last executing test programs:

3.238588448s ago: executing program 2 (id=2370):
unshare(0x62040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = msgget$private(0x0, 0x80)
msgctl$IPC_RMID(r2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001800010600000000000000001c140000fe00000100000000050013"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000110}, 0x20048014)
unshare(0x40020400)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r3)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)={0x14, r4, 0x72b, 0xfffffffc, 0x0, {0x2f, 0x0, 0x324}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x93, 0x93, 0xa, [@volatile={0x1, 0x0, 0x0, 0x9, 0x2}, @datasec={0x8, 0x3, 0x0, 0xf, 0x3, [{0x2, 0xffff8001, 0xfffffff1}, {0x2, 0x6, 0x1}, {0x5, 0xa, 0x2}], "a5855c"}, @union={0xa, 0x4, 0x0, 0x5, 0x0, 0x7, [{0x4, 0x0, 0x647}, {0x1, 0x4, 0x74b}, {0x7, 0x5, 0xc}, {0x3, 0x1, 0x3}]}, @union={0x1, 0x1, 0x0, 0x5, 0x0, 0xe7af, [{0x4, 0x3, 0x6}]}]}, {0x0, [0x61, 0x0, 0x30, 0x0, 0x2e, 0x5f, 0x61, 0x61]}}, &(0x7f00000004c0)=""/202, 0xb6, 0xca, 0x0, 0x0, 0x0, @void, @value}, 0x28)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs2/custom0\x00', 0x802, 0x0)
r5 = socket$inet6(0x10, 0x2, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r5, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008000ac000000001", 0x1c, 0x0, 0x0, 0x0)

2.655920747s ago: executing program 0 (id=2378):
io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

2.592708309s ago: executing program 4 (id=2379):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x2000030a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0xff, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x18)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740), &(0x7f0000000840), 0x75, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x141242)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r6, 0x400454a4, &(0x7f0000000040))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r10, 0x29, 0x1a, &(0x7f0000000280)=0x80000001, 0x4)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @local}}}, 0x7, 0x1, 0x7f, 0xfffffffe, 0x36, 0x1, 0x6}, &(0x7f0000000200)=0x9c)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x14, r9, 0x6a98047402e98331}, 0x14}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r7)

2.583381748s ago: executing program 0 (id=2380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000740)=0x1000400)

2.50645527s ago: executing program 0 (id=2382):
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xd6}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r0, 0x0, 0x10, &(0x7f0000000240)='kmem_cache_free\x00', <r1=>0x0}, 0x30)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="020000000000", @ANYRES32, @ANYBLOB, @ANYRES32=r1], 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000280)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x12}}, 0x10, 0x0}, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r1}, 0x4)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r4)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local, @in=@broadcast, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x90, 0x3b}, {0xfffffffffffffffc}, {0x6, 0xffffffffffffffff}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in=@empty, 0x2, 0x0, 0x0, 0xa2}}, 0xe8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x566, &(0x7f0000000e80)="$eJzs3U1rG0cfAPD/ynbivDyPHQih7aEYcmhKGjm2+5JCD+mxtKGB9t4aSTHBchQsOcRuoMmhufRSQqGUBgq9995j6Bfopwi0gVCCaQ+5qKy8spVYsmVHjpzo94ONZ3ZWmRnN/kezWgkFMLAm0n9yEa9GxHdJxFhL2XBkhRNrx60+ulFItyTq9c/+TiLJ9jWPT7K/R7LMKxHx+zcRp3Ob660ur8zPlsulxSw/WVu4OlldXjlzeWF2rjRXujI9M3PunZnp9997t2d9ffPivz9+eu+jc9+eXP3h1wfH7iRxPo5mZa39eAY3WzMTMZE9JyNx/qkDp3pQ2X6S9LsB7MpQFucjkc4BYzGURX1b9bHn2TRgj32dhjUwoBLxDwOquQ5oXtv36Dr4hfHww7ULoM39H157byRGG9dGh1eTJ66M0uvd8R7Un9bx219376Rb9O59CIBt3bwVEWeHhzfPf0k2/+3e2S6OeboO8x88P/fS9c9b7dY/ufX1T7RZ/xxpE7u7sX385x70oJqO0vXfB23Xv+s3rcaHstz/Gmu+keTS5XIpndv+HxGnYuRgmt/ifs6XudX79U6Freu/dEvrb64Fs3Y8GD745GOKs7XZZ+p0i4e3Il5ru/5N1sc/aTP+6fNxscs6TpTuvt6pbPv+7610YN5oO/4bd7SSre9PTjbOh8nmWbFhNPv7z+0Tf3Sqv9/9T8f/8Nb9H09a79dWd17Hz6OPS53Kdnv+H0g+b6QPZPuuz9Zqi1MRB5JPNu+f3nhsM988Pu3/qZNbz3/tzv9DaWB32f/bx2+3Hjq6s/7vrbT/xR2N/84T9z/+6qdO9Xc3/m83UqeyPd3Mf9028FmeOwAAAAAAANhvchFxNJJcfj2dy+Xza5/vOB6Hc+VKtXb6UmXpSjEa35Udj5Fc8073WMvnIaayz8M289NP5Wci4lhEfD90qJHPFyrlYr87DwAAAAAAAAAAAAAAAAAAAPvEkYjRdt//T/051O/WAXtui5/8Bl5yneM/K+nFLz0B+5LXfxhc4h8Gl/iHwSX+YVAd7HcDgD7y+g+DS/zD4NpJ/P9yYQ8bAgAAAAAAAAAAAAAAAAAAAAAAAAAAAC+HixcupFt99dGNQpovXltemq9cO1MsVefzC0uFfKGyeDU/V6nMlUv5QmVhu/+vXKlcnZqOpeuTtVK1NlldXvliobJ05XF9TWnkufQKAAAAAAAAAAAAAAAAAAAAXizV5ZX52XK5tCghsavE8P5ohkSPE/2emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw38BAAD//1vgPxo=")
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
writev(r5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0)

2.44491184s ago: executing program 0 (id=2384):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0xa1}], 0x1, 0x0, 0x0)

2.344093372s ago: executing program 2 (id=2385):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) (fail_nth: 4)

1.982617958s ago: executing program 2 (id=2386):
r0 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
write$selinux_context(r0, &(0x7f0000000080)='system_u:object_r:ssh_keysign_exec_t:s0\x00', 0x28)

1.978538968s ago: executing program 4 (id=2387):
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x101, 0x1}, 0x0, 0x0, 0x840000, 0x7, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9c00080002060103000000000000000000000000050001000700000064000780050014000900000008000a400000000808000a4000000000060004404e240000050007000c000000080013400000000405000700ff00000005001500020000001800018014000240fe800000000000000000000000aa08000b4000000007050005000200000005000400000000000900020073797a3000000000b16772e42b8caf8c8436fad2fe650000"], 0x9c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
sendmsg$IPSET_CMD_GET_BYINDEX(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0xf, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x20004081)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
unshare(0x2040400)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)

1.972677668s ago: executing program 0 (id=2388):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000340)={'\x00', 0x5, 0x5, 0xfa3, 0x7f})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNISCRNMAP(r3, 0x5410, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000057c9fbee38b6974ebb42f1f2"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r5 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000140), 0x12)
openat$cgroup(r6, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r8, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)

1.89793181s ago: executing program 2 (id=2389):
unshare(0x62040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = msgget$private(0x0, 0x80)
msgctl$IPC_RMID(r2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001800010600000000000000001c140000fe00000100000000050013"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000110}, 0x20048014)
unshare(0x40020400)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r3)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)={0x14, r4, 0x72b, 0xfffffffc, 0x0, {0x2f, 0x0, 0x324}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x93, 0x93, 0xa, [@volatile={0x1, 0x0, 0x0, 0x9, 0x2}, @datasec={0x8, 0x3, 0x0, 0xf, 0x3, [{0x2, 0xffff8001, 0xfffffff1}, {0x2, 0x6, 0x1}, {0x5, 0xa, 0x2}], "a5855c"}, @union={0xa, 0x4, 0x0, 0x5, 0x0, 0x7, [{0x4, 0x0, 0x647}, {0x1, 0x4, 0x74b}, {0x7, 0x5, 0xc}, {0x3, 0x1, 0x3}]}, @union={0x1, 0x1, 0x0, 0x5, 0x0, 0xe7af, [{0x4, 0x3, 0x6}]}]}, {0x0, [0x61, 0x0, 0x30, 0x0, 0x2e, 0x5f, 0x61, 0x61]}}, &(0x7f00000004c0)=""/202, 0xb6, 0xca, 0x0, 0x0, 0x0, @void, @value}, 0x28)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs2/custom0\x00', 0x802, 0x0)
r5 = socket$inet6(0x10, 0x2, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r5, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008000ac000000001", 0x1c, 0x0, 0x0, 0x0)

1.8973993s ago: executing program 4 (id=2390):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r0, 0x0, 0x0, 0x4000040)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2004d95, &(0x7f00000000c0)={[{@barrier}]}, 0x0, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==") (fail_nth: 9)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
mount(0x0, 0x0, 0x0, 0x20000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)

984.385914ms ago: executing program 4 (id=2397):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f00000003c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x2000030a, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0xff, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r2, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x18)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740), &(0x7f0000000840), 0x75, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x141242)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r6, 0x400454a4, &(0x7f0000000040))

855.751856ms ago: executing program 3 (id=2398):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket(0x22, 0x2, 0x1)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, 0x0, &(0x7f0000000480))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x14)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
sendmsg(r3, &(0x7f0000000880)={0x0, 0x500, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x11}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)=ANY=[@ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000000000000013c4d4a9000000000000000002833e3a04d0fcf2d6efe6083975a1dc4669178b6fbb43fbc543ef739363131cb45b3d04733b82a2f91d9b68aaa13ac9eaca041e8ec944328c6cf6cb596d3b1367e6686a2beb1b5e2698a80e0ec4b26c8de0d032b8002e1a0700004de83174576b009c9204343181eed6a10f8f68b2a955a781fbdc11", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r7}, 0x18)
r8 = socket$inet(0x10, 0x3, 0xb)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x7, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000b6190c22c28600dbcb23b157b20674430fb9bfc9a9ee14d3da687e4d8b7b3a647736daf3c3bfcc0c4305002460c724be3c2cd5c18846aa88f06706288043bddf8a10e831b0549cc7f0c867699fd3ada0c6270d210c283181fb5956ae8d0f8fd9912665"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000004c0)=@filename='./file1\x00', 0x0, &(0x7f0000000880)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$key(r4, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a06000300000028bd7008fcd1df"], 0x18}}, 0x40)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000b40)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f00fa1fcdbb0000000000000000fa42652f204388c7c65100256216071561861c696a8d5a7c3900d3cd087effa9fad24636073cafb3d235aeebd6b59f37573071c12e5307f43c4d32bc2afd3b09e0b1ed673b17725bd3da021ed0a77bc1b096ede43d1191aab6dfc96b37b09cb566f65da76b1f1af3fa9f877226d83f5f6a3aaa3549596ecc3a9c88c625672ae650f4b941a78594b8a61cc80ba72fd9eecb8d17fdc0d0c97f9373c05145c5ba149841ee5267aed4af9e8f"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

725.843889ms ago: executing program 3 (id=2401):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
write$selinux_context(0xffffffffffffffff, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

585.932411ms ago: executing program 3 (id=2403):
r0 = syz_io_uring_setup(0x304, &(0x7f00000002c0)={0x0, 0x0, 0x10100, 0x2, 0xe1}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

585.071101ms ago: executing program 2 (id=2404):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r2, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0xa1}], 0x1, 0x0, 0x0)

553.719981ms ago: executing program 3 (id=2405):
socket$tipc(0x1e, 0x2, 0x0)
syz_clone3(&(0x7f0000000300)={0x100001200, &(0x7f0000000040), 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pselect6(0x40, &(0x7f0000000100)={0x2, 0x2000000, 0xfffffffffffffff8, 0x0, 0x1, 0x10, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x80000000000002, 0x800, 0x20000}, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f683a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="070200000000000000000100000008000880bcff07802c00048005000300010000000500030000000000050003000100000005000300000000000500030080ff000008000100030000000800020001"], 0x58}}, 0x880)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
msgget(0x3, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r9 = gettid()
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000600)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r8, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB="c0897f71", @ANYRES16=0x0, @ANYBLOB="20002bbd7000ffdbdf252b0000000a0001007770616e330000000c0005000202aaaaaaaaaaaa08000200", @ANYRES32=r10, @ANYBLOB="0c0005000201aaaaaaaaaaaa"], 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x1)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r11, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='block_rq_requeue\x00', r2, 0x0, 0x6}, 0x18)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)

486.065852ms ago: executing program 1 (id=2406):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000740)=0x1000400)

383.556395ms ago: executing program 1 (id=2407):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000740)=0x1000400)

382.921564ms ago: executing program 4 (id=2408):
socket$tipc(0x1e, 0x2, 0x0)
syz_clone3(&(0x7f0000000300)={0x100001200, &(0x7f0000000040), 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pselect6(0x40, &(0x7f0000000100)={0x2, 0x2000000, 0xfffffffffffffff8, 0x0, 0x1, 0x10, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x80000000000002, 0x800, 0x20000}, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
r3 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f683a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000480), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="070200000000000000000100000008000880bcff07802c00048005000300010000000500030000000000050003000100000005000300000000000500030080ff000008000100030000000800020001"], 0x58}}, 0x880)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
msgget(0x3, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r9 = gettid()
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000600)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r8, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_PID={0x8, 0x1c, r9}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB="c0897f71", @ANYRES16=0x0, @ANYBLOB="20002bbd7000ffdbdf252b0000000a0001007770616e330000000c0005000202aaaaaaaaaaaa08000200", @ANYRES32=r10, @ANYBLOB="0c0005000201aaaaaaaaaaaa"], 0x40}, 0x1, 0x0, 0x0, 0x20008000}, 0x1)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r11, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='block_rq_requeue\x00', r2, 0x0, 0x6}, 0x18)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)

359.212445ms ago: executing program 0 (id=2409):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, 0x0, 0x0)
write$UHID_CREATE(r0, 0x0, 0x0)
write$UHID_DESTROY(r0, &(0x7f0000000080), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, @void, @value}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000004140)='.\x00', 0x1a4243c, &(0x7f0000000a00)=ANY=[@ANYRES64=r4, @ANYBLOB="838af82ba0aed93ae1412b5d66c15d5708bf640ad92729f0adf01dc1f5c02e252ccc1a9f08cafb", @ANYRESOCT=r4, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6", @ANYRESHEX=r4, @ANYRESHEX=r4, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0, @ANYRES8=r4], 0x5, 0x0, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x850c01, 0x0, 0x0, 0x0, &(0x7f0000000080))
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_io_uring_setup(0x10e, &(0x7f00000001c0)={0x0, 0xf6f, 0x1000, 0x0, 0x222}, 0x0, &(0x7f0000000280))
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x3f, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

339.058695ms ago: executing program 1 (id=2410):
r0 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
write$selinux_context(r0, &(0x7f0000000080)='system_u:object_r:ssh_keysign_exec_t:s0\x00', 0x28)

242.704396ms ago: executing program 1 (id=2411):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket(0x22, 0x2, 0x1)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r0, 0x10f, 0x83, 0x0, &(0x7f0000000480))
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x14)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
sendmsg(r3, &(0x7f0000000880)={0x0, 0x500, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x11}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES16=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000a00)=ANY=[@ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="000000000000000013c4d4a9000000000000000002833e3a04d0fcf2d6efe6083975a1dc4669178b6fbb43fbc543ef739363131cb45b3d04733b82a2f91d9b68aaa13ac9eaca041e8ec944328c6cf6cb596d3b1367e6686a2beb1b5e2698a80e0ec4b26c8de0d032b8002e1a0700004de83174576b009c9204343181eed6a10f8f68b2a955a781fbdc11", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r7}, 0x18)
r8 = socket$inet(0x10, 0x3, 0xb)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00'})
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x6, 0x4, 0x7, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000b6190c22c28600dbcb23b157b20674430fb9bfc9a9ee14d3da687e4d8b7b3a647736daf3c3bfcc0c4305002460c724be3c2cd5c18846aa88f06706288043bddf8a10e831b0549cc7f0c867699fd3ada0c6270d210c283181fb5956ae8d0f8fd9912665"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000004c0)=@filename='./file1\x00', 0x0, &(0x7f0000000880)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kmem_cache_free\x00', r5}, 0x10)
sendmsg$key(r4, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020a06000300000028bd7008fcd1df"], 0x18}}, 0x40)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000b40)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f00fa1fcdbb0000000000000000fa42652f204388c7c65100256216071561861c696a8d5a7c3900d3cd087effa9fad24636073cafb3d235aeebd6b59f37573071c12e5307f43c4d32bc2afd3b09e0b1ed673b17725bd3da021ed0a77bc1b096ede43d1191aab6dfc96b37b09cb566f65da76b1f1af3fa9f877226d83f5f6a3aaa3549596ecc3a9c88c625672ae650f4b941a78594b8a61cc80ba72fd9eecb8d17fdc0d0c97f9373c05145c5ba149841ee5267aed4af9e8f"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

241.734796ms ago: executing program 3 (id=2412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000540), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0xea60], 0x38}, 0x2}, 0x0)

159.555678ms ago: executing program 3 (id=2413):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x163242, 0x110)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x4092, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x182804, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(0xffffffffffffffff, 0x0, 0x0)

147.185708ms ago: executing program 4 (id=2414):
unshare(0x62040200)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = msgget$private(0x0, 0x80)
msgctl$IPC_RMID(r2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001800010600000000000000001c140000fe00000100000000050013"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4000110}, 0x20048014)
unshare(0x40020400)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r3)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)={0x14, r4, 0x72b, 0xfffffffc, 0x0, {0x2f, 0x0, 0x324}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x93, 0x93, 0xa, [@volatile={0x1, 0x0, 0x0, 0x9, 0x2}, @datasec={0x8, 0x3, 0x0, 0xf, 0x3, [{0x2, 0xffff8001, 0xfffffff1}, {0x2, 0x6, 0x1}, {0x5, 0xa, 0x2}], "a5855c"}, @union={0xa, 0x4, 0x0, 0x5, 0x0, 0x7, [{0x4, 0x0, 0x647}, {0x1, 0x4, 0x74b}, {0x7, 0x5, 0xc}, {0x3, 0x1, 0x3}]}, @union={0x1, 0x1, 0x0, 0x5, 0x0, 0xe7af, [{0x4, 0x3, 0x6}]}]}, {0x0, [0x61, 0x0, 0x30, 0x0, 0x2e, 0x5f, 0x61, 0x61]}}, &(0x7f00000004c0)=""/202, 0xb6, 0xca, 0x0, 0x0, 0x0, @void, @value}, 0x28)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs2/custom0\x00', 0x802, 0x0)
r5 = socket$inet6(0x10, 0x2, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x10)
sendto$inet6(r5, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008000ac000000001", 0x1c, 0x0, 0x0, 0x0)

146.745498ms ago: executing program 1 (id=2415):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xe)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

102.362479ms ago: executing program 1 (id=2416):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
setrlimit(0x5, 0x0)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, 0x0)
getrlimit(0x2, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000440)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '('}}, {@measure}, {@smackfsfloor}, {@fowner_eq}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x2)
r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xc}, 0x0, 0x5, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r3, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r5=>r2, {0xffffffffffffffff}}, './file0\x00'})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a80)={r0, 0x58, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000d40)={0xffffffffffffffff, 0x20, &(0x7f0000000d00)={&(0x7f0000000b40)=""/204, 0xcc, <r7=>0x0, &(0x7f0000000c40)=""/164, 0xa4}}, 0x10)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @value}, 0x94)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='comm\x00')
writev(r9, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x1)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000d80)='task\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0xf, 0xd, &(0x7f0000000940)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}], &(0x7f0000000300)='GPL\x00', 0x5, 0x1c, &(0x7f00000009c0)=""/28, 0x40f00, 0x14, '\x00', r6, @fallback=0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000ac0)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000b00)={0x0, 0xc, 0x6, 0xd}, 0x10, r7, 0xffffffffffffffff, 0x4, &(0x7f0000000dc0)=[r8, r0, r0, r10, r0], &(0x7f0000000e00)=[{0x3, 0x2, 0x2, 0xc}, {0x1, 0x1, 0x4}, {0x3, 0x1, 0x10, 0x8}, {0x1, 0x4, 0xb, 0x5}], 0x10, 0x6, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004002, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@nojournal_checksum}, {@errors_continue}, {@noinit_itable}, {@nouid32}, {@grpjquota, 0x2e}]}, 0x81, 0x46c, &(0x7f00000004c0)="$eJzs3MtvG8UfAPDvrpP09ctD/ZVHH1BDQUQUkiYU6IELCKRekJDgAMeQhqrUbVETJFpVtCBUjoi/ADgi8RdwggsCTiCucEdIFeqFwgEtWnu3dWIndZwYN/jzkdae2YdnZmcnnp3xJoCBVc1fkogsIn6OiPFGdPkO1cbbjeuX5v+8fmk+iSx7+fekvt8f1y/Nl7uWx+0qIpNpRPpBEvvbpLt44eLpuVpt4XwRn14689b04oWLj586M3dy4eTC2dljx44+MfP0U7NPbko5R/O87nv33IG9x1/7+MX5LF7/7os8v/8rtjeXo2Fiw2lWo7r8XNaN1F8f3vCn31lGm8LJUB8zwrpUIiKvruF6+x+PStyqvPF44f2+Zg7oqSzLsm0taytl4EoG/Icl0e8cAP1RftHn97/l8i92P/ru2rONG6C83DeKpbFlKNL8bXvjjn20R+lXI+LVK399ki/RdhwCAGBzfZX3fx5r1/8bS+5u2m+smBuaiIjDEbE7Iv4fEXsi4q6IyPe9JyLuXWf61RXx1v7Pjzu6KliH8v7fM8Xc1vL+X1ruMlEpYqP18g8nb5yqLRwpzslkDG/L4zNrpPH18z99tNq25v5fvuTpl33BIh+/Da0YoDsxtzS3kTI3u/ZexL6hduVPbs4EJBGxNyL2dfH5+Tk79ejnB/Lw2K7W7QduW/41bMI8U/ZZxCON+r8SK8pfShoprTY/Ob09agtHpsurotX3P1x9qTk+3BS+ff33Vl7/O9te/0X5y2ZQztcurj+Nq798uOo9TbfX/0jySj08Uqx7Z25p6fxMxEixYtn62VvHlvFy/7z8k4falX8s2R3x96fFcfuLa/W+iLg/Ig4WeX8gIh6MiENrlP/b5x56c+0z1N/6P7FW/UdMJM3z9V0EKqe/+XK19Dur/6P10GSxppO/f51mcCPnDgAAALaKtP4b+CSduhlO06mpxm/498TOtHZucelwNd4+e6LxW/mJGE7Lka7xpvHQmWJsuIzProiXY15ZtqMen5o/V+vVnDrQmV2rtP/cr5V+5w7ouXXNo7U+0QZsYZ7XhMGl/cPg0v5hcGn/MLjatf/LETeaoj19CAPoH9//MLi0fxhc2j8MLu0fBlLrI/HlSF83T/rfCuw+vqHDByhQ6dEnR/M/7ehBINK+n7ruA+mdkI2DRWBbRHR61OWe1unK6wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+ycAAP//ENre5A==")
socket$pppoe(0x18, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000240)={[{@dioread_lock}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@user_xattr}, {@grpid}, {@sysvgroups}]}, 0x0, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")

0s ago: executing program 2 (id=2417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0x1, 0x20727ff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000f00)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4006, 0x5, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

kernel console output (not intermixed with test programs):

 Compute Engine, BIOS Google 02/12/2025
[  149.323176][ T8146] Call Trace:
[  149.323183][ T8146]  <TASK>
[  149.323261][ T8146]  dump_stack_lvl+0xf6/0x150
[  149.323344][ T8146]  dump_stack+0x15/0x1a
[  149.323359][ T8146]  should_fail_ex+0x261/0x270
[  149.323381][ T8146]  should_failslab+0x8f/0xb0
[  149.323405][ T8146]  kmem_cache_alloc_noprof+0x59/0x340
[  149.323437][ T8146]  ? skb_clone+0x154/0x1f0
[  149.323613][ T8146]  skb_clone+0x154/0x1f0
[  149.323637][ T8146]  skb_share_check+0x43/0x80
[  149.323654][ T8146]  ip_check_defrag+0x1d4/0x320
[  149.323674][ T8146]  packet_rcv_fanout+0xce/0x3e0
[  149.323702][ T8146]  ? xas_create+0xb8a/0xbe0
[  149.323835][ T8146]  ? __pfx_packet_rcv_fanout+0x10/0x10
[  149.323860][ T8146]  __netif_receive_skb_core+0x1b5c/0x2580
[  149.323896][ T8146]  ? __list_del_entry_valid_or_report+0x66/0x130
[  149.323991][ T8146]  ? __rmqueue_pcplist+0x11c9/0x1410
[  149.324066][ T8146]  ? _raw_spin_lock_irqsave+0x40/0xb0
[  149.324102][ T8146]  ? __list_del_entry_valid_or_report+0x66/0x130
[  149.324192][ T8146]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  149.324229][ T8146]  ? get_partial_node+0x2cc/0x310
[  149.324256][ T8146]  __netif_receive_skb_list_core+0x117/0x520
[  149.324310][ T8146]  netif_receive_skb_list_internal+0x4e6/0x670
[  149.324340][ T8146]  netif_receive_skb_list+0x31/0x230
[  149.324371][ T8146]  bpf_test_run_xdp_live+0xe17/0x1050
[  149.324394][ T8146]  ? synchronize_rcu_expedited+0x6d5/0x790
[  149.324476][ T8146]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  149.324512][ T8146]  ? bpf_test_run_xdp_live+0x2b3/0x1050
[  149.324560][ T8146]  bpf_prog_test_run_xdp+0x526/0x8e0
[  149.324598][ T8146]  ? __rcu_read_unlock+0x4e/0x70
[  149.324619][ T8146]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  149.324675][ T8146]  bpf_prog_test_run+0x20e/0x3a0
[  149.324771][ T8146]  __sys_bpf+0x440/0x800
[  149.324812][ T8146]  __x64_sys_bpf+0x43/0x50
[  149.324842][ T8146]  x64_sys_call+0x23da/0x2e10
[  149.324896][ T8146]  do_syscall_64+0xc9/0x1a0
[  149.324942][ T8146]  ? clear_bhb_loop+0x25/0x80
[  149.324967][ T8146]  ? clear_bhb_loop+0x25/0x80
[  149.325099][ T8146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.325145][ T8146] RIP: 0033:0x7f672797e169
[  149.325204][ T8146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.325221][ T8146] RSP: 002b:00007f6725fe7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  149.325238][ T8146] RAX: ffffffffffffffda RBX: 00007f6727ba5fa0 RCX: 00007f672797e169
[  149.325250][ T8146] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  149.325264][ T8146] RBP: 00007f6725fe7090 R08: 0000000000000000 R09: 0000000000000000
[  149.325289][ T8146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  149.325302][ T8146] R13: 0000000000000000 R14: 00007f6727ba5fa0 R15: 00007ffc78ac5f68
[  149.325323][ T8146]  </TASK>
[  149.899692][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.397497][ T8186] loop2: detected capacity change from 0 to 128
[  151.442525][ T8190] loop3: detected capacity change from 0 to 512
[  151.509469][ T8193] syz.2.1729: attempt to access beyond end of device
[  151.509469][ T8193] loop2: rw=2049, sector=593, nr_sectors = 448 limit=128
[  151.543418][ T8190] EXT4-fs (loop3): 1 orphan inode deleted
[  151.555454][ T3676] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:13: Failed to release dquot type 1
[  151.570097][ T8190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.596139][ T8201] FAULT_INJECTION: forcing a failure.
[  151.596139][ T8201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.609236][ T8201] CPU: 1 UID: 0 PID: 8201 Comm: syz.4.1734 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  151.609265][ T8201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  151.609322][ T8201] Call Trace:
[  151.609329][ T8201]  <TASK>
[  151.609337][ T8201]  dump_stack_lvl+0xf6/0x150
[  151.609362][ T8201]  dump_stack+0x15/0x1a
[  151.609381][ T8201]  should_fail_ex+0x261/0x270
[  151.609403][ T8201]  should_fail+0xb/0x10
[  151.609421][ T8201]  should_fail_usercopy+0x1a/0x20
[  151.609446][ T8201]  _copy_from_iter+0xd8/0xd10
[  151.609479][ T8201]  ? mntput+0x49/0x70
[  151.609508][ T8201]  tun_get_user+0x42e/0x2640
[  151.609540][ T8201]  ? _parse_integer+0x27/0x30
[  151.609562][ T8201]  ? string_unescape+0x160/0x530
[  151.609597][ T8201]  ? ref_tracker_alloc+0x1ff/0x310
[  151.609629][ T8201]  tun_chr_write_iter+0x188/0x240
[  151.609680][ T8201]  vfs_write+0x79b/0x950
[  151.609701][ T8201]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  151.609728][ T8201]  ksys_write+0xeb/0x1b0
[  151.609748][ T8201]  __x64_sys_write+0x42/0x50
[  151.609815][ T8201]  x64_sys_call+0x2a45/0x2e10
[  151.609837][ T8201]  do_syscall_64+0xc9/0x1a0
[  151.609865][ T8201]  ? clear_bhb_loop+0x25/0x80
[  151.609912][ T8201]  ? clear_bhb_loop+0x25/0x80
[  151.609933][ T8201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.609956][ T8201] RIP: 0033:0x7f4b02b4e169
[  151.609977][ T8201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.609996][ T8201] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  151.610013][ T8201] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  151.610023][ T8201] RDX: 0000000000000ffe RSI: 0000200000000480 RDI: 0000000000000003
[  151.610047][ T8201] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  151.610060][ T8201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.610073][ T8201] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  151.610100][ T8201]  </TASK>
[  151.820043][ T8190] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.919399][ T8203] FAULT_INJECTION: forcing a failure.
[  151.919399][ T8203] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.932647][ T8203] CPU: 1 UID: 0 PID: 8203 Comm: syz.1.1735 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  151.932680][ T8203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  151.932695][ T8203] Call Trace:
[  151.932702][ T8203]  <TASK>
[  151.932710][ T8203]  dump_stack_lvl+0xf6/0x150
[  151.932787][ T8203]  dump_stack+0x15/0x1a
[  151.932807][ T8203]  should_fail_ex+0x261/0x270
[  151.932837][ T8203]  should_fail+0xb/0x10
[  151.932887][ T8203]  should_fail_usercopy+0x1a/0x20
[  151.932917][ T8203]  _copy_from_iter+0xd8/0xd10
[  151.932980][ T8203]  ? __alloc_skb+0x1bd/0x320
[  151.933002][ T8203]  ? kmalloc_reserve+0x16e/0x190
[  151.933024][ T8203]  ? __build_skb_around+0x199/0x1f0
[  151.933084][ T8203]  ? __alloc_skb+0x227/0x320
[  151.933101][ T8203]  ? __virt_addr_valid+0x1ed/0x250
[  151.933118][ T8203]  ? __check_object_size+0x367/0x510
[  151.933161][ T8203]  netlink_sendmsg+0x492/0x720
[  151.933246][ T8203]  ? __pfx_netlink_sendmsg+0x10/0x10
[  151.933284][ T8203]  __sock_sendmsg+0x140/0x180
[  151.933321][ T8203]  ____sys_sendmsg+0x350/0x4e0
[  151.933355][ T8203]  __sys_sendmsg+0x1a0/0x240
[  151.933403][ T8203]  __x64_sys_sendmsg+0x46/0x50
[  151.933477][ T8203]  x64_sys_call+0x26f3/0x2e10
[  151.933504][ T8203]  do_syscall_64+0xc9/0x1a0
[  151.933534][ T8203]  ? clear_bhb_loop+0x25/0x80
[  151.933560][ T8203]  ? clear_bhb_loop+0x25/0x80
[  151.933624][ T8203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.933645][ T8203] RIP: 0033:0x7fe69502e169
[  151.933662][ T8203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.933682][ T8203] RSP: 002b:00007fe693697038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  151.933704][ T8203] RAX: ffffffffffffffda RBX: 00007fe695255fa0 RCX: 00007fe69502e169
[  151.933797][ T8203] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  151.933810][ T8203] RBP: 00007fe693697090 R08: 0000000000000000 R09: 0000000000000000
[  151.933823][ T8203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.933837][ T8203] R13: 0000000000000000 R14: 00007fe695255fa0 R15: 00007ffeeb3133d8
[  151.933859][ T8203]  </TASK>
[  152.150035][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[  152.152533][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.211337][ T8197] loop0: detected capacity change from 0 to 512
[  152.218382][ T8197] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  152.251534][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1740'.
[  152.258928][ T8217] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1741'.
[  152.261725][ T8197] EXT4-fs (loop0): 1 truncate cleaned up
[  152.275613][ T8197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.290872][ T8213] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.308030][ T8219] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=8219 comm=syz.1.1742
[  152.322093][ T8219] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=46 sclass=netlink_xfrm_socket pid=8219 comm=syz.1.1742
[  152.341121][ T8197] netlink: 173236 bytes leftover after parsing attributes in process `syz.0.1733'.
[  152.368814][ T8213] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.436645][ T8213] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.447592][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.522705][ T8231] lo speed is unknown, defaulting to 1000
[  152.534653][ T8213] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.577401][ T8237] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8237 comm=syz.3.1748
[  152.601920][ T8231] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1746'.
[  152.610995][ T8231] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1746'.
[  152.620415][ T8237] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1748'.
[  152.629731][ T8231] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1746'.
[  152.635983][ T8213] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.644085][ T8239] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1749'.
[  152.651184][ T8213] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.675781][ T8213] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.697784][ T8213] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.009973][ T8279] netlink: 'syz.1.1766': attribute type 1 has an invalid length.
[  153.018925][ T8279] netlink: 'syz.1.1766': attribute type 1 has an invalid length.
[  153.352601][ T8306] netlink: 'syz.4.1775': attribute type 1 has an invalid length.
[  153.415344][ T8314] loop4: detected capacity change from 0 to 128
[  153.447936][   T29] kauditd_printk_skb: 178 callbacks suppressed
[  153.447953][   T29] audit: type=1326 audit(1745322311.525:7807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.452337][ T8314] syz.4.1779: attempt to access beyond end of device
[  153.452337][ T8314] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  153.464672][   T29] audit: type=1326 audit(1745322311.525:7808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.514614][   T29] audit: type=1326 audit(1745322311.525:7809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.538096][   T29] audit: type=1326 audit(1745322311.525:7810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.561554][   T29] audit: type=1326 audit(1745322311.525:7811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.585189][   T29] audit: type=1326 audit(1745322311.535:7812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.608700][   T29] audit: type=1326 audit(1745322311.535:7813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.632171][   T29] audit: type=1326 audit(1745322311.535:7814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.655603][   T29] audit: type=1326 audit(1745322311.535:7815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.679066][   T29] audit: type=1326 audit(1745322311.535:7816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8315 comm="syz.3.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  153.795206][ T8325] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1784'.
[  154.001928][ T8345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1793'.
[  154.014825][ T8326] FAULT_INJECTION: forcing a failure.
[  154.014825][ T8326] name failslab, interval 1, probability 0, space 0, times 0
[  154.027528][ T8326] CPU: 0 UID: 0 PID: 8326 Comm: syz.4.1783 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  154.027553][ T8326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  154.027567][ T8326] Call Trace:
[  154.027574][ T8326]  <TASK>
[  154.027582][ T8326]  dump_stack_lvl+0xf6/0x150
[  154.027686][ T8326]  dump_stack+0x15/0x1a
[  154.027705][ T8326]  should_fail_ex+0x261/0x270
[  154.027809][ T8326]  should_failslab+0x8f/0xb0
[  154.027833][ T8326]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  154.027929][ T8326]  ? __alloc_skb+0x10d/0x320
[  154.028037][ T8326]  __alloc_skb+0x10d/0x320
[  154.028057][ T8326]  ? audit_log_start+0x37f/0x6e0
[  154.028089][ T8326]  audit_log_start+0x39a/0x6e0
[  154.028124][ T8326]  audit_seccomp+0x49/0x100
[  154.028151][ T8326]  __seccomp_filter+0x694/0x10e0
[  154.028258][ T8326]  ? hrtimer_nanosleep+0x196/0x2a0
[  154.028285][ T8326]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  154.028312][ T8326]  __secure_computing+0x7e/0x150
[  154.028330][ T8326]  syscall_trace_enter+0xcf/0x1f0
[  154.028417][ T8326]  do_syscall_64+0xaa/0x1a0
[  154.028523][ T8326]  ? clear_bhb_loop+0x25/0x80
[  154.028548][ T8326]  ? clear_bhb_loop+0x25/0x80
[  154.028569][ T8326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.028588][ T8326] RIP: 0033:0x7f4b02b4cb7c
[  154.028601][ T8326] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  154.028662][ T8326] RSP: 002b:00007f4b011b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  154.028683][ T8326] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4cb7c
[  154.028698][ T8326] RDX: 000000000000000f RSI: 00007f4b011b70a0 RDI: 0000000000000004
[  154.028711][ T8326] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  154.028722][ T8326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.028732][ T8326] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  154.028752][ T8326]  </TASK>
[  154.327160][ T8361] netlink: 300 bytes leftover after parsing attributes in process `syz.3.1799'.
[  154.606256][ T8378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1805'.
[  154.816996][ T8393] batadv0: mtu less than device minimum
[  154.823202][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.833665][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.844262][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.854813][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.865329][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.875880][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.886474][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.896926][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  154.907446][ T8393] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[  155.013558][ T8399] atomic_op ffff88811afb5d28 conn xmit_atomic 0000000000000000
[  155.126631][ T8410] loop4: detected capacity change from 0 to 1024
[  155.133428][ T8410] EXT4-fs: Ignoring removed nomblk_io_submit option
[  155.185701][ T8410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.219428][ T8410] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[  155.241745][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.359806][ T8420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1819'.
[  155.396146][ T8445] netlink: 'syz.4.1829': attribute type 1 has an invalid length.
[  155.412640][ T8445] netlink: 'syz.4.1829': attribute type 1 has an invalid length.
[  155.463321][ T8454] loop4: detected capacity change from 0 to 512
[  155.471049][ T8454] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  155.480611][ T8454] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.1832: inode #1: comm syz.4.1832: iget: illegal inode #
[  155.494406][ T8454] EXT4-fs (loop4): no journal found
[  155.499693][ T8454] EXT4-fs (loop4): can't get journal size
[  155.507698][ T8454] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  155.517460][ T8454] EXT4-fs (loop4): failed to initialize system zone (-22)
[  155.525511][ T8454] EXT4-fs (loop4): mount failed
[  155.585210][ T8458] futex_wake_op: syz.2.1833 tries to shift op by -1; fix this program
[  155.682021][ T8462] lo speed is unknown, defaulting to 1000
[  155.828822][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1838'.
[  156.000590][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1843'.
[  156.026760][ T8480] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.050362][ T8482] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1845'.
[  156.076173][ T8480] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.157452][ T8480] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.198978][ T8480] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.252170][ T8480] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  156.265912][ T8480] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.278376][ T8480] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.298073][ T8480] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.527238][ T8508] FAULT_INJECTION: forcing a failure.
[  156.527238][ T8508] name failslab, interval 1, probability 0, space 0, times 0
[  156.539927][ T8508] CPU: 1 UID: 0 PID: 8508 Comm: syz.4.1851 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  156.539958][ T8508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.539985][ T8508] Call Trace:
[  156.539991][ T8508]  <TASK>
[  156.539998][ T8508]  dump_stack_lvl+0xf6/0x150
[  156.540023][ T8508]  dump_stack+0x15/0x1a
[  156.540041][ T8508]  should_fail_ex+0x261/0x270
[  156.540062][ T8508]  should_failslab+0x8f/0xb0
[  156.540081][ T8508]  kmem_cache_alloc_noprof+0x59/0x340
[  156.540143][ T8508]  ? skb_clone+0x154/0x1f0
[  156.540165][ T8508]  skb_clone+0x154/0x1f0
[  156.540184][ T8508]  __netlink_deliver_tap+0x2bd/0x4f0
[  156.540207][ T8508]  netlink_unicast+0x69e/0x6c0
[  156.540331][ T8508]  netlink_sendmsg+0x609/0x720
[  156.540353][ T8508]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.540372][ T8508]  __sock_sendmsg+0x140/0x180
[  156.540399][ T8508]  ____sys_sendmsg+0x350/0x4e0
[  156.540491][ T8508]  __sys_sendmsg+0x1a0/0x240
[  156.540527][ T8508]  __x64_sys_sendmsg+0x46/0x50
[  156.540605][ T8508]  x64_sys_call+0x26f3/0x2e10
[  156.540655][ T8508]  do_syscall_64+0xc9/0x1a0
[  156.540677][ T8508]  ? clear_bhb_loop+0x25/0x80
[  156.540696][ T8508]  ? clear_bhb_loop+0x25/0x80
[  156.540715][ T8508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.540733][ T8508] RIP: 0033:0x7f4b02b4e169
[  156.540769][ T8508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.540785][ T8508] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.540801][ T8508] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  156.540813][ T8508] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[  156.540823][ T8508] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  156.540833][ T8508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.540903][ T8508] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  156.540919][ T8508]  </TASK>
[  156.974149][ T8531] FAULT_INJECTION: forcing a failure.
[  156.974149][ T8531] name failslab, interval 1, probability 0, space 0, times 0
[  156.987050][ T8531] CPU: 0 UID: 0 PID: 8531 Comm: syz.4.1860 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  156.987076][ T8531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  156.987087][ T8531] Call Trace:
[  156.987093][ T8531]  <TASK>
[  156.987153][ T8531]  dump_stack_lvl+0xf6/0x150
[  156.987180][ T8531]  dump_stack+0x15/0x1a
[  156.987200][ T8531]  should_fail_ex+0x261/0x270
[  156.987227][ T8531]  should_failslab+0x8f/0xb0
[  156.987316][ T8531]  __kmalloc_cache_noprof+0x55/0x320
[  156.987419][ T8531]  ? nd_alloc_stack+0x50/0x90
[  156.987443][ T8531]  nd_alloc_stack+0x50/0x90
[  156.987465][ T8531]  pick_link+0x77b/0x820
[  156.987487][ T8531]  step_into+0x772/0x860
[  156.987521][ T8531]  link_path_walk+0x500/0x840
[  156.987575][ T8531]  path_lookupat+0x6c/0x2a0
[  156.987608][ T8531]  filename_lookup+0x14b/0x340
[  156.987691][ T8531]  ? __pfx_shmem_put_link+0x10/0x10
[  156.987721][ T8531]  ? __pfx_shmem_put_link+0x10/0x10
[  156.987796][ T8531]  kern_path+0x39/0x130
[  156.987828][ T8531]  lookup_bdev+0x66/0x140
[  156.987848][ T8531]  __se_sys_quotactl+0x1a6/0x650
[  156.987950][ T8531]  __x64_sys_quotactl+0x55/0x70
[  156.987979][ T8531]  x64_sys_call+0x265d/0x2e10
[  156.988006][ T8531]  do_syscall_64+0xc9/0x1a0
[  156.988032][ T8531]  ? clear_bhb_loop+0x25/0x80
[  156.988052][ T8531]  ? clear_bhb_loop+0x25/0x80
[  156.988105][ T8531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.988130][ T8531] RIP: 0033:0x7f4b02b4e169
[  156.988148][ T8531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.988170][ T8531] RSP: 002b:00007f4b01196038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  156.988192][ T8531] RAX: ffffffffffffffda RBX: 00007f4b02d76080 RCX: 00007f4b02b4e169
[  156.988207][ T8531] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffff80000202
[  156.988288][ T8531] RBP: 00007f4b01196090 R08: 0000000000000000 R09: 0000000000000000
[  156.988302][ T8531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.988316][ T8531] R13: 0000000000000000 R14: 00007f4b02d76080 R15: 00007ffe9dfcf0a8
[  156.988339][ T8531]  </TASK>
[  157.334693][ T8543] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8543 comm=syz.3.1866
[  157.369677][ T8545] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=148 sclass=netlink_route_socket pid=8545 comm=syz.2.1867
[  157.385418][ T8545] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  157.400416][ T8546] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1867'.
[  157.441075][ T8546] loop2: detected capacity change from 0 to 512
[  157.482780][ T8546] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1867: bg 0: block 248: padding at end of block bitmap is not set
[  157.499707][ T8546] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1867: Failed to acquire dquot type 1
[  157.523055][ T8546] EXT4-fs (loop2): 1 truncate cleaned up
[  157.534881][ T8546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.564752][ T8546] ext4 filesystem being mounted at /348/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.616217][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.310566][ T8600] loop3: detected capacity change from 0 to 128
[  158.377996][ T8600] macsec0: entered promiscuous mode
[  158.393101][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.393101][ T3674] loop3: rw=1, sector=153, nr_sectors = 8 limit=128
[  158.406765][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.406765][ T3674] loop3: rw=1, sector=169, nr_sectors = 8 limit=128
[  158.420339][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.420339][ T3674] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[  158.433850][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.433850][ T3674] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[  158.447681][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.447681][ T3674] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[  158.461250][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.461250][ T3674] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[  158.475177][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.475177][ T3674] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[  158.488718][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.488718][ T3674] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[  158.502234][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.502234][ T3674] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[  158.515804][ T3674] kworker/u8:11: attempt to access beyond end of device
[  158.515804][ T3674] loop3: rw=1, sector=297, nr_sectors = 8 limit=128
[  158.562958][   T29] kauditd_printk_skb: 377 callbacks suppressed
[  158.562974][   T29] audit: type=1326 audit(1745322316.635:8190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.592787][   T29] audit: type=1326 audit(1745322316.635:8191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.611307][ T8615] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8615 comm=syz.1.1893
[  158.616305][   T29] audit: type=1326 audit(1745322316.635:8192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.652250][   T29] audit: type=1326 audit(1745322316.635:8193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.675733][   T29] audit: type=1326 audit(1745322316.635:8194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.699300][   T29] audit: type=1326 audit(1745322316.635:8195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.723010][   T29] audit: type=1326 audit(1745322316.635:8196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.746418][   T29] audit: type=1326 audit(1745322316.635:8197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.769997][   T29] audit: type=1326 audit(1745322316.635:8198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.793572][   T29] audit: type=1326 audit(1745322316.635:8199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8610 comm="syz.1.1892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe69502e169 code=0x7ffc0000
[  158.848106][ T8617] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  158.896699][ T8630] 9pnet_fd: Insufficient options for proto=fd
[  158.905727][ T8634] __nla_validate_parse: 5 callbacks suppressed
[  158.905741][ T8634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1896'.
[  158.975166][ T8639] loop4: detected capacity change from 0 to 128
[  158.983260][ T8639] siw: device registration error -23
[  159.033403][ T8643] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1902'.
[  159.042406][ T8643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1902'.
[  159.170439][ T8659] IPv6: NLM_F_CREATE should be specified when creating new route
[  159.267762][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1912'.
[  159.354423][ T8673] blktrace: Concurrent blktraces are not allowed on loop5
[  159.523060][ T8692] loop1: detected capacity change from 0 to 128
[  159.810335][ T8702] loop1: detected capacity change from 0 to 8192
[  159.876513][ T8702]  loop1: p1 p2 p3
[  159.911266][ T8702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1926'.
[  159.920329][ T8702] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1926'.
[  160.051274][ T8727] loop3: detected capacity change from 0 to 128
[  160.178387][ T8733] FAULT_INJECTION: forcing a failure.
[  160.178387][ T8733] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.191603][ T8733] CPU: 0 UID: 0 PID: 8733 Comm: syz.1.1934 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  160.191633][ T8733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  160.191676][ T8733] Call Trace:
[  160.191682][ T8733]  <TASK>
[  160.191688][ T8733]  dump_stack_lvl+0xf6/0x150
[  160.191715][ T8733]  dump_stack+0x15/0x1a
[  160.191735][ T8733]  should_fail_ex+0x261/0x270
[  160.191765][ T8733]  should_fail+0xb/0x10
[  160.191789][ T8733]  should_fail_usercopy+0x1a/0x20
[  160.191816][ T8733]  _copy_to_user+0x20/0xa0
[  160.191845][ T8733]  simple_read_from_buffer+0xb2/0x130
[  160.191936][ T8733]  proc_fail_nth_read+0x103/0x140
[  160.191974][ T8733]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  160.192059][ T8733]  vfs_read+0x1b2/0x710
[  160.192079][ T8733]  ? __rcu_read_unlock+0x4e/0x70
[  160.192103][ T8733]  ? __fget_files+0x186/0x1c0
[  160.192124][ T8733]  ksys_read+0xeb/0x1b0
[  160.192141][ T8733]  __x64_sys_read+0x42/0x50
[  160.192184][ T8733]  x64_sys_call+0x2a3b/0x2e10
[  160.192209][ T8733]  do_syscall_64+0xc9/0x1a0
[  160.192271][ T8733]  ? clear_bhb_loop+0x25/0x80
[  160.192292][ T8733]  ? clear_bhb_loop+0x25/0x80
[  160.192311][ T8733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.192336][ T8733] RIP: 0033:0x7fe69502cb7c
[  160.192358][ T8733] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  160.192378][ T8733] RSP: 002b:00007fe693697030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  160.192400][ T8733] RAX: ffffffffffffffda RBX: 00007fe695255fa0 RCX: 00007fe69502cb7c
[  160.192415][ T8733] RDX: 000000000000000f RSI: 00007fe6936970a0 RDI: 0000000000000007
[  160.192426][ T8733] RBP: 00007fe693697090 R08: 0000000000000000 R09: 0000000000000000
[  160.192437][ T8733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.192447][ T8733] R13: 0000000000000000 R14: 00007fe695255fa0 R15: 00007ffeeb3133d8
[  160.192497][ T8733]  </TASK>
[  160.258475][ T8740] netlink: 'syz.0.1941': attribute type 1 has an invalid length.
[  160.420750][ T8739] netlink: 'syz.0.1941': attribute type 1 has an invalid length.
[  160.452478][ T8748] loop4: detected capacity change from 0 to 1024
[  160.517037][ T8761] loop2: detected capacity change from 0 to 128
[  160.646622][ T8769] loop3: detected capacity change from 0 to 128
[  160.741864][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1952'.
[  160.786330][ T8782] netlink: 'syz.3.1955': attribute type 1 has an invalid length.
[  160.794816][ T8782] netlink: 'syz.3.1955': attribute type 1 has an invalid length.
[  160.872618][ T8790] loop2: detected capacity change from 0 to 2048
[  160.886995][ T8790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.987267][ T8790] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 1 with error 28
[  160.999631][ T8790] EXT4-fs (loop2): This should not happen!! Data will be lost
[  160.999631][ T8790] 
[  161.009356][ T8790] EXT4-fs (loop2): Total free blocks count 0
[  161.015373][ T8790] EXT4-fs (loop2): Free/Dirty block details
[  161.021274][ T8790] EXT4-fs (loop2): free_blocks=0
[  161.026249][ T8790] EXT4-fs (loop2): dirty_blocks=0
[  161.031279][ T8790] EXT4-fs (loop2): Block reservation details
[  161.037303][ T8790] EXT4-fs (loop2): i_reserved_data_blocks=0
[  161.054103][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.084617][ T8802] loop3: detected capacity change from 0 to 128
[  161.214417][ T8809] netlink: 'syz.2.1966': attribute type 1 has an invalid length.
[  161.223038][ T8809] netlink: 'syz.2.1966': attribute type 1 has an invalid length.
[  161.254018][ T8811] FAULT_INJECTION: forcing a failure.
[  161.254018][ T8811] name failslab, interval 1, probability 0, space 0, times 0
[  161.266776][ T8811] CPU: 1 UID: 0 PID: 8811 Comm: syz.2.1967 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  161.266801][ T8811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  161.266813][ T8811] Call Trace:
[  161.266876][ T8811]  <TASK>
[  161.266884][ T8811]  dump_stack_lvl+0xf6/0x150
[  161.266912][ T8811]  dump_stack+0x15/0x1a
[  161.266932][ T8811]  should_fail_ex+0x261/0x270
[  161.267006][ T8811]  should_failslab+0x8f/0xb0
[  161.267028][ T8811]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  161.267055][ T8811]  ? __alloc_skb+0x10d/0x320
[  161.267075][ T8811]  ? selinux_file_open+0x356/0x3c0
[  161.267101][ T8811]  __alloc_skb+0x10d/0x320
[  161.267145][ T8811]  alloc_skb_with_frags+0x80/0x460
[  161.267242][ T8811]  ? avc_has_perm_noaudit+0x1cc/0x210
[  161.267306][ T8811]  sock_alloc_send_pskb+0x437/0x500
[  161.267340][ T8811]  ? selinux_socket_sendmsg+0x18a/0x1c0
[  161.267466][ T8811]  hci_sock_sendmsg+0x11d/0x960
[  161.267562][ T8811]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  161.267603][ T8811]  __sock_sendmsg+0x140/0x180
[  161.267631][ T8811]  sock_write_iter+0x186/0x1c0
[  161.267682][ T8811]  vfs_write+0x79b/0x950
[  161.267700][ T8811]  ? __pfx_sock_write_iter+0x10/0x10
[  161.267736][ T8811]  ksys_write+0xeb/0x1b0
[  161.267758][ T8811]  __x64_sys_write+0x42/0x50
[  161.267779][ T8811]  x64_sys_call+0x2a45/0x2e10
[  161.267800][ T8811]  do_syscall_64+0xc9/0x1a0
[  161.267904][ T8811]  ? clear_bhb_loop+0x25/0x80
[  161.267927][ T8811]  ? clear_bhb_loop+0x25/0x80
[  161.267950][ T8811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.267972][ T8811] RIP: 0033:0x7f5c7720e169
[  161.267988][ T8811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.268007][ T8811] RSP: 002b:00007f5c75877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  161.268078][ T8811] RAX: ffffffffffffffda RBX: 00007f5c77435fa0 RCX: 00007f5c7720e169
[  161.268091][ T8811] RDX: 0000000000000006 RSI: 0000200000000100 RDI: 0000000000000006
[  161.268104][ T8811] RBP: 00007f5c75877090 R08: 0000000000000000 R09: 0000000000000000
[  161.268118][ T8811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.268131][ T8811] R13: 0000000000000000 R14: 00007f5c77435fa0 R15: 00007ffe110c6168
[  161.268152][ T8811]  </TASK>
[  161.531925][ T8817] loop1: detected capacity change from 0 to 1024
[  161.628605][ T8825] loop1: detected capacity change from 0 to 128
[  161.817420][ T8859] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1980'.
[  161.982957][ T8884] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1984'.
[  162.422365][ T8953] loop1: detected capacity change from 0 to 128
[  162.456693][ T8961] netlink: 'syz.1.1990': attribute type 4 has an invalid length.
[  162.479425][ T7009] lo speed is unknown, defaulting to 1000
[  162.485276][ T7009] syz0: Port: 1 Link DOWN
[  162.559107][ T8974] netlink: 'syz.3.1994': attribute type 1 has an invalid length.
[  162.587723][ T8978] IPv6: NLM_F_CREATE should be specified when creating new route
[  162.622618][ T8980] loop3: detected capacity change from 0 to 1024
[  162.639002][ T8978] loop4: detected capacity change from 0 to 8192
[  162.773268][ T8978]  loop4: p1 < > p3 < > p4
[  162.777827][ T8978] loop4: partition table partially beyond EOD, truncated
[  162.786453][ T8978] loop4: p1 start 100663297 is beyond EOD, truncated
[  162.793653][ T8978] loop4: p4 start 131072 is beyond EOD, truncated
[  162.812498][ T8978] batadv0: entered promiscuous mode
[  162.818536][ T8978] batadv0: left promiscuous mode
[  162.830997][ T8989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2001'.
[  162.927118][ T9002] loop2: detected capacity change from 0 to 2048
[  162.946645][ T9002] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.2006: bad orphan inode 8192
[  162.957733][ T9002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.027125][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.049697][ T9017] netlink: 'syz.2.2009': attribute type 1 has an invalid length.
[  163.091003][ T9024] netlink: 'syz.0.2013': attribute type 21 has an invalid length.
[  163.259649][ T9038] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  163.341134][ T9055] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.386317][ T9055] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.436152][ T9055] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.496269][ T9055] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.567345][ T9055] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.580634][ T9055] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.591672][ T9055] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.602936][ T9055] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.633460][ T9063] binfmt_misc: register: failed to install interpreter file ./file2
[  163.649441][ T9063] loop4: detected capacity change from 0 to 2048
[  163.656132][ T9063] ext4: Unknown parameter 'noacl'
[  163.851146][ T9068] loop1: detected capacity change from 0 to 1024
[  163.966224][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  163.966239][   T29] audit: type=1400 audit(1745322322.045:8441): avc:  denied  { write } for  pid=9077 comm="syz.4.2032" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  164.086595][ T9088] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  164.123782][   T29] audit: type=1326 audit(1745322322.195:8442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.148751][   T29] audit: type=1326 audit(1745322322.195:8443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.181157][   T29] audit: type=1326 audit(1745322322.225:8444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.204777][   T29] audit: type=1326 audit(1745322322.225:8445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.228217][   T29] audit: type=1326 audit(1745322322.225:8446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.251722][   T29] audit: type=1326 audit(1745322322.225:8447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.275019][   T29] audit: type=1326 audit(1745322322.225:8448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.298473][   T29] audit: type=1326 audit(1745322322.225:8449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.300307][ T9095] loop4: detected capacity change from 0 to 128
[  164.321798][   T29] audit: type=1326 audit(1745322322.225:8450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9090 comm="syz.0.2037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87ecb7e169 code=0x7ffc0000
[  164.364127][ T9095] siw: device registration error -23
[  164.381702][ T9099] FAULT_INJECTION: forcing a failure.
[  164.381702][ T9099] name failslab, interval 1, probability 0, space 0, times 0
[  164.394690][ T9099] CPU: 0 UID: 0 PID: 9099 Comm: syz.0.2041 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  164.394722][ T9099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.394773][ T9099] Call Trace:
[  164.394780][ T9099]  <TASK>
[  164.394789][ T9099]  dump_stack_lvl+0xf6/0x150
[  164.394813][ T9099]  dump_stack+0x15/0x1a
[  164.394838][ T9099]  should_fail_ex+0x261/0x270
[  164.394868][ T9099]  should_failslab+0x8f/0xb0
[  164.394895][ T9099]  kmem_cache_alloc_noprof+0x59/0x340
[  164.394996][ T9099]  ? io_submit_one+0xb9/0x1230
[  164.395023][ T9099]  io_submit_one+0xb9/0x1230
[  164.395131][ T9099]  ? __rcu_read_unlock+0x4e/0x70
[  164.395189][ T9099]  __se_sys_io_submit+0xf7/0x280
[  164.395246][ T9099]  __x64_sys_io_submit+0x43/0x50
[  164.395392][ T9099]  x64_sys_call+0xa8b/0x2e10
[  164.395412][ T9099]  do_syscall_64+0xc9/0x1a0
[  164.395436][ T9099]  ? clear_bhb_loop+0x25/0x80
[  164.395455][ T9099]  ? clear_bhb_loop+0x25/0x80
[  164.395517][ T9099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.395589][ T9099] RIP: 0033:0x7f87ecb7e169
[  164.395604][ T9099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.395724][ T9099] RSP: 002b:00007f87eb1e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  164.395755][ T9099] RAX: ffffffffffffffda RBX: 00007f87ecda5fa0 RCX: 00007f87ecb7e169
[  164.395769][ T9099] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f87ed8e2000
[  164.395783][ T9099] RBP: 00007f87eb1e7090 R08: 0000000000000000 R09: 0000000000000000
[  164.395797][ T9099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.395811][ T9099] R13: 0000000000000000 R14: 00007f87ecda5fa0 R15: 00007ffda3960238
[  164.395836][ T9099]  </TASK>
[  165.033472][ T9120] loop4: detected capacity change from 0 to 512
[  165.156242][ T9120] EXT4-fs (loop4): orphan cleanup on readonly fs
[  165.164446][ T9120] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2047: bg 0: block 248: padding at end of block bitmap is not set
[  165.299291][ T9120] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.2047: Failed to acquire dquot type 1
[  165.363275][ T9120] EXT4-fs (loop4): 1 truncate cleaned up
[  165.419716][ T9125] loop3: detected capacity change from 0 to 128
[  165.433350][ T9125] /dev/loop3: Can't open blockdev
[  165.588640][ T9120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  165.633092][ T9132] IPv6: NLM_F_CREATE should be specified when creating new route
[  165.660275][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.728749][ T9142] FAULT_INJECTION: forcing a failure.
[  165.728749][ T9142] name failslab, interval 1, probability 0, space 0, times 0
[  165.741417][ T9142] CPU: 1 UID: 0 PID: 9142 Comm: syz.4.2054 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  165.741448][ T9142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.741463][ T9142] Call Trace:
[  165.741471][ T9142]  <TASK>
[  165.741479][ T9142]  dump_stack_lvl+0xf6/0x150
[  165.741506][ T9142]  dump_stack+0x15/0x1a
[  165.741520][ T9142]  should_fail_ex+0x261/0x270
[  165.741611][ T9142]  should_failslab+0x8f/0xb0
[  165.741636][ T9142]  __kmalloc_cache_node_noprof+0x58/0x340
[  165.741663][ T9142]  ? __get_vm_area_node+0xfb/0x1c0
[  165.741695][ T9142]  __get_vm_area_node+0xfb/0x1c0
[  165.741857][ T9142]  __vmalloc_node_range_noprof+0x285/0xe80
[  165.741898][ T9142]  ? n_tty_open+0x1b/0xe0
[  165.741929][ T9142]  ? klist_dec_and_del+0xb8/0x260
[  165.741980][ T9142]  ? klist_dec_and_del+0xb8/0x260
[  165.742021][ T9142]  ? n_tty_open+0x1b/0xe0
[  165.742049][ T9142]  vzalloc_noprof+0x5e/0x70
[  165.742066][ T9142]  ? n_tty_open+0x1b/0xe0
[  165.742087][ T9142]  n_tty_open+0x1b/0xe0
[  165.742117][ T9142]  tty_ldisc_setup+0x8b/0x230
[  165.742141][ T9142]  tty_init_dev+0x182/0x320
[  165.742163][ T9142]  tty_open+0x6d2/0xb10
[  165.742265][ T9142]  chrdev_open+0x2fc/0x380
[  165.742291][ T9142]  ? __pfx_chrdev_open+0x10/0x10
[  165.742318][ T9142]  do_dentry_open+0x621/0xa20
[  165.742381][ T9142]  vfs_open+0x38/0x1e0
[  165.742479][ T9142]  path_openat+0x1b1c/0x2000
[  165.742513][ T9142]  ? _parse_integer_limit+0x167/0x180
[  165.742550][ T9142]  do_filp_open+0x115/0x240
[  165.742680][ T9142]  do_sys_openat2+0xaa/0x110
[  165.742709][ T9142]  __x64_sys_openat+0xf8/0x120
[  165.742743][ T9142]  x64_sys_call+0x1ac/0x2e10
[  165.742768][ T9142]  do_syscall_64+0xc9/0x1a0
[  165.742856][ T9142]  ? clear_bhb_loop+0x25/0x80
[  165.742881][ T9142]  ? clear_bhb_loop+0x25/0x80
[  165.742908][ T9142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.742926][ T9142] RIP: 0033:0x7f4b02b4e169
[  165.742969][ T9142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.742991][ T9142] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  165.743035][ T9142] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  165.743053][ T9142] RDX: 00000000001c5000 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  165.743068][ T9142] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  165.743082][ T9142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.743153][ T9142] R13: 0000000000000001 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  165.743241][ T9142]  </TASK>
[  165.743247][ T9142] syz.4.2054: vmalloc error: size 8904, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[  166.013646][ T9142] CPU: 1 UID: 0 PID: 9142 Comm: syz.4.2054 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  166.013672][ T9142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  166.013689][ T9142] Call Trace:
[  166.013761][ T9142]  <TASK>
[  166.013771][ T9142]  dump_stack_lvl+0xf6/0x150
[  166.013799][ T9142]  dump_stack+0x15/0x1a
[  166.013820][ T9142]  warn_alloc+0x145/0x1b0
[  166.013935][ T9142]  __vmalloc_node_range_noprof+0x2aa/0xe80
[  166.013992][ T9142]  ? klist_dec_and_del+0xb8/0x260
[  166.014038][ T9142]  ? klist_dec_and_del+0xb8/0x260
[  166.014081][ T9142]  ? n_tty_open+0x1b/0xe0
[  166.014250][ T9142]  vzalloc_noprof+0x5e/0x70
[  166.014269][ T9142]  ? n_tty_open+0x1b/0xe0
[  166.014298][ T9142]  n_tty_open+0x1b/0xe0
[  166.014328][ T9142]  tty_ldisc_setup+0x8b/0x230
[  166.014354][ T9142]  tty_init_dev+0x182/0x320
[  166.014445][ T9142]  tty_open+0x6d2/0xb10
[  166.014478][ T9142]  chrdev_open+0x2fc/0x380
[  166.014503][ T9142]  ? __pfx_chrdev_open+0x10/0x10
[  166.014524][ T9142]  do_dentry_open+0x621/0xa20
[  166.014555][ T9142]  vfs_open+0x38/0x1e0
[  166.014621][ T9142]  path_openat+0x1b1c/0x2000
[  166.014657][ T9142]  ? _parse_integer_limit+0x167/0x180
[  166.014697][ T9142]  do_filp_open+0x115/0x240
[  166.014735][ T9142]  do_sys_openat2+0xaa/0x110
[  166.014795][ T9142]  __x64_sys_openat+0xf8/0x120
[  166.014823][ T9142]  x64_sys_call+0x1ac/0x2e10
[  166.014892][ T9142]  do_syscall_64+0xc9/0x1a0
[  166.014935][ T9142]  ? clear_bhb_loop+0x25/0x80
[  166.014961][ T9142]  ? clear_bhb_loop+0x25/0x80
[  166.014985][ T9142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.015056][ T9142] RIP: 0033:0x7f4b02b4e169
[  166.015074][ T9142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.015095][ T9142] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  166.015117][ T9142] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  166.015131][ T9142] RDX: 00000000001c5000 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  166.015142][ T9142] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  166.015153][ T9142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.015163][ T9142] R13: 0000000000000001 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  166.015223][ T9142]  </TASK>
[  166.244920][ T9142] Mem-Info:
[  166.248056][ T9142] active_anon:6266 inactive_anon:3 isolated_anon:0
[  166.248056][ T9142]  active_file:7508 inactive_file:14050 isolated_file:0
[  166.248056][ T9142]  unevictable:0 dirty:598 writeback:0
[  166.248056][ T9142]  slab_reclaimable:2921 slab_unreclaimable:33046
[  166.248056][ T9142]  mapped:28671 shmem:3399 pagetables:856
[  166.248056][ T9142]  sec_pagetables:0 bounce:0
[  166.248056][ T9142]  kernel_misc_reclaimable:0
[  166.248056][ T9142]  free:1825667 free_pcp:47782 free_cma:0
[  166.293013][ T9142] Node 0 active_anon:25064kB inactive_anon:12kB active_file:30032kB inactive_file:56200kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114684kB dirty:2392kB writeback:0kB shmem:13596kB writeback_tmp:0kB kernel_stack:3616kB pagetables:3424kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  166.322095][ T9142] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  166.331666][ T9143] loop3: detected capacity change from 0 to 4096
[  166.349082][ T9142] lowmem_reserve[]: 0 2882 7860 7860
[  166.360864][ T9142] Node 0 DMA32 free:2947680kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951308kB mlocked:0kB bounce:0kB free_pcp:3628kB local_pcp:3528kB free_cma:0kB
[  166.389569][ T9142] lowmem_reserve[]: 0 0 4978 4978
[  166.394672][ T9142] Node 0 Normal free:4339512kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB active_anon:26920kB inactive_anon:12kB active_file:30032kB inactive_file:56200kB unevictable:0kB writepending:2392kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:185492kB local_pcp:45716kB free_cma:0kB
[  166.425250][ T9142] lowmem_reserve[]: 0 0 0 0
[  166.429810][ T9142] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  166.442672][ T9142] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947680kB
[  166.458947][ T9142] Node 0 Normal: 1973*4kB (UME) 1476*8kB (UME) 936*16kB (UME) 550*32kB (UME) 376*64kB (UME) 313*128kB (UME) 268*256kB (UME) 178*512kB (UME) 115*1024kB (UME) 59*2048kB (UME) 933*4096kB (UM) = 4336308kB
[  166.473852][ T9143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.478804][ T9142] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  166.478824][ T9142] 25916 total pagecache pages
[  166.478832][ T9142] 8 pages in swap cache
[  166.478849][ T9142] Free swap  = 124804kB
[  166.478857][ T9142] Total swap = 124996kB
[  166.517899][ T9142] 2097051 pages RAM
[  166.521742][ T9142] 0 pages HighMem/MovableOnly
[  166.526453][ T9142] 80823 pages reserved
[  166.528397][ T9153] validate_nla: 1 callbacks suppressed
[  166.528411][ T9153] netlink: 'syz.0.2059': attribute type 1 has an invalid length.
[  166.530505][ T9142] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  166.536010][ T9153] __nla_validate_parse: 3 callbacks suppressed
[  166.536089][ T9153] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2059'.
[  166.610736][ T9145] loop1: detected capacity change from 0 to 128
[  166.679446][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2056'.
[  166.706307][ T9163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2061'.
[  166.826336][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.882635][ T9181] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2071'.
[  166.942344][ T9186] loop3: detected capacity change from 0 to 128
[  167.002366][ T9186] bio_check_eod: 107 callbacks suppressed
[  167.002384][ T9186] syz.3.2068: attempt to access beyond end of device
[  167.002384][ T9186] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  167.227785][ T9205] netlink: 'syz.3.2080': attribute type 21 has an invalid length.
[  167.241239][ T9205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2080'.
[  167.316862][ T9206] netlink: 'syz.1.2078': attribute type 4 has an invalid length.
[  167.324684][ T9206] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2078'.
[  167.338216][ T9206] : renamed from bond0 (while UP)
[  167.350398][ T9205] lo speed is unknown, defaulting to 1000
[  167.458574][ T9210] loop3: detected capacity change from 0 to 256
[  167.539674][ T9212] loop3: detected capacity change from 0 to 512
[  167.546534][ T9212] EXT4-fs: Ignoring removed nobh option
[  167.552592][ T9212] EXT4-fs: journaled quota format not specified
[  167.564183][ T9212] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2081'.
[  167.588049][ T9212] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  167.692289][ T9225] netlink: 'syz.3.2087': attribute type 21 has an invalid length.
[  167.701416][ T9225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2087'.
[  167.756478][ T9225] lo speed is unknown, defaulting to 1000
[  167.937783][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  167.945275][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  167.952693][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  167.992178][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  167.999680][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.002126][ T9251] FAULT_INJECTION: forcing a failure.
[  168.002126][ T9251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.007150][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.020197][ T9251] CPU: 0 UID: 0 PID: 9251 Comm: syz.4.2092 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  168.020234][ T9251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.020251][ T9251] Call Trace:
[  168.020260][ T9251]  <TASK>
[  168.020272][ T9251]  dump_stack_lvl+0xf6/0x150
[  168.020317][ T9251]  dump_stack+0x15/0x1a
[  168.020338][ T9251]  should_fail_ex+0x261/0x270
[  168.020369][ T9251]  should_fail+0xb/0x10
[  168.020394][ T9251]  should_fail_usercopy+0x1a/0x20
[  168.020434][ T9251]  _copy_to_user+0x20/0xa0
[  168.020491][ T9251]  io_probe+0x171/0x1d0
[  168.020524][ T9251]  ? __se_sys_io_uring_register+0x10f4/0x1f50
[  168.020577][ T9251]  __se_sys_io_uring_register+0x10ff/0x1f50
[  168.020682][ T9251]  ? kstrtouint_from_user+0xbf/0x100
[  168.020711][ T9251]  ? __rcu_read_unlock+0x4e/0x70
[  168.020738][ T9251]  ? 0xffffffff81000000
[  168.020761][ T9251]  ? __rcu_read_unlock+0x4e/0x70
[  168.020786][ T9251]  ? get_pid_task+0x94/0xd0
[  168.020878][ T9251]  ? proc_fail_nth_write+0x12d/0x160
[  168.020940][ T9251]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  168.021058][ T9251]  ? vfs_write+0x669/0x950
[  168.021079][ T9251]  ? putname+0xe1/0x100
[  168.021107][ T9251]  ? __fget_files+0x186/0x1c0
[  168.021134][ T9251]  ? fput+0x99/0xd0
[  168.021187][ T9251]  ? ksys_write+0x180/0x1b0
[  168.021212][ T9251]  __x64_sys_io_uring_register+0x55/0x70
[  168.021253][ T9251]  x64_sys_call+0xb9d/0x2e10
[  168.021328][ T9251]  do_syscall_64+0xc9/0x1a0
[  168.021358][ T9251]  ? clear_bhb_loop+0x25/0x80
[  168.021384][ T9251]  ? clear_bhb_loop+0x25/0x80
[  168.021484][ T9251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.021509][ T9251] RIP: 0033:0x7f4b02b4e169
[  168.021525][ T9251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.021546][ T9251] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  168.021600][ T9251] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  168.021616][ T9251] RDX: 0000200000000100 RSI: 0000000000000008 RDI: 0000000000000004
[  168.021631][ T9251] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  168.021645][ T9251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.021660][ T9251] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  168.021686][ T9251]  </TASK>
[  168.066483][ T9225] loop3: detected capacity change from 0 to 256
[  168.069882][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.277675][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.285185][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.292574][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.300003][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.307435][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.314908][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.322379][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.329846][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.337462][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.344971][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.352377][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.359834][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.367286][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.374878][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.382314][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.389732][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.397148][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.404571][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.412009][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.419411][ T7009] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  168.427673][ T7009] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  168.461979][ T9259] loop1: detected capacity change from 0 to 512
[  168.507212][ T9259] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  168.519482][ T9259] EXT4-fs (loop1): orphan cleanup on readonly fs
[  168.527064][ T9259] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2094: invalid indirect mapped block 256 (level 2)
[  168.546420][ T9259] EXT4-fs (loop1): 2 truncates cleaned up
[  168.552677][ T9259] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  168.581920][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.697322][ T9284] FAULT_INJECTION: forcing a failure.
[  168.697322][ T9284] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  168.710532][ T9284] CPU: 1 UID: 0 PID: 9284 Comm: syz.4.2103 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  168.710560][ T9284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.710572][ T9284] Call Trace:
[  168.710578][ T9284]  <TASK>
[  168.710587][ T9284]  dump_stack_lvl+0xf6/0x150
[  168.710650][ T9284]  dump_stack+0x15/0x1a
[  168.710666][ T9284]  should_fail_ex+0x261/0x270
[  168.710697][ T9284]  should_fail+0xb/0x10
[  168.710777][ T9284]  should_fail_usercopy+0x1a/0x20
[  168.710803][ T9284]  _copy_to_user+0x20/0xa0
[  168.710910][ T9284]  io_probe+0x171/0x1d0
[  168.710940][ T9284]  ? __se_sys_io_uring_register+0x10f4/0x1f50
[  168.710976][ T9284]  __se_sys_io_uring_register+0x10ff/0x1f50
[  168.711007][ T9284]  ? kstrtouint_from_user+0xbf/0x100
[  168.711073][ T9284]  ? __rcu_read_unlock+0x4e/0x70
[  168.711094][ T9284]  ? 0xffffffff81000000
[  168.711109][ T9284]  ? __rcu_read_unlock+0x4e/0x70
[  168.711134][ T9284]  ? get_pid_task+0x94/0xd0
[  168.711156][ T9284]  ? copy_to_user_nofault+0xff/0x120
[  168.711190][ T9284]  ? bpf_probe_write_user+0x80/0xc0
[  168.711226][ T9284]  ? __rcu_read_unlock+0x4e/0x70
[  168.711246][ T9284]  ? bpf_trace_run2+0x12c/0x1d0
[  168.711274][ T9284]  ? __bpf_trace_sys_enter+0x10/0x30
[  168.711300][ T9284]  ? trace_sys_enter+0xcd/0x110
[  168.711365][ T9284]  __x64_sys_io_uring_register+0x55/0x70
[  168.711396][ T9284]  x64_sys_call+0xb9d/0x2e10
[  168.711552][ T9284]  do_syscall_64+0xc9/0x1a0
[  168.711589][ T9284]  ? clear_bhb_loop+0x25/0x80
[  168.711609][ T9284]  ? clear_bhb_loop+0x25/0x80
[  168.711629][ T9284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.711648][ T9284] RIP: 0033:0x7f4b02b4e169
[  168.711665][ T9284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.711704][ T9284] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  168.711727][ T9284] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  168.711741][ T9284] RDX: 0000200000000100 RSI: 0000000000000008 RDI: 0000000000000003
[  168.711755][ T9284] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  168.711769][ T9284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  168.711782][ T9284] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  168.711805][ T9284]  </TASK>
[  168.965278][ T9285] loop2: detected capacity change from 0 to 512
[  168.967276][ T9288] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2105'.
[  168.980633][   T29] kauditd_printk_skb: 188 callbacks suppressed
[  168.980700][   T29] audit: type=1400 audit(1745322327.045:8637): avc:  denied  { nlmsg_write } for  pid=9287 comm="syz.4.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  169.007638][   T29] audit: type=1400 audit(1745322327.045:8638): avc:  denied  { mounton } for  pid=9283 comm="syz.2.2104" path="/397/file1" dev="tmpfs" ino=2101 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  169.040858][   T29] audit: type=1400 audit(1745322327.115:8639): avc:  denied  { name_bind } for  pid=9289 comm="syz.1.2106" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  169.058615][ T9294] FAULT_INJECTION: forcing a failure.
[  169.058615][ T9294] name failslab, interval 1, probability 0, space 0, times 0
[  169.062672][   T29] audit: type=1400 audit(1745322327.115:8640): avc:  denied  { node_bind } for  pid=9289 comm="syz.1.2106" saddr=fe80::aa src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  169.075258][ T9294] CPU: 0 UID: 0 PID: 9294 Comm: syz.4.2107 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  169.075309][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  169.075378][ T9294] Call Trace:
[  169.075386][ T9294]  <TASK>
[  169.075396][ T9294]  dump_stack_lvl+0xf6/0x150
[  169.075425][ T9294]  dump_stack+0x15/0x1a
[  169.075446][ T9294]  should_fail_ex+0x261/0x270
[  169.075476][ T9294]  should_failslab+0x8f/0xb0
[  169.075530][ T9294]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  169.075566][ T9294]  ? __alloc_skb+0x10d/0x320
[  169.075592][ T9294]  __alloc_skb+0x10d/0x320
[  169.075612][ T9294]  ? audit_log_start+0x37f/0x6e0
[  169.075650][ T9294]  audit_log_start+0x39a/0x6e0
[  169.075701][ T9294]  ? vfs_writev+0x714/0x880
[  169.075736][ T9294]  audit_seccomp+0x49/0x100
[  169.075767][ T9294]  __seccomp_filter+0x694/0x10e0
[  169.075805][ T9294]  __secure_computing+0x7e/0x150
[  169.075829][ T9294]  syscall_trace_enter+0xcf/0x1f0
[  169.075931][ T9294]  do_syscall_64+0xaa/0x1a0
[  169.075963][ T9294]  ? clear_bhb_loop+0x25/0x80
[  169.075988][ T9294]  ? clear_bhb_loop+0x25/0x80
[  169.076014][ T9294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.076040][ T9294] RIP: 0033:0x7f4b02b4cb7c
[  169.076057][ T9294] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  169.076156][ T9294] RSP: 002b:00007f4b011b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  169.076178][ T9294] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4cb7c
[  169.076228][ T9294] RDX: 000000000000000f RSI: 00007f4b011b70a0 RDI: 0000000000000007
[  169.076243][ T9294] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  169.076257][ T9294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.076271][ T9294] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  169.076294][ T9294]  </TASK>
[  169.076310][ T9294] audit: audit_lost=8 audit_rate_limit=0 audit_backlog_limit=64
[  169.110444][   T29] audit: type=1326 audit(1745322327.115:8641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9293 comm="syz.4.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02b4e169 code=0x7ffc0000
[  169.119809][ T9294] audit: out of memory in audit_log_start
[  169.306150][ T9285] EXT4-fs (loop2): 1 orphan inode deleted
[  169.319516][   T29] audit: type=1326 audit(1745322327.115:8642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9293 comm="syz.4.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4b02b4e169 code=0x7ffc0000
[  169.319550][   T29] audit: type=1326 audit(1745322327.115:8643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9293 comm="syz.4.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02b4e169 code=0x7ffc0000
[  169.319581][   T29] audit: type=1326 audit(1745322327.115:8644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9293 comm="syz.4.2107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4b02b4e169 code=0x7ffc0000
[  169.406318][   T31] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1
[  169.407536][ T9285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.445647][ T9285] ext4 filesystem being mounted at /397/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.467296][ T9312] loop1: detected capacity change from 0 to 128
[  169.511231][ T9312] syz.1.2113: attempt to access beyond end of device
[  169.511231][ T9312] loop1: rw=0, sector=121, nr_sectors = 920 limit=128
[  169.652682][ T9325] lo speed is unknown, defaulting to 1000
[  169.668911][ T9333] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2121'.
[  169.706896][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.764591][ T9326] lo speed is unknown, defaulting to 1000
[  169.797682][ T9344] loop4: detected capacity change from 0 to 512
[  169.815500][ T9344] EXT4-fs warning (device loop4): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  169.827152][ T9344] EXT4-fs warning (device loop4): dx_probe:851: Enable large directory feature to access it
[  169.837296][ T9344] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.2125: Corrupt directory, running e2fsck is recommended
[  169.874639][ T9349] loop2: detected capacity change from 0 to 1024
[  169.909301][ T9344] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  169.918188][ T9344] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.2125: corrupted in-inode xattr: invalid ea_ino
[  169.933540][ T9344] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.2125: couldn't read orphan inode 15 (err -117)
[  169.947661][ T9344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.996159][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.219872][ T9381] loop4: detected capacity change from 0 to 1024
[  170.385980][ T9389] loop4: detected capacity change from 0 to 4096
[  170.406529][ T9389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.499887][ T9402] loop1: detected capacity change from 0 to 1024
[  170.520791][ T9404] FAULT_INJECTION: forcing a failure.
[  170.520791][ T9404] name failslab, interval 1, probability 0, space 0, times 0
[  170.533619][ T9404] CPU: 1 UID: 0 PID: 9404 Comm: syz.2.2148 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  170.533651][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  170.533666][ T9404] Call Trace:
[  170.533674][ T9404]  <TASK>
[  170.533683][ T9404]  dump_stack_lvl+0xf6/0x150
[  170.533789][ T9404]  dump_stack+0x15/0x1a
[  170.533805][ T9404]  should_fail_ex+0x261/0x270
[  170.533953][ T9404]  should_failslab+0x8f/0xb0
[  170.533972][ T9404]  kmem_cache_alloc_noprof+0x59/0x340
[  170.534003][ T9404]  ? alloc_empty_file+0x78/0x200
[  170.534034][ T9404]  ? _raw_spin_unlock+0x26/0x50
[  170.534082][ T9404]  alloc_empty_file+0x78/0x200
[  170.534120][ T9404]  alloc_file_pseudo+0xcb/0x160
[  170.534175][ T9404]  aio_setup_ring+0x13a/0x730
[  170.534202][ T9404]  ioctx_alloc+0x2b2/0x4c0
[  170.534226][ T9404]  __se_sys_io_setup+0x6b/0x1b0
[  170.534264][ T9404]  __x64_sys_io_setup+0x31/0x40
[  170.534297][ T9404]  x64_sys_call+0x2b35/0x2e10
[  170.534425][ T9404]  do_syscall_64+0xc9/0x1a0
[  170.534454][ T9404]  ? clear_bhb_loop+0x25/0x80
[  170.534524][ T9404]  ? clear_bhb_loop+0x25/0x80
[  170.534546][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.534615][ T9404] RIP: 0033:0x7f5c7720e169
[  170.534633][ T9404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.534654][ T9404] RSP: 002b:00007f5c75877038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  170.534750][ T9404] RAX: ffffffffffffffda RBX: 00007f5c77435fa0 RCX: 00007f5c7720e169
[  170.534762][ T9404] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  170.534774][ T9404] RBP: 00007f5c75877090 R08: 0000000000000000 R09: 0000000000000000
[  170.534788][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.534802][ T9404] R13: 0000000000000000 R14: 00007f5c77435fa0 R15: 00007ffe110c6168
[  170.534824][ T9404]  </TASK>
[  170.726956][ T9402] EXT4-fs: quotafile must be on filesystem root
[  170.796675][ T9411] loop1: detected capacity change from 0 to 1024
[  170.871411][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.901513][ T9413] lo speed is unknown, defaulting to 1000
[  171.395857][ T9419] lo speed is unknown, defaulting to 1000
[  171.609288][ T9432] FAULT_INJECTION: forcing a failure.
[  171.609288][ T9432] name failslab, interval 1, probability 0, space 0, times 0
[  171.621997][ T9432] CPU: 1 UID: 0 PID: 9432 Comm: syz.0.2157 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  171.622068][ T9432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  171.622082][ T9432] Call Trace:
[  171.622090][ T9432]  <TASK>
[  171.622100][ T9432]  dump_stack_lvl+0xf6/0x150
[  171.622127][ T9432]  dump_stack+0x15/0x1a
[  171.622144][ T9432]  should_fail_ex+0x261/0x270
[  171.622172][ T9432]  should_failslab+0x8f/0xb0
[  171.622227][ T9432]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[  171.622261][ T9432]  ? sidtab_sid2str_get+0xb8/0x140
[  171.622293][ T9432]  kmemdup_noprof+0x2b/0x70
[  171.622329][ T9432]  sidtab_sid2str_get+0xb8/0x140
[  171.622348][ T9432]  security_sid_to_context_core+0x1eb/0x2f0
[  171.622383][ T9432]  security_sid_to_context+0x27/0x30
[  171.622522][ T9432]  avc_audit_post_callback+0x10f/0x540
[  171.622663][ T9432]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  171.622686][ T9432]  common_lsm_audit+0x1c6/0x230
[  171.622714][ T9432]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  171.622768][ T9432]  slow_avc_audit+0xff/0x140
[  171.622793][ T9432]  avc_has_perm+0x124/0x150
[  171.622952][ T9432]  selinux_socket_sendmsg+0x18a/0x1c0
[  171.623007][ T9432]  security_socket_sendmsg+0x47/0x80
[  171.623037][ T9432]  __sock_sendmsg+0x2d/0x180
[  171.623074][ T9432]  ____sys_sendmsg+0x350/0x4e0
[  171.623139][ T9432]  __sys_sendmsg+0x1a0/0x240
[  171.623176][ T9432]  __x64_sys_sendmsg+0x46/0x50
[  171.623271][ T9432]  x64_sys_call+0x26f3/0x2e10
[  171.623297][ T9432]  do_syscall_64+0xc9/0x1a0
[  171.623320][ T9432]  ? clear_bhb_loop+0x25/0x80
[  171.623375][ T9432]  ? clear_bhb_loop+0x25/0x80
[  171.623398][ T9432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.623452][ T9432] RIP: 0033:0x7f87ecb7e169
[  171.623470][ T9432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.623488][ T9432] RSP: 002b:00007f87eb1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.623504][ T9432] RAX: ffffffffffffffda RBX: 00007f87ecda5fa0 RCX: 00007f87ecb7e169
[  171.623515][ T9432] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  171.623525][ T9432] RBP: 00007f87eb1e7090 R08: 0000000000000000 R09: 0000000000000000
[  171.623644][ T9432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.623716][ T9432] R13: 0000000000000000 R14: 00007f87ecda5fa0 R15: 00007ffda3960238
[  171.623738][ T9432]  </TASK>
[  172.132085][ T9413] __nla_validate_parse: 5 callbacks suppressed
[  172.132102][ T9413] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2152'.
[  172.164568][ T9440] loop2: detected capacity change from 0 to 128
[  172.272195][ T9440] syz.2.2161: attempt to access beyond end of device
[  172.272195][ T9440] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[  172.345721][ T9446] loop4: detected capacity change from 0 to 1024
[  172.396116][ T9448] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9448 comm=syz.3.2164
[  172.970472][ T9483] netlink: 'syz.1.2178': attribute type 7 has an invalid length.
[  172.978303][ T9483] netlink: 'syz.1.2178': attribute type 8 has an invalid length.
[  173.221223][ T9488] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  173.387702][ T9488] loop4: detected capacity change from 0 to 128
[  173.599459][ T9488] siw: device registration error -23
[  173.614470][ T9494] FAULT_INJECTION: forcing a failure.
[  173.614470][ T9494] name failslab, interval 1, probability 0, space 0, times 0
[  173.627310][ T9494] CPU: 1 UID: 0 PID: 9494 Comm: syz.1.2184 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  173.627339][ T9494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.627354][ T9494] Call Trace:
[  173.627361][ T9494]  <TASK>
[  173.627370][ T9494]  dump_stack_lvl+0xf6/0x150
[  173.627414][ T9494]  dump_stack+0x15/0x1a
[  173.627432][ T9494]  should_fail_ex+0x261/0x270
[  173.627503][ T9494]  should_failslab+0x8f/0xb0
[  173.627522][ T9494]  __kvmalloc_node_noprof+0x12c/0x520
[  173.627578][ T9494]  ? vmemdup_user+0x26/0xd0
[  173.627615][ T9494]  vmemdup_user+0x26/0xd0
[  173.627657][ T9494]  path_setxattrat+0x1cd/0x320
[  173.627692][ T9494]  __x64_sys_lsetxattr+0x71/0x90
[  173.627710][ T9494]  x64_sys_call+0x2014/0x2e10
[  173.627733][ T9494]  do_syscall_64+0xc9/0x1a0
[  173.627756][ T9494]  ? clear_bhb_loop+0x25/0x80
[  173.627855][ T9494]  ? clear_bhb_loop+0x25/0x80
[  173.627873][ T9494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.627890][ T9494] RIP: 0033:0x7fe69502e169
[  173.627942][ T9494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.627961][ T9494] RSP: 002b:00007fe693697038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  173.627981][ T9494] RAX: ffffffffffffffda RBX: 00007fe695255fa0 RCX: 00007fe69502e169
[  173.627994][ T9494] RDX: 0000200000000280 RSI: 0000200000000240 RDI: 00002000000001c0
[  173.628007][ T9494] RBP: 00007fe693697090 R08: 0000000000000000 R09: 0000000000000000
[  173.628036][ T9494] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[  173.628046][ T9494] R13: 0000000000000000 R14: 00007fe695255fa0 R15: 00007ffeeb3133d8
[  173.628068][ T9494]  </TASK>
[  174.027450][   T29] kauditd_printk_skb: 389 callbacks suppressed
[  174.027467][   T29] audit: type=1400 audit(2000000004.380:9033): avc:  denied  { tracepoint } for  pid=9507 comm="syz.2.2191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  174.110363][ T9512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2192'.
[  174.125263][   T29] audit: type=1400 audit(2000000004.410:9034): avc:  denied  { read } for  pid=9509 comm="syz.4.2190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  174.168511][ T9512] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.199658][ T9508] SELinux: ebitmap: truncated map
[  174.234960][   T29] audit: type=1400 audit(2000000004.510:9035): avc:  denied  { load_policy } for  pid=9507 comm="syz.2.2191" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  174.274409][ T9508] SELinux: failed to load policy
[  174.334550][ T9512] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.356842][ T9527] loop3: detected capacity change from 0 to 128
[  174.384765][   T29] audit: type=1400 audit(2000000004.650:9036): avc:  denied  { create } for  pid=9507 comm="syz.2.2191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.404982][   T29] audit: type=1400 audit(2000000004.720:9037): avc:  denied  { ioctl } for  pid=9507 comm="syz.2.2191" path="socket:[27559]" dev="sockfs" ino=27559 ioctlcmd=0x8934 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  174.429911][   T29] audit: type=1400 audit(2000000004.720:9038): avc:  denied  { read append } for  pid=9507 comm="syz.2.2191" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  174.453916][   T29] audit: type=1400 audit(2000000004.720:9039): avc:  denied  { open } for  pid=9507 comm="syz.2.2191" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  174.480005][   T29] audit: type=1400 audit(2000000004.830:9040): avc:  denied  { bind } for  pid=9507 comm="syz.2.2191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.501890][ T9512] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.524478][ T9527] syz.3.2198: attempt to access beyond end of device
[  174.524478][ T9527] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  174.608353][ T9512] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.654565][   T29] audit: type=1400 audit(2000000005.000:9041): avc:  denied  { module_request } for  pid=9536 comm="syz.2.2201" kmod="netdev-bond0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  174.699502][ T9544] siw: device registration error -23
[  174.724630][   T29] audit: type=1400 audit(2000000005.040:9042): avc:  denied  { sys_module } for  pid=9536 comm="syz.2.2201" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  174.760486][ T9546] FAULT_INJECTION: forcing a failure.
[  174.760486][ T9546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  174.773623][ T9546] CPU: 0 UID: 0 PID: 9546 Comm: syz.4.2204 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  174.773712][ T9546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  174.773728][ T9546] Call Trace:
[  174.773736][ T9546]  <TASK>
[  174.773746][ T9546]  dump_stack_lvl+0xf6/0x150
[  174.773830][ T9546]  dump_stack+0x15/0x1a
[  174.773851][ T9546]  should_fail_ex+0x261/0x270
[  174.773878][ T9546]  should_fail+0xb/0x10
[  174.773901][ T9546]  should_fail_usercopy+0x1a/0x20
[  174.773931][ T9546]  _copy_from_user+0x1c/0xa0
[  174.774000][ T9546]  simple_transaction_get+0xef/0x130
[  174.774037][ T9546]  selinux_transaction_write+0x86/0x100
[  174.774067][ T9546]  ? __pfx_selinux_transaction_write+0x10/0x10
[  174.774119][ T9546]  vfs_write+0x295/0x950
[  174.774141][ T9546]  ? putname+0xe1/0x100
[  174.774169][ T9546]  ? __fget_files+0x186/0x1c0
[  174.774244][ T9546]  ksys_write+0xeb/0x1b0
[  174.774268][ T9546]  __x64_sys_write+0x42/0x50
[  174.774354][ T9546]  x64_sys_call+0x2a45/0x2e10
[  174.774402][ T9546]  do_syscall_64+0xc9/0x1a0
[  174.774426][ T9546]  ? clear_bhb_loop+0x25/0x80
[  174.774528][ T9546]  ? clear_bhb_loop+0x25/0x80
[  174.774612][ T9546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.774637][ T9546] RIP: 0033:0x7f4b02b4e169
[  174.774656][ T9546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.774678][ T9546] RSP: 002b:00007f4b011b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  174.774695][ T9546] RAX: ffffffffffffffda RBX: 00007f4b02d75fa0 RCX: 00007f4b02b4e169
[  174.774707][ T9546] RDX: 000000000000001d RSI: 0000200000000340 RDI: 0000000000000005
[  174.774718][ T9546] RBP: 00007f4b011b7090 R08: 0000000000000000 R09: 0000000000000000
[  174.774751][ T9546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.774762][ T9546] R13: 0000000000000000 R14: 00007f4b02d75fa0 R15: 00007ffe9dfcf0a8
[  174.774786][ T9546]  </TASK>
[  175.017495][ T9512] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.086552][ T9512] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.118734][ T9512] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.156068][ T9512] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.294427][ T9571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2212'.
[  175.977471][ T9593] loop4: detected capacity change from 0 to 512
[  176.007608][ T9593] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  176.022822][ T9593] EXT4-fs (loop4): mount failed
[  176.330178][ T9618] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9618 comm=syz.2.2231
[  176.373042][ T9622] program syz.2.2233 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  176.387651][ T9622] loop2: detected capacity change from 0 to 512
[  176.573652][ T9633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2237'.
[  176.587232][ T9633] bridge0: entered promiscuous mode
[  176.592480][ T9633] macvtap1: entered promiscuous mode
[  176.597965][ T9633] macvtap1: entered allmulticast mode
[  176.603359][ T9633] bridge0: entered allmulticast mode
[  176.610590][ T9633] FAULT_INJECTION: forcing a failure.
[  176.610590][ T9633] name failslab, interval 1, probability 0, space 0, times 0
[  176.623375][ T9633] CPU: 1 UID: 0 PID: 9633 Comm: syz.2.2237 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  176.623405][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.623418][ T9633] Call Trace:
[  176.623424][ T9633]  <TASK>
[  176.623432][ T9633]  dump_stack_lvl+0xf6/0x150
[  176.623460][ T9633]  dump_stack+0x15/0x1a
[  176.623478][ T9633]  should_fail_ex+0x261/0x270
[  176.623582][ T9633]  should_failslab+0x8f/0xb0
[  176.623603][ T9633]  __kmalloc_noprof+0xad/0x410
[  176.623631][ T9633]  ? do_setlink+0x43a/0x2430
[  176.623732][ T9633]  do_setlink+0x43a/0x2430
[  176.623763][ T9633]  ? selinux_capable+0x1f9/0x260
[  176.623838][ T9633]  ? security_capable+0x81/0x90
[  176.623861][ T9633]  ? ns_capable+0x7d/0xb0
[  176.623892][ T9633]  ? netlink_ns_capable+0x88/0xa0
[  176.623926][ T9633]  rtnl_newlink+0xe84/0x12d0
[  176.624001][ T9633]  ? cgroup_rstat_updated+0xa4/0x590
[  176.624077][ T9633]  ? bpf_get_ns_current_pid_tgid+0xf4/0x130
[  176.624131][ T9633]  ? htab_map_hash+0x15d/0x1e0
[  176.624156][ T9633]  ? __htab_map_lookup_elem+0x124/0x150
[  176.624179][ T9633]  ? htab_percpu_map_lookup_percpu_elem+0x98/0xb0
[  176.624271][ T9633]  ? __rcu_read_unlock+0x34/0x70
[  176.624290][ T9633]  ? __rcu_read_unlock+0x4e/0x70
[  176.624447][ T9633]  ? avc_has_perm_noaudit+0x1cc/0x210
[  176.624474][ T9633]  ? selinux_capable+0x1f9/0x260
[  176.624581][ T9633]  ? security_capable+0x81/0x90
[  176.624603][ T9633]  ? ns_capable+0x7d/0xb0
[  176.624633][ T9633]  ? __pfx_rtnl_newlink+0x10/0x10
[  176.624684][ T9633]  rtnetlink_rcv_msg+0x65a/0x740
[  176.624710][ T9633]  ? should_fail_ex+0xd7/0x270
[  176.624747][ T9633]  ? ref_tracker_free+0x3b8/0x420
[  176.624771][ T9633]  netlink_rcv_skb+0x12f/0x230
[  176.624789][ T9633]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  176.624824][ T9633]  rtnetlink_rcv+0x1c/0x30
[  176.624887][ T9633]  netlink_unicast+0x605/0x6c0
[  176.624998][ T9633]  netlink_sendmsg+0x609/0x720
[  176.625021][ T9633]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.625041][ T9633]  __sock_sendmsg+0x140/0x180
[  176.625110][ T9633]  ____sys_sendmsg+0x350/0x4e0
[  176.625137][ T9633]  __sys_sendmsg+0x1a0/0x240
[  176.625175][ T9633]  __x64_sys_sendmsg+0x46/0x50
[  176.625255][ T9633]  x64_sys_call+0x26f3/0x2e10
[  176.625276][ T9633]  do_syscall_64+0xc9/0x1a0
[  176.625300][ T9633]  ? clear_bhb_loop+0x25/0x80
[  176.625320][ T9633]  ? clear_bhb_loop+0x25/0x80
[  176.625371][ T9633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.625391][ T9633] RIP: 0033:0x7f5c7720e169
[  176.625405][ T9633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.625423][ T9633] RSP: 002b:00007f5c75877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.625440][ T9633] RAX: ffffffffffffffda RBX: 00007f5c77435fa0 RCX: 00007f5c7720e169
[  176.625505][ T9633] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[  176.625516][ T9633] RBP: 00007f5c75877090 R08: 0000000000000000 R09: 0000000000000000
[  176.625603][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.625647][ T9633] R13: 0000000000000000 R14: 00007f5c77435fa0 R15: 00007ffe110c6168
[  176.625665][ T9633]  </TASK>
[  176.935188][ T3377] net_ratelimit: 10 callbacks suppressed
[  176.935205][ T3377] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  176.959156][ T9635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2238'.
[  176.970552][ T9635] FAULT_INJECTION: forcing a failure.
[  176.970552][ T9635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.983751][ T9635] CPU: 0 UID: 0 PID: 9635 Comm: syz.3.2238 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  176.983899][ T9635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.983921][ T9635] Call Trace:
[  176.983926][ T9635]  <TASK>
[  176.983934][ T9635]  dump_stack_lvl+0xf6/0x150
[  176.983989][ T9635]  dump_stack+0x15/0x1a
[  176.984005][ T9635]  should_fail_ex+0x261/0x270
[  176.984031][ T9635]  should_fail+0xb/0x10
[  176.984054][ T9635]  should_fail_usercopy+0x1a/0x20
[  176.984082][ T9635]  _copy_from_iter+0xd8/0xd10
[  176.984192][ T9635]  ? kmalloc_reserve+0x16e/0x190
[  176.984214][ T9635]  ? __build_skb_around+0x199/0x1f0
[  176.984236][ T9635]  ? __alloc_skb+0x227/0x320
[  176.984321][ T9635]  ? __virt_addr_valid+0x1ed/0x250
[  176.984342][ T9635]  ? __check_object_size+0x367/0x510
[  176.984379][ T9635]  netlink_sendmsg+0x492/0x720
[  176.984408][ T9635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  176.984490][ T9635]  __sock_sendmsg+0x140/0x180
[  176.984619][ T9635]  ____sys_sendmsg+0x350/0x4e0
[  176.984652][ T9635]  __sys_sendmsg+0x1a0/0x240
[  176.984699][ T9635]  __x64_sys_sendmsg+0x46/0x50
[  176.984726][ T9635]  x64_sys_call+0x26f3/0x2e10
[  176.984794][ T9635]  do_syscall_64+0xc9/0x1a0
[  176.984823][ T9635]  ? clear_bhb_loop+0x25/0x80
[  176.984849][ T9635]  ? clear_bhb_loop+0x25/0x80
[  176.984885][ T9635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.984950][ T9635] RIP: 0033:0x7f672797e169
[  176.984985][ T9635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.985006][ T9635] RSP: 002b:00007f6725fe7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  176.985042][ T9635] RAX: ffffffffffffffda RBX: 00007f6727ba5fa0 RCX: 00007f672797e169
[  176.985057][ T9635] RDX: 0000000000000000 RSI: 0000200000005840 RDI: 0000000000000006
[  176.985071][ T9635] RBP: 00007f6725fe7090 R08: 0000000000000000 R09: 0000000000000000
[  176.985085][ T9635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.985099][ T9635] R13: 0000000000000000 R14: 00007f6727ba5fa0 R15: 00007ffc78ac5f68
[  176.985122][ T9635]  </TASK>
[  177.211745][ T9637] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2239'.
[  177.280648][ T9641] loop4: detected capacity change from 0 to 128
[  177.324093][ T9650] netlink: 268 bytes leftover after parsing attributes in process `syz.2.2245'.
[  177.332053][ T9645] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9645 comm=syz.1.2243
[  177.333400][ T9649] netlink: 268 bytes leftover after parsing attributes in process `syz.2.2245'.
[  177.366361][ T9647] FAULT_INJECTION: forcing a failure.
[  177.366361][ T9647] name failslab, interval 1, probability 0, space 0, times 0
[  177.379123][ T9647] CPU: 1 UID: 0 PID: 9647 Comm: syz.3.2244 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  177.379154][ T9647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.379180][ T9647] Call Trace:
[  177.379188][ T9647]  <TASK>
[  177.379196][ T9647]  dump_stack_lvl+0xf6/0x150
[  177.379219][ T9647]  dump_stack+0x15/0x1a
[  177.379239][ T9647]  should_fail_ex+0x261/0x270
[  177.379269][ T9647]  should_failslab+0x8f/0xb0
[  177.379290][ T9647]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  177.379372][ T9647]  ? __alloc_skb+0x10d/0x320
[  177.379391][ T9647]  ? __htab_map_lookup_elem+0x124/0x150
[  177.379414][ T9647]  __alloc_skb+0x10d/0x320
[  177.379431][ T9647]  ? should_fail_ex+0xd7/0x270
[  177.379516][ T9647]  netlink_dump+0x165/0x810
[  177.379540][ T9647]  ? __kmalloc_cache_noprof+0x18d/0x320
[  177.379575][ T9647]  ? __inet_diag_dump_start+0x53/0x780
[  177.379655][ T9647]  __netlink_dump_start+0x433/0x520
[  177.379681][ T9647]  inet_diag_handler_cmd+0x101/0x150
[  177.379708][ T9647]  ? __pfx_inet_diag_dump_start+0x10/0x10
[  177.379735][ T9647]  ? __pfx_inet_diag_dump+0x10/0x10
[  177.379778][ T9647]  ? __pfx_inet_diag_dump_done+0x10/0x10
[  177.379845][ T9647]  ? __pfx_inet_diag_handler_cmd+0x10/0x10
[  177.379932][ T9647]  sock_diag_rcv_msg+0x2b8/0x2e0
[  177.379963][ T9647]  netlink_rcv_skb+0x12f/0x230
[  177.379985][ T9647]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  177.380023][ T9647]  sock_diag_rcv+0x1c/0x30
[  177.380126][ T9647]  netlink_unicast+0x605/0x6c0
[  177.380160][ T9647]  netlink_sendmsg+0x609/0x720
[  177.380184][ T9647]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.380275][ T9647]  __sock_sendmsg+0x140/0x180
[  177.380314][ T9647]  ____sys_sendmsg+0x350/0x4e0
[  177.380381][ T9647]  __sys_sendmsg+0x1a0/0x240
[  177.380469][ T9647]  __x64_sys_sendmsg+0x46/0x50
[  177.380576][ T9647]  x64_sys_call+0x26f3/0x2e10
[  177.380604][ T9647]  do_syscall_64+0xc9/0x1a0
[  177.380679][ T9647]  ? clear_bhb_loop+0x25/0x80
[  177.380778][ T9647]  ? clear_bhb_loop+0x25/0x80
[  177.380804][ T9647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.380829][ T9647] RIP: 0033:0x7f672797e169
[  177.380847][ T9647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.380866][ T9647] RSP: 002b:00007f6725fe7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.380888][ T9647] RAX: ffffffffffffffda RBX: 00007f6727ba5fa0 RCX: 00007f672797e169
[  177.380919][ T9647] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  177.380942][ T9647] RBP: 00007f6725fe7090 R08: 0000000000000000 R09: 0000000000000000
[  177.380957][ T9647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.380971][ T9647] R13: 0000000000000000 R14: 00007f6727ba5fa0 R15: 00007ffc78ac5f68
[  177.380996][ T9647]  </TASK>
[  177.659398][ T1051] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  177.676998][ T9658] loop3: detected capacity change from 0 to 512
[  177.683862][ T9243] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  177.697540][ T9641] syz.4.2242: attempt to access beyond end of device
[  177.697540][ T9641] loop4: rw=0, sector=121, nr_sectors = 920 limit=128
[  177.724809][ T3380] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  177.746731][ T9661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2249'.
[  177.774634][ T9658] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  177.815237][ T9658] EXT4-fs (loop3): mount failed
[  177.985181][ T9679] FAULT_INJECTION: forcing a failure.
[  177.985181][ T9679] name failslab, interval 1, probability 0, space 0, times 0
[  177.997892][ T9679] CPU: 1 UID: 0 PID: 9679 Comm: syz.1.2257 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  177.997923][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  177.997944][ T9679] Call Trace:
[  177.997952][ T9679]  <TASK>
[  177.997960][ T9679]  dump_stack_lvl+0xf6/0x150
[  177.997986][ T9679]  dump_stack+0x15/0x1a
[  177.998066][ T9679]  should_fail_ex+0x261/0x270
[  177.998095][ T9679]  should_failslab+0x8f/0xb0
[  177.998122][ T9679]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  177.998158][ T9679]  ? __alloc_skb+0x10d/0x320
[  177.998183][ T9679]  __alloc_skb+0x10d/0x320
[  177.998203][ T9679]  netlink_ack+0xf1/0x4f0
[  177.998255][ T9679]  netlink_rcv_skb+0x19f/0x230
[  177.998272][ T9679]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  177.998304][ T9679]  xfrm_netlink_rcv+0x47/0x60
[  177.998338][ T9679]  netlink_unicast+0x605/0x6c0
[  177.998379][ T9679]  netlink_sendmsg+0x609/0x720
[  177.998402][ T9679]  ? __pfx_netlink_sendmsg+0x10/0x10
[  177.998421][ T9679]  __sock_sendmsg+0x140/0x180
[  177.998520][ T9679]  ____sys_sendmsg+0x350/0x4e0
[  177.998546][ T9679]  __sys_sendmsg+0x1a0/0x240
[  177.998593][ T9679]  __x64_sys_sendmsg+0x46/0x50
[  177.998621][ T9679]  x64_sys_call+0x26f3/0x2e10
[  177.998698][ T9679]  do_syscall_64+0xc9/0x1a0
[  177.998791][ T9679]  ? clear_bhb_loop+0x25/0x80
[  177.998817][ T9679]  ? clear_bhb_loop+0x25/0x80
[  177.998839][ T9679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.998891][ T9679] RIP: 0033:0x7fe69502e169
[  177.998908][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  177.998937][ T9679] RSP: 002b:00007fe693697038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.998960][ T9679] RAX: ffffffffffffffda RBX: 00007fe695255fa0 RCX: 00007fe69502e169
[  177.998972][ T9679] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  177.999062][ T9679] RBP: 00007fe693697090 R08: 0000000000000000 R09: 0000000000000000
[  177.999076][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  177.999117][ T9679] R13: 0000000000000000 R14: 00007fe695255fa0 R15: 00007ffeeb3133d8
[  177.999140][ T9679]  </TASK>
[  178.267378][ T9697] loop1: detected capacity change from 0 to 128
[  178.364855][ T3380] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  178.411738][ T9706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2265'.
[  178.442561][ T9706] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.488276][ T9706] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.566122][ T9706] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.668293][ T9706] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.803568][   T31] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  178.818194][   T31] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  178.953585][ T9733] dccp_invalid_packet: P.Data Offset(0) too small
[  178.982836][ T9729] loop3: detected capacity change from 0 to 128
[  179.038040][   T29] kauditd_printk_skb: 211 callbacks suppressed
[  179.038057][   T29] audit: type=1400 audit(2000000009.390:9252): avc:  denied  { write } for  pid=9726 comm="syz.3.2273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  179.068047][ T9729] siw: device registration error -23
[  179.193385][   T29] audit: type=1400 audit(2000000009.420:9253): avc:  denied  { write } for  pid=9726 comm="syz.3.2273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  179.213580][   T29] audit: type=1326 audit(2000000009.430:9254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9727 comm="syz.2.2275" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5c7720e169 code=0x0
[  179.236527][   T29] audit: type=1400 audit(2000000009.460:9255): avc:  denied  { read write } for  pid=9734 comm="syz.4.2277" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  179.261319][   T29] audit: type=1400 audit(2000000009.460:9256): avc:  denied  { open } for  pid=9734 comm="syz.4.2277" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  179.285993][   T29] audit: type=1400 audit(2000000009.460:9257): avc:  denied  { ioctl } for  pid=9734 comm="syz.4.2277" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  179.312148][   T29] audit: type=1400 audit(2000000009.530:9258): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  179.715246][ T2968] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  179.752170][   T29] audit: type=1400 audit(2000000009.920:9259): avc:  denied  { create } for  pid=9741 comm="syz.3.2279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  179.771832][   T29] audit: type=1400 audit(2000000009.920:9260): avc:  denied  { setopt } for  pid=9741 comm="syz.3.2279" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  179.792185][   T29] audit: type=1400 audit(2000000009.920:9261): avc:  denied  { connect } for  pid=9741 comm="syz.3.2279" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  179.986357][ T9706] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.017202][ T9706] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.043803][ T9706] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.085469][ T9706] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.142733][ T9756] FAULT_INJECTION: forcing a failure.
[  180.142733][ T9756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  180.155930][ T9756] CPU: 1 UID: 0 PID: 9756 Comm: syz.0.2285 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  180.155957][ T9756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  180.155969][ T9756] Call Trace:
[  180.155976][ T9756]  <TASK>
[  180.155985][ T9756]  dump_stack_lvl+0xf6/0x150
[  180.156013][ T9756]  dump_stack+0x15/0x1a
[  180.156032][ T9756]  should_fail_ex+0x261/0x270
[  180.156080][ T9756]  should_fail+0xb/0x10
[  180.156098][ T9756]  should_fail_usercopy+0x1a/0x20
[  180.156152][ T9756]  _copy_from_iter+0xd8/0xd10
[  180.156183][ T9756]  ? kmalloc_reserve+0x16e/0x190
[  180.156206][ T9756]  ? __build_skb_around+0x199/0x1f0
[  180.156230][ T9756]  ? __alloc_skb+0x227/0x320
[  180.156249][ T9756]  ? __virt_addr_valid+0x1ed/0x250
[  180.156270][ T9756]  ? __check_object_size+0x367/0x510
[  180.156307][ T9756]  netlink_sendmsg+0x492/0x720
[  180.156424][ T9756]  ? __pfx_netlink_sendmsg+0x10/0x10
[  180.156503][ T9756]  __sock_sendmsg+0x140/0x180
[  180.156541][ T9756]  ____sys_sendmsg+0x350/0x4e0
[  180.156643][ T9756]  __sys_sendmsg+0x1a0/0x240
[  180.156681][ T9756]  __x64_sys_sendmsg+0x46/0x50
[  180.156703][ T9756]  x64_sys_call+0x26f3/0x2e10
[  180.156730][ T9756]  do_syscall_64+0xc9/0x1a0
[  180.156809][ T9756]  ? clear_bhb_loop+0x25/0x80
[  180.156834][ T9756]  ? clear_bhb_loop+0x25/0x80
[  180.156859][ T9756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.156885][ T9756] RIP: 0033:0x7f87ecb7e169
[  180.156903][ T9756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.157024][ T9756] RSP: 002b:00007f87eb1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  180.157041][ T9756] RAX: ffffffffffffffda RBX: 00007f87ecda5fa0 RCX: 00007f87ecb7e169
[  180.157052][ T9756] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000005
[  180.157063][ T9756] RBP: 00007f87eb1e7090 R08: 0000000000000000 R09: 0000000000000000
[  180.157074][ T9756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.157106][ T9756] R13: 0000000000000000 R14: 00007f87ecda5fa0 R15: 00007ffda3960238
[  180.157128][ T9756]  </TASK>
[  180.410476][ T9762] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2287'.
[  180.454304][ T9766] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  180.507576][ T9770] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2289'.
[  180.568913][ T9777] siw: device registration error -23
[  180.628643][ T9786] loop4: detected capacity change from 0 to 128
[  180.698866][ T9794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2297'.
[  180.716222][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.716222][ T9786] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128
[  180.747257][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.747257][ T9786] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[  180.766964][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.766964][ T9786] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[  180.780594][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.780594][ T9786] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[  180.794348][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.794348][ T9786] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[  180.807909][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.807909][ T9786] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[  180.821472][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.821472][ T9786] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[  180.836728][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.836728][ T9786] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[  180.850950][ T9786] syz.4.2294: attempt to access beyond end of device
[  180.850950][ T9786] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  180.937619][ T9814] loop1: detected capacity change from 0 to 128
[  180.988078][ T9793] lo speed is unknown, defaulting to 1000
[  181.077615][ T9821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2310'.
[  181.092841][ T9821] 8021q: adding VLAN 0 to HW filter on device bond1
[  181.104209][ T9821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2310'.
[  181.117675][ T9821] bond1 (unregistering): Released all slaves
[  181.321153][ T9844] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.358673][ T9844] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.426757][ T9866] loop3: detected capacity change from 0 to 1024
[  181.446993][ T9844] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.506495][ T9844] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.550634][ T9874] loop2: detected capacity change from 0 to 128
[  181.560577][ T9874] siw: device registration error -23
[  181.589266][ T9878] FAULT_INJECTION: forcing a failure.
[  181.589266][ T9878] name failslab, interval 1, probability 0, space 0, times 0
[  181.601956][ T9878] CPU: 0 UID: 0 PID: 9878 Comm: syz.2.2334 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  181.602058][ T9878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  181.602073][ T9878] Call Trace:
[  181.602081][ T9878]  <TASK>
[  181.602091][ T9878]  dump_stack_lvl+0xf6/0x150
[  181.602120][ T9878]  dump_stack+0x15/0x1a
[  181.602137][ T9878]  should_fail_ex+0x261/0x270
[  181.602160][ T9878]  should_failslab+0x8f/0xb0
[  181.602210][ T9878]  __kmalloc_cache_noprof+0x55/0x320
[  181.602241][ T9878]  ? sctp_association_new+0x71/0x1280
[  181.602275][ T9878]  sctp_association_new+0x71/0x1280
[  181.602389][ T9878]  sctp_connect_new_asoc+0x1c4/0x3c0
[  181.602435][ T9878]  sctp_sendmsg+0xe96/0x1870
[  181.602515][ T9878]  ? __pfx_sctp_sendmsg+0x10/0x10
[  181.602555][ T9878]  inet_sendmsg+0xc5/0xd0
[  181.602605][ T9878]  __sock_sendmsg+0x102/0x180
[  181.602679][ T9878]  __sys_sendto+0x1aa/0x230
[  181.602709][ T9878]  __x64_sys_sendto+0x78/0x90
[  181.602733][ T9878]  x64_sys_call+0x2bcb/0x2e10
[  181.602754][ T9878]  do_syscall_64+0xc9/0x1a0
[  181.602829][ T9878]  ? clear_bhb_loop+0x25/0x80
[  181.602855][ T9878]  ? clear_bhb_loop+0x25/0x80
[  181.602932][ T9878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.602957][ T9878] RIP: 0033:0x7f5c7720e169
[  181.602975][ T9878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.603008][ T9878] RSP: 002b:00007f5c75877038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  181.603030][ T9878] RAX: ffffffffffffffda RBX: 00007f5c77435fa0 RCX: 00007f5c7720e169
[  181.603053][ T9878] RDX: 0000000000034000 RSI: 0000200000000180 RDI: 0000000000000003
[  181.603067][ T9878] RBP: 00007f5c75877090 R08: 0000200000000480 R09: 000000000000001c
[  181.603080][ T9878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.603093][ T9878] R13: 0000000000000000 R14: 00007f5c77435fa0 R15: 00007ffe110c6168
[  181.603145][ T9878]  </TASK>
[  182.420550][ T9892] __nla_validate_parse: 1 callbacks suppressed
[  182.420606][ T9892] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2340'.
[  183.020807][ T9912] 9pnet_fd: Insufficient options for proto=fd
[  183.071341][ T9912] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2347'.
[  183.080415][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d
[  183.143152][ T9924] loop3: detected capacity change from 0 to 128
[  183.160026][ T9924] siw: device registration error -23
[  183.503660][ T9937] loop3: detected capacity change from 0 to 1024
[  183.512842][ T9935] loop2: detected capacity change from 0 to 512
[  183.597081][ T9937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.647634][ T3302] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.050715][ T9973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2367'.
[  185.096694][ T9844] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.135558][ T9844] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.190588][ T9844] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.234688][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  185.234705][   T29] audit: type=1326 audit(2000000015.560:9368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.265133][   T29] audit: type=1326 audit(2000000015.560:9369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.288724][   T29] audit: type=1326 audit(2000000015.570:9370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.312825][   T29] audit: type=1326 audit(2000000015.570:9371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.336893][   T29] audit: type=1326 audit(2000000015.570:9372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.360357][   T29] audit: type=1326 audit(2000000015.570:9373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.384485][   T29] audit: type=1326 audit(2000000015.570:9374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.408525][   T29] audit: type=1326 audit(2000000015.570:9375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.431945][   T29] audit: type=1326 audit(2000000015.570:9376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.455894][   T29] audit: type=1326 audit(2000000015.570:9377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9983 comm="syz.3.2372" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f672797e169 code=0x7ffc0000
[  185.487108][ T9844] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.556419][ T9987] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2370'.
[  185.718264][ T9977] lo speed is unknown, defaulting to 1000
[  185.767516][T10004] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  185.794546][ T9981] lo speed is unknown, defaulting to 1000
[  185.877194][T10010] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10010 comm=syz.3.2383
[  185.978913][T10015] FAULT_INJECTION: forcing a failure.
[  185.978913][T10015] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  185.992284][T10015] CPU: 0 UID: 0 PID: 10015 Comm: syz.2.2385 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  185.992326][T10015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  185.992342][T10015] Call Trace:
[  185.992347][T10015]  <TASK>
[  185.992354][T10015]  dump_stack_lvl+0xf6/0x150
[  185.992377][T10015]  dump_stack+0x15/0x1a
[  185.992392][T10015]  should_fail_ex+0x261/0x270
[  185.992416][T10015]  should_fail_alloc_page+0xfd/0x110
[  185.992501][T10015]  __alloc_frozen_pages_noprof+0x11d/0x360
[  185.992579][T10015]  alloc_pages_mpol+0xb6/0x260
[  185.992619][T10015]  vma_alloc_folio_noprof+0x19c/0x300
[  185.992676][T10015]  do_wp_page+0x64f/0x24e0
[  185.992700][T10015]  ? __rcu_read_lock+0x36/0x50
[  185.992772][T10015]  handle_mm_fault+0xc6c/0x2e80
[  185.992814][T10015]  exc_page_fault+0x296/0x6a0
[  185.992921][T10015]  asm_exc_page_fault+0x26/0x30
[  185.992943][T10015] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  185.993016][T10015] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  185.993033][T10015] RSP: 0018:ffffc9000fadbc78 EFLAGS: 00050246
[  185.993049][T10015] RAX: ffff88811a930a98 RBX: 0000200000000040 RCX: 0000000000000040
[  185.993075][T10015] RDX: 0000000000000000 RSI: ffffc9000fadbd50 RDI: 0000200000000000
[  185.993089][T10015] RBP: ffffc9000fadbe00 R08: 0000000080000000 R09: 0000000000000000
[  185.993103][T10015] R10: 0001c9000fadbd50 R11: 0001c9000fadbd8f R12: 0000000000000040
[  185.993118][T10015] R13: 00007ffffffff000 R14: 0000200000000000 R15: ffffc9000fadbd50
[  185.993142][T10015]  _copy_to_user+0x7c/0xa0
[  185.993175][T10015]  scsi_ioctl+0xe80/0x14d0
[  185.993262][T10015]  sg_ioctl+0x1014/0x1850
[  185.993285][T10015]  ? __fget_files+0x186/0x1c0
[  185.993334][T10015]  ? __pfx_sg_ioctl+0x10/0x10
[  185.993360][T10015]  __se_sys_ioctl+0xc9/0x140
[  185.993414][T10015]  __x64_sys_ioctl+0x43/0x50
[  185.993445][T10015]  x64_sys_call+0x168d/0x2e10
[  185.993465][T10015]  do_syscall_64+0xc9/0x1a0
[  185.993603][T10015]  ? clear_bhb_loop+0x25/0x80
[  185.993686][T10015]  ? clear_bhb_loop+0x25/0x80
[  185.993708][T10015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.993733][T10015] RIP: 0033:0x7f5c7720e169
[  185.993747][T10015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.993763][T10015] RSP: 002b:00007f5c75877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.993781][T10015] RAX: ffffffffffffffda RBX: 00007f5c77435fa0 RCX: 00007f5c7720e169
[  185.993795][T10015] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000003
[  185.993849][T10015] RBP: 00007f5c75877090 R08: 0000000000000000 R09: 0000000000000000
[  185.993863][T10015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.993877][T10015] R13: 0000000000000000 R14: 00007f5c77435fa0 R15: 00007ffe110c6168
[  185.993901][T10015]  </TASK>
[  186.425417][T10026] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  186.489999][T10029] FAULT_INJECTION: forcing a failure.
[  186.489999][T10029] name failslab, interval 1, probability 0, space 0, times 0
[  186.502709][T10029] CPU: 1 UID: 0 PID: 10029 Comm: syz.4.2390 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  186.502741][T10029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  186.502757][T10029] Call Trace:
[  186.502764][T10029]  <TASK>
[  186.502771][T10029]  dump_stack_lvl+0xf6/0x150
[  186.502794][T10029]  dump_stack+0x15/0x1a
[  186.502812][T10029]  should_fail_ex+0x261/0x270
[  186.502847][T10029]  should_failslab+0x8f/0xb0
[  186.502880][T10029]  kmem_cache_alloc_noprof+0x59/0x340
[  186.502914][T10029]  ? mas_alloc_nodes+0x1f4/0x4a0
[  186.502943][T10029]  mas_alloc_nodes+0x1f4/0x4a0
[  186.502971][T10029]  mas_preallocate+0x48d/0x6b0
[  186.503000][T10029]  mmap_region+0x983/0x1490
[  186.503061][T10029]  do_mmap+0x9ef/0xc80
[  186.503100][T10029]  vm_mmap_pgoff+0x16d/0x2d0
[  186.503140][T10029]  ksys_mmap_pgoff+0xd0/0x340
[  186.503163][T10029]  ? fpregs_assert_state_consistent+0x83/0xa0
[  186.503200][T10029]  x64_sys_call+0x1945/0x2e10
[  186.503222][T10029]  do_syscall_64+0xc9/0x1a0
[  186.503250][T10029]  ? clear_bhb_loop+0x25/0x80
[  186.503272][T10029]  ? clear_bhb_loop+0x25/0x80
[  186.503290][T10029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.503308][T10029] RIP: 0033:0x7f4b02b4e1a3
[  186.503322][T10029] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  186.503342][T10029] RSP: 002b:00007f4b01195e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  186.503364][T10029] RAX: ffffffffffffffda RBX: 0000000000000521 RCX: 00007f4b02b4e1a3
[  186.503375][T10029] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  186.503386][T10029] RBP: 0000200000000a82 R08: 00000000ffffffff R09: 0000000000000000
[  186.503396][T10029] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000005
[  186.503406][T10029] R13: 00007f4b01195ef0 R14: 00007f4b01195eb0 R15: 00002000000000c0
[  186.503430][T10029]  </TASK>
[  186.526175][T10030] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2389'.
[  186.531142][T10024] lo speed is unknown, defaulting to 1000
[  186.902515][T10041] FAULT_INJECTION: forcing a failure.
[  186.902515][T10041] name failslab, interval 1, probability 0, space 0, times 0
[  186.916016][T10041] CPU: 1 UID: 0 PID: 10041 Comm: syz.3.2394 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  186.916042][T10041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  186.916053][T10041] Call Trace:
[  186.916059][T10041]  <TASK>
[  186.916070][T10041]  dump_stack_lvl+0xf6/0x150
[  186.916099][T10041]  dump_stack+0x15/0x1a
[  186.916130][T10041]  should_fail_ex+0x261/0x270
[  186.916159][T10041]  should_failslab+0x8f/0xb0
[  186.916179][T10041]  kmem_cache_alloc_noprof+0x59/0x340
[  186.916205][T10041]  ? mas_alloc_nodes+0x1f4/0x4a0
[  186.916230][T10041]  mas_alloc_nodes+0x1f4/0x4a0
[  186.916263][T10041]  mas_preallocate+0x48d/0x6b0
[  186.916298][T10041]  mmap_region+0x983/0x1490
[  186.916355][T10041]  do_mmap+0x9ef/0xc80
[  186.916376][T10041]  vm_mmap_pgoff+0x16d/0x2d0
[  186.916410][T10041]  ksys_mmap_pgoff+0xd0/0x340
[  186.916429][T10041]  x64_sys_call+0x1945/0x2e10
[  186.916453][T10041]  do_syscall_64+0xc9/0x1a0
[  186.916478][T10041]  ? clear_bhb_loop+0x25/0x80
[  186.916496][T10041]  ? clear_bhb_loop+0x25/0x80
[  186.916514][T10041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.916532][T10041] RIP: 0033:0x7f672797e1a3
[  186.916549][T10041] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  186.916570][T10041] RSP: 002b:00007f6725fe6d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  186.916609][T10041] RAX: ffffffffffffffda RBX: 0000000000001054 RCX: 00007f672797e1a3
[  186.916620][T10041] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  186.916631][T10041] RBP: 0000200000000002 R08: 00000000ffffffff R09: 0000000000000000
[  186.916642][T10041] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  186.916653][T10041] R13: 00007f6725fe6dec R14: 00007f6725fe6df0 R15: 00007ffc78ac5f68
[  186.916672][T10041]  </TASK>
[  187.134229][T10039] IPv4: Oversized IP packet from 127.202.26.0
[  187.163379][T10039] vlan2: entered allmulticast mode
[  187.169230][T10039] bridge_slave_0: entered allmulticast mode
[  187.300373][T10046] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2395'.
[  187.362412][T10048] loop1: detected capacity change from 0 to 1024
[  187.485945][T10053] loop3: detected capacity change from 0 to 128
[  187.508806][T10027] lo speed is unknown, defaulting to 1000
[  187.533429][T10053] siw: device registration error -23
[  187.728035][T10062] loop1: detected capacity change from 0 to 1024
[  187.880770][T10074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2405'.
[  188.022103][T10086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2408'.
[  188.106784][T10096] loop1: detected capacity change from 0 to 128
[  188.249578][T10105] loop1: detected capacity change from 0 to 1024
[  188.257402][T10102] lo speed is unknown, defaulting to 1000
[  188.281131][T10107] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2414'.
[  188.314678][T10082] ==================================================================
[  188.322813][T10082] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  188.332663][T10082] 
[  188.335011][T10082] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 1:
[  188.343100][T10082]  tick_do_update_jiffies64+0x112/0x1b0
[  188.348776][T10082]  tick_nohz_handler+0x7c/0x2d0
[  188.353654][T10082]  __hrtimer_run_queues+0x221/0x5f0
[  188.358870][T10082]  hrtimer_interrupt+0x235/0x4a0
[  188.363829][T10082]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  188.369741][T10082]  sysvec_apic_timer_interrupt+0x6e/0x80
[  188.375397][T10082]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.381381][T10082]  _raw_spin_unlock_irqrestore+0x3d/0x60
[  188.387028][T10082]  pcpu_alloc_noprof+0x803/0x1090
[  188.392073][T10082]  bpf_map_alloc_percpu+0xad/0x210
[  188.397201][T10082]  prealloc_init+0x192/0x470
[  188.401798][T10082]  htab_map_alloc+0x4b7/0x6a0
[  188.406485][T10082]  map_create+0x881/0xba0
[  188.410830][T10082]  __sys_bpf+0x6ac/0x800
[  188.415087][T10082]  __x64_sys_bpf+0x43/0x50
[  188.419511][T10082]  x64_sys_call+0x23da/0x2e10
[  188.424209][T10082]  do_syscall_64+0xc9/0x1a0
[  188.428720][T10082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.434618][T10082] 
[  188.436943][T10082] read to 0xffffffff868099c0 of 8 bytes by task 10082 on cpu 0:
[  188.444576][T10082]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  188.450828][T10082]  count_shadow_nodes+0x6b/0x230
[  188.455775][T10082]  do_shrink_slab+0x5e/0x6a0
[  188.460364][T10082]  shrink_slab+0x4f2/0x860
[  188.464784][T10082]  shrink_node+0x647/0x1da0
[  188.469304][T10082]  do_try_to_free_pages+0x3c6/0xc10
[  188.474513][T10082]  try_to_free_mem_cgroup_pages+0x1e6/0x4a0
[  188.480413][T10082]  try_charge_memcg+0x3ab/0x890
[  188.485262][T10082]  obj_cgroup_charge_pages+0xc0/0x1a0
[  188.490649][T10082]  __memcg_kmem_charge_page+0x9d/0x170
[  188.496118][T10082]  __alloc_frozen_pages_noprof+0x1a6/0x360
[  188.501927][T10082]  alloc_pages_mpol+0xb6/0x260
[  188.506714][T10082]  alloc_pages_noprof+0xe8/0x130
[  188.511664][T10082]  __vmalloc_node_range_noprof+0x6ea/0xe80
[  188.517505][T10082]  __kvmalloc_node_noprof+0x311/0x520
[  188.522891][T10082]  ip_set_alloc+0x1f/0x30
[  188.527232][T10082]  hash_netiface_create+0x273/0x730
[  188.532440][T10082]  ip_set_create+0x3b6/0x970
[  188.537044][T10082]  nfnetlink_rcv_msg+0x4ba/0x580
[  188.541990][T10082]  netlink_rcv_skb+0x12f/0x230
[  188.546757][T10082]  nfnetlink_rcv+0x187/0x1610
[  188.551437][T10082]  netlink_unicast+0x605/0x6c0
[  188.556209][T10082]  netlink_sendmsg+0x609/0x720
[  188.561408][T10082]  __sock_sendmsg+0x140/0x180
[  188.566097][T10082]  ____sys_sendmsg+0x350/0x4e0
[  188.570896][T10082]  __sys_sendmsg+0x1a0/0x240
[  188.575495][T10082]  __x64_sys_sendmsg+0x46/0x50
[  188.580261][T10082]  x64_sys_call+0x26f3/0x2e10
[  188.584938][T10082]  do_syscall_64+0xc9/0x1a0
[  188.589449][T10082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.595346][T10082] 
[  188.597664][T10082] value changed: 0x00000000ffffd433 -> 0x00000000ffffd434
[  188.604777][T10082] 
[  188.607101][T10082] Reported by Kernel Concurrency Sanitizer on:
[  188.613249][T10082] CPU: 0 UID: 0 PID: 10082 Comm: syz.0.2409 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) 
[  188.625749][T10082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  188.635804][T10082] ==================================================================
[  188.653994][T10106] lo speed is unknown, defaulting to 1000
[  188.698982][T10105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.713971][T10105] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.2416: missing EA_INODE flag
[  188.734940][T10105] EXT4-fs (loop1): Remounting filesystem read-only
[  188.805428][ T3303] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.634642][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: 46:a9:5a:1e:26:7d