq4S9w18nL1ctB/KzZ9vxyPr7jGkCwmcu1dreSlcDcAAAAAADibdNU13j1YkO78XteVJsm4bLi/oln49u8Difn9gFwYOLnrAAAAAAAAe3Oih/s67Tc1s1637FQbufTfItn4euheIged4wc/jkhv6KavHUvOuR2vvKNRmRNJ/9ZdOWwvTU54cA9sDIYf7395nei70o+ryCeP3Dq2t/Az0W0Z7LnAgoTfAgAAAABny/Z8IDqS6W9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcQyfxDLN+XyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWvwJAAD//7pTv3w=")
r8 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0xa4)
splice(r2, 0x0, r6, 0x0, 0x39000, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
write$cgroup_pid(r5, &(0x7f00000003c0)=r4, 0x12)
r10 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=@newqdisc={0x24}, 0x24}}, 0x846)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
getpeername$packet(r10, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000340)=0x14)
sendmmsg(r11, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r12, &(0x7f0000000e00)=[{{&(0x7f0000000140)={0xa, 0x0, 0x4c44b40e, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000001040)="81", 0x1}], 0x1}}, {{&(0x7f00000002c0)={0xa, 0x4e21, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0x78b}, 0x75, &(0x7f0000000c40)=[{&(0x7f0000000300)="871289", 0x3}], 0x1}}], 0x2, 0x20000004)
setsockopt(r12, 0x84, 0x11, &(0x7f0000000040)="020000000980ffff", 0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'nicvf0\x00'})
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000e80)=ANY=[@ANYRES32=r8, @ANYRES64=r9, @ANYBLOB="972f6c874b3d3ee8a28b8b29a9c47610647f39f4d22661571694ea18b966cb5634faafc2f1f0a9267547ef2234b93652e1", @ANYRESDEC=r7, @ANYRESHEX, @ANYRES16=r7, @ANYRESDEC=r13, @ANYRES32=r6, @ANYRES16=r14, @ANYBLOB="441722631405c9d543ba3a70b2c356813ae5b59e9cab584b2f7f0df3e820317d75ef73cc47fc0cb9565b28cb6a0780ae14ba6fbac6932a489493636ec06f6abed3dfccbea65d62a894fd6f79ec3d982e4ed809f2d58381003c4a364e7332320e9ccf1524eea41bebe6d611515194d3b260dc35bf"], &(0x7f0000000500)='syzkaller\x00', 0x8000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r15 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r15, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)

411.592714ms ago: executing program 1 (id=730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x68e}, 0x18)
socket(0x10, 0x3, 0x0)
r2 = syz_usb_connect$cdc_ecm(0x1, 0x92, &(0x7f0000000580)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x80, 0x1, 0x1, 0xf1, 0x28, 0x6, [{{0x9, 0x4, 0x0, 0x80, 0x3, 0x2, 0x6, 0x0, 0x5, {{0x7, 0x24, 0x6, 0x0, 0x0, "c4e0"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0xf, 0x2, 0x2, 0xbe}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x1}, @mdlm_detail={0x35, 0x24, 0x13, 0x9, "4da370df2451d07a1bdbba46613332655200fd9711aa5236b3658e7154e8ba7c0a3c6caf8b5fc2d1acc40c57a6eb28ab92"}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x40, 0x6, 0x6, 0x4}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x1c, 0x2, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x46, 0x3d, 0xd0}}}}}]}}]}}, &(0x7f0000000a00)={0xa, &(0x7f00000004c0)={0xa, 0x6, 0x310, 0x4, 0xb4, 0x10, 0x20, 0x5}, 0x1c, &(0x7f0000000500)=ANY=[@ANYBLOB="05ab6d37b2ff89520f01000000100401cd78070570207926a3a1d5de"], 0x8, [{0x4, &(0x7f0000000640)=@lang_id={0x4, 0x3, 0x140a}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x2801}}, {0xf2, &(0x7f0000000840)=@string={0xf2, 0x3, "f88429f0798b2cdb7247fca918547789dd5d11ae53be69ab76387ca4118445fa72f1f92379ef411709d358cc2b281ccacafc10052b3612d6ff5cd2d2fe1251c761eb36514488639431ee10818b33d9cbdfbfcc17a410a283b19065655d7fe8f423643060eb1c8c53a86701ff832a8a517c97b1a9eb31621bf23a33d49d66cbbefe36e5ac00dbb4e005be7250d8f9672a1f16f6b44ff5edf5bf4261749d818a1cd5b93c2d3295c4e375ec2c7163b03006d1949ac6009c6f9f53d371ddff8d081d7f54880d1eac24fe2aa215ba46723b9f3e29f2ea1db773f8704316382f813700a583585f1c9b69f3197c2fd27d4b49ea"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x4ff}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x827}}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x3841}}, {0x4, &(0x7f0000000980)=@lang_id={0x4, 0x3, 0x1801}}, {0x9, &(0x7f00000009c0)=@string={0x9, 0x3, "12fe46e03490af"}}]})
syz_usb_control_io$cdc_ecm(r2, &(0x7f0000000c00)={0x14, &(0x7f0000000b40)={0x20, 0x1, 0xa0, {0xa0, 0xe, "d10e279c512d7e0ce58aefe080ff87381f07bbf6dcc6dab6535b421583e27d2b965716a85ea3dfca8cda13cf0225934ed4aba159a31fee1457fdd76473f9e2198000682dd330665a63a9b02be8faf1a6c824585ac9eb6da58f4c676c045541f7d699616cad632234d9220183769e97a2a9738206da5d57e8825a40f5bdda731ff0b73d82632a9016ec12cf1fe19bb7d02582ddcadeeb41b2284702fc8e66"}}, &(0x7f0000000ac0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000dc0)={0x1c, &(0x7f0000000c40)={0x20, 0x16, 0xd1, "bce03b9a1c6cc23cab9da2c46acb3e57a1ab1378c096600db510c6d10cd8de24ace418acfb775580ead4f509f7ddf39db81bdbb06337494061e41a5acbd31e46ba4e76835d03b8bc1f407e8e883d5e31c46365375669540254770ac231474bfea32b4bc81d45dca0b9579eb1f90c2d90b55e2c2d5501f50db46e3fb4b58ee1870e827c6ddd604f9ad14f1c6bf7674d5bccab3de7c55e89fe6a5172ad7d027410e0170b665f7b735a26f7a9559c7bb38484b42519c392ee546ace16a4b8664bc33fd65453499efa4ca2ffa7ab976e53f094"}, &(0x7f0000000d40)={0x0, 0xa, 0x1, 0x5}, &(0x7f0000000d80)={0x0, 0x8, 0x1, 0x8}})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000080), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r3 = socket$inet(0x2, 0x2000000080002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x100000000000000, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x4000, 0x0, 0x90, [], 0x2, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000215d1f6bc0e8fbb3d000"/144]}, 0x108)

43.60111ms ago: executing program 5 (id=731):
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRESOCT, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=@base={0xb, 0x5, 0x4, 0xa932, 0x9, 0xffffffffffffffff, 0x800008, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
sysinfo(&(0x7f00000022c0)=""/111)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
writev(0xffffffffffffffff, 0x0, 0x0)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
write(r3, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000002000000040000000200000000000000", @ANYRES32, @ANYBLOB="1000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r7 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r7, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000080)={r6, 0x0}, 0x20)

18.98105ms ago: executing program 3 (id=732):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioperm(0x0, 0xd, 0x4000000000000020)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
process_vm_writev(0x0, &(0x7f0000001c80), 0x1000000000000098, &(0x7f0000001d80), 0x0, 0x0)

0s ago: executing program 3 (id=733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x8b6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, 0x0, 0x64, 0x183000, 0x23456})
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.055429][ T3306] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.075370][ T3312] team0: Port device team_slave_0 added
[   29.093207][ T3308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.103305][ T3312] team0: Port device team_slave_1 added
[   29.114479][ T3308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.123646][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   29.168220][ T3308] team0: Port device team_slave_0 added
[   29.174424][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.181794][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.207889][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.225412][ T3306] hsr_slave_0: entered promiscuous mode
[   29.231460][ T3306] hsr_slave_1: entered promiscuous mode
[   29.248969][ T3308] team0: Port device team_slave_1 added
[   29.255135][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.262150][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.288214][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.304086][ T3315] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.311494][ T3315] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.318691][ T3315] bridge_slave_0: entered allmulticast mode
[   29.325201][ T3315] bridge_slave_0: entered promiscuous mode
[   29.341708][ T3315] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.348933][ T3315] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.356149][ T3315] bridge_slave_1: entered allmulticast mode
[   29.362602][ T3315] bridge_slave_1: entered promiscuous mode
[   29.376479][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.383544][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.409672][ T3308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.441773][ T3308] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.448795][ T3308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.474780][ T3308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.491820][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.516707][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.538625][ T3312] hsr_slave_0: entered promiscuous mode
[   29.544845][ T3312] hsr_slave_1: entered promiscuous mode
[   29.550807][ T3312] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   29.559341][ T3312] Cannot create hsr debugfs directory
[   29.574941][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.582081][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.589221][ T3313] bridge_slave_0: entered allmulticast mode
[   29.595899][ T3313] bridge_slave_0: entered promiscuous mode
[   29.602632][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.609773][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.616907][ T3313] bridge_slave_1: entered allmulticast mode
[   29.623258][ T3313] bridge_slave_1: entered promiscuous mode
[   29.658976][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.674009][ T3315] team0: Port device team_slave_0 added
[   29.682752][ T3315] team0: Port device team_slave_1 added
[   29.695034][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.706055][ T3308] hsr_slave_0: entered promiscuous mode
[   29.712204][ T3308] hsr_slave_1: entered promiscuous mode
[   29.717954][ T3308] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   29.725723][ T3308] Cannot create hsr debugfs directory
[   29.745548][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.752602][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.778898][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.807361][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.814396][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.840815][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.859519][ T3313] team0: Port device team_slave_0 added
[   29.866284][ T3313] team0: Port device team_slave_1 added
[   29.905969][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.913033][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.939291][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.964479][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.971550][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   29.997615][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.024809][ T3315] hsr_slave_0: entered promiscuous mode
[   30.031069][ T3315] hsr_slave_1: entered promiscuous mode
[   30.037121][ T3315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.044857][ T3315] Cannot create hsr debugfs directory
[   30.099832][ T3313] hsr_slave_0: entered promiscuous mode
[   30.106092][ T3313] hsr_slave_1: entered promiscuous mode
[   30.112181][ T3313] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   30.119781][ T3313] Cannot create hsr debugfs directory
[   30.125258][ T3306] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   30.148146][ T3306] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   30.157391][ T3306] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   30.181985][ T3306] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   30.224706][ T3312] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   30.239498][ T3312] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   30.248703][ T3312] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   30.268219][ T3312] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   30.306238][ T3308] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   30.316271][ T3308] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   30.333957][ T3308] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   30.348005][ T3308] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   30.367643][ T3315] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   30.376499][ T3315] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   30.386418][ T3315] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   30.401752][ T3315] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   30.422958][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.453951][ T3306] 8021q: adding VLAN 0 to HW filter on device team0
[   30.462873][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.469988][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.483486][ T3313] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   30.492656][ T3313] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   30.502308][ T3313] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   30.518620][  T384] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.525859][  T384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.535156][ T3313] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   30.569777][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.586937][ T3308] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.596966][ T3306] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   30.628236][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   30.636402][ T3308] 8021q: adding VLAN 0 to HW filter on device team0
[   30.648130][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.672166][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.686351][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.693542][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.702103][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.709161][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.725097][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.732234][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.741440][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.748552][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.759426][ T3315] 8021q: adding VLAN 0 to HW filter on device team0
[   30.770363][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   30.781836][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.788977][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.799184][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.806380][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.815034][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.822244][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.833277][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.843050][   T31] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.850278][   T31] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.928264][ T3312] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   30.938806][ T3312] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   30.995500][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.041191][ T3308] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.051425][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.075612][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.133040][ T3306] veth0_vlan: entered promiscuous mode
[   31.160474][ T3306] veth1_vlan: entered promiscuous mode
[   31.222930][ T3313] veth0_vlan: entered promiscuous mode
[   31.245613][ T3315] veth0_vlan: entered promiscuous mode
[   31.268219][ T3306] veth0_macvtap: entered promiscuous mode
[   31.275952][ T3313] veth1_vlan: entered promiscuous mode
[   31.289070][ T3312] veth0_vlan: entered promiscuous mode
[   31.300599][ T3306] veth1_macvtap: entered promiscuous mode
[   31.307232][ T3315] veth1_vlan: entered promiscuous mode
[   31.324018][ T3313] veth0_macvtap: entered promiscuous mode
[   31.332230][ T3313] veth1_macvtap: entered promiscuous mode
[   31.344623][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.353108][ T3312] veth1_vlan: entered promiscuous mode
[   31.371995][ T3308] veth0_vlan: entered promiscuous mode
[   31.380167][ T3308] veth1_vlan: entered promiscuous mode
[   31.386789][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.399725][ T3306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.408614][ T3306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.417468][ T3306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.426306][ T3306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.437471][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.450194][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.460879][ T3315] veth0_macvtap: entered promiscuous mode
[   31.469030][ T3315] veth1_macvtap: entered promiscuous mode
[   31.484335][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.493222][ T3313] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.502119][ T3313] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.510964][ T3313] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.519802][ T3313] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.533034][ T3312] veth0_macvtap: entered promiscuous mode
[   31.546282][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.566187][ T3308] veth0_macvtap: entered promiscuous mode
[   31.574258][ T3312] veth1_macvtap: entered promiscuous mode
[   31.584582][ T3308] veth1_macvtap: entered promiscuous mode
[   31.592193][ T3313] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   31.595895][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.621222][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.632677][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.640364][ T3315] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.649293][ T3315] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.658365][ T3315] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.667180][ T3315] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.686647][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.709662][ T3312] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.716047][ T3475] hub 8-0:1.0: USB hub found
[   31.718440][ T3312] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.723149][ T3475] hub 8-0:1.0: 8 ports detected
[   31.731446][ T3475] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2'.
[   31.731962][ T3312] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.754285][ T3312] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.769440][ T3308] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.778490][ T3308] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.787363][ T3308] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.796220][ T3308] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.825092][ T3480] SELinux:  Context Ü is not valid (left unmapped).
[   31.836463][ T3477] netlink: 'syz.1.2': attribute type 5 has an invalid length.
[   31.839228][ T3480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3480 comm=syz.0.1
[   31.919154][   T29] kauditd_printk_skb: 109 callbacks suppressed
[   31.919170][   T29] audit: type=1400 audit(1750218238.219:181): avc:  denied  { read write } for  pid=3315 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   31.975378][   T29] audit: type=1400 audit(1750218238.219:182): avc:  denied  { open } for  pid=3315 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   31.999682][   T29] audit: type=1400 audit(1750218238.219:183): avc:  denied  { ioctl } for  pid=3315 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   32.025506][   T29] audit: type=1400 audit(1750218238.259:184): avc:  denied  { map_create } for  pid=3485 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.025761][ T3490] syz.4.5 uses obsolete (PF_INET,SOCK_PACKET)
[   32.044585][   T29] audit: type=1400 audit(1750218238.259:185): avc:  denied  { map_read map_write } for  pid=3485 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.044616][   T29] audit: type=1400 audit(1750218238.269:186): avc:  denied  { prog_run } for  pid=3485 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   32.044639][   T29] audit: type=1400 audit(1750218238.269:187): avc:  denied  { allowed } for  pid=3485 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   32.044729][   T29] audit: type=1400 audit(1750218238.269:188): avc:  denied  { create } for  pid=3485 comm="syz.2.3" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   32.129847][   T29] audit: type=1400 audit(1750218238.269:189): avc:  denied  { map } for  pid=3485 comm="syz.2.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=4725 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   32.153864][   T29] audit: type=1400 audit(1750218238.269:190): avc:  denied  { read write } for  pid=3485 comm="syz.2.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=4725 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   32.190742][ T3494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'.
[   32.190781][ T3494] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   32.190807][ T3494] batman_adv: batadv0: Removing interface: batadv_slave_0
[   32.195714][ T3494] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   32.195805][ T3494] batman_adv: batadv0: Removing interface: batadv_slave_1
[   32.335656][ T3500] pimreg: entered allmulticast mode
[   32.348250][ T3500] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   32.368936][ T3498] wireguard0: entered promiscuous mode
[   32.420672][ T3503] loop4: detected capacity change from 0 to 164
[   32.427401][ T3503] iso9660: Unknown parameter ''
[   32.609638][    C1] hrtimer: interrupt took 46282 ns
[   33.567398][ T3578] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3578 comm=syz.1.23
[   33.704527][ T3500] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   33.753951][ T3581] hub 8-0:1.0: USB hub found
[   33.758873][ T3581] hub 8-0:1.0: 8 ports detected
[   33.766807][ T3581] netlink: 24 bytes leftover after parsing attributes in process `syz.4.24'.
[   33.818524][ T3584] netlink: 'syz.4.24': attribute type 5 has an invalid length.
[   33.848781][ T3587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   33.857571][ T3588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   33.857899][ T3587] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   33.866574][ T3588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   34.447783][ T3601] netlink: 'syz.3.30': attribute type 4 has an invalid length.
[   34.448155][ T3597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3597 comm=syz.1.29
[   34.490976][ T3601] netlink: 'syz.3.30': attribute type 4 has an invalid length.
[   34.647762][ T3600] block device autoloading is deprecated and will be removed.
[   34.656261][ T3600] syz.0.31: attempt to access beyond end of device
[   34.656261][ T3600] md33: rw=2048, sector=0, nr_sectors = 8 limit=0
[   34.732695][ T3500] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   34.793640][ T3500] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   34.872601][ T3500] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.895226][ T3500] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.918179][ T3500] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.944184][ T3500] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.973709][ T3500] syz.2.8 (3500) used greatest stack depth: 10872 bytes left
[   35.224167][ T3612] Zero length message leads to an empty skb
[   35.234352][ T3612] loop1: detected capacity change from 0 to 256
[   35.242852][ T3612] msdos: Unknown parameter 'ÿ0x00000000000000040x0000000000000003'
[   35.278107][ T3614] xt_TPROXY: Can be used only with -p tcp or -p udp
[   35.317572][ T3614] wireguard0: entered promiscuous mode
[   35.342345][ T3619] loop2: detected capacity change from 0 to 164
[   35.365782][ T3619] iso9660: Unknown parameter ''
[   35.425997][ T3623] xt_TPROXY: Can be used only with -p tcp or -p udp
[   35.492627][ T3623] wireguard0: entered promiscuous mode
[   35.522199][ T3627] hub 8-0:1.0: USB hub found
[   35.530939][ T3630] netlink: 'syz.2.42': attribute type 1 has an invalid length.
[   35.538706][ T3627] hub 8-0:1.0: 8 ports detected
[   35.545697][ T3631] loop3: detected capacity change from 0 to 164
[   35.556366][ T3627] netlink: 24 bytes leftover after parsing attributes in process `syz.0.41'.
[   35.567013][ T3631] iso9660: Unknown parameter ''
[   35.612411][ T3630] 8021q: adding VLAN 0 to HW filter on device bond1
[   35.630657][ T3630] FAULT_INJECTION: forcing a failure.
[   35.630657][ T3630] name failslab, interval 1, probability 0, space 0, times 1
[   35.643359][ T3630] CPU: 0 UID: 0 PID: 3630 Comm: syz.2.42 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   35.643481][ T3630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   35.643492][ T3630] Call Trace:
[   35.643498][ T3630]  <TASK>
[   35.643505][ T3630]  __dump_stack+0x1d/0x30
[   35.643527][ T3630]  dump_stack_lvl+0xe8/0x140
[   35.643556][ T3630]  dump_stack+0x15/0x1b
[   35.643571][ T3630]  should_fail_ex+0x265/0x280
[   35.643599][ T3630]  should_failslab+0x8c/0xb0
[   35.643621][ T3630]  __kmalloc_noprof+0xa5/0x3e0
[   35.643648][ T3630]  ? iter_file_splice_write+0xfe/0x970
[   35.643747][ T3630]  iter_file_splice_write+0xfe/0x970
[   35.643775][ T3630]  ? splice_folio_into_pipe+0x37b/0x3a0
[   35.643847][ T3630]  ? shmem_file_splice_read+0x5c2/0x600
[   35.643874][ T3630]  ? __pfx_iter_file_splice_write+0x10/0x10
[   35.643900][ T3630]  direct_splice_actor+0x156/0x2a0
[   35.643927][ T3630]  ? shmem_mmap+0x71/0xb0
[   35.643944][ T3630]  splice_direct_to_actor+0x312/0x680
[   35.644038][ T3630]  ? __pfx_direct_splice_actor+0x10/0x10
[   35.644130][ T3630]  do_splice_direct+0xda/0x150
[   35.644216][ T3630]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   35.644250][ T3630]  do_sendfile+0x380/0x650
[   35.644302][ T3630]  __x64_sys_sendfile64+0x105/0x150
[   35.644327][ T3630]  x64_sys_call+0xb39/0x2fb0
[   35.644378][ T3630]  do_syscall_64+0xd2/0x200
[   35.644397][ T3630]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   35.644425][ T3630]  ? clear_bhb_loop+0x40/0x90
[   35.644448][ T3630]  ? clear_bhb_loop+0x40/0x90
[   35.644473][ T3630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.644511][ T3630] RIP: 0033:0x7f9520afe929
[   35.644527][ T3630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   35.644546][ T3630] RSP: 002b:00007f951f167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   35.644566][ T3630] RAX: ffffffffffffffda RBX: 00007f9520d25fa0 RCX: 00007f9520afe929
[   35.644578][ T3630] RDX: 0000000000000000 RSI: 000000000000000e RDI: 000000000000000d
[   35.644596][ T3630] RBP: 00007f951f167090 R08: 0000000000000000 R09: 0000000000000000
[   35.644607][ T3630] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001
[   35.644618][ T3630] R13: 0000000000000000 R14: 00007f9520d25fa0 R15: 00007ffd1b759ae8
[   35.644654][ T3630]  </TASK>
[   35.644769][ T3634] netlink: 'syz.0.41': attribute type 5 has an invalid length.
[   35.777280][ T3637] loop4: detected capacity change from 0 to 512
[   35.874664][ T3641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.45'.
[   35.878299][ T3637] EXT4-fs: Ignoring removed nobh option
[   35.912684][ T3637] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   35.950149][ T3641] team_slave_0: entered promiscuous mode
[   35.956036][ T3641] team_slave_1: entered promiscuous mode
[   35.970566][ T3641] macsec1: entered promiscuous mode
[   35.975913][ T3641] team0: entered promiscuous mode
[   35.986777][ T3637] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #16: comm syz.4.44: corrupted inode contents
[   35.999477][ T3637] EXT4-fs (loop4): Remounting filesystem read-only
[   36.007973][ T3644] netlink: 176816 bytes leftover after parsing attributes in process `syz.0.46'.
[   36.008769][ T3637] EXT4-fs (loop4): 1 truncate cleaned up
[   36.023317][  T384] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   36.033902][  T384] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   36.134748][ T3637] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.153276][ T3658] xt_TPROXY: Can be used only with -p tcp or -p udp
[   36.162057][  T384] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   36.191555][ T3637] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.224259][ T3665] xt_TPROXY: Can be used only with -p tcp or -p udp
[   36.249806][ T3658] wireguard0: entered promiscuous mode
[   36.306768][ T3672] wireguard0: entered promiscuous mode
[   36.337502][ T3675] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   36.463284][ T3680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.483454][ T3680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.568574][ T3683] hub 8-0:1.0: USB hub found
[   36.583779][ T3683] hub 8-0:1.0: 8 ports detected
[   36.595713][ T3683] netlink: 24 bytes leftover after parsing attributes in process `syz.1.57'.
[   36.632930][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.652322][ T3683] netlink: 'syz.1.57': attribute type 5 has an invalid length.
[   36.747608][ T3687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.60'.
[   36.770459][ T3692] netlink: 120 bytes leftover after parsing attributes in process `syz.1.61'.
[   36.801363][ T3690] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.817615][ T3690] bridge_slave_1 (unregistering): left allmulticast mode
[   36.825046][ T3690] bridge_slave_1 (unregistering): left promiscuous mode
[   36.832103][ T3690] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.950297][ T3706] netlink: 'syz.1.66': attribute type 10 has an invalid length.
[   36.960271][ T3706] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   37.055226][   T29] kauditd_printk_skb: 1004 callbacks suppressed
[   37.055242][   T29] audit: type=1326 audit(1750218243.359:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.085774][   T29] audit: type=1326 audit(1750218243.359:1190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.109185][   T29] audit: type=1326 audit(1750218243.359:1191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.132700][   T29] audit: type=1326 audit(1750218243.359:1192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.156125][   T29] audit: type=1326 audit(1750218243.359:1193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.179461][   T29] audit: type=1326 audit(1750218243.359:1194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.203095][   T29] audit: type=1326 audit(1750218243.359:1195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.226509][   T29] audit: type=1326 audit(1750218243.359:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.249777][   T29] audit: type=1326 audit(1750218243.359:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.273484][   T29] audit: type=1326 audit(1750218243.359:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3707 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   37.322506][ T3715] netlink: 4 bytes leftover after parsing attributes in process `GPL'.
[   37.332552][ T3714] netlink: 'GPL': attribute type 39 has an invalid length.
[   37.352967][ T3720] vcan0: entered allmulticast mode
[   37.358243][ T3721] vcan0: left allmulticast mode
[   37.363800][ T3715] netlink: 'GPL': attribute type 39 has an invalid length.
[   37.467711][ T3730] xt_TPROXY: Can be used only with -p tcp or -p udp
[   37.537403][ T3730] wireguard0: entered promiscuous mode
[   37.557618][ T3733] wireguard0: entered promiscuous mode
[   37.604972][ T3739] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   37.613841][ T3739] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   37.640318][ T3741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.648891][ T3741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.720992][ T3737] netlink: 104 bytes leftover after parsing attributes in process `syz.0.70'.
[   37.730223][ T3739] syz.4.77 (3739) used greatest stack depth: 10712 bytes left
[   37.847552][ T3746] netlink: 16 bytes leftover after parsing attributes in process `syz.0.70'.
[   37.919277][ T3737] SELinux:  policydb version -2109188031 does not match my version range 15-34
[   37.941591][ T3737] SELinux: failed to load policy
[   38.006014][ T3753] netlink: 76 bytes leftover after parsing attributes in process `syz.4.83'.
[   38.230469][ T3766] FAULT_INJECTION: forcing a failure.
[   38.230469][ T3766] name failslab, interval 1, probability 0, space 0, times 0
[   38.243206][ T3766] CPU: 1 UID: 0 PID: 3766 Comm: syz.0.88 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   38.243233][ T3766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   38.243244][ T3766] Call Trace:
[   38.243256][ T3766]  <TASK>
[   38.243263][ T3766]  __dump_stack+0x1d/0x30
[   38.243286][ T3766]  dump_stack_lvl+0xe8/0x140
[   38.243362][ T3766]  dump_stack+0x15/0x1b
[   38.243432][ T3766]  should_fail_ex+0x265/0x280
[   38.243458][ T3766]  should_failslab+0x8c/0xb0
[   38.243483][ T3766]  kmem_cache_alloc_noprof+0x50/0x310
[   38.243575][ T3766]  ? skb_clone+0x151/0x1f0
[   38.243593][ T3766]  skb_clone+0x151/0x1f0
[   38.243609][ T3766]  __netlink_deliver_tap+0x2c9/0x500
[   38.243649][ T3766]  netlink_dump+0x79b/0x7f0
[   38.243688][ T3766]  netlink_recvmsg+0x420/0x550
[   38.243791][ T3766]  ? __pfx_netlink_recvmsg+0x10/0x10
[   38.243887][ T3766]  sock_recvmsg+0x139/0x170
[   38.243913][ T3766]  ____sys_recvmsg+0xf5/0x280
[   38.243946][ T3766]  ___sys_recvmsg+0x11f/0x370
[   38.243969][ T3766]  __x64_sys_recvmsg+0xd1/0x160
[   38.244017][ T3766]  x64_sys_call+0xf19/0x2fb0
[   38.244061][ T3766]  do_syscall_64+0xd2/0x200
[   38.244081][ T3766]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   38.244111][ T3766]  ? clear_bhb_loop+0x40/0x90
[   38.244134][ T3766]  ? clear_bhb_loop+0x40/0x90
[   38.244210][ T3766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.244234][ T3766] RIP: 0033:0x7f55d9b1e929
[   38.244258][ T3766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.244275][ T3766] RSP: 002b:00007f55d8187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[   38.244293][ T3766] RAX: ffffffffffffffda RBX: 00007f55d9d45fa0 RCX: 00007f55d9b1e929
[   38.244305][ T3766] RDX: 0000000040012022 RSI: 0000200000000080 RDI: 0000000000000003
[   38.244322][ T3766] RBP: 00007f55d8187090 R08: 0000000000000000 R09: 0000000000000000
[   38.244336][ T3766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.244348][ T3766] R13: 0000000000000000 R14: 00007f55d9d45fa0 R15: 00007ffd5bde7a08
[   38.244365][ T3766]  </TASK>
[   38.475738][ T3772] netlink: 'syz.4.90': attribute type 10 has an invalid length.
[   38.485532][ T3772] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   38.528227][ T3774] netlink: 'syz.0.91': attribute type 4 has an invalid length.
[   38.543898][ T3774] netlink: 'syz.0.91': attribute type 4 has an invalid length.
[   38.579041][ T3774] syz.0.91 (3774) used greatest stack depth: 10360 bytes left
[   38.629010][ T3784] FAULT_INJECTION: forcing a failure.
[   38.629010][ T3784] name failslab, interval 1, probability 0, space 0, times 0
[   38.642303][ T3784] CPU: 0 UID: 0 PID: 3784 Comm: syz.1.95 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   38.642335][ T3784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   38.642346][ T3784] Call Trace:
[   38.642353][ T3784]  <TASK>
[   38.642361][ T3784]  __dump_stack+0x1d/0x30
[   38.642384][ T3784]  dump_stack_lvl+0xe8/0x140
[   38.642404][ T3784]  dump_stack+0x15/0x1b
[   38.642472][ T3784]  should_fail_ex+0x265/0x280
[   38.642507][ T3784]  ? dev_ethtool+0x96/0x1650
[   38.642651][ T3784]  should_failslab+0x8c/0xb0
[   38.642671][ T3784]  __kmalloc_cache_noprof+0x4c/0x320
[   38.642696][ T3784]  dev_ethtool+0x96/0x1650
[   38.642712][ T3784]  ? full_name_hash+0x92/0xe0
[   38.642732][ T3784]  ? strcmp+0x22/0x50
[   38.642806][ T3784]  dev_ioctl+0x2e0/0x960
[   38.642836][ T3784]  sock_do_ioctl+0x197/0x220
[   38.642857][ T3784]  sock_ioctl+0x41b/0x610
[   38.642876][ T3784]  ? __pfx_sock_ioctl+0x10/0x10
[   38.642894][ T3784]  __se_sys_ioctl+0xce/0x140
[   38.642937][ T3784]  __x64_sys_ioctl+0x43/0x50
[   38.642960][ T3784]  x64_sys_call+0x19a8/0x2fb0
[   38.643023][ T3784]  do_syscall_64+0xd2/0x200
[   38.643039][ T3784]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   38.643140][ T3784]  ? clear_bhb_loop+0x40/0x90
[   38.643159][ T3784]  ? clear_bhb_loop+0x40/0x90
[   38.643177][ T3784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.643195][ T3784] RIP: 0033:0x7f9c7921e929
[   38.643257][ T3784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.643272][ T3784] RSP: 002b:00007f9c77887038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   38.643290][ T3784] RAX: ffffffffffffffda RBX: 00007f9c79445fa0 RCX: 00007f9c7921e929
[   38.643302][ T3784] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 000000000000003a
[   38.643312][ T3784] RBP: 00007f9c77887090 R08: 0000000000000000 R09: 0000000000000000
[   38.643360][ T3784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   38.643371][ T3784] R13: 0000000000000000 R14: 00007f9c79445fa0 R15: 00007ffcc3142d98
[   38.643386][ T3784]  </TASK>
[   38.854923][ T3786] xt_TPROXY: Can be used only with -p tcp or -p udp
[   38.890002][ T3790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.898631][ T3786] wireguard0: entered promiscuous mode
[   38.908264][ T3790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.024809][ T3807] capability: warning: `syz.4.105' uses deprecated v2 capabilities in a way that may be insecure
[   39.099980][ T3814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3814 comm=syz.1.104
[   39.441532][ T3821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.109'.
[   39.494715][ T3821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.109'.
[   39.693002][ T3838] xt_TPROXY: Can be used only with -p tcp or -p udp
[   39.756512][ T3838] wireguard0: entered promiscuous mode
[   39.787574][ T3850] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.845078][ T3853] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.853755][ T3853] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.899562][ T3857] process 'syz.1.120' launched '/dev/fd/5' with NULL argv: empty string added
[   40.137196][ T3883] vlan2: entered allmulticast mode
[   40.142506][ T3883] veth0_vlan: entered allmulticast mode
[   40.249454][ T3888] hub 8-0:1.0: USB hub found
[   40.263056][ T3888] hub 8-0:1.0: 8 ports detected
[   40.290610][ T3888] netlink: 24 bytes leftover after parsing attributes in process `syz.0.127'.
[   40.341056][ T3907] netlink: 'syz.0.127': attribute type 5 has an invalid length.
[   40.528391][ T3919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3919 comm=syz.0.131
[   40.681163][ T3926] netlink: 'syz.4.136': attribute type 13 has an invalid length.
[   40.699328][ T3926] gretap0: refused to change device tx_queue_len
[   40.705756][ T3926] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   40.768678][ T3930] vlan2: entered allmulticast mode
[   40.773924][ T3930] veth0_vlan: entered allmulticast mode
[   40.787373][ T3934] FAULT_INJECTION: forcing a failure.
[   40.787373][ T3934] name failslab, interval 1, probability 0, space 0, times 0
[   40.800390][ T3934] CPU: 0 UID: 0 PID: 3934 Comm: syz.1.140 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   40.800422][ T3934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   40.800436][ T3934] Call Trace:
[   40.800443][ T3934]  <TASK>
[   40.800451][ T3934]  __dump_stack+0x1d/0x30
[   40.800476][ T3934]  dump_stack_lvl+0xe8/0x140
[   40.800556][ T3934]  dump_stack+0x15/0x1b
[   40.800576][ T3934]  should_fail_ex+0x265/0x280
[   40.800727][ T3934]  should_failslab+0x8c/0xb0
[   40.800754][ T3934]  __kmalloc_noprof+0xa5/0x3e0
[   40.800784][ T3934]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   40.800856][ T3934]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   40.800924][ T3934]  genl_family_rcv_msg_doit+0x48/0x1b0
[   40.801039][ T3934]  ? security_capable+0x83/0x90
[   40.801063][ T3934]  ? ns_capable+0x7d/0xb0
[   40.801081][ T3934]  genl_rcv_msg+0x422/0x460
[   40.801106][ T3934]  ? __pfx_ethnl_act_cable_test_tdr+0x10/0x10
[   40.801164][ T3934]  netlink_rcv_skb+0x123/0x220
[   40.801193][ T3934]  ? __pfx_genl_rcv_msg+0x10/0x10
[   40.801297][ T3934]  genl_rcv+0x28/0x40
[   40.801320][ T3934]  netlink_unicast+0x59e/0x670
[   40.801352][ T3934]  netlink_sendmsg+0x58b/0x6b0
[   40.801459][ T3934]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.801481][ T3934]  __sock_sendmsg+0x142/0x180
[   40.801509][ T3934]  ____sys_sendmsg+0x31e/0x4e0
[   40.801547][ T3934]  ___sys_sendmsg+0x17b/0x1d0
[   40.801620][ T3934]  __x64_sys_sendmsg+0xd4/0x160
[   40.801657][ T3934]  x64_sys_call+0x2999/0x2fb0
[   40.801678][ T3934]  do_syscall_64+0xd2/0x200
[   40.801729][ T3934]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   40.801798][ T3934]  ? clear_bhb_loop+0x40/0x90
[   40.801822][ T3934]  ? clear_bhb_loop+0x40/0x90
[   40.801846][ T3934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.801882][ T3934] RIP: 0033:0x7f9c7921e929
[   40.801900][ T3934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.801917][ T3934] RSP: 002b:00007f9c77887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.801939][ T3934] RAX: ffffffffffffffda RBX: 00007f9c79445fa0 RCX: 00007f9c7921e929
[   40.801953][ T3934] RDX: 0000000000000000 RSI: 0000200000001540 RDI: 0000000000000005
[   40.801967][ T3934] RBP: 00007f9c77887090 R08: 0000000000000000 R09: 0000000000000000
[   40.802017][ T3934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.802151][ T3934] R13: 0000000000000000 R14: 00007f9c79445fa0 R15: 00007ffcc3142d98
[   40.802167][ T3934]  </TASK>
[   41.115242][ T3936] hub 8-0:1.0: USB hub found
[   41.128932][ T3936] hub 8-0:1.0: 8 ports detected
[   41.146661][ T3940] netlink: 'syz.4.143': attribute type 4 has an invalid length.
[   41.150005][ T3936] netlink: 24 bytes leftover after parsing attributes in process `syz.1.141'.
[   41.156724][ T3940] netlink: 'syz.4.143': attribute type 4 has an invalid length.
[   41.236684][ T3945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   41.250589][ T3945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   41.462388][   T10] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   41.471059][ T3971] serio: Serial port ptm0
[   41.488260][   T10] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   41.675516][ T3984] xt_TPROXY: Can be used only with -p tcp or -p udp
[   41.717569][ T3985] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3985 comm=syz.1.156
[   41.741262][ T3984] wireguard0: entered promiscuous mode
[   41.872348][ T3999] tipc: Can't bind to reserved service type 0
[   41.973251][ T3997] netlink: 32 bytes leftover after parsing attributes in process `syz.4.161'.
[   42.187254][   T29] kauditd_printk_skb: 1163 callbacks suppressed
[   42.187273][   T29] audit: type=1326 audit(1750218248.489:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4010 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63de5e929 code=0x7ffc0000
[   42.222521][   T29] audit: type=1326 audit(1750218248.489:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4010 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fb63de5e929 code=0x7ffc0000
[   42.245968][   T29] audit: type=1326 audit(1750218248.489:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4010 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb63de5e929 code=0x7ffc0000
[   42.315761][ T4020] mmap: syz.3.170 (4020) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   42.329301][ T4019] veth0: entered promiscuous mode
[   42.329301][   T29] audit: type=1400 audit(1750218248.629:2363): avc:  denied  { ioctl } for  pid=4017 comm="syz.4.169" path="socket:[5636]" dev="sockfs" ino=5636 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   42.361051][ T4019] netlink: 4 bytes leftover after parsing attributes in process `syz.4.169'.
[   42.394885][   T29] audit: type=1326 audit(1750218248.699:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   42.427667][   T29] audit: type=1326 audit(1750218248.729:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3998 comm="syz.2.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   42.467489][ T4024] FAULT_INJECTION: forcing a failure.
[   42.467489][ T4024] name failslab, interval 1, probability 0, space 0, times 0
[   42.480719][ T4024] CPU: 0 UID: 0 PID: 4024 Comm: syz.4.173 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   42.480806][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   42.480818][ T4024] Call Trace:
[   42.480825][ T4024]  <TASK>
[   42.480833][ T4024]  __dump_stack+0x1d/0x30
[   42.480859][ T4024]  dump_stack_lvl+0xe8/0x140
[   42.480902][ T4024]  dump_stack+0x15/0x1b
[   42.480976][ T4024]  should_fail_ex+0x265/0x280
[   42.481004][ T4024]  should_failslab+0x8c/0xb0
[   42.481042][ T4024]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   42.481132][ T4024]  ? trace_probe_init+0x1a2/0x280
[   42.481151][ T4024]  ? should_failslab+0x8c/0xb0
[   42.481171][ T4024]  kstrdup+0x3e/0xd0
[   42.481189][ T4024]  trace_probe_init+0x1a2/0x280
[   42.481288][ T4024]  alloc_trace_uprobe+0x8b/0x1e0
[   42.481310][ T4024]  create_local_trace_uprobe+0xb5/0x2c0
[   42.481333][ T4024]  perf_uprobe_init+0xc0/0x150
[   42.481390][ T4024]  perf_uprobe_event_init+0xea/0x150
[   42.481410][ T4024]  perf_try_init_event+0xd9/0x540
[   42.481432][ T4024]  ? perf_event_alloc+0xb1c/0x1680
[   42.481465][ T4024]  perf_event_alloc+0xb27/0x1680
[   42.481517][ T4024]  __se_sys_perf_event_open+0x615/0x11c0
[   42.481541][ T4024]  ? __rcu_read_unlock+0x4f/0x70
[   42.481565][ T4024]  __x64_sys_perf_event_open+0x67/0x80
[   42.481645][ T4024]  x64_sys_call+0x27ec/0x2fb0
[   42.481663][ T4024]  do_syscall_64+0xd2/0x200
[   42.481679][ T4024]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   42.481701][ T4024]  ? clear_bhb_loop+0x40/0x90
[   42.481720][ T4024]  ? clear_bhb_loop+0x40/0x90
[   42.481896][ T4024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.481914][ T4024] RIP: 0033:0x7fb63de5e929
[   42.481967][ T4024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.481983][ T4024] RSP: 002b:00007fb63c4c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   42.482107][ T4024] RAX: ffffffffffffffda RBX: 00007fb63e085fa0 RCX: 00007fb63de5e929
[   42.482118][ T4024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   42.482129][ T4024] RBP: 00007fb63c4c7090 R08: 0000000000000000 R09: 0000000000000000
[   42.482140][ T4024] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   42.482150][ T4024] R13: 0000000000000000 R14: 00007fb63e085fa0 R15: 00007fff5f6279c8
[   42.482165][ T4024]  </TASK>
[   42.482356][ T4024] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[   42.619823][   T29] audit: type=1400 audit(1750218248.769:2366): avc:  denied  { create } for  pid=4025 comm="syz.3.174" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   42.634266][ T4028] netlink: 5 bytes leftover after parsing attributes in process `syz.1.175'.
[   42.638499][   T29] audit: type=1400 audit(1750218248.789:2367): avc:  denied  { append } for  pid=4025 comm="syz.3.174" name="001" dev="devtmpfs" ino=156 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   42.668633][ T4028] 0ªî{X¹¦: renamed from gretap0 (while UP)
[   42.677034][   T29] audit: type=1400 audit(1750218248.829:2368): avc:  denied  { mount } for  pid=4025 comm="syz.3.174" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   42.723126][   T29] audit: type=1400 audit(1750218249.029:2369): avc:  denied  { unlink } for  pid=3312 comm="syz-executor" name="file0" dev="tmpfs" ino=224 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   42.840853][ T4028] 0ªî{X¹¦: entered allmulticast mode
[   42.846814][ T4028] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   42.872838][ T4033] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   42.945261][ T4043] pimreg: entered allmulticast mode
[   42.960936][ T4043] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.003104][ T4043] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.015786][ T4046] netlink: 4 bytes leftover after parsing attributes in process `syz.3.179'.
[   43.025259][ T4046] netlink: 24 bytes leftover after parsing attributes in process `syz.3.179'.
[   43.088230][ T4043] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.163488][ T4072] validate_nla: 1 callbacks suppressed
[   43.163507][ T4072] netlink: 'syz.2.187': attribute type 10 has an invalid length.
[   43.166381][ T4063] bridge_slave_0: left allmulticast mode
[   43.183274][ T4063] bridge_slave_0: left promiscuous mode
[   43.189097][ T4063] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.216409][ T4073] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4073 comm=syz.0.185
[   43.236747][ T4063] bridge_slave_1: left allmulticast mode
[   43.242579][ T4063] bridge_slave_1: left promiscuous mode
[   43.248292][ T4063] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.290170][ T4063] bond0: (slave bond_slave_0): Releasing backup interface
[   43.313508][ T4063] bond0: (slave bond_slave_1): Releasing backup interface
[   43.331911][ T4063] team_slave_0: left promiscuous mode
[   43.344783][ T4063] team0: Port device team_slave_0 removed
[   43.353246][ T4063] team_slave_1: left promiscuous mode
[   43.360589][ T4063] team0: Port device team_slave_1 removed
[   43.367320][ T4063] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.374805][ T4063] batman_adv: batadv0: Removing interface: batadv_slave_0
[   43.384620][ T4063] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   43.392199][ T4063] batman_adv: batadv0: Removing interface: batadv_slave_1
[   43.412997][ T4072] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   43.442120][ T4043] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.486413][ T4103] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[   43.505068][ T4043] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   43.517563][ T4043] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   43.530904][ T4043] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   43.544066][ T4043] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   43.581836][ T4112] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   43.593132][ T4113] netlink: 'syz.2.193': attribute type 6 has an invalid length.
[   43.608004][ T4111] IPVS: stopping master sync thread 4116 ...
[   43.608748][ T4116] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[   43.655461][ T4122] xt_TPROXY: Can be used only with -p tcp or -p udp
[   43.697908][ T4122] wireguard0: entered promiscuous mode
[   43.960194][ T4132] netlink: 'syz.0.201': attribute type 10 has an invalid length.
[   43.969850][ T4132] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   44.169695][ T4138] Falling back ldisc for ttyS3.
[   44.187424][ T4141] ÿ: renamed from bond_slave_0 (while UP)
[   44.405572][ T4152] netlink: 32 bytes leftover after parsing attributes in process `syz.0.209'.
[   44.487654][ T4164] bond1: entered promiscuous mode
[   44.493344][ T4164] bond1: entered allmulticast mode
[   44.498868][ T4164] 8021q: adding VLAN 0 to HW filter on device bond1
[   44.526626][ T4171] capability: warning: `syz.1.216' uses 32-bit capabilities (legacy support in use)
[   44.590107][ T4176] sd 0:0:1:0: device reset
[   44.598303][ T4180] netlink: 9 bytes leftover after parsing attributes in process `syz.2.217'.
[   44.613701][ T4180] gretap0: entered promiscuous mode
[   44.630289][ T4180] netlink: 5 bytes leftover after parsing attributes in process `syz.2.217'.
[   44.646688][ T4180] 0ªX¹¦D: renamed from gretap0
[   44.653746][ T4180] 0ªX¹¦D: left promiscuous mode
[   44.658651][ T4180] 0ªX¹¦D: entered allmulticast mode
[   44.665725][ T4180] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   45.050844][ T4200] infiniband syz!: set active
[   45.055657][ T4200] infiniband syz!: added team_slave_0
[   45.070753][ T4200] RDS/IB: syz!: added
[   45.075309][ T4200] smc: adding ib device syz! with port count 1
[   45.083302][ T4200] smc:    ib device syz! port 1 has pnetid 
[   45.176310][ T4213] SELinux: syz.2.224 (4213) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   45.358487][ T4220] netlink: 14 bytes leftover after parsing attributes in process `syz.3.226'.
[   45.371776][ T4220] hsr_slave_0: left promiscuous mode
[   45.380119][ T4220] hsr_slave_1: left promiscuous mode
[   45.413224][ T4225] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   45.413224][ T4225]    program +}[@ not setting count and/or reply_len properly
[   45.505541][ T4230] netlink: 14 bytes leftover after parsing attributes in process `syz.1.230'.
[   45.514711][ T4230] hsr_slave_0: left promiscuous mode
[   45.522178][ T4230] hsr_slave_1: left promiscuous mode
[   45.669043][ T4246] bond1: entered promiscuous mode
[   45.674225][ T4246] bond1: entered allmulticast mode
[   45.681004][ T4246] 8021q: adding VLAN 0 to HW filter on device bond1
[   45.814363][ T4249] team1: entered promiscuous mode
[   45.821999][ T4249] team1: entered allmulticast mode
[   45.889276][ T4251] netlink: 'syz.0.239': attribute type 10 has an invalid length.
[   45.897212][ T4251] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   46.027058][ T4270] netlink: 'syz.0.246': attribute type 10 has an invalid length.
[   46.035741][ T4270] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   46.155416][ T4219] syz.3.226 (4219) used greatest stack depth: 9464 bytes left
[   46.179312][ T4290] netlink: 'syz.2.255': attribute type 10 has an invalid length.
[   46.187660][ T4290] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   46.258748][ T4295] vlan2: entered allmulticast mode
[   46.355880][ T4302] can0: slcan on ttyS3.
[   46.362549][ T4302] netlink: 'syz.2.260': attribute type 13 has an invalid length.
[   46.416363][ T4302] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   46.476817][ T4313] netlink: 'syz.4.264': attribute type 10 has an invalid length.
[   46.484830][ T4313] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   46.539720][ T4301] can0 (unregistered): slcan off ttyS3.
[   46.632980][ T4322] netlink: 'syz.2.265': attribute type 5 has an invalid length.
[   46.677771][ T4339] netlink: 'syz.0.270': attribute type 10 has an invalid length.
[   46.685929][ T4339] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   46.786178][ T4346] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4346 comm=syz.3.268
[   47.041915][ T4358] __nla_validate_parse: 4 callbacks suppressed
[   47.041931][ T4358] netlink: 32 bytes leftover after parsing attributes in process `syz.4.274'.
[   47.142513][ T4373] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   47.198806][   T29] kauditd_printk_skb: 605 callbacks suppressed
[   47.198824][   T29] audit: type=1400 audit(1750218253.499:2975): avc:  denied  { create } for  pid=4374 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   47.226547][ T4377] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   47.227085][   T29] audit: type=1400 audit(1750218253.529:2976): avc:  denied  { connect } for  pid=4374 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   47.258323][   T29] audit: type=1400 audit(1750218253.529:2977): avc:  denied  { write } for  pid=4374 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   47.277175][   T29] audit: type=1400 audit(1750218253.529:2978): avc:  denied  { create } for  pid=4374 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   47.297155][   T29] audit: type=1400 audit(1750218253.529:2979): avc:  denied  { ioctl } for  pid=4374 comm="+}[@" path="socket:[7287]" dev="sockfs" ino=7287 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   47.321817][   T29] audit: type=1400 audit(1750218253.559:2980): avc:  denied  { read append } for  pid=4378 comm="syz.0.280" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.346216][   T29] audit: type=1400 audit(1750218253.559:2981): avc:  denied  { open } for  pid=4378 comm="syz.0.280" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.369833][   T29] audit: type=1400 audit(1750218253.559:2982): avc:  denied  { ioctl } for  pid=4378 comm="syz.0.280" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   47.395579][   T29] audit: type=1400 audit(1750218253.619:2983): avc:  denied  { create } for  pid=4378 comm="syz.0.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   47.429798][   T29] audit: type=1400 audit(1750218253.719:2984): avc:  denied  { create } for  pid=4381 comm="syz.4.281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   47.535760][ T4396] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.595115][ T4401] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   47.609472][ T4396] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.621306][ T4394] netlink: 32 bytes leftover after parsing attributes in process `syz.3.286'.
[   47.684562][ T4396] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.743970][ T4396] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.852521][ T4396] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.872883][ T4396] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.885822][ T4396] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.897850][ T4396] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.913332][ T4423] xt_TPROXY: Can be used only with -p tcp or -p udp
[   47.968461][ T4423] wireguard0: entered promiscuous mode
[   48.106230][ T4443] netlink: 132 bytes leftover after parsing attributes in process `syz.3.305'.
[   48.119261][ T4443] netlink: 224 bytes leftover after parsing attributes in process `syz.3.305'.
[   48.270082][ T4470] SELinux:  policydb magic number 0x78 does not match expected magic number 0xf97cff8c
[   48.280837][ T4470] SELinux: failed to load policy
[   48.342997][ T4473] xt_TPROXY: Can be used only with -p tcp or -p udp
[   48.385649][ T4475] xt_TPROXY: Can be used only with -p tcp or -p udp
[   48.403608][ T4473] wireguard0: entered promiscuous mode
[   48.449872][ T4477] wireguard0: entered promiscuous mode
[   48.607719][ T4487] FAULT_INJECTION: forcing a failure.
[   48.607719][ T4487] name failslab, interval 1, probability 0, space 0, times 0
[   48.621181][ T4487] CPU: 0 UID: 0 PID: 4487 Comm: syz.4.321 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   48.621214][ T4487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   48.621227][ T4487] Call Trace:
[   48.621235][ T4487]  <TASK>
[   48.621245][ T4487]  __dump_stack+0x1d/0x30
[   48.621297][ T4487]  dump_stack_lvl+0xe8/0x140
[   48.621315][ T4487]  dump_stack+0x15/0x1b
[   48.621331][ T4487]  should_fail_ex+0x265/0x280
[   48.621366][ T4487]  should_failslab+0x8c/0xb0
[   48.621392][ T4487]  __kvmalloc_node_noprof+0x123/0x4e0
[   48.621484][ T4487]  ? bpf_test_run_xdp_live+0x114/0xfe0
[   48.621520][ T4487]  bpf_test_run_xdp_live+0x114/0xfe0
[   48.621551][ T4487]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[   48.621656][ T4487]  ? __pfx_autoremove_wake_function+0x10/0x10
[   48.621765][ T4487]  ? 0xffffffffa02052c0
[   48.621782][ T4487]  ? synchronize_rcu+0x45/0x320
[   48.621807][ T4487]  ? 0xffffffffa02052c0
[   48.621861][ T4487]  ? 0xffffffffa02052c0
[   48.621876][ T4487]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[   48.621909][ T4487]  ? 0xffffffffa0201814
[   48.621943][ T4487]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[   48.621993][ T4487]  bpf_prog_test_run_xdp+0x4f5/0x910
[   48.622081][ T4487]  ? __rcu_read_unlock+0x4f/0x70
[   48.622109][ T4487]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   48.622173][ T4487]  bpf_prog_test_run+0x22a/0x390
[   48.622197][ T4487]  __sys_bpf+0x3dc/0x790
[   48.622277][ T4487]  __x64_sys_bpf+0x41/0x50
[   48.622307][ T4487]  x64_sys_call+0x2478/0x2fb0
[   48.622392][ T4487]  do_syscall_64+0xd2/0x200
[   48.622413][ T4487]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   48.622483][ T4487]  ? clear_bhb_loop+0x40/0x90
[   48.622507][ T4487]  ? clear_bhb_loop+0x40/0x90
[   48.622531][ T4487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.622611][ T4487] RIP: 0033:0x7fb63de5e929
[   48.622625][ T4487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.622697][ T4487] RSP: 002b:00007fb63c4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   48.622719][ T4487] RAX: ffffffffffffffda RBX: 00007fb63e085fa0 RCX: 00007fb63de5e929
[   48.622732][ T4487] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[   48.622781][ T4487] RBP: 00007fb63c4c7090 R08: 0000000000000000 R09: 0000000000000000
[   48.622793][ T4487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.622872][ T4487] R13: 0000000000000000 R14: 00007fb63e085fa0 R15: 00007fff5f6279c8
[   48.622892][ T4487]  </TASK>
[   48.625861][ T4490] validate_nla: 5 callbacks suppressed
[   48.625876][ T4490] netlink: 'syz.0.322': attribute type 1 has an invalid length.
[   48.898759][ T4499] veth3: entered promiscuous mode
[   48.942820][ T4508] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   48.976869][ T4510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.329'.
[   49.121506][ T4522] xt_TPROXY: Can be used only with -p tcp or -p udp
[   49.179868][ T4522] wireguard0: entered promiscuous mode
[   49.396549][ T4538] hub 8-0:1.0: USB hub found
[   49.404962][ T4538] hub 8-0:1.0: 8 ports detected
[   49.429565][ T4538] netlink: 24 bytes leftover after parsing attributes in process `syz.2.340'.
[   49.451634][ T4543] netlink: 'syz.3.342': attribute type 10 has an invalid length.
[   49.459663][ T4526] program syz.0.336 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   49.471492][ T4543] ipvlan0: entered allmulticast mode
[   49.478181][ T4543] team0: Device ipvlan0 failed to register rx_handler
[   49.488512][ T4544] netlink: 'syz.2.340': attribute type 5 has an invalid length.
[   49.539366][ T4548] SELinux:  Context system_u:object_r:fonts_t:s0 is not valid (left unmapped).
[   49.674188][ T4554] netlink: 'syz.4.341': attribute type 10 has an invalid length.
[   49.685160][ T4554] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.696117][ T4554] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   49.749919][ T4559] netlink: 32 bytes leftover after parsing attributes in process `syz.3.348'.
[   49.766821][ T4568] xt_TPROXY: Can be used only with -p tcp or -p udp
[   49.786824][ T4570] netlink: 'syz.0.350': attribute type 10 has an invalid length.
[   49.797079][ T4570] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   49.828192][ T4568] wireguard0: entered promiscuous mode
[   49.903536][ T4579] hub 9-0:1.0: USB hub found
[   49.908378][ T4579] hub 9-0:1.0: 8 ports detected
[   50.074559][ T4602] ieee802154 phy0 wpan0: encryption failed: -22
[   50.113938][ T4608] hub 8-0:1.0: USB hub found
[   50.118739][ T4608] hub 8-0:1.0: 8 ports detected
[   50.128301][ T4608] netlink: 24 bytes leftover after parsing attributes in process `syz.2.366'.
[   50.180243][ T4610] netlink: 'syz.2.366': attribute type 5 has an invalid length.
[   50.209521][ T4612] netlink: 'syz.2.367': attribute type 10 has an invalid length.
[   50.218142][ T4612] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   50.306595][ T4616] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   50.317377][ T4616] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   50.436370][ T4632] FAULT_INJECTION: forcing a failure.
[   50.436370][ T4632] name failslab, interval 1, probability 0, space 0, times 0
[   50.449462][ T4632] CPU: 1 UID: 0 PID: 4632 Comm: syz.2.377 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   50.449493][ T4632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   50.449505][ T4632] Call Trace:
[   50.449511][ T4632]  <TASK>
[   50.449518][ T4632]  __dump_stack+0x1d/0x30
[   50.449602][ T4632]  dump_stack_lvl+0xe8/0x140
[   50.449624][ T4632]  dump_stack+0x15/0x1b
[   50.449641][ T4632]  should_fail_ex+0x265/0x280
[   50.449674][ T4632]  ? asymmetric_lookup_restriction+0x303/0x370
[   50.449771][ T4632]  should_failslab+0x8c/0xb0
[   50.449796][ T4632]  __kmalloc_cache_noprof+0x4c/0x320
[   50.449831][ T4632]  ? __pfx_restrict_link_by_key_or_keyring_chain+0x10/0x10
[   50.449862][ T4632]  asymmetric_lookup_restriction+0x303/0x370
[   50.449911][ T4632]  ? __pfx_asymmetric_lookup_restriction+0x10/0x10
[   50.449940][ T4632]  keyring_restrict+0xf7/0x280
[   50.450028][ T4632]  keyctl_restrict_keyring+0x107/0x1b0
[   50.450060][ T4632]  __se_sys_keyctl+0x1ed/0xb80
[   50.450086][ T4632]  ? __rcu_read_unlock+0x4f/0x70
[   50.450152][ T4632]  ? __fget_files+0x184/0x1c0
[   50.450170][ T4632]  ? fput+0x8f/0xc0
[   50.450191][ T4632]  __x64_sys_keyctl+0x67/0x80
[   50.450292][ T4632]  x64_sys_call+0x2e7f/0x2fb0
[   50.450310][ T4632]  do_syscall_64+0xd2/0x200
[   50.450326][ T4632]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   50.450348][ T4632]  ? clear_bhb_loop+0x40/0x90
[   50.450440][ T4632]  ? clear_bhb_loop+0x40/0x90
[   50.450498][ T4632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.450516][ T4632] RIP: 0033:0x7f9520afe929
[   50.450530][ T4632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.450545][ T4632] RSP: 002b:00007f951f167038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[   50.450617][ T4632] RAX: ffffffffffffffda RBX: 00007f9520d25fa0 RCX: 00007f9520afe929
[   50.450689][ T4632] RDX: 0000200000000200 RSI: 0000000034e470c2 RDI: 000000000000001d
[   50.450718][ T4632] RBP: 00007f951f167090 R08: 0000000000000000 R09: 0000000000000000
[   50.450729][ T4632] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[   50.450739][ T4632] R13: 0000000000000000 R14: 00007f9520d25fa0 R15: 00007ffd1b759ae8
[   50.450755][ T4632]  </TASK>
[   50.713269][ T4638] xt_TPROXY: Can be used only with -p tcp or -p udp
[   50.722598][ T4640] xt_TPROXY: Can be used only with -p tcp or -p udp
[   50.770459][ T4638] wireguard0: entered promiscuous mode
[   50.787023][ T4641] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4641 comm=syz.1.380
[   50.803956][ T4640] wireguard0: entered promiscuous mode
[   50.933743][  T384] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.013575][  T384] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.053019][  T384] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.075253][ T4667] netlink: 'syz.0.391': attribute type 10 has an invalid length.
[   51.083372][ T4667] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   51.096964][ T4656] netlink: 'syz.2.388': attribute type 1 has an invalid length.
[   51.104722][ T4656] netlink: 224 bytes leftover after parsing attributes in process `syz.2.388'.
[   51.124496][  T384] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.178206][ T4676] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.228285][ T4677] IPv6: NLM_F_CREATE should be specified when creating new route
[   51.246917][ T4677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.256832][ T4677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.283629][ T4676] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.685034][ T4690] block device autoloading is deprecated and will be removed.
[   51.722306][ T4676] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.752955][  T384] bridge_slave_1: left allmulticast mode
[   51.758681][  T384] bridge_slave_1: left promiscuous mode
[   51.764559][  T384] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.827774][  T384] bridge_slave_0: left allmulticast mode
[   51.833532][  T384] bridge_slave_0: left promiscuous mode
[   51.839327][  T384] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.113048][  T384] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   52.128640][  T384] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   52.147730][  T384] bond0 (unregistering): (slave batadv0): Releasing backup interface
[   52.182031][  T384] bond0 (unregistering): Released all slaves
[   52.209087][  T384] bond1 (unregistering): Released all slaves
[   52.217904][   T29] kauditd_printk_skb: 731 callbacks suppressed
[   52.217921][   T29] audit: type=1400 audit(1750218258.519:3716): avc:  denied  { create } for  pid=4700 comm="syz.3.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   52.246665][ T4703] ieee802154 phy0 wpan0: encryption failed: -22
[   52.259965][ T4676] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.335803][   T29] audit: type=1400 audit(1750218258.549:3717): avc:  denied  { write } for  pid=4700 comm="syz.3.400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   52.356014][   T29] audit: type=1400 audit(1750218258.579:3718): avc:  denied  { search } for  pid=3037 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   52.377592][   T29] audit: type=1400 audit(1750218258.579:3719): avc:  denied  { search } for  pid=3037 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   52.399981][   T29] audit: type=1400 audit(1750218258.579:3720): avc:  denied  { search } for  pid=3037 comm="dhcpcd" name="data" dev="tmpfs" ino=13 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   52.422912][   T29] audit: type=1400 audit(1750218258.579:3721): avc:  denied  { read } for  pid=3037 comm="dhcpcd" name="n31" dev="tmpfs" ino=958 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   52.444498][   T29] audit: type=1400 audit(1750218258.579:3722): avc:  denied  { open } for  pid=3037 comm="dhcpcd" path="/run/udev/data/n31" dev="tmpfs" ino=958 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   52.467539][   T29] audit: type=1400 audit(1750218258.579:3723): avc:  denied  { getattr } for  pid=3037 comm="dhcpcd" path="/run/udev/data/n31" dev="tmpfs" ino=958 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   52.582345][  T384] hsr_slave_0: left promiscuous mode
[   52.624297][  T384] hsr_slave_1: left promiscuous mode
[   52.640922][  T384] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   52.648474][  T384] batman_adv: batadv0: Removing interface: batadv_slave_0
[   52.678771][  T384] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   52.686349][  T384] batman_adv: batadv0: Removing interface: batadv_slave_1
[   52.711435][   T29] audit: type=1400 audit(1750218258.909:3724): avc:  denied  { read open } for  pid=4711 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   52.737358][   T29] audit: type=1400 audit(1750218258.909:3725): avc:  denied  { getattr } for  pid=4711 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=483 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   52.871817][  T384] veth1_macvtap: left promiscuous mode
[   52.877671][  T384] veth0_macvtap: left promiscuous mode
[   52.916411][  T384] veth1_vlan: left promiscuous mode
[   52.936627][  T384] veth0_vlan: left promiscuous mode
[   53.004271][ T4726] FAULT_INJECTION: forcing a failure.
[   53.004271][ T4726] name failslab, interval 1, probability 0, space 0, times 0
[   53.017203][ T4726] CPU: 1 UID: 0 PID: 4726 Comm: syz.0.403 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   53.017280][ T4726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   53.017304][ T4726] Call Trace:
[   53.017311][ T4726]  <TASK>
[   53.017319][ T4726]  __dump_stack+0x1d/0x30
[   53.017342][ T4726]  dump_stack_lvl+0xe8/0x140
[   53.017435][ T4726]  dump_stack+0x15/0x1b
[   53.017451][ T4726]  should_fail_ex+0x265/0x280
[   53.017555][ T4726]  should_failslab+0x8c/0xb0
[   53.017615][ T4726]  __kmalloc_noprof+0xa5/0x3e0
[   53.017643][ T4726]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   53.017670][ T4726]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   53.017769][ T4726]  genl_family_rcv_msg_doit+0x48/0x1b0
[   53.017861][ T4726]  ? security_capable+0x83/0x90
[   53.017979][ T4726]  ? ns_capable+0x7d/0xb0
[   53.017999][ T4726]  genl_rcv_msg+0x422/0x460
[   53.018024][ T4726]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[   53.018057][ T4726]  netlink_rcv_skb+0x123/0x220
[   53.018132][ T4726]  ? __pfx_genl_rcv_msg+0x10/0x10
[   53.018162][ T4726]  genl_rcv+0x28/0x40
[   53.018228][ T4726]  netlink_unicast+0x59e/0x670
[   53.018292][ T4726]  netlink_sendmsg+0x58b/0x6b0
[   53.018311][ T4726]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.018353][ T4726]  __sock_sendmsg+0x142/0x180
[   53.018379][ T4726]  ____sys_sendmsg+0x31e/0x4e0
[   53.018412][ T4726]  ___sys_sendmsg+0x17b/0x1d0
[   53.018473][ T4726]  __x64_sys_sendmsg+0xd4/0x160
[   53.018509][ T4726]  x64_sys_call+0x2999/0x2fb0
[   53.018531][ T4726]  do_syscall_64+0xd2/0x200
[   53.018546][ T4726]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.018635][ T4726]  ? clear_bhb_loop+0x40/0x90
[   53.018653][ T4726]  ? clear_bhb_loop+0x40/0x90
[   53.018671][ T4726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.018705][ T4726] RIP: 0033:0x7f55d9b1e929
[   53.018750][ T4726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.018766][ T4726] RSP: 002b:00007f55d8187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.018783][ T4726] RAX: ffffffffffffffda RBX: 00007f55d9d45fa0 RCX: 00007f55d9b1e929
[   53.018794][ T4726] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[   53.018805][ T4726] RBP: 00007f55d8187090 R08: 0000000000000000 R09: 0000000000000000
[   53.018827][ T4726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.018838][ T4726] R13: 0000000000000000 R14: 00007f55d9d45fa0 R15: 00007ffd5bde7a08
[   53.018853][ T4726]  </TASK>
[   53.324840][  T384] team0 (unregistering): Port device team_slave_1 removed
[   53.336121][  T384] team0 (unregistering): Port device team_slave_0 removed
[   53.394987][ T3409] infiniband syz1: ib_query_port failed (-19)
[   53.415134][ T4676] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.483513][ T4676] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.504389][ T4676] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.524414][ T4741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.407'.
[   53.533411][ T4741] netlink: 24 bytes leftover after parsing attributes in process `syz.1.407'.
[   53.543327][ T4653] chnl_net:caif_netlink_parms(): no params data found
[   53.598931][ T4676] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.628517][ T3409] kernel write not supported for file /162/loginuid (pid: 3409 comm: kworker/0:4)
[   53.725145][ T4653] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.732355][ T4653] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.761133][ T4653] bridge_slave_0: entered allmulticast mode
[   53.782716][ T4653] bridge_slave_0: entered promiscuous mode
[   53.838310][ T4653] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.845640][ T4653] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.853826][ T4653] bridge_slave_1: entered allmulticast mode
[   53.860850][ T4653] bridge_slave_1: entered promiscuous mode
[   53.958916][ T4653] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.970794][ T4732] Set syz1 is full, maxelem 65536 reached
[   53.979868][ T4653] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.019091][ T4776] netlink: 8 bytes leftover after parsing attributes in process `syz.1.414'.
[   54.030601][ T4653] team0: Port device team_slave_0 added
[   54.037354][ T4653] team0: Port device team_slave_1 added
[   54.081493][ T4653] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.088502][ T4653] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.115029][ T4653] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.149938][ T4653] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.156926][ T4653] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.183515][ T4653] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.275014][ T4802] bond3: entered promiscuous mode
[   54.280222][ T4802] bond3: entered allmulticast mode
[   54.286521][ T4802] 8021q: adding VLAN 0 to HW filter on device bond3
[   54.305117][ T4802] bond3 (unregistering): Released all slaves
[   54.340250][ T4653] hsr_slave_0: entered promiscuous mode
[   54.346246][ T4653] hsr_slave_1: entered promiscuous mode
[   54.352294][ T4653] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.360570][ T4653] Cannot create hsr debugfs directory
[   54.419122][ T4801] netlink: 32 bytes leftover after parsing attributes in process `syz.3.420'.
[   54.480140][ T4808] infiniband syz2: set active
[   54.484917][ T4808] infiniband syz2: added veth0_to_bond
[   54.545226][ T4808] RDS/IB: syz2: added
[   54.588926][ T4828] loop2: detected capacity change from 0 to 8192
[   54.644480][ T4808] smc: adding ib device syz2 with port count 1
[   54.680334][ T4808] smc:    ib device syz2 port 1 has pnetid 
[   54.725141][ T4838] hub 8-0:1.0: USB hub found
[   54.735388][ T4838] hub 8-0:1.0: 8 ports detected
[   54.757542][ T4838] netlink: 24 bytes leftover after parsing attributes in process `syz.2.425'.
[   54.764428][ T4653] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   54.802239][ T4653] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   54.821841][ T4653] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   54.842000][ T4838] netlink: 'syz.2.425': attribute type 5 has an invalid length.
[   54.858205][ T4809] netlink: 'syz.1.418': attribute type 10 has an invalid length.
[   54.873411][ T4653] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   54.900840][ T4853] loop2: detected capacity change from 0 to 512
[   54.939301][ T4653] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.969183][ T4653] 8021q: adding VLAN 0 to HW filter on device team0
[   54.997046][ T4846] tipc: Started in network mode
[   55.002121][ T4846] tipc: Node identity 5e875b461b77, cluster identity 4711
[   55.009461][ T4846] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   55.021135][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.028601][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.072964][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.080248][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.105810][ T4871] loop2: detected capacity change from 0 to 764
[   55.120867][ T4845] tipc: Resetting bearer <eth:syzkaller0>
[   55.127362][ T4871] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   55.138092][ T4871] FAULT_INJECTION: forcing a failure.
[   55.138092][ T4871] name failslab, interval 1, probability 0, space 0, times 0
[   55.150936][ T4871] CPU: 1 UID: 0 PID: 4871 Comm: syz.2.430 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   55.151037][ T4871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.151051][ T4871] Call Trace:
[   55.151058][ T4871]  <TASK>
[   55.151067][ T4871]  __dump_stack+0x1d/0x30
[   55.151089][ T4871]  dump_stack_lvl+0xe8/0x140
[   55.151107][ T4871]  dump_stack+0x15/0x1b
[   55.151156][ T4871]  should_fail_ex+0x265/0x280
[   55.151189][ T4871]  should_failslab+0x8c/0xb0
[   55.151215][ T4871]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   55.151389][ T4871]  ? __d_alloc+0x3d/0x350
[   55.151415][ T4871]  __d_alloc+0x3d/0x350
[   55.151441][ T4871]  d_alloc_parallel+0x53/0xc40
[   55.151468][ T4871]  ? avc_has_perm_noaudit+0x1b1/0x200
[   55.151551][ T4871]  ? lockref_get_not_dead+0x120/0x1c0
[   55.151577][ T4871]  ? __rcu_read_unlock+0x4f/0x70
[   55.151602][ T4871]  __lookup_slow+0x8c/0x250
[   55.151633][ T4871]  lookup_slow+0x3c/0x60
[   55.151721][ T4871]  link_path_walk+0x753/0x900
[   55.151787][ T4871]  path_lookupat+0x63/0x2a0
[   55.151812][ T4871]  filename_lookup+0x147/0x340
[   55.151918][ T4871]  user_path_at+0x3e/0x130
[   55.151950][ T4871]  user_statfs+0x4d/0x110
[   55.151977][ T4871]  __x64_sys_statfs+0x65/0xf0
[   55.152020][ T4871]  ? fput+0x8f/0xc0
[   55.152045][ T4871]  ? ksys_write+0x192/0x1a0
[   55.152066][ T4871]  x64_sys_call+0x1edd/0x2fb0
[   55.152089][ T4871]  do_syscall_64+0xd2/0x200
[   55.152109][ T4871]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.152202][ T4871]  ? clear_bhb_loop+0x40/0x90
[   55.152291][ T4871]  ? clear_bhb_loop+0x40/0x90
[   55.152314][ T4871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.152376][ T4871] RIP: 0033:0x7f9520afe929
[   55.152468][ T4871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.152486][ T4871] RSP: 002b:00007f951f167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[   55.152576][ T4871] RAX: ffffffffffffffda RBX: 00007f9520d25fa0 RCX: 00007f9520afe929
[   55.152590][ T4871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000001000
[   55.152603][ T4871] RBP: 00007f951f167090 R08: 0000000000000000 R09: 0000000000000000
[   55.152616][ T4871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.152629][ T4871] R13: 0000000000000000 R14: 00007f9520d25fa0 R15: 00007ffd1b759ae8
[   55.152649][ T4871]  </TASK>
[   55.167292][ T4845] tipc: Disabling bearer <eth:syzkaller0>
[   55.432273][ T4653] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   55.473526][ T4891] netlink: 'syz.3.434': attribute type 10 has an invalid length.
[   55.522686][ T4889] SELinux:  policydb version -2013265645 does not match my version range 15-34
[   55.546975][ T4889] SELinux: failed to load policy
[   55.582350][ T4653] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.703853][ T4912] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4912 comm=syz.0.440
[   55.759179][ T4924] FAULT_INJECTION: forcing a failure.
[   55.759179][ T4924] name failslab, interval 1, probability 0, space 0, times 0
[   55.772126][ T4924] CPU: 1 UID: 0 PID: 4924 Comm: syz.1.441 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   55.772156][ T4924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.772169][ T4924] Call Trace:
[   55.772233][ T4924]  <TASK>
[   55.772305][ T4924]  __dump_stack+0x1d/0x30
[   55.772329][ T4924]  dump_stack_lvl+0xe8/0x140
[   55.772348][ T4924]  dump_stack+0x15/0x1b
[   55.772367][ T4924]  should_fail_ex+0x265/0x280
[   55.772402][ T4924]  should_failslab+0x8c/0xb0
[   55.772465][ T4924]  kmem_cache_alloc_noprof+0x50/0x310
[   55.772495][ T4924]  ? key_alloc+0x27d/0x9a0
[   55.772528][ T4924]  key_alloc+0x27d/0x9a0
[   55.772562][ T4924]  request_key_and_link+0x43a/0xd70
[   55.772676][ T4924]  ? __pfx_key_default_cmp+0x10/0x10
[   55.772697][ T4924]  ? __pfx_keyring_search_iterator+0x10/0x10
[   55.772722][ T4924]  __se_sys_request_key+0x1df/0x290
[   55.772800][ T4924]  ? fput+0x8f/0xc0
[   55.772829][ T4924]  __x64_sys_request_key+0x55/0x70
[   55.772865][ T4924]  x64_sys_call+0x2f19/0x2fb0
[   55.772888][ T4924]  do_syscall_64+0xd2/0x200
[   55.772907][ T4924]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.772944][ T4924]  ? clear_bhb_loop+0x40/0x90
[   55.773029][ T4924]  ? clear_bhb_loop+0x40/0x90
[   55.773053][ T4924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.773077][ T4924] RIP: 0033:0x7f9c7921e929
[   55.773093][ T4924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.773113][ T4924] RSP: 002b:00007f9c77887038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[   55.773204][ T4924] RAX: ffffffffffffffda RBX: 00007f9c79445fa0 RCX: 00007f9c7921e929
[   55.773219][ T4924] RDX: 0000200000001fee RSI: 0000200000001ffb RDI: 0000200000000000
[   55.773233][ T4924] RBP: 00007f9c77887090 R08: 0000000000000000 R09: 0000000000000000
[   55.773272][ T4924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.773287][ T4924] R13: 0000000000000000 R14: 00007f9c79445fa0 R15: 00007ffcc3142d98
[   55.773307][ T4924]  </TASK>
[   56.127053][ T4955] xt_TPROXY: Can be used only with -p tcp or -p udp
[   56.199029][ T4955] wireguard0: entered promiscuous mode
[   56.227820][ T4653] veth0_vlan: entered promiscuous mode
[   56.236934][ T4974] FAULT_INJECTION: forcing a failure.
[   56.236934][ T4974] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   56.250590][ T4974] CPU: 0 UID: 0 PID: 4974 Comm: syz.0.449 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   56.250621][ T4974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.250805][ T4974] Call Trace:
[   56.250812][ T4974]  <TASK>
[   56.250821][ T4974]  __dump_stack+0x1d/0x30
[   56.250844][ T4974]  dump_stack_lvl+0xe8/0x140
[   56.250867][ T4974]  dump_stack+0x15/0x1b
[   56.250885][ T4974]  should_fail_ex+0x265/0x280
[   56.250947][ T4974]  should_fail+0xb/0x20
[   56.250974][ T4974]  should_fail_usercopy+0x1a/0x20
[   56.251006][ T4974]  _copy_from_user+0x1c/0xb0
[   56.251024][ T4974]  ___sys_sendmsg+0xc1/0x1d0
[   56.251171][ T4974]  __x64_sys_sendmsg+0xd4/0x160
[   56.251208][ T4974]  x64_sys_call+0x2999/0x2fb0
[   56.251304][ T4974]  do_syscall_64+0xd2/0x200
[   56.251324][ T4974]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.251426][ T4974]  ? clear_bhb_loop+0x40/0x90
[   56.251480][ T4974]  ? clear_bhb_loop+0x40/0x90
[   56.251500][ T4974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.251594][ T4974] RIP: 0033:0x7f55d9b1e929
[   56.251611][ T4974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.251630][ T4974] RSP: 002b:00007f55d8187038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.251651][ T4974] RAX: ffffffffffffffda RBX: 00007f55d9d45fa0 RCX: 00007f55d9b1e929
[   56.251664][ T4974] RDX: 0000000000000040 RSI: 0000200000000d40 RDI: 0000000000000007
[   56.251677][ T4974] RBP: 00007f55d8187090 R08: 0000000000000000 R09: 0000000000000000
[   56.251690][ T4974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.251763][ T4974] R13: 0000000000000000 R14: 00007f55d9d45fa0 R15: 00007ffd5bde7a08
[   56.251802][ T4974]  </TASK>
[   56.254682][ T4653] veth1_vlan: entered promiscuous mode
[   56.439249][ T4978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.450'.
[   56.446131][ T4653] veth0_macvtap: entered promiscuous mode
[   56.457606][ T4653] veth1_macvtap: entered promiscuous mode
[   56.478513][ T4653] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.491925][ T4653] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.503643][ T4653] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.512752][ T4653] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.521687][ T4653] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.530436][ T4653] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.540939][ T4983] FAULT_INJECTION: forcing a failure.
[   56.540939][ T4983] name failslab, interval 1, probability 0, space 0, times 0
[   56.554178][ T4983] CPU: 0 UID: 0 PID: 4983 Comm: syz.2.452 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   56.554210][ T4983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   56.554223][ T4983] Call Trace:
[   56.554231][ T4983]  <TASK>
[   56.554240][ T4983]  __dump_stack+0x1d/0x30
[   56.554319][ T4983]  dump_stack_lvl+0xe8/0x140
[   56.554342][ T4983]  dump_stack+0x15/0x1b
[   56.554365][ T4983]  should_fail_ex+0x265/0x280
[   56.554401][ T4983]  should_failslab+0x8c/0xb0
[   56.554425][ T4983]  kmem_cache_alloc_noprof+0x50/0x310
[   56.554520][ T4983]  ? audit_log_start+0x365/0x6c0
[   56.554664][ T4983]  audit_log_start+0x365/0x6c0
[   56.554694][ T4983]  ? css_rstat_updated+0xcd/0x5b0
[   56.554828][ T4983]  audit_seccomp+0x48/0x100
[   56.554856][ T4983]  ? __seccomp_filter+0x68c/0x10d0
[   56.554881][ T4983]  __seccomp_filter+0x69d/0x10d0
[   56.554906][ T4983]  ? mas_find+0x27d/0x610
[   56.554982][ T4983]  ? apply_vma_lock_flags+0x20b/0x250
[   56.555016][ T4983]  __secure_computing+0x82/0x150
[   56.555040][ T4983]  syscall_trace_enter+0xcf/0x1e0
[   56.555085][ T4983]  do_syscall_64+0xac/0x200
[   56.555114][ T4983]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.555141][ T4983]  ? clear_bhb_loop+0x40/0x90
[   56.555163][ T4983]  ? clear_bhb_loop+0x40/0x90
[   56.555186][ T4983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.555227][ T4983] RIP: 0033:0x7f9520afd33c
[   56.555245][ T4983] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   56.555264][ T4983] RSP: 002b:00007f951f167030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   56.555303][ T4983] RAX: ffffffffffffffda RBX: 00007f9520d25fa0 RCX: 00007f9520afd33c
[   56.555317][ T4983] RDX: 000000000000000f RSI: 00007f951f1670a0 RDI: 0000000000000006
[   56.555409][ T4983] RBP: 00007f951f167090 R08: 0000000000000000 R09: 0000000000000000
[   56.555423][ T4983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.555436][ T4983] R13: 0000000000000000 R14: 00007f9520d25fa0 R15: 00007ffd1b759ae8
[   56.555455][ T4983]  </TASK>
[   56.773628][ T4981] vlan2: entered allmulticast mode
[   56.778812][ T4981] veth0_vlan: entered allmulticast mode
[   56.952675][ T5020] netlink: 'syz.1.462': attribute type 10 has an invalid length.
[   57.007762][ T5027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.464'.
[   57.175603][ T5050] FAULT_INJECTION: forcing a failure.
[   57.175603][ T5050] name failslab, interval 1, probability 0, space 0, times 0
[   57.188847][ T5050] CPU: 0 UID: 0 PID: 5050 Comm: syz.1.471 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   57.188875][ T5050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   57.188888][ T5050] Call Trace:
[   57.188894][ T5050]  <TASK>
[   57.188900][ T5050]  __dump_stack+0x1d/0x30
[   57.188922][ T5050]  dump_stack_lvl+0xe8/0x140
[   57.188942][ T5050]  dump_stack+0x15/0x1b
[   57.188997][ T5050]  should_fail_ex+0x265/0x280
[   57.189024][ T5050]  ? genl_start+0x117/0x390
[   57.189048][ T5050]  should_failslab+0x8c/0xb0
[   57.189067][ T5050]  __kmalloc_cache_noprof+0x4c/0x320
[   57.189134][ T5050]  genl_start+0x117/0x390
[   57.189155][ T5050]  __netlink_dump_start+0x331/0x520
[   57.189183][ T5050]  genl_family_rcv_msg_dumpit+0x115/0x180
[   57.189236][ T5050]  ? __pfx_genl_start+0x10/0x10
[   57.189255][ T5050]  ? __pfx_genl_dumpit+0x10/0x10
[   57.189327][ T5050]  ? __pfx_genl_done+0x10/0x10
[   57.189393][ T5050]  genl_rcv_msg+0x3f0/0x460
[   57.189413][ T5050]  ? __pfx_ethnl_default_start+0x10/0x10
[   57.189430][ T5050]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[   57.189446][ T5050]  ? __pfx_ethnl_default_done+0x10/0x10
[   57.189482][ T5050]  netlink_rcv_skb+0x123/0x220
[   57.189507][ T5050]  ? __pfx_genl_rcv_msg+0x10/0x10
[   57.189531][ T5050]  genl_rcv+0x28/0x40
[   57.189549][ T5050]  netlink_unicast+0x59e/0x670
[   57.189729][ T5050]  netlink_sendmsg+0x58b/0x6b0
[   57.189747][ T5050]  ? __pfx_netlink_sendmsg+0x10/0x10
[   57.189804][ T5050]  __sock_sendmsg+0x142/0x180
[   57.189826][ T5050]  ____sys_sendmsg+0x31e/0x4e0
[   57.189855][ T5050]  ___sys_sendmsg+0x17b/0x1d0
[   57.189891][ T5050]  __x64_sys_sendmsg+0xd4/0x160
[   57.190005][ T5050]  x64_sys_call+0x2999/0x2fb0
[   57.190023][ T5050]  do_syscall_64+0xd2/0x200
[   57.190039][ T5050]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   57.190082][ T5050]  ? clear_bhb_loop+0x40/0x90
[   57.190106][ T5050]  ? clear_bhb_loop+0x40/0x90
[   57.190124][ T5050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.190143][ T5050] RIP: 0033:0x7f9c7921e929
[   57.190156][ T5050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.190201][ T5050] RSP: 002b:00007f9c77887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.190219][ T5050] RAX: ffffffffffffffda RBX: 00007f9c79445fa0 RCX: 00007f9c7921e929
[   57.190230][ T5050] RDX: 0000000000000000 RSI: 0000200000001ac0 RDI: 0000000000000008
[   57.190240][ T5050] RBP: 00007f9c77887090 R08: 0000000000000000 R09: 0000000000000000
[   57.190251][ T5050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.190261][ T5050] R13: 0000000000000000 R14: 00007f9c79445fa0 R15: 00007ffcc3142d98
[   57.190277][ T5050]  </TASK>
[   57.720353][ T5068] netlink: 'syz.1.476': attribute type 10 has an invalid length.
[   57.748074][ T5069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.758988][ T5069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.953954][   T29] kauditd_printk_skb: 409 callbacks suppressed
[   57.954027][   T29] audit: type=1326 audit(1750218264.259:4133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5071 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.016273][ T5074] netlink: 8 bytes leftover after parsing attributes in process `syz.3.478'.
[   58.100484][ T5078] xt_TPROXY: Can be used only with -p tcp or -p udp
[   58.138086][ T5074] vlan2: entered allmulticast mode
[   58.198127][   T29] audit: type=1326 audit(1750218264.289:4134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5071 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.221578][   T29] audit: type=1326 audit(1750218264.289:4135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5071 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.245108][   T29] audit: type=1326 audit(1750218264.289:4136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5071 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.268640][   T29] audit: type=1326 audit(1750218264.299:4137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5071 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.292183][   T29] audit: type=1400 audit(1750218264.429:4138): avc:  denied  { mount } for  pid=5079 comm="syz.2.480" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   58.314430][   T29] audit: type=1326 audit(1750218264.429:4139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5079 comm="syz.2.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.338070][   T29] audit: type=1326 audit(1750218264.429:4140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5079 comm="syz.2.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.361691][   T29] audit: type=1326 audit(1750218264.429:4141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5079 comm="syz.2.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.390774][   T29] audit: type=1326 audit(1750218264.429:4142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5079 comm="syz.2.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9520afe929 code=0x7ffc0000
[   58.417861][ T5081] wireguard0: entered promiscuous mode
[   59.044510][ T5117] hub 2-0:1.0: USB hub found
[   59.049282][ T5117] hub 2-0:1.0: 8 ports detected
[   59.076753][ T5119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.493'.
[   59.135978][ T5121] hub 8-0:1.0: USB hub found
[   59.141047][ T5121] hub 8-0:1.0: 8 ports detected
[   59.151764][ T5121] netlink: 24 bytes leftover after parsing attributes in process `syz.1.494'.
[   59.201534][ T5121] netlink: 'syz.1.494': attribute type 5 has an invalid length.
[   59.336030][ T5134] netlink: 32 bytes leftover after parsing attributes in process `syz.1.499'.
[   59.377229][ T5145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.504'.
[   59.425539][ T5149] netlink: 'syz.3.506': attribute type 21 has an invalid length.
[   59.434106][ T5149] netlink: 128 bytes leftover after parsing attributes in process `syz.3.506'.
[   59.456448][ T5149] netlink: 'syz.3.506': attribute type 5 has an invalid length.
[   59.464339][ T5149] netlink: 'syz.3.506': attribute type 6 has an invalid length.
[   59.472045][ T5149] netlink: 3 bytes leftover after parsing attributes in process `syz.3.506'.
[   59.475522][ T5155] xt_TPROXY: Can be used only with -p tcp or -p udp
[   59.521722][ T5164] xt_TPROXY: Can be used only with -p tcp or -p udp
[   59.536405][ T5155] wireguard0: entered promiscuous mode
[   59.591914][ T5164] wireguard0: entered promiscuous mode
[   59.718864][ T5181] netlink: 68 bytes leftover after parsing attributes in process `syz.3.518'.
[   59.813638][ T5194] netlink: 12 bytes leftover after parsing attributes in process `syz.5.525'.
[   59.875886][ T5186] netlink: 32 bytes leftover after parsing attributes in process `syz.2.520'.
[   59.977957][ T5206] netlink: 4 bytes leftover after parsing attributes in process `syz.5.527'.
[   60.003421][ T5209] hub 9-0:1.0: USB hub found
[   60.008282][ T5209] hub 9-0:1.0: 8 ports detected
[   60.107747][ T5221] xt_TPROXY: Can be used only with -p tcp or -p udp
[   60.168189][ T5221] wireguard0: entered promiscuous mode
[   60.271877][ T5232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.280496][ T5232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.304947][ T5234] SELinux:  policydb version -2013265645 does not match my version range 15-34
[   60.315079][ T5234] SELinux: failed to load policy
[   60.689343][ T5247] random: crng reseeded on system resumption
[   60.838808][ T5259] 9pnet_fd: Insufficient options for proto=fd
[   60.901517][ T5269] netlink: 'syz.1.555': attribute type 1 has an invalid length.
[   61.041815][ T5287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.051304][ T5287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.086246][ T5294] 9pnet_fd: Insufficient options for proto=fd
[   61.111854][ T5269] tipc: Started in network mode
[   61.116877][ T5269] tipc: Node identity 62246634c66e, cluster identity 4711
[   61.124107][ T5269] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   61.132123][ T5269] random: crng reseeded on system resumption
[   61.134881][ T5296] netlink: 'syz.3.566': attribute type 39 has an invalid length.
[   61.146223][ T5266] tipc: Resetting bearer <eth:syzkaller0>
[   61.158290][ T5266] tipc: Disabling bearer <eth:syzkaller0>
[   61.338010][ T5308] FAULT_INJECTION: forcing a failure.
[   61.338010][ T5308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.352349][ T5308] CPU: 0 UID: 0 PID: 5308 Comm: syz.3.569 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   61.352460][ T5308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   61.352473][ T5308] Call Trace:
[   61.352480][ T5308]  <TASK>
[   61.352489][ T5308]  __dump_stack+0x1d/0x30
[   61.352543][ T5308]  dump_stack_lvl+0xe8/0x140
[   61.352560][ T5308]  dump_stack+0x15/0x1b
[   61.352635][ T5308]  should_fail_ex+0x265/0x280
[   61.352667][ T5308]  should_fail+0xb/0x20
[   61.352693][ T5308]  should_fail_usercopy+0x1a/0x20
[   61.352733][ T5308]  _copy_from_user+0x1c/0xb0
[   61.352782][ T5308]  restore_altstack+0x4b/0x2d0
[   61.352809][ T5308]  ? __set_task_blocked+0x23a/0x2a0
[   61.352829][ T5308]  __ia32_sys_rt_sigreturn+0xdc/0x350
[   61.352848][ T5308]  ? _raw_spin_unlock_irq+0x26/0x50
[   61.352928][ T5308]  ? __rcu_read_unlock+0x4f/0x70
[   61.352952][ T5308]  ? bpf_trace_run2+0x124/0x1c0
[   61.352974][ T5308]  ? fpu__clear_user_states+0x63/0x1e0
[   61.353058][ T5308]  ? __bpf_trace_sys_enter+0x10/0x30
[   61.353077][ T5308]  ? trace_sys_enter+0xd0/0x110
[   61.353099][ T5308]  x64_sys_call+0x2e8a/0x2fb0
[   61.353123][ T5308]  do_syscall_64+0xd2/0x200
[   61.353141][ T5308]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   61.353189][ T5308]  ? clear_bhb_loop+0x40/0x90
[   61.353257][ T5308]  ? clear_bhb_loop+0x40/0x90
[   61.353275][ T5308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.353293][ T5308] RIP: 0033:0x7f4187e0ab19
[   61.353307][ T5308] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[   61.353322][ T5308] RSP: 002b:00007f41864d6a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[   61.353404][ T5308] RAX: ffffffffffffffda RBX: 00007f4188095fa0 RCX: 00007f4187e0ab19
[   61.353415][ T5308] RDX: 00007f41864d6a80 RSI: 00007f41864d6bb0 RDI: 0000000000000021
[   61.353426][ T5308] RBP: 00007f41864d7090 R08: 0000000000000000 R09: 0000000000000000
[   61.353436][ T5308] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   61.353446][ T5308] R13: 0000000000000000 R14: 00007f4188095fa0 R15: 00007ffe9a59a498
[   61.353461][ T5308]  </TASK>
[   61.649467][ T5322] 9pnet_fd: Insufficient options for proto=fd
[   61.672642][ T5325] xt_TPROXY: Can be used only with -p tcp or -p udp
[   61.737563][ T5330] wireguard0: entered promiscuous mode
[   61.792088][ T5334] =======================================================
[   61.792088][ T5334] WARNING: The mand mount option has been deprecated and
[   61.792088][ T5334]          and is ignored by this kernel. Remove the mand
[   61.792088][ T5334]          option from the mount to silence this warning.
[   61.792088][ T5334] =======================================================
[   61.828558][ T5334] cgroup: Unknown subsys name 'io'
[   61.868397][ T5337] netlink: 'syz.1.582': attribute type 10 has an invalid length.
[   61.874728][ T5335] hub 8-0:1.0: USB hub found
[   61.889727][ T5335] hub 8-0:1.0: 8 ports detected
[   61.928963][ T5338] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.952360][ T5341] netlink: 'syz.0.581': attribute type 5 has an invalid length.
[   61.996089][ T5338] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.088707][ T5347] openvswitch: netlink: Message has 6 unknown bytes.
[   62.098271][ T5347] FAULT_INJECTION: forcing a failure.
[   62.098271][ T5347] name failslab, interval 1, probability 0, space 0, times 0
[   62.111673][ T5347] CPU: 0 UID: 0 PID: 5347 Comm: syz.1.585 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   62.111704][ T5347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   62.111763][ T5347] Call Trace:
[   62.111769][ T5347]  <TASK>
[   62.111777][ T5347]  __dump_stack+0x1d/0x30
[   62.111802][ T5347]  dump_stack_lvl+0xe8/0x140
[   62.111825][ T5347]  dump_stack+0x15/0x1b
[   62.111844][ T5347]  should_fail_ex+0x265/0x280
[   62.111934][ T5347]  should_failslab+0x8c/0xb0
[   62.111960][ T5347]  kmem_cache_alloc_node_noprof+0x57/0x320
[   62.111985][ T5347]  ? __alloc_skb+0x101/0x320
[   62.112013][ T5347]  __alloc_skb+0x101/0x320
[   62.112047][ T5347]  netlink_ack+0xfd/0x500
[   62.112153][ T5347]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[   62.112183][ T5347]  netlink_rcv_skb+0x192/0x220
[   62.112209][ T5347]  ? __pfx_genl_rcv_msg+0x10/0x10
[   62.112287][ T5347]  genl_rcv+0x28/0x40
[   62.112306][ T5347]  netlink_unicast+0x59e/0x670
[   62.112332][ T5347]  netlink_sendmsg+0x58b/0x6b0
[   62.112397][ T5347]  ? __pfx_netlink_sendmsg+0x10/0x10
[   62.112414][ T5347]  __sock_sendmsg+0x142/0x180
[   62.112508][ T5347]  ____sys_sendmsg+0x31e/0x4e0
[   62.112547][ T5347]  ___sys_sendmsg+0x17b/0x1d0
[   62.112663][ T5347]  __x64_sys_sendmsg+0xd4/0x160
[   62.112700][ T5347]  x64_sys_call+0x2999/0x2fb0
[   62.112724][ T5347]  do_syscall_64+0xd2/0x200
[   62.112752][ T5347]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.112838][ T5347]  ? clear_bhb_loop+0x40/0x90
[   62.112886][ T5347]  ? clear_bhb_loop+0x40/0x90
[   62.112905][ T5347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.112926][ T5347] RIP: 0033:0x7f9c7921e929
[   62.112963][ T5347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.112984][ T5347] RSP: 002b:00007f9c77887038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.113006][ T5347] RAX: ffffffffffffffda RBX: 00007f9c79445fa0 RCX: 00007f9c7921e929
[   62.113021][ T5347] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[   62.113035][ T5347] RBP: 00007f9c77887090 R08: 0000000000000000 R09: 0000000000000000
[   62.113048][ T5347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   62.113061][ T5347] R13: 0000000000000000 R14: 00007f9c79445fa0 R15: 00007ffcc3142d98
[   62.113077][ T5347]  </TASK>
[   62.412813][ T5355] 9pnet_fd: Insufficient options for proto=fd
[   62.542203][ T5359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=62830 sclass=netlink_route_socket pid=5359 comm=syz.3.590
[   62.632590][ T5374] openvswitch: netlink: Message has 6 unknown bytes.
[   62.646248][ T5368] netlink: 'syz.0.594': attribute type 5 has an invalid length.
[   62.650154][ T5374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.664567][ T5374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.705259][ T5379] 1ªî{X¹¦: renamed from 
30ªî{X¹¦ (while UP)
[   62.713322][ T5379] A link change request failed with some changes committed already. Interface 
31ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[   63.008576][   T29] kauditd_printk_skb: 884 callbacks suppressed
[   63.008594][   T29] audit: type=1326 audit(1750218269.309:5025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.038542][   T29] audit: type=1326 audit(1750218269.309:5026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.062725][   T29] audit: type=1326 audit(1750218269.309:5027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.086283][   T29] audit: type=1326 audit(1750218269.329:5028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.110334][   T29] audit: type=1326 audit(1750218269.329:5029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.133856][   T29] audit: type=1326 audit(1750218269.329:5030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.157677][   T29] audit: type=1326 audit(1750218269.329:5031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.181838][   T29] audit: type=1326 audit(1750218269.329:5032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.205211][   T29] audit: type=1326 audit(1750218269.349:5033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5395 comm="syz.1.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.213924][ T5400] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   63.213924][ T5400] The task syz.5.605 (5400) triggered the difference, watch for misbehavior.
[   63.268593][ T5404] xt_TPROXY: Can be used only with -p tcp or -p udp
[   63.315112][ T5404] wireguard0: entered promiscuous mode
[   63.433961][   T29] audit: type=1326 audit(1750218269.739:5034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5408 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7921e929 code=0x7ffc0000
[   63.677368][ T5430] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   63.938955][ T5459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.947960][ T5459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.107804][ T5471] __nla_validate_parse: 14 callbacks suppressed
[   64.107821][ T5471] netlink: 33912 bytes leftover after parsing attributes in process `syz.5.633'.
[   64.165572][ T5471] netdevsim netdevsim5: Direct firmware load for ÈöníñÆgkNšÄq>ä*x(Oˆ@ failed with error -2
[   64.197479][ T5483] netlink: 'syz.5.635': attribute type 10 has an invalid length.
[   64.207051][ T5483] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   64.370696][ T5489] netlink: 32 bytes leftover after parsing attributes in process `syz.2.639'.
[   64.381662][ T5489] netlink: 20 bytes leftover after parsing attributes in process `syz.2.639'.
[   64.713472][ T5503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.722011][ T5503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.005591][ T5513] netlink: 'syz.0.648': attribute type 10 has an invalid length.
[   65.013512][ T5513] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   65.059075][ T5515] xt_TPROXY: Can be used only with -p tcp or -p udp
[   65.116464][ T5515] wireguard0: entered promiscuous mode
[   65.203634][ T5519] netlink: 32 bytes leftover after parsing attributes in process `syz.5.651'.
[   65.214782][ T5519] netlink: 20 bytes leftover after parsing attributes in process `syz.5.651'.
[   65.263477][ T5524] hub 8-0:1.0: USB hub found
[   65.268740][ T5524] hub 8-0:1.0: 8 ports detected
[   65.278387][ T5524] netlink: 24 bytes leftover after parsing attributes in process `syz.0.652'.
[   65.321976][ T5524] netlink: 'syz.0.652': attribute type 5 has an invalid length.
[   65.404666][ T5543] netlink: 'syz.0.660': attribute type 10 has an invalid length.
[   65.412617][ T5543] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   65.454929][ T5547] xt_TPROXY: Can be used only with -p tcp or -p udp
[   65.506240][ T5547] wireguard0: entered promiscuous mode
[   65.689209][ T5551] netlink: 32 bytes leftover after parsing attributes in process `syz.0.663'.
[   65.700473][ T5551] netlink: 20 bytes leftover after parsing attributes in process `syz.0.663'.
[   65.766089][ T5560] netlink: 16 bytes leftover after parsing attributes in process `syz.3.666'.
[   65.775112][ T5560] netlink: 20 bytes leftover after parsing attributes in process `syz.3.666'.
[   65.816378][ T5562] hub 8-0:1.0: USB hub found
[   65.822127][ T5562] hub 8-0:1.0: 8 ports detected
[   65.874016][ T5567] netlink: 'syz.2.670': attribute type 4 has an invalid length.
[   66.200896][ T5589] validate_nla: 2 callbacks suppressed
[   66.200913][ T5589] netlink: 'syz.0.677': attribute type 33 has an invalid length.
[   66.526509][ T5617] FAULT_INJECTION: forcing a failure.
[   66.526509][ T5617] name failslab, interval 1, probability 0, space 0, times 0
[   66.539257][ T5617] CPU: 1 UID: 0 PID: 5617 Comm: syz.0.690 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   66.539288][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   66.539299][ T5617] Call Trace:
[   66.539308][ T5617]  <TASK>
[   66.539318][ T5617]  __dump_stack+0x1d/0x30
[   66.539341][ T5617]  dump_stack_lvl+0xe8/0x140
[   66.539358][ T5617]  dump_stack+0x15/0x1b
[   66.539373][ T5617]  should_fail_ex+0x265/0x280
[   66.539404][ T5617]  should_failslab+0x8c/0xb0
[   66.539430][ T5617]  kmem_cache_alloc_noprof+0x50/0x310
[   66.539460][ T5617]  ? vm_area_dup+0x33/0x2c0
[   66.539500][ T5617]  vm_area_dup+0x33/0x2c0
[   66.539524][ T5617]  dup_mmap+0x501/0xf20
[   66.539551][ T5617]  copy_mm+0x11a/0x370
[   66.539585][ T5617]  copy_process+0xcf1/0x1fe0
[   66.539616][ T5617]  kernel_clone+0x16c/0x5b0
[   66.539641][ T5617]  ? vfs_write+0x75e/0x8e0
[   66.539673][ T5617]  __x64_sys_clone+0xe6/0x120
[   66.539704][ T5617]  x64_sys_call+0x2c59/0x2fb0
[   66.539725][ T5617]  do_syscall_64+0xd2/0x200
[   66.539744][ T5617]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.539770][ T5617]  ? clear_bhb_loop+0x40/0x90
[   66.539791][ T5617]  ? clear_bhb_loop+0x40/0x90
[   66.539812][ T5617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.539841][ T5617] RIP: 0033:0x7f55d9b1e929
[   66.539859][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.539876][ T5617] RSP: 002b:00007f55d8186fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   66.539898][ T5617] RAX: ffffffffffffffda RBX: 00007f55d9d45fa0 RCX: 00007f55d9b1e929
[   66.539911][ T5617] RDX: 0000000000000000 RSI: 0000000000020010 RDI: 0000000022023400
[   66.539924][ T5617] RBP: 00007f55d8187090 R08: 0000000000000000 R09: 0000000000000000
[   66.539937][ T5617] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[   66.539949][ T5617] R13: 0000000000000000 R14: 00007f55d9d45fa0 R15: 00007ffd5bde7a08
[   66.539968][ T5617]  </TASK>
[   66.905413][ T5629] hub 8-0:1.0: USB hub found
[   66.911179][ T5629] hub 8-0:1.0: 8 ports detected
[   66.951939][ T5629] netlink: 'syz.3.695': attribute type 5 has an invalid length.
[   67.101383][ T5650] bond0 (unregistering): Released all slaves
[   67.119282][ T5651] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5651 comm=syz.2.702
[   67.472742][ T5679] hub 8-0:1.0: USB hub found
[   67.485373][ T5679] hub 8-0:1.0: 8 ports detected
[   67.567659][ T5680] netlink: 'syz.5.710': attribute type 5 has an invalid length.
[   67.740689][ T5692] FAULT_INJECTION: forcing a failure.
[   67.740689][ T5692] name failslab, interval 1, probability 0, space 0, times 0
[   67.753552][ T5692] CPU: 1 UID: 0 PID: 5692 Comm: syz.5.712 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   67.753652][ T5692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.753664][ T5692] Call Trace:
[   67.753671][ T5692]  <TASK>
[   67.753680][ T5692]  __dump_stack+0x1d/0x30
[   67.753713][ T5692]  dump_stack_lvl+0xe8/0x140
[   67.753732][ T5692]  dump_stack+0x15/0x1b
[   67.753747][ T5692]  should_fail_ex+0x265/0x280
[   67.753838][ T5692]  should_failslab+0x8c/0xb0
[   67.753865][ T5692]  kmem_cache_alloc_node_noprof+0x57/0x320
[   67.753960][ T5692]  ? __alloc_skb+0x101/0x320
[   67.753990][ T5692]  __alloc_skb+0x101/0x320
[   67.754090][ T5692]  netlink_alloc_large_skb+0xba/0xf0
[   67.754120][ T5692]  netlink_sendmsg+0x3cf/0x6b0
[   67.754139][ T5692]  ? __pfx_netlink_sendmsg+0x10/0x10
[   67.754192][ T5692]  __sock_sendmsg+0x142/0x180
[   67.754219][ T5692]  ____sys_sendmsg+0x31e/0x4e0
[   67.754263][ T5692]  ___sys_sendmsg+0x17b/0x1d0
[   67.754301][ T5692]  __x64_sys_sendmsg+0xd4/0x160
[   67.754356][ T5692]  x64_sys_call+0x2999/0x2fb0
[   67.754380][ T5692]  do_syscall_64+0xd2/0x200
[   67.754422][ T5692]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.754450][ T5692]  ? clear_bhb_loop+0x40/0x90
[   67.754474][ T5692]  ? clear_bhb_loop+0x40/0x90
[   67.754525][ T5692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.754545][ T5692] RIP: 0033:0x7f0976c9e929
[   67.754560][ T5692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.754595][ T5692] RSP: 002b:00007f0975307038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.754614][ T5692] RAX: ffffffffffffffda RBX: 00007f0976ec5fa0 RCX: 00007f0976c9e929
[   67.754626][ T5692] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[   67.754638][ T5692] RBP: 00007f0975307090 R08: 0000000000000000 R09: 0000000000000000
[   67.754649][ T5692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.754661][ T5692] R13: 0000000000000000 R14: 00007f0976ec5fa0 R15: 00007ffde1fb56c8
[   67.754705][ T5692]  </TASK>
[   68.015896][ T5682] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[   68.059322][ T5713] pimreg: entered allmulticast mode
[   68.110548][ T5713] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.159202][   T29] kauditd_printk_skb: 1757 callbacks suppressed
[   68.159219][   T29] audit: type=1326 audit(1750218274.459:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5710 comm="syz.0.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d9b1e929 code=0x7ffc0000
[   68.190203][   T29] audit: type=1326 audit(1750218274.459:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5710 comm="syz.0.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f55d9b1e929 code=0x7ffc0000
[   68.213648][   T29] audit: type=1326 audit(1750218274.459:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5710 comm="syz.0.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d9b1e929 code=0x7ffc0000
[   68.284107][ T5713] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.318419][   T29] audit: type=1326 audit(1750218274.539:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5710 comm="syz.0.717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55d9b1e929 code=0x7ffc0000
[   68.366595][ T5740] futex_wake_op: syz.3.724 tries to shift op by -1; fix this program
[   68.378477][ T5713] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.410745][   T29] audit: type=1400 audit(1750218274.719:6796): avc:  denied  { listen } for  pid=5729 comm="syz.5.721" path="/44/file0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[   68.435158][   T29] audit: type=1400 audit(1750218274.739:6797): avc:  denied  { mounton } for  pid=5729 comm="syz.5.721" path="/44/file0" dev="tmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[   68.437380][ T5742] hub 8-0:1.0: USB hub found
[   68.458591][   T29] audit: type=1400 audit(1750218274.739:6798): avc:  denied  { mount } for  pid=5729 comm="syz.5.721" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   68.491292][ T5713] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.502045][ T5742] hub 8-0:1.0: 8 ports detected
[   68.553260][ T5713] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.563702][ T5755] sd 0:0:1:0: device reset
[   68.563987][   T29] audit: type=1326 audit(1750218274.869:6799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5739 comm="syz.3.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4187e6e929 code=0x7ffc0000
[   68.591644][   T29] audit: type=1326 audit(1750218274.869:6800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5739 comm="syz.3.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4187e6d290 code=0x7ffc0000
[   68.615348][   T29] audit: type=1326 audit(1750218274.869:6801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5739 comm="syz.3.724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4187e6e929 code=0x7ffc0000
[   68.645318][ T5713] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.658812][ T5713] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.670894][ T5713] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.735560][ T5742] netlink: 'syz.2.723': attribute type 5 has an invalid length.
[   68.793958][ T5776] 9pnet_fd: Insufficient options for proto=fd
[   68.828941][ T5779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.850753][ T5779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.256017][ T5809] ==================================================================
[   69.264245][ T5809] BUG: KCSAN: data-race in shmem_fallocate / shmem_fault
[   69.271299][ T5809] 
[   69.273635][ T5809] write to 0xffff88810472ee70 of 8 bytes by task 5808 on cpu 0:
[   69.281274][ T5809]  shmem_fallocate+0x221/0x840
[   69.286056][ T5809]  vfs_fallocate+0x413/0x450
[   69.290661][ T5809]  madvise_do_behavior+0x1152/0x1f20
[   69.295959][ T5809]  do_madvise+0x103/0x190
[   69.300298][ T5809]  __x64_sys_madvise+0x64/0x80
[   69.305075][ T5809]  x64_sys_call+0x2455/0x2fb0
[   69.309765][ T5809]  do_syscall_64+0xd2/0x200
[   69.314284][ T5809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.320299][ T5809] 
[   69.322629][ T5809] read to 0xffff88810472ee70 of 8 bytes by task 5809 on cpu 1:
[   69.330385][ T5809]  shmem_fault+0x90/0x250
[   69.334731][ T5809]  __do_fault+0xbc/0x200
[   69.339091][ T5809]  handle_mm_fault+0xf78/0x2be0
[   69.343955][ T5809]  __get_user_pages+0x1036/0x1fb0
[   69.349013][ T5809]  __mm_populate+0x243/0x3a0
[   69.353626][ T5809]  vm_mmap_pgoff+0x232/0x2e0
[   69.358227][ T5809]  ksys_mmap_pgoff+0xc2/0x310
[   69.363024][ T5809]  x64_sys_call+0x1602/0x2fb0
[   69.367730][ T5809]  do_syscall_64+0xd2/0x200
[   69.372258][ T5809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.378158][ T5809] 
[   69.380483][ T5809] value changed: 0x0000000000000000 -> 0xffffc90012127be8
[   69.387681][ T5809] 
[   69.390011][ T5809] Reported by Kernel Concurrency Sanitizer on:
[   69.396172][ T5809] CPU: 1 UID: 0 PID: 5809 Comm: syz.5.731 Not tainted 6.16.0-rc2-syzkaller-00045-g4663747812d1 #0 PREEMPT(voluntary) 
[   69.408512][ T5809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   69.418575][ T5809] ==================================================================