last executing test programs:

3.754672575s ago: executing program 1 (id=1120):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c"], 0x3c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x2201, 0x800}}, 0x20}}, 0x40040)

3.617402047s ago: executing program 1 (id=1121):
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000000), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
creat(0x0, 0x0)
syz_usb_connect(0x4, 0x3c, &(0x7f0000000000)=ANY=[], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010102000000000000000002000000240002800c000280040001003a00000014000180080001cd4bde2a0192000000000000000c001980080002"], 0x44}, 0x1, 0x0, 0x0, 0x200448c1}, 0x40)

2.806453099s ago: executing program 1 (id=1131):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff7}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r2}, &(0x7f0000000080), &(0x7f00000000c0)=r3}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r2, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
fremovexattr(r1, &(0x7f0000000040)=@random={'user.', 'GPL\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r4 = dup(r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f00000000c0), &(0x7f0000000100)=r1}, 0x20)
socket(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x7ffff000)

2.05804694s ago: executing program 3 (id=1146):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

1.968624491s ago: executing program 3 (id=1147):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c"], 0x3c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x2201, 0x800}}, 0x20}}, 0x40040)

1.894986382s ago: executing program 0 (id=1149):
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffff7ffffe9}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, &(0x7f00000000c0)="04", 0x1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0xfffffffc}, 0x1c)

1.894468362s ago: executing program 0 (id=1150):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000004c0)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x0, 0x3a, 0x0, @broadcast, @multicast1}, {0x8040, 0x4e21, 0x8}}}}}, 0x0) (fail_nth: 4)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x2804, 0x0, 0x0, 0x0, 0x400, 0x10001, 0x1, 0x0, 0x0, 0x0, 0x1c0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan4\x00'})
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6d3a2e17dee28253, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x6}, 0x18)
add_key(0x0, 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00', 0x6, 0xffffffffffffffff)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000a40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
mq_open(0x0, 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kfree\x00', r4}, 0x18)
pipe2(&(0x7f0000000000)={<r6=>0xffffffffffffffff}, 0x0)
memfd_create(0x0, 0x0)
fcntl$setpipe(r6, 0x407, 0x8001a0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000007c0)=@broute={'broute\x00', 0x20, 0x1, 0x220, [0x0, 0x2, 0x0, 0x0, 0x4, 0x20000500], 0x7, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000011000000000000000000a22a30456b880000145b41fe69e3ffff78616d3000000000000000000000000079616d3000000000000000000000000076657468315f742f5f626f6e640000000180c20000000000000000000180c20000000800000000000000b1000000670100009001000073746174697374696300000000000000"]}, 0x187)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.872181583s ago: executing program 1 (id=1151):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, &(0x7f0000000240), &(0x7f0000000280)=0x4)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_pidfd_open(r1, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000000580)=[{&(0x7f00000005c0)="d964d85aa3ce27ab0053a4fb90c2ca5ee8eeb40b4d046fa369260eb648317b69bce1b26c9f8a4485013f5c12978180a5c749f783ea65fef50d31c02abc9d4cd1f3a204eb621d29274cdcc3efc476b2ffa020a0c5c91c9799af7ec791dbabc35ddb35684a443ec229ea0347124d75b6c96fa73be582c24a76f00292216a4a244788b6a4346091176cade1989ecd14434145ed6d94d496dbc37e84363dabe70071564812e0d865a223af2095ce8fbc4bfc7048a3058b6f75a2f292692574502df641668998b1780f25202a75edafb10f1b2df43ab6eb8f39d78666b78c4df65f768411db91b171728cd301170bbd2fbef0517beac5390846af7f6c8ddd2f2b529a94cb32d3e862e526f3c67c6be0ee09bd43", 0x111}], 0x1, 0xf54653d2d537cf6e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x12, 0x0, &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.552507827s ago: executing program 3 (id=1153):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

1.523152428s ago: executing program 0 (id=1154):
r0 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @remote, 0x3}, 0x1c)
r1 = syz_io_uring_setup(0x7d9e, &(0x7f00000008c0)={0x0, 0x92b2, 0x10100, 0xfffffffe, 0x21a}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x14a8}})
io_uring_enter(r1, 0x2ded, 0xf85a, 0x2d, 0x0, 0x0)

1.522666968s ago: executing program 3 (id=1155):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffefe, @void, @value}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000001a2142800008586dd61bcc1d700006cff0000010000000000000000000002000100000000000000000000000000000001"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x8, &(0x7f0000000200), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = open(&(0x7f0000000280)='.\x00', 0xe0a82, 0x0)
fcntl$notify(r2, 0x402, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x1008002, &(0x7f0000000140)={[{@noauto_da_alloc}, {@grpquota}, {@grpjquota}, {@barrier}, {@dioread_nolock}, {@nodiscard}, {@nomblk_io_submit}, {@nodiscard}]}, 0x81, 0x601, &(0x7f00000011c0)="$eJzs3c9vFFUcAPDv7LalpWgLMSoepIkxkCgtLWCI8QBXQxr8ES8etNKCSIGG1mjRhJLgxcR4McbEkwfxv1AiVy7qyYMXT4aEKOFo4prd7pRuO7ttt+0OYT6fZOnMvB3ed7r97nsz+95sAIU1VP2nFLE3ImaSiIFkYamsK+qFQ4vPu3/v09PVRxKVyht/J5HUt6XPT+o/++s790bErz8nsae8ut7Z+SvnJ6anpy7X10fmLsyMzM5fOXjuwsTZqbNTF8deGjt29MjRY6OH2jquqxnbTl7/4KOBz8ff/v7bf5PRH/4YT+J4vFp/4vLj2CpDMVT7nSSri/qPbXVlOSnX/06Wv8RJV44BsSHp69cdEU/FQJTjwYs3EJ+9lmtwwLaqJBEVoKAS+Q8FlfYD0nP7lefBpVx6JUAn3D2xeAFgdf53LV4bjN7atYGd95NYflkniYj2rsw12hURt2+NXz9za/x6bNN1OCDbwrWIeDor/5Na/g9GbwzW8r/UkP/VfsGp+s/q9te3KJ618l9/BLbOYv73tsz/aJL/7y7L//farH/oweL7fQ3539fuIQEAAAAAAEBh3TwRES9mff5fWhr/Exnjf/oj4vgW1D+0Yn315/+lO1tQDZDh7omIVzLH/5bS0TaD5WVrg9GdnDk3PXUoIh6PiAPRvaO6PtqijoNf7PmmWdlQffxf+qjWf7s+FrAex52uHY37TE7MTWz2uIGIu9cinskc/5sstf9JRvtffS+YWWcde56/capZ2dr5D2yXyncR+zPb/wd3rUha359jpNYfGEl7Bas9+8mXPzarv938d4sJ2Lxq+7+zdf4PJsvv1zO78ToOz3dVmpW12//vSd6s3XKmp77t44m5ucujET3JyXJ1a8P2sY3HDI+iNB/SfKnm/4HnWl//y+r/90XEwor/O/mncU5x6sn/+v9sFo/+P+Snmv+TG2r/N74wdmPwp2b1p/mfNvHZ7f+RWlt/oL5lMuN+glBEX6dp2tO4PSMdu7KKOh0vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKShGxK5LS8NJyqTQ8HNEfEU/EztL0pdm5F85c+vDiZLWs9v3/pfSbfgcW15P0+/8Hl62PrVg/HBG7I+Krcl9tffj0penJvA8eAAAAAAAAAAAAAAAAAAAAHhL9Teb/V/1Vzjs6YNt15R0AkJuM/P8tjziAztP+Q3G1zP937nUuEKDj1tP+93YgDqDz9P+huOQ/FNfq/G/1yf+9SqWyreEAHaT9h+KS/wAAAAAA8EjZve/m70lELLzcV3tU9dTLunONDNhupbwDAHLjFj9QXIb+QHE5xweSNcozp/8n69mzlZnTm9gZAAAAAAAAAAAAAApn/17z/6GozP+H4jL/H4ornf+/L+c4gM5zjg/EGjP5V83/L69nLwAAAAAAAAAAAABgK83OXzk/MT09ddnCW23u/stjEbkH395CpVK5Wv0reFjieQgWdmxi93QofP5HkbmQzvVb3175vScBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN/g8AAP//Z+EiqQ==")

1.462597568s ago: executing program 1 (id=1157):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

1.40901564s ago: executing program 1 (id=1158):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x434, &(0x7f0000000ec0)="$eJzs28tvG8UfAPDvrpP219cvoSqPpgUCBRHxSJq0lB64gEDiABISHMoxJGkV6jaoCRKtIggIlSOqxB1xrMRfwAkuCDghcYU7qlShXFo4Ga29mziOnebhxAF/PtImM7tjzXy9O/bMjjeArjWY/UkiDkbEbxHRV8uuLDBY+3d3cX7ir8X5iSQqlbf+TKrl7izOTxRFi9cdKDI9EelnSRxrUu/s1WsXx8vlqSt5fmTu0vsjs1evPTd9afzC1IWpy2Nnz54+NfrCmbHn2xJnFtedgY9mjh997Z0bb0ycu/HuT98kRfwNcWRubr3KwbUOPlmpbL2GXeRQXTrp6WBD2JBSrZtGb7X/90Uplk9eX7z6aUcbB2yrSqVSeaD14YUK8B+WRKdbAHRG8UWfzX+LbYeGHrvC7ZdqE6As7rv5VjvSE2leprdhfttOgxFxbuHvr7ItmtyHAABot++y8c+zzcZ/adTfF/p/vobSHxH3RcThiDgTEUci4v6IatkHI+KhDdbfuEiyevyT3tpUYOuUjf9ezNe2Vo7/itFf9Jfy3KFq/L3J+eny1Mn8PRmK3r1ZfnSNOr5/5dcvWh2rH/9lW1Z/MRbM23GrZ+/K10yOz41vJeZ6tz+JGOhpFn+ytBKQRMTRiBjYZB3TT9883urYveNfQxvWmSpfRzxVO/8L0RB/IVl7fXLkf1GeOjlSXBWr/fzL9Tdb1b+l+NsgO//7m17/S/H3J/XrtbMbr+P675+3nNNs9vrfk7y9Yt+H43NzV0Yj9iSv1xpdv3+sodzYcvks/qETzfv/4Vh+J45FRHYRPxwRj0TEo3nbH4uIxyPixBrx//jyE+9tPv7tlcU/uaHzv5zYE417midKF3/4dkWl/RuJPzv/p6upoXzPej7/1tOuzV3NAAAA8O+TRsTBSNLhpXSaDg/XfsN/JPan5ZnZuWfOz3xwebL2jEB/9KbFna6+uvuho/m0vsiPNeRP5feNvyztq+aHJ2bKk50OHrrcgRb9P/NHqdOtA7ad57Wge+n/0L30f+he+j90ryb9f18n2gHsvGbf/x93oB3Azmvo/5b9oIuY/0P30v+he+n/0JVm98W9H5KXkFiViHRXNENimxKd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj38CAAD//xrP534=")
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
io_setup(0x2, &(0x7f0000002400))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000006c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000240), 0x36, 0xcc800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_clone3(&(0x7f00000002c0)={0x44100000, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x80)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000640)=ANY=[@ANYBLOB="0e0c480a54109e9b369ba8630ecf674b9df13bf7fb8670a1a6414d7341d90b60a7f6b0e13e0fa4bfd8492e56dadeaab561bd55273363569ba70128c023d0447b89164e2029e63c86e982988aa590cb9505a629f1582b0c35d0061d"], 0x835, 0x0)

1.284289551s ago: executing program 3 (id=1162):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
r0 = socket(0x1f, 0x5, 0x400)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000240), &(0x7f0000000280)=0x4)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r6, 0x2, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRES16=r4, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000001ee328fe42eec235f071461a6bd618558da56c5a5e2f9a22c06f0674f4dff8bbcb5e47893d2faaf6cf6120651784d76a1e7b2117c425fbe141a8bc78495f74ceba91a33633fb501b10326d2c4495f587a0997ccdc5e9944f3caee4d25521d584dfa8c74b29829f6720a3d200000000"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r8}, 0x10)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
pipe(&(0x7f0000000480)={<r9=>0xffffffffffffffff})
r10 = ioctl$TUNGETDEVNETNS(r9, 0x54e3, 0x0)
vmsplice(r10, &(0x7f0000000580)=[{&(0x7f00000005c0)="d964d85aa3ce27ab0053a4fb90c2ca5ee8eeb40b4d046fa369260eb648317b69bce1b26c9f8a4485013f5c12978180a5c749f783ea65fef50d31c02abc9d4cd1f3a204eb621d29274cdcc3efc476b2ffa020a0c5c91c9799af7ec791dbabc35ddb35684a443ec229ea0347124d75b6c96fa73be582c24a76f00292216a4a244788b6a4346091176cade1989ecd14434145ed6d94d496dbc37e84363dabe70071564812e0d865a223af2095ce8fbc4bfc7048a3058b6f75a2f292692574502df641668998b1780f25202a75edafb10f1b2df43ab6eb8f39d78666b78c4df65f768411db91b171728cd301170bbd2fbef0517beac5390846af7f6c8ddd2f2b529a94cb32d3e862e526f3c67c6be0ee09bd43", 0x111}], 0x1, 0xf54653d2d537cf6e)
vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x12, 0x0, &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
r11 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r11, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.214533962s ago: executing program 4 (id=1163):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000440)=ANY=[@ANYBLOB="18000003000000000085100000fcfdffff250000110000000085100000faffffff9500000000000000802bf810525281b4ddbcb8bffc22a49a8c717ab55cabef62cee02d3d498b4479e30a9dc7798e99d0effbfc6951565a8bbf62997c0441d9ec2e31ad28d81f4eeba1150ad690191f241109ebd2c134e70142f2bc675cad4ab4916edbe08f1e544671bf000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x8, 0x20002, 0x80b, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioperm(0x0, 0x4, 0x1)
pivot_root(0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

1.214165092s ago: executing program 4 (id=1164):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0xa9b, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
write(r0, &(0x7f0000000200)="89", 0xffe3)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/seq/clients\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@errors_remount}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")

1.098933024s ago: executing program 4 (id=1165):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x400, 0x40, 0x10, 0x3}, 0x8)
sendto$inet(r0, &(0x7f0000000100)="ab", 0xff04, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)

675.5262ms ago: executing program 2 (id=1168):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff3}, {}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

659.33696ms ago: executing program 2 (id=1169):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$nvram(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
pwritev(r2, 0x0, 0x0, 0x0, 0x0)

570.455731ms ago: executing program 4 (id=1170):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0x20000000000003c3, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

525.888912ms ago: executing program 0 (id=1171):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffefe, @void, @value}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000001a2142800008586dd61bcc1d700006cff0000010000000000000000000002000100000000000000000000000000000001"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x8, &(0x7f0000000200), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = open(&(0x7f0000000280)='.\x00', 0xe0a82, 0x0)
fcntl$notify(r2, 0x402, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x1008002, &(0x7f0000000140)={[{@noauto_da_alloc}, {@grpquota}, {@grpjquota}, {@barrier}, {@dioread_nolock}, {@nodiscard}, {@nomblk_io_submit}, {@nodiscard}]}, 0x81, 0x601, &(0x7f00000011c0)="$eJzs3c9vFFUcAPDv7LalpWgLMSoepIkxkCgtLWCI8QBXQxr8ES8etNKCSIGG1mjRhJLgxcR4McbEkwfxv1AiVy7qyYMXT4aEKOFo4prd7pRuO7ttt+0OYT6fZOnMvB3ed7r97nsz+95sAIU1VP2nFLE3ImaSiIFkYamsK+qFQ4vPu3/v09PVRxKVyht/J5HUt6XPT+o/++s790bErz8nsae8ut7Z+SvnJ6anpy7X10fmLsyMzM5fOXjuwsTZqbNTF8deGjt29MjRY6OH2jquqxnbTl7/4KOBz8ff/v7bf5PRH/4YT+J4vFp/4vLj2CpDMVT7nSSri/qPbXVlOSnX/06Wv8RJV44BsSHp69cdEU/FQJTjwYs3EJ+9lmtwwLaqJBEVoKAS+Q8FlfYD0nP7lefBpVx6JUAn3D2xeAFgdf53LV4bjN7atYGd95NYflkniYj2rsw12hURt2+NXz9za/x6bNN1OCDbwrWIeDor/5Na/g9GbwzW8r/UkP/VfsGp+s/q9te3KJ618l9/BLbOYv73tsz/aJL/7y7L//farH/oweL7fQ3539fuIQEAAAAAAEBh3TwRES9mff5fWhr/Exnjf/oj4vgW1D+0Yn315/+lO1tQDZDh7omIVzLH/5bS0TaD5WVrg9GdnDk3PXUoIh6PiAPRvaO6PtqijoNf7PmmWdlQffxf+qjWf7s+FrAex52uHY37TE7MTWz2uIGIu9cinskc/5sstf9JRvtffS+YWWcde56/capZ2dr5D2yXyncR+zPb/wd3rUha359jpNYfGEl7Bas9+8mXPzarv938d4sJ2Lxq+7+zdf4PJsvv1zO78ToOz3dVmpW12//vSd6s3XKmp77t44m5ucujET3JyXJ1a8P2sY3HDI+iNB/SfKnm/4HnWl//y+r/90XEwor/O/mncU5x6sn/+v9sFo/+P+Snmv+TG2r/N74wdmPwp2b1p/mfNvHZ7f+RWlt/oL5lMuN+glBEX6dp2tO4PSMdu7KKOh0vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKShGxK5LS8NJyqTQ8HNEfEU/EztL0pdm5F85c+vDiZLWs9v3/pfSbfgcW15P0+/8Hl62PrVg/HBG7I+Krcl9tffj0penJvA8eAAAAAAAAAAAAAAAAAAAAHhL9Teb/V/1Vzjs6YNt15R0AkJuM/P8tjziAztP+Q3G1zP937nUuEKDj1tP+93YgDqDz9P+huOQ/FNfq/G/1yf+9SqWyreEAHaT9h+KS/wAAAAAA8EjZve/m70lELLzcV3tU9dTLunONDNhupbwDAHLjFj9QXIb+QHE5xweSNcozp/8n69mzlZnTm9gZAAAAAAAAAAAAAApn/17z/6GozP+H4jL/H4ornf+/L+c4gM5zjg/EGjP5V83/L69nLwAAAAAAAAAAAABgK83OXzk/MT09ddnCW23u/stjEbkH395CpVK5Wv0reFjieQgWdmxi93QofP5HkbmQzvVb3175vScBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN/g8AAP//Z+EiqQ==")

426.215593ms ago: executing program 4 (id=1172):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffefe, @void, @value}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000001a2142800008586dd61bcc1d700006cff0000010000000000000000000002000100000000000000000000000000000001"], 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x8, &(0x7f0000000200), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = open(&(0x7f0000000280)='.\x00', 0xe0a82, 0x0)
fcntl$notify(r2, 0x402, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x1008002, &(0x7f0000000140)={[{@noauto_da_alloc}, {@grpquota}, {@grpjquota}, {@barrier}, {@dioread_nolock}, {@nodiscard}, {@nomblk_io_submit}, {@nodiscard}]}, 0x81, 0x601, &(0x7f00000011c0)="$eJzs3c9vFFUcAPDv7LalpWgLMSoepIkxkCgtLWCI8QBXQxr8ES8etNKCSIGG1mjRhJLgxcR4McbEkwfxv1AiVy7qyYMXT4aEKOFo4prd7pRuO7ttt+0OYT6fZOnMvB3ed7r97nsz+95sAIU1VP2nFLE3ImaSiIFkYamsK+qFQ4vPu3/v09PVRxKVyht/J5HUt6XPT+o/++s790bErz8nsae8ut7Z+SvnJ6anpy7X10fmLsyMzM5fOXjuwsTZqbNTF8deGjt29MjRY6OH2jquqxnbTl7/4KOBz8ff/v7bf5PRH/4YT+J4vFp/4vLj2CpDMVT7nSSri/qPbXVlOSnX/06Wv8RJV44BsSHp69cdEU/FQJTjwYs3EJ+9lmtwwLaqJBEVoKAS+Q8FlfYD0nP7lefBpVx6JUAn3D2xeAFgdf53LV4bjN7atYGd95NYflkniYj2rsw12hURt2+NXz9za/x6bNN1OCDbwrWIeDor/5Na/g9GbwzW8r/UkP/VfsGp+s/q9te3KJ618l9/BLbOYv73tsz/aJL/7y7L//farH/oweL7fQ3539fuIQEAAAAAAEBh3TwRES9mff5fWhr/Exnjf/oj4vgW1D+0Yn315/+lO1tQDZDh7omIVzLH/5bS0TaD5WVrg9GdnDk3PXUoIh6PiAPRvaO6PtqijoNf7PmmWdlQffxf+qjWf7s+FrAex52uHY37TE7MTWz2uIGIu9cinskc/5sstf9JRvtffS+YWWcde56/capZ2dr5D2yXyncR+zPb/wd3rUha359jpNYfGEl7Bas9+8mXPzarv938d4sJ2Lxq+7+zdf4PJsvv1zO78ToOz3dVmpW12//vSd6s3XKmp77t44m5ucujET3JyXJ1a8P2sY3HDI+iNB/SfKnm/4HnWl//y+r/90XEwor/O/mncU5x6sn/+v9sFo/+P+Snmv+TG2r/N74wdmPwp2b1p/mfNvHZ7f+RWlt/oL5lMuN+glBEX6dp2tO4PSMdu7KKOh0vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwKShGxK5LS8NJyqTQ8HNEfEU/EztL0pdm5F85c+vDiZLWs9v3/pfSbfgcW15P0+/8Hl62PrVg/HBG7I+Krcl9tffj0penJvA8eAAAAAAAAAAAAAAAAAAAAHhL9Teb/V/1Vzjs6YNt15R0AkJuM/P8tjziAztP+Q3G1zP937nUuEKDj1tP+93YgDqDz9P+huOQ/FNfq/G/1yf+9SqWyreEAHaT9h+KS/wAAAAAA8EjZve/m70lELLzcV3tU9dTLunONDNhupbwDAHLjFj9QXIb+QHE5xweSNcozp/8n69mzlZnTm9gZAAAAAAAAAAAAAApn/17z/6GozP+H4jL/H4ornf+/L+c4gM5zjg/EGjP5V83/L69nLwAAAAAAAAAAAABgK83OXzk/MT09ddnCW23u/stjEbkH395CpVK5Wv0reFjieQgWdmxi93QofP5HkbmQzvVb3175vScBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN/g8AAP//Z+EiqQ==")

379.903754ms ago: executing program 3 (id=1173):
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000000), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
creat(0x0, 0x0)
syz_usb_connect(0x4, 0x3c, &(0x7f0000000000)=ANY=[], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010102000000000000000002000000240002800c000280040001003a00000014000180080001cd4bde2a0192000000000000000c001980080002"], 0x44}, 0x1, 0x0, 0x0, 0x200448c1}, 0x40)

294.520275ms ago: executing program 2 (id=1174):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="6ea88d319b8caaaab2aaaa1308004500001c00000000001190780000001dffffffff00434e2200089078"], 0x0)

263.652796ms ago: executing program 2 (id=1175):
socket(0x10, 0x3, 0x9)
socket$tipc(0x1e, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x3, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='rpcgss_svc_seqno_bad\x00', r1}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000180), 0xfea7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x802c, @mcast2, 0x5}, 0x1c)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300"], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r6, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r2], 0x4}}, 0x0)
sendfile(r5, r3, 0x0, 0x100000000)

114.055308ms ago: executing program 0 (id=1176):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000200)={0x0, &(0x7f00000000c0)})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
getrlimit(0x6, &(0x7f0000000180))

93.531218ms ago: executing program 2 (id=1177):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000440)=ANY=[@ANYBLOB="18000003000000000085100000fcfdffff250000110000000085100000faffffff9500000000000000802bf810525281b4ddbcb8bffc22a49a8c717ab55cabef62cee02d3d498b4479e30a9dc7798e99d0effbfc6951565a8bbf62997c0441d9ec2e31ad28d81f4eeba1150ad690191f241109ebd2c134e70142f2bc675cad4ab4916edbe08f1e544671bf000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x8, 0x20002, 0x80b, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioperm(0x0, 0x4, 0x1)
pivot_root(0x0, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x0, 0x4, 0x3, 0x7})
ioperm(0x153, 0x68, 0x7)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

58.491709ms ago: executing program 4 (id=1178):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="ba9a976ae1efbd56ba8b9ef40efe14f29578d13b318814e5e9c88e4a9586df807646d68c606da76224ea8673ac4dbce7184530b1579beaa406ef7ec5e12e03592eb98685f3e5894cfac92f0a3498e34458c66ca053ff4724f54c71a331ec706ad4dce27545421d10019034845539b43cfba1ffbd819cae6e85536025887069d1e7930777e743ba5a46465edf5347fd80800295e4958e759483b1845f0c7276143326b05cb52b96a02d1dc3223f84aa850172acc99191f788", @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b9040200000000806c010000150010001800feffffff09000d2000000401a80074efc22bb31ad49f50a03cb4d92706000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e67c20b278d56cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d", 0xd8}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x2000)
close(r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1600000000000000040000000300000000000000", @ANYRES32=0x1, @ANYBLOB="00009407c674f3330062000000000000000000006e20fbdaa1a238abc83c1241ee46580e248c6aa47c51201862d0ccd4a729664a78538d7286b1d7d1c65fe9019be32376f11244ca4a0bf35c31141548f492798b3810919201f6e71264a2585a1c1664", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000640)='iocost_ioc_vrate_adj\x00'}, 0x18)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000f40)=ANY=[@ANYBLOB="0a00000016000000b30000007f"], 0x50)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000006c0)={0xe4, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa, 0x0, 0x2}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x30, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x9c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0xe4}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x15, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000f30c000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700009500"/40], &(0x7f0000000600)='GPL\x00', 0x2, 0x1000, &(0x7f0000000f80)=""/4096, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000840)={0x4, 0x4, 0x7, 0xd}, 0x10, 0x0, 0xffffffffffffffff, 0x4, &(0x7f00000009c0)=[0xffffffffffffffff], &(0x7f0000000a00)=[{0x5, 0x1, 0x10, 0x9}, {0x4, 0x5, 0x2, 0xb}, {0x4, 0x1, 0x7}, {0x5, 0x2, 0x9, 0xb}], 0x10, 0x7, @void, @value}, 0x94)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_enter\x00', r9}, 0x18)
io_setup(0x2, &(0x7f0000002400)=<r10=>0x0)
io_submit(r10, 0x0, 0x0)

55.311969ms ago: executing program 2 (id=1179):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x0, 0x20000000000003c3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

0s ago: executing program 0 (id=1180):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x2201, 0x800}}, 0x20}}, 0x40040)

kernel console output (not intermixed with test programs):

ng is disabled
[   69.983767][ T4905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.003421][   T29] audit: type=1326 audit(2000000025.910:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.022387][ T4919] FAULT_INJECTION: forcing a failure.
[   70.022387][ T4919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.029304][   T29] audit: type=1326 audit(2000000025.910:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.044133][ T4919] CPU: 0 UID: 0 PID: 4919 Comm: syz.4.486 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   70.044239][ T4919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   70.044251][ T4919] Call Trace:
[   70.044261][ T4919]  <TASK>
[   70.044270][ T4919]  __dump_stack+0x1d/0x30
[   70.044290][ T4919]  dump_stack_lvl+0xe8/0x140
[   70.044309][ T4919]  dump_stack+0x15/0x1b
[   70.044324][ T4919]  should_fail_ex+0x265/0x280
[   70.044374][ T4919]  should_fail+0xb/0x20
[   70.044400][ T4919]  should_fail_usercopy+0x1a/0x20
[   70.044419][ T4919]  _copy_from_iter+0xcf/0xdd0
[   70.044451][ T4919]  hci_sock_sendmsg+0x36d/0x900
[   70.044517][ T4919]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[   70.044541][ T4919]  __sock_sendmsg+0x145/0x180
[   70.044630][ T4919]  sock_write_iter+0x165/0x1b0
[   70.044657][ T4919]  aio_write+0x2e5/0x410
[   70.044690][ T4919]  io_submit_one+0xac8/0x11b0
[   70.044743][ T4919]  __se_sys_io_submit+0xfb/0x280
[   70.044769][ T4919]  __x64_sys_io_submit+0x43/0x50
[   70.044791][ T4919]  x64_sys_call+0xfc4/0x2fb0
[   70.044823][ T4919]  do_syscall_64+0xd0/0x1a0
[   70.044894][ T4919]  ? clear_bhb_loop+0x40/0x90
[   70.044914][ T4919]  ? clear_bhb_loop+0x40/0x90
[   70.044934][ T4919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.044954][ T4919] RIP: 0033:0x7f54bff5e969
[   70.044969][ T4919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.045041][ T4919] RSP: 002b:00007f54be5c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   70.045058][ T4919] RAX: ffffffffffffffda RBX: 00007f54c0185fa0 RCX: 00007f54bff5e969
[   70.045070][ T4919] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f54c0cc4000
[   70.045111][ T4919] RBP: 00007f54be5c7090 R08: 0000000000000000 R09: 0000000000000000
[   70.045122][ T4919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.045133][ T4919] R13: 0000000000000000 R14: 00007f54c0185fa0 R15: 00007ffe671f1ca8
[   70.045151][ T4919]  </TASK>
[   70.070011][ T4905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.082971][   T29] audit: type=1326 audit(2000000025.910:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.329800][   T29] audit: type=1326 audit(2000000025.910:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.355767][   T29] audit: type=1326 audit(2000000025.910:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.381018][   T29] audit: type=1326 audit(2000000025.910:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.406245][   T29] audit: type=1326 audit(2000000025.910:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.432410][   T29] audit: type=1326 audit(2000000025.910:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.458000][   T29] audit: type=1326 audit(2000000025.910:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4916 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbb308fe969 code=0x7ffc0000
[   70.486766][ T4915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   70.511804][ T4914] tipc: Resetting bearer <eth:syzkaller0>
[   70.528560][ T4914] tipc: Disabling bearer <eth:syzkaller0>
[   70.597326][ T4938] FAULT_INJECTION: forcing a failure.
[   70.597326][ T4938] name failslab, interval 1, probability 0, space 0, times 0
[   70.611836][ T4938] CPU: 1 UID: 0 PID: 4938 Comm: syz.2.493 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   70.611941][ T4938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   70.611951][ T4938] Call Trace:
[   70.611957][ T4938]  <TASK>
[   70.611963][ T4938]  __dump_stack+0x1d/0x30
[   70.611982][ T4938]  dump_stack_lvl+0xe8/0x140
[   70.612009][ T4938]  dump_stack+0x15/0x1b
[   70.612024][ T4938]  should_fail_ex+0x265/0x280
[   70.612051][ T4938]  should_failslab+0x8c/0xb0
[   70.612102][ T4938]  __kmalloc_noprof+0xa5/0x3e0
[   70.612117][ T4938]  ? sel_write_access+0x151/0x2b0
[   70.612195][ T4938]  sel_write_access+0x151/0x2b0
[   70.612216][ T4938]  selinux_transaction_write+0xc6/0x110
[   70.612237][ T4938]  ? __pfx_selinux_transaction_write+0x10/0x10
[   70.612255][ T4938]  vfs_write+0x266/0x8d0
[   70.612290][ T4938]  ? __rcu_read_unlock+0x4f/0x70
[   70.612311][ T4938]  ? __fget_files+0x184/0x1c0
[   70.612335][ T4938]  ksys_write+0xda/0x1a0
[   70.612358][ T4938]  __x64_sys_write+0x40/0x50
[   70.612390][ T4938]  x64_sys_call+0x2cdd/0x2fb0
[   70.612456][ T4938]  do_syscall_64+0xd0/0x1a0
[   70.612476][ T4938]  ? clear_bhb_loop+0x40/0x90
[   70.612496][ T4938]  ? clear_bhb_loop+0x40/0x90
[   70.612515][ T4938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.612614][ T4938] RIP: 0033:0x7f2b7ab2e969
[   70.612630][ T4938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.612648][ T4938] RSP: 002b:00007f2b79197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   70.612668][ T4938] RAX: ffffffffffffffda RBX: 00007f2b7ad55fa0 RCX: 00007f2b7ab2e969
[   70.612681][ T4938] RDX: 0000000000000058 RSI: 0000200000000780 RDI: 0000000000000004
[   70.612694][ T4938] RBP: 00007f2b79197090 R08: 0000000000000000 R09: 0000000000000000
[   70.612767][ T4938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.612779][ T4938] R13: 0000000000000000 R14: 00007f2b7ad55fa0 R15: 00007ffd17139f18
[   70.612799][ T4938]  </TASK>
[   70.840321][ T4943] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   70.902256][ T4939] loop4: detected capacity change from 0 to 8192
[   70.946066][ T4956] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   70.956731][ T4326]  loop4: p1 p2[DM] p4
[   70.961811][ T4326] loop4: p1 size 196608 extends beyond EOD, truncated
[   70.971226][ T4326] loop4: p2 start 4292936063 is beyond EOD, truncated
[   70.978872][ T4326] loop4: p4 size 50331648 extends beyond EOD, truncated
[   71.000510][ T4939]  loop4: p1 p2[DM] p4
[   71.007545][ T4939] loop4: p1 size 196608 extends beyond EOD, truncated
[   71.017518][ T4939] loop4: p2 start 4292936063 is beyond EOD, truncated
[   71.025743][ T4939] loop4: p4 size 50331648 extends beyond EOD, truncated
[   71.065424][ T4965] loop2: detected capacity change from 0 to 1024
[   71.073690][ T4965] EXT4-fs: Ignoring removed nomblk_io_submit option
[   71.085470][ T4965] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.110105][ T4965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.178596][ T4973] FAULT_INJECTION: forcing a failure.
[   71.178596][ T4973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.193582][ T4973] CPU: 1 UID: 0 PID: 4973 Comm: syz.1.509 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   71.193605][ T4973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   71.193615][ T4973] Call Trace:
[   71.193622][ T4973]  <TASK>
[   71.193673][ T4973]  __dump_stack+0x1d/0x30
[   71.193691][ T4973]  dump_stack_lvl+0xe8/0x140
[   71.193706][ T4973]  dump_stack+0x15/0x1b
[   71.193719][ T4973]  should_fail_ex+0x265/0x280
[   71.193773][ T4973]  should_fail+0xb/0x20
[   71.193798][ T4973]  should_fail_usercopy+0x1a/0x20
[   71.193813][ T4973]  _copy_from_user+0x1c/0xb0
[   71.193887][ T4973]  ___sys_sendmsg+0xc1/0x1d0
[   71.193914][ T4973]  __x64_sys_sendmsg+0xd4/0x160
[   71.193934][ T4973]  x64_sys_call+0x2999/0x2fb0
[   71.193949][ T4973]  do_syscall_64+0xd0/0x1a0
[   71.193968][ T4973]  ? clear_bhb_loop+0x40/0x90
[   71.193990][ T4973]  ? clear_bhb_loop+0x40/0x90
[   71.194010][ T4973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.194027][ T4973] RIP: 0033:0x7f43b7ffe969
[   71.194090][ T4973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.194103][ T4973] RSP: 002b:00007f43b6667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.194118][ T4973] RAX: ffffffffffffffda RBX: 00007f43b8225fa0 RCX: 00007f43b7ffe969
[   71.194127][ T4973] RDX: 0000000000000004 RSI: 0000200000000280 RDI: 0000000000000003
[   71.194137][ T4973] RBP: 00007f43b6667090 R08: 0000000000000000 R09: 0000000000000000
[   71.194178][ T4973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.194187][ T4973] R13: 0000000000000000 R14: 00007f43b8225fa0 R15: 00007ffeaab72128
[   71.194202][ T4973]  </TASK>
[   71.198213][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.429175][ T4979] macvlan1: entered promiscuous mode
[   71.436740][ T4979] ipvlan0: entered promiscuous mode
[   71.444951][ T4979] ipvlan0: left promiscuous mode
[   71.453034][ T4979] macvlan1: left promiscuous mode
[   71.554150][ T4993] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   71.592185][ T4995] loop2: detected capacity change from 0 to 1024
[   71.599528][ T4995] EXT4-fs: Ignoring removed nomblk_io_submit option
[   71.608148][ T4995] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.633457][ T4995] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.660077][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.685938][ T5008] loop2: detected capacity change from 0 to 512
[   71.714823][ T5008] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   71.731123][ T5008] EXT4-fs (loop2): mount failed
[   71.800381][ T5016] netlink: 12 bytes leftover after parsing attributes in process `syz.2.522'.
[   71.815727][ T5016] netlink: 6 bytes leftover after parsing attributes in process `syz.2.522'.
[   71.925984][ T5024] netlink: 'syz.0.527': attribute type 1 has an invalid length.
[   71.952965][ T5026] netlink: 24 bytes leftover after parsing attributes in process `syz.0.528'.
[   72.069229][ T5034] netlink: 96 bytes leftover after parsing attributes in process `syz.0.532'.
[   72.080719][ T5034] netlink: 'syz.0.532': attribute type 5 has an invalid length.
[   72.390759][ T5050] netlink: 'syz.0.538': attribute type 1 has an invalid length.
[   72.437027][ T5056] FAULT_INJECTION: forcing a failure.
[   72.437027][ T5056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.451595][ T5056] CPU: 0 UID: 0 PID: 5056 Comm: syz.0.540 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   72.451759][ T5056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   72.451771][ T5056] Call Trace:
[   72.451777][ T5056]  <TASK>
[   72.451785][ T5056]  __dump_stack+0x1d/0x30
[   72.451804][ T5056]  dump_stack_lvl+0xe8/0x140
[   72.451820][ T5056]  dump_stack+0x15/0x1b
[   72.451833][ T5056]  should_fail_ex+0x265/0x280
[   72.451913][ T5056]  should_fail+0xb/0x20
[   72.451959][ T5056]  should_fail_usercopy+0x1a/0x20
[   72.451976][ T5056]  _copy_from_iter+0xcf/0xdd0
[   72.451994][ T5056]  ? __build_skb_around+0x1a0/0x200
[   72.452099][ T5056]  ? __alloc_skb+0x223/0x320
[   72.452128][ T5056]  netlink_sendmsg+0x471/0x6b0
[   72.452148][ T5056]  ? __pfx_netlink_sendmsg+0x10/0x10
[   72.452192][ T5056]  __sock_sendmsg+0x145/0x180
[   72.452215][ T5056]  ____sys_sendmsg+0x345/0x4e0
[   72.452236][ T5056]  ___sys_sendmsg+0x17b/0x1d0
[   72.452288][ T5056]  __sys_sendmmsg+0x178/0x300
[   72.452314][ T5056]  __x64_sys_sendmmsg+0x57/0x70
[   72.452333][ T5056]  x64_sys_call+0x2f2f/0x2fb0
[   72.452350][ T5056]  do_syscall_64+0xd0/0x1a0
[   72.452416][ T5056]  ? clear_bhb_loop+0x40/0x90
[   72.452436][ T5056]  ? clear_bhb_loop+0x40/0x90
[   72.452455][ T5056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.452541][ T5056] RIP: 0033:0x7fbb308fe969
[   72.452555][ T5056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.452568][ T5056] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   72.452658][ T5056] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[   72.452716][ T5056] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[   72.452726][ T5056] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[   72.452736][ T5056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.452746][ T5056] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[   72.452762][ T5056]  </TASK>
[   72.737370][ T5052] loop3: detected capacity change from 0 to 1024
[   72.798954][ T5052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.850499][ T5052] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   72.867593][ T5052] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   72.882125][ T5052] EXT4-fs (loop3): This should not happen!! Data will be lost
[   72.882125][ T5052] 
[   72.893663][ T5052] EXT4-fs (loop3): Total free blocks count 0
[   72.900435][ T5052] EXT4-fs (loop3): Free/Dirty block details
[   72.906894][ T5052] EXT4-fs (loop3): free_blocks=68451041280
[   72.914310][ T5052] EXT4-fs (loop3): dirty_blocks=80
[   72.920035][ T5052] EXT4-fs (loop3): Block reservation details
[   72.926551][ T5052] EXT4-fs (loop3): i_reserved_data_blocks=5
[   72.965202][ T5080] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   72.972112][ T5080] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   72.980564][ T5080] vhci_hcd vhci_hcd.0: Device attached
[   73.014597][ T5084] netlink: 'wg1': attribute type 1 has an invalid length.
[   73.051972][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.110135][ T5080] __nla_validate_parse: 1 callbacks suppressed
[   73.110152][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.4.550'.
[   73.133826][ T5081] vhci_hcd: connection closed
[   73.135779][ T4463] vhci_hcd: stop threads
[   73.148186][ T4463] vhci_hcd: release socket
[   73.153898][ T4463] vhci_hcd: disconnect device
[   73.162410][ T1041] vhci_hcd: vhci_device speed not set
[   73.304903][ T5114] loop1: detected capacity change from 0 to 1024
[   73.341628][ T5114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.359718][ T5114] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   73.376550][ T5114] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   73.392201][ T5114] EXT4-fs (loop1): This should not happen!! Data will be lost
[   73.392201][ T5114] 
[   73.402855][ T5114] EXT4-fs (loop1): Total free blocks count 0
[   73.409280][ T5114] EXT4-fs (loop1): Free/Dirty block details
[   73.416068][ T5114] EXT4-fs (loop1): free_blocks=68451041280
[   73.423661][ T5114] EXT4-fs (loop1): dirty_blocks=80
[   73.429168][ T5114] EXT4-fs (loop1): Block reservation details
[   73.436629][ T5114] EXT4-fs (loop1): i_reserved_data_blocks=5
[   73.457220][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.622371][ T5129] loop1: detected capacity change from 0 to 1024
[   73.631028][ T5129] EXT4-fs: Ignoring removed nomblk_io_submit option
[   73.683247][ T5129] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   73.704157][ T5129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.742764][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.753186][ T5138] loop4: detected capacity change from 0 to 2048
[   73.790611][ T5138] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.809685][ T5138] netlink: 8 bytes leftover after parsing attributes in process `syz.4.566'.
[   73.964336][ T5154] loop2: detected capacity change from 0 to 164
[   73.997290][ T5156] loop2: detected capacity change from 0 to 1024
[   74.014024][ T5156] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.028022][ T5156] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.041829][ T5156] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   74.084581][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.117016][ T5164] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.159476][ T5168] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.178340][ T5164] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.189452][ T5169] netlink: 'syz.2.575': attribute type 1 has an invalid length.
[   74.215411][ T5173] netlink: 'syz.3.577': attribute type 1 has an invalid length.
[   74.225032][ T5168] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.251568][ T5175] netlink: 'wg1': attribute type 1 has an invalid length.
[   74.264128][ T5164] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.313737][ T5168] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.336730][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.353937][ T5164] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.384966][ T5168] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.404663][ T5181] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   74.429295][ T5164] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.439071][ T5181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.452602][ T5181] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.462137][ T5164] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.477435][ T5164] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.493355][ T5164] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.508125][ T5168] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.520717][ T5168] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.534426][ T5168] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.546880][ T5168] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.964816][ T5204] loop2: detected capacity change from 0 to 512
[   74.973056][ T5204] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.996682][ T5204] EXT4-fs (loop2): 1 truncate cleaned up
[   75.004030][ T5204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.085203][ T5211] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.095028][ T5211] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.160361][ T5214] loop0: detected capacity change from 0 to 1024
[   75.161104][ T5214] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.198951][ T5214] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   75.264112][ T5214] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.290750][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.484695][ T5220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.493989][ T5220] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.616237][ T5223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.635248][ T5223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.706785][ T5229] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.753400][ T5229] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.767581][ T5230] netlink: 'syz.3.599': attribute type 1 has an invalid length.
[   75.803409][ T5229] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.853968][ T5229] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.045579][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.058870][ T5238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[   76.069173][ T5238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[   76.081782][ T5238] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[   76.156822][   T29] kauditd_printk_skb: 127 callbacks suppressed
[   76.156911][   T29] audit: type=1326 audit(2000000032.070:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.206343][ T5251] loop2: detected capacity change from 0 to 1024
[   76.222301][ T5253] netlink: 56 bytes leftover after parsing attributes in process `syz.4.608'.
[   76.235557][ T5251] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.248433][   T29] audit: type=1326 audit(2000000032.100:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.274851][   T29] audit: type=1326 audit(2000000032.100:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.301199][   T29] audit: type=1326 audit(2000000032.100:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.326517][   T29] audit: type=1326 audit(2000000032.100:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.352654][   T29] audit: type=1326 audit(2000000032.100:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.354694][ T5251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.380874][   T29] audit: type=1326 audit(2000000032.100:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.380953][   T29] audit: type=1326 audit(2000000032.100:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.381000][   T29] audit: type=1326 audit(2000000032.100:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.381026][   T29] audit: type=1326 audit(2000000032.100:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5248 comm="syz.4.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   76.506418][ T5251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.536506][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.584139][ T5262] FAULT_INJECTION: forcing a failure.
[   76.584139][ T5262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.598637][ T5262] CPU: 1 UID: 0 PID: 5262 Comm: syz.2.612 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   76.598720][ T5262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   76.598731][ T5262] Call Trace:
[   76.598738][ T5262]  <TASK>
[   76.598745][ T5262]  __dump_stack+0x1d/0x30
[   76.598765][ T5262]  dump_stack_lvl+0xe8/0x140
[   76.599186][ T5262]  dump_stack+0x15/0x1b
[   76.599204][ T5262]  should_fail_ex+0x265/0x280
[   76.600105][ T5262]  should_fail+0xb/0x20
[   76.600139][ T5262]  should_fail_usercopy+0x1a/0x20
[   76.600160][ T5262]  _copy_from_iter+0xcf/0xdd0
[   76.600399][ T5262]  ? __build_skb_around+0x1a0/0x200
[   76.600550][ T5262]  ? __alloc_skb+0x223/0x320
[   76.600595][ T5262]  pfkey_sendmsg+0x126/0x900
[   76.600621][ T5262]  ? avc_has_perm+0xd3/0x150
[   76.600639][ T5262]  ? selinux_socket_sendmsg+0x175/0x1b0
[   76.600662][ T5262]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   76.600702][ T5262]  __sock_sendmsg+0x145/0x180
[   76.600725][ T5262]  ____sys_sendmsg+0x31e/0x4e0
[   76.600754][ T5262]  ___sys_sendmsg+0x17b/0x1d0
[   76.600859][ T5262]  __x64_sys_sendmsg+0xd4/0x160
[   76.600880][ T5262]  x64_sys_call+0x2999/0x2fb0
[   76.600928][ T5262]  do_syscall_64+0xd0/0x1a0
[   76.600951][ T5262]  ? clear_bhb_loop+0x40/0x90
[   76.600970][ T5262]  ? clear_bhb_loop+0x40/0x90
[   76.600989][ T5262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.601019][ T5262] RIP: 0033:0x7f2b7ab2e969
[   76.601036][ T5262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.601155][ T5262] RSP: 002b:00007f2b79197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.601171][ T5262] RAX: ffffffffffffffda RBX: 00007f2b7ad55fa0 RCX: 00007f2b7ab2e969
[   76.601263][ T5262] RDX: 0000000020000000 RSI: 0000200000000180 RDI: 0000000000000003
[   76.601273][ T5262] RBP: 00007f2b79197090 R08: 0000000000000000 R09: 0000000000000000
[   76.601282][ T5262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.601292][ T5262] R13: 0000000000000000 R14: 00007f2b7ad55fa0 R15: 00007ffd17139f18
[   76.601308][ T5262]  </TASK>
[   76.623290][ T5266] loop4: detected capacity change from 0 to 512
[   76.820003][ T5273] loop1: detected capacity change from 0 to 512
[   76.836405][ T5266] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   76.839507][ T5273] EXT4-fs: Ignoring removed mblk_io_submit option
[   76.874731][ T5266] EXT4-fs (loop4): 1 truncate cleaned up
[   76.876602][ T5273] EXT4-fs: Ignoring removed bh option
[   76.886188][ T5273] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   76.897894][ T5266] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.925555][ T5273] EXT4-fs (loop1): 1 truncate cleaned up
[   76.932838][ T5273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.027678][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.109305][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.617'.
[   77.121352][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.617'.
[   77.145802][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.617'.
[   77.262750][ T5286] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   77.294642][ T5285] tipc: Resetting bearer <eth:syzkaller0>
[   77.309061][ T5285] tipc: Disabling bearer <eth:syzkaller0>
[   77.382978][ T5293] netlink: 56 bytes leftover after parsing attributes in process `syz.2.622'.
[   77.607826][ T5309] netlink: 'syz.2.628': attribute type 1 has an invalid length.
[   77.635585][ T5313] loop2: detected capacity change from 0 to 128
[   77.648692][ T5313] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[   77.657514][ T5313] FAT-fs (loop2): Filesystem has been set read-only
[   77.664638][ T5313] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[   77.901599][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.117587][ T5355] loop0: detected capacity change from 0 to 512
[   78.128968][ T5355] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   78.161565][ T5355] EXT4-fs (loop0): 1 truncate cleaned up
[   78.168949][ T5355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.230509][ T5362] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   78.496419][ T5378] loop4: detected capacity change from 0 to 8192
[   78.552365][ T4326]  loop4: p1 p2[DM] p4
[   78.556646][ T4326] loop4: p1 size 196608 extends beyond EOD, truncated
[   78.564491][ T4326] loop4: p2 start 4292936063 is beyond EOD, truncated
[   78.572214][ T4326] loop4: p4 size 50331648 extends beyond EOD, truncated
[   78.583454][ T5378]  loop4: p1 p2[DM] p4
[   78.587990][ T5378] loop4: p1 size 196608 extends beyond EOD, truncated
[   78.596202][ T5378] loop4: p2 start 4292936063 is beyond EOD, truncated
[   78.603396][ T5378] loop4: p4 size 50331648 extends beyond EOD, truncated
[   78.655705][ T5381] loop4: detected capacity change from 0 to 1024
[   78.671857][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   78.683904][ T4326] udevd[4326]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   78.696687][ T5381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.744422][ T4326] udevd[4326]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   78.759834][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   78.773398][ T5381] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   78.806524][ T5381] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   78.819111][ T5381] EXT4-fs (loop4): This should not happen!! Data will be lost
[   78.819111][ T5381] 
[   78.829172][ T5381] EXT4-fs (loop4): Total free blocks count 0
[   78.836182][ T5381] EXT4-fs (loop4): Free/Dirty block details
[   78.842533][ T5381] EXT4-fs (loop4): free_blocks=68451041280
[   78.848841][ T5381] EXT4-fs (loop4): dirty_blocks=80
[   78.854790][ T5381] EXT4-fs (loop4): Block reservation details
[   78.861725][ T5381] EXT4-fs (loop4): i_reserved_data_blocks=5
[   78.899882][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.923213][ T5397] loop2: detected capacity change from 0 to 164
[   78.930361][ T5402] loop4: detected capacity change from 0 to 2048
[   78.955532][ T5402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.981818][ T5402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.668'.
[   79.174226][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.237551][ T5229] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   79.249767][ T5229] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   79.262658][ T5229] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   79.276635][ T5229] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   79.321545][ T5429] loop2: detected capacity change from 0 to 1024
[   79.328112][ T5431] netlink: 'syz.3.679': attribute type 1 has an invalid length.
[   79.355391][ T5429] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.373416][ T5429] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   79.390932][ T5429] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   79.404134][ T5429] EXT4-fs (loop2): This should not happen!! Data will be lost
[   79.404134][ T5429] 
[   79.414576][ T5429] EXT4-fs (loop2): Total free blocks count 0
[   79.421552][ T5429] EXT4-fs (loop2): Free/Dirty block details
[   79.428949][ T5429] EXT4-fs (loop2): free_blocks=68451041280
[   79.435012][ T5429] EXT4-fs (loop2): dirty_blocks=80
[   79.440710][ T5429] EXT4-fs (loop2): Block reservation details
[   79.447219][ T5429] EXT4-fs (loop2): i_reserved_data_blocks=5
[   79.454912][ T5436] loop3: detected capacity change from 0 to 1024
[   79.471112][ T5436] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.480956][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.493255][ T5436] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.512307][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.525872][ T5436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.570840][ T5442] netlink: 16 bytes leftover after parsing attributes in process `syz.4.682'.
[   79.601684][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.761329][ T5459] netlink: 'syz.1.690': attribute type 1 has an invalid length.
[   79.787080][ T5461] FAULT_INJECTION: forcing a failure.
[   79.787080][ T5461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   79.802020][ T5461] CPU: 0 UID: 0 PID: 5461 Comm: syz.1.691 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   79.802123][ T5461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   79.802209][ T5461] Call Trace:
[   79.802215][ T5461]  <TASK>
[   79.802222][ T5461]  __dump_stack+0x1d/0x30
[   79.802244][ T5461]  dump_stack_lvl+0xe8/0x140
[   79.802263][ T5461]  dump_stack+0x15/0x1b
[   79.802276][ T5461]  should_fail_ex+0x265/0x280
[   79.802331][ T5461]  should_fail+0xb/0x20
[   79.802356][ T5461]  should_fail_usercopy+0x1a/0x20
[   79.802373][ T5461]  _copy_to_user+0x20/0xa0
[   79.802397][ T5461]  sg_read+0xb5a/0xcb0
[   79.802426][ T5461]  vfs_readv+0x3e6/0x670
[   79.802443][ T5461]  ? __pfx_sg_read+0x10/0x10
[   79.802531][ T5461]  do_readv+0xe7/0x210
[   79.802550][ T5461]  __x64_sys_readv+0x45/0x50
[   79.802643][ T5461]  x64_sys_call+0x29af/0x2fb0
[   79.802660][ T5461]  do_syscall_64+0xd0/0x1a0
[   79.802680][ T5461]  ? clear_bhb_loop+0x40/0x90
[   79.802704][ T5461]  ? clear_bhb_loop+0x40/0x90
[   79.802724][ T5461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.802794][ T5461] RIP: 0033:0x7f43b7ffe969
[   79.802810][ T5461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.802828][ T5461] RSP: 002b:00007f43b6667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   79.802848][ T5461] RAX: ffffffffffffffda RBX: 00007f43b8225fa0 RCX: 00007f43b7ffe969
[   79.802859][ T5461] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000006
[   79.802869][ T5461] RBP: 00007f43b6667090 R08: 0000000000000000 R09: 0000000000000000
[   79.802925][ T5461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.802938][ T5461] R13: 0000000000000000 R14: 00007f43b8225fa0 R15: 00007ffeaab72128
[   79.802954][ T5461]  </TASK>
[   80.012855][ T5462] loop4: detected capacity change from 0 to 1024
[   80.020524][ T5462] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.028768][ T5462] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   80.054495][ T5462] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.075898][ T5465] loop1: detected capacity change from 0 to 2048
[   80.103267][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.105237][ T5465] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.133683][ T5465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.692'.
[   80.192165][ T5471] loop4: detected capacity change from 0 to 2048
[   80.215003][ T5471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.243826][ T5471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.693'.
[   80.387948][ T5480] netlink: 16 bytes leftover after parsing attributes in process `syz.2.696'.
[   80.402370][ T5478] loop0: detected capacity change from 0 to 2048
[   80.474176][ T4326] Alternate GPT is invalid, using primary GPT.
[   80.482098][ T4326]  loop0: p2 p3 p7
[   80.499069][ T5478] Alternate GPT is invalid, using primary GPT.
[   80.506020][ T5478]  loop0: p2 p3 p7
[   80.656114][ T5491] netlink: 'syz.3.701': attribute type 1 has an invalid length.
[   80.725211][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.789862][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.813399][ T5497] loop3: detected capacity change from 0 to 1024
[   80.820209][ T5497] EXT4-fs: Ignoring removed nomblk_io_submit option
[   80.900944][ T5497] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   80.932056][ T5497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.953545][ T5505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.707'.
[   80.970496][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.101604][ T5514] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   81.124989][ T5516] loop3: detected capacity change from 0 to 2048
[   81.138635][ T5518] netlink: 'syz.0.713': attribute type 1 has an invalid length.
[   81.166475][ T5516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.184982][ T5516] netlink: 8 bytes leftover after parsing attributes in process `syz.3.712'.
[   81.207741][ T5524] loop0: detected capacity change from 0 to 1024
[   81.225188][ T5524] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.241237][ T5524] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   81.259995][ T5524] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   81.273052][ T5524] EXT4-fs (loop0): This should not happen!! Data will be lost
[   81.273052][ T5524] 
[   81.283345][ T5524] EXT4-fs (loop0): Total free blocks count 0
[   81.289603][ T5524] EXT4-fs (loop0): Free/Dirty block details
[   81.296457][ T5524] EXT4-fs (loop0): free_blocks=68451041280
[   81.302991][ T5524] EXT4-fs (loop0): dirty_blocks=80
[   81.308616][ T5524] EXT4-fs (loop0): Block reservation details
[   81.315528][ T5524] EXT4-fs (loop0): i_reserved_data_blocks=5
[   81.332035][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.352322][ T5529] FAULT_INJECTION: forcing a failure.
[   81.352322][ T5529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.366273][ T5529] CPU: 0 UID: 0 PID: 5529 Comm: syz.0.716 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   81.366296][ T5529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   81.366303][ T5529] Call Trace:
[   81.366307][ T5529]  <TASK>
[   81.366313][ T5529]  __dump_stack+0x1d/0x30
[   81.366326][ T5529]  dump_stack_lvl+0xe8/0x140
[   81.366382][ T5529]  dump_stack+0x15/0x1b
[   81.366391][ T5529]  should_fail_ex+0x265/0x280
[   81.366408][ T5529]  should_fail+0xb/0x20
[   81.366423][ T5529]  should_fail_usercopy+0x1a/0x20
[   81.366494][ T5529]  _copy_to_user+0x20/0xa0
[   81.366506][ T5529]  sg_read+0xb5a/0xcb0
[   81.366523][ T5529]  vfs_readv+0x3e6/0x670
[   81.366534][ T5529]  ? __pfx_sg_read+0x10/0x10
[   81.366562][ T5529]  do_readv+0xe7/0x210
[   81.366571][ T5529]  __x64_sys_readv+0x45/0x50
[   81.366585][ T5529]  x64_sys_call+0x29af/0x2fb0
[   81.366597][ T5529]  do_syscall_64+0xd0/0x1a0
[   81.366683][ T5529]  ? clear_bhb_loop+0x40/0x90
[   81.366695][ T5529]  ? clear_bhb_loop+0x40/0x90
[   81.366706][ T5529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.366718][ T5529] RIP: 0033:0x7fbb308fe969
[   81.366727][ T5529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.366758][ T5529] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[   81.366769][ T5529] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[   81.366775][ T5529] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000004
[   81.366782][ T5529] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[   81.366788][ T5529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.366795][ T5529] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[   81.366825][ T5529]  </TASK>
[   81.646776][ T5540] loop0: detected capacity change from 0 to 1024
[   81.674230][ T5540] EXT4-fs: Ignoring removed nomblk_io_submit option
[   81.683870][ T5540] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.696324][ T5540] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.726365][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.746744][ T5546] FAULT_INJECTION: forcing a failure.
[   81.746744][ T5546] name failslab, interval 1, probability 0, space 0, times 0
[   81.761165][ T5546] CPU: 0 UID: 0 PID: 5546 Comm: syz.0.722 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   81.761191][ T5546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   81.761202][ T5546] Call Trace:
[   81.761207][ T5546]  <TASK>
[   81.761214][ T5546]  __dump_stack+0x1d/0x30
[   81.761234][ T5546]  dump_stack_lvl+0xe8/0x140
[   81.761259][ T5546]  dump_stack+0x15/0x1b
[   81.761335][ T5546]  should_fail_ex+0x265/0x280
[   81.761353][ T5546]  should_failslab+0x8c/0xb0
[   81.761369][ T5546]  kmem_cache_alloc_noprof+0x50/0x310
[   81.761380][ T5546]  ? skb_clone+0x151/0x1f0
[   81.761439][ T5546]  skb_clone+0x151/0x1f0
[   81.761462][ T5546]  __netlink_deliver_tap+0x2c9/0x500
[   81.761475][ T5546]  netlink_unicast+0x64c/0x670
[   81.761492][ T5546]  netlink_sendmsg+0x58b/0x6b0
[   81.761651][ T5546]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.761661][ T5546]  __sock_sendmsg+0x145/0x180
[   81.761676][ T5546]  ____sys_sendmsg+0x31e/0x4e0
[   81.761688][ T5546]  ___sys_sendmsg+0x17b/0x1d0
[   81.761710][ T5546]  __x64_sys_sendmsg+0xd4/0x160
[   81.761789][ T5546]  x64_sys_call+0x2999/0x2fb0
[   81.761800][ T5546]  do_syscall_64+0xd0/0x1a0
[   81.761813][ T5546]  ? clear_bhb_loop+0x40/0x90
[   81.761824][ T5546]  ? clear_bhb_loop+0x40/0x90
[   81.761835][ T5546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.761930][ T5546] RIP: 0033:0x7fbb308fe969
[   81.761943][ T5546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.761958][ T5546] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.762055][ T5546] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[   81.762066][ T5546] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[   81.762077][ T5546] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[   81.762088][ T5546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.762113][ T5546] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[   81.762205][ T5546]  </TASK>
[   81.982750][ T5546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.722'.
[   81.992258][ T5546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.722'.
[   82.008350][ T5548] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   82.043985][ T5550] netlink: 'syz.4.724': attribute type 1 has an invalid length.
[   82.059327][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.070235][ T5546] wireguard0: entered promiscuous mode
[   82.075102][ T5553] loop1: detected capacity change from 0 to 1024
[   82.076067][ T5546] wireguard0: entered allmulticast mode
[   82.107242][ T5558] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[   82.117183][ T5553] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.131330][ T5555] netlink: 'syz.2.727': attribute type 27 has an invalid length.
[   82.189194][ T5553] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   82.208898][ T5553] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   82.222708][ T5553] EXT4-fs (loop1): This should not happen!! Data will be lost
[   82.222708][ T5553] 
[   82.232925][ T5553] EXT4-fs (loop1): Total free blocks count 0
[   82.239692][ T5553] EXT4-fs (loop1): Free/Dirty block details
[   82.245626][ T5553] EXT4-fs (loop1): free_blocks=68451041280
[   82.252655][ T5553] EXT4-fs (loop1): dirty_blocks=80
[   82.258595][ T5553] EXT4-fs (loop1): Block reservation details
[   82.265441][ T5553] EXT4-fs (loop1): i_reserved_data_blocks=5
[   82.298795][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.323810][ T5555] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.331927][ T5555] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.382301][ T5576] loop3: detected capacity change from 0 to 8192
[   82.452875][ T5594] loop1: detected capacity change from 0 to 128
[   82.461333][ T5576]  loop3: p1 p2[DM] p4
[   82.466428][ T5576] loop3: p1 size 196608 extends beyond EOD, truncated
[   82.468562][ T5555] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.489859][ T5576] loop3: p2 start 4292936063 is beyond EOD, truncated
[   82.496507][ T5555] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.497234][ T5576] loop3: p4 size 50331648 extends beyond EOD, truncated
[   82.603178][ T5555] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.612903][ T5555] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.622286][ T5555] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.632561][ T5555] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   82.689900][ T5569] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.698238][ T5569] 8021q: adding VLAN 0 to HW filter on device team0
[   82.712913][ T5569] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.829013][ T5608] loop1: detected capacity change from 0 to 1024
[   82.838118][ T5608] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.853910][ T5608] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.877626][ T5608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.904165][ T5613] loop2: detected capacity change from 0 to 2048
[   82.926860][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.932689][ T5613] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.965911][ T5613] netlink: 8 bytes leftover after parsing attributes in process `syz.2.736'.
[   83.092074][ T5628] netlink: 'syz.3.739': attribute type 1 has an invalid length.
[   83.133536][   T29] kauditd_printk_skb: 210 callbacks suppressed
[   83.133591][   T29] audit: type=1326 audit(2000000039.050:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.174458][   T29] audit: type=1326 audit(2000000039.080:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.201101][   T29] audit: type=1326 audit(2000000039.080:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.227794][   T29] audit: type=1326 audit(2000000039.080:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.252600][   T29] audit: type=1326 audit(2000000039.080:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.277448][   T29] audit: type=1326 audit(2000000039.080:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.302465][   T29] audit: type=1326 audit(2000000039.080:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.327550][   T29] audit: type=1326 audit(2000000039.080:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.352777][   T29] audit: type=1326 audit(2000000039.080:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.377474][   T29] audit: type=1326 audit(2000000039.080:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5632 comm="syz.4.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   83.521041][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.558789][ T5650] loop1: detected capacity change from 0 to 1024
[   83.566863][ T5650] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.613352][ T5650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.638810][ T5650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.787170][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.889249][ T5675] loop2: detected capacity change from 0 to 2048
[   83.955670][ T5675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.988134][ T5685] loop3: detected capacity change from 0 to 512
[   84.003304][ T5685] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.758: iget: bad extra_isize 50264 (inode size 256)
[   84.037484][ T5685] EXT4-fs (loop3): Remounting filesystem read-only
[   84.045134][ T5685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.097946][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.138461][ T5699] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   84.341886][ T5718] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[   84.348971][ T5718] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   84.357857][ T5718] vhci_hcd vhci_hcd.0: Device attached
[   84.389726][ T5723] __nla_validate_parse: 2 callbacks suppressed
[   84.389751][ T5723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.774'.
[   84.423347][ T5726] loop4: detected capacity change from 0 to 512
[   84.431713][ T5723] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.441084][ T5723] batman_adv: batadv0: Removing interface: batadv_slave_0
[   84.451208][ T5726] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.777: iget: bad extra_isize 50264 (inode size 256)
[   84.472616][ T5726] EXT4-fs (loop4): Remounting filesystem read-only
[   84.480525][ T5726] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.502856][ T5723] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   84.511434][ T5723] batman_adv: batadv0: Removing interface: batadv_slave_1
[   84.512018][ T5726] FAULT_INJECTION: forcing a failure.
[   84.512018][ T5726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.534927][ T5726] CPU: 0 UID: 0 PID: 5726 Comm: syz.4.777 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   84.534952][ T5726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   84.534965][ T5726] Call Trace:
[   84.534971][ T5726]  <TASK>
[   84.534979][ T5726]  __dump_stack+0x1d/0x30
[   84.535077][ T5726]  dump_stack_lvl+0xe8/0x140
[   84.535097][ T5726]  dump_stack+0x15/0x1b
[   84.535113][ T5726]  should_fail_ex+0x265/0x280
[   84.535141][ T5726]  should_fail+0xb/0x20
[   84.535185][ T5726]  should_fail_usercopy+0x1a/0x20
[   84.535204][ T5726]  strncpy_from_user+0x25/0x230
[   84.535233][ T5726]  ? kmem_cache_alloc_noprof+0x186/0x310
[   84.535251][ T5726]  ? getname_flags+0x80/0x3b0
[   84.535339][ T5726]  getname_flags+0xae/0x3b0
[   84.535432][ T5726]  __x64_sys_mknod+0x40/0x60
[   84.535524][ T5726]  x64_sys_call+0x181c/0x2fb0
[   84.535544][ T5726]  do_syscall_64+0xd0/0x1a0
[   84.535627][ T5726]  ? clear_bhb_loop+0x40/0x90
[   84.535645][ T5726]  ? clear_bhb_loop+0x40/0x90
[   84.535662][ T5726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.535681][ T5726] RIP: 0033:0x7f54bff5e969
[   84.535693][ T5726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.535707][ T5726] RSP: 002b:00007f54be5c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[   84.535795][ T5726] RAX: ffffffffffffffda RBX: 00007f54c0185fa0 RCX: 00007f54bff5e969
[   84.535805][ T5726] RDX: 0000000000000708 RSI: 0000000000006000 RDI: 0000200000000180
[   84.535815][ T5726] RBP: 00007f54be5c7090 R08: 0000000000000000 R09: 0000000000000000
[   84.535825][ T5726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.535835][ T5726] R13: 0000000000000000 R14: 00007f54c0185fa0 R15: 00007ffe671f1ca8
[   84.535852][ T5726]  </TASK>
[   84.539494][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.563163][ T3381] vhci_hcd: vhci_device speed not set
[   84.803484][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.857953][ T3381] usb 3-1: new full-speed USB device number 2 using vhci_hcd
[   84.867899][ T5720] vhci_hcd: connection closed
[   84.868057][ T4453] vhci_hcd: stop threads
[   84.877947][ T4453] vhci_hcd: release socket
[   84.883585][ T4453] vhci_hcd: disconnect device
[   84.892049][ T3381] usb 3-1: enqueue for inactive port 0
[   84.924012][ T3381] usb 3-1: enqueue for inactive port 0
[   84.940315][ T3381] usb 3-1: enqueue for inactive port 0
[   85.032108][ T3381] vhci_hcd: vhci_device speed not set
[   85.171706][ T5758] loop0: detected capacity change from 0 to 8192
[   85.174308][ T5763] loop3: detected capacity change from 0 to 128
[   85.221792][ T5763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.791'.
[   85.232835][ T3302]  loop0: p1 p2[DM] p4
[   85.237251][ T3302] loop0: p1 size 196608 extends beyond EOD, truncated
[   85.247074][ T5763] 
: renamed from bond0 (while UP)
[   85.252873][ T3302] loop0: p2 start 4292936063 is beyond EOD, truncated
[   85.260052][ T3302] loop0: p4 size 50331648 extends beyond EOD, truncated
[   85.269743][ T5758]  loop0: p1 p2[DM] p4
[   85.274450][ T5758] loop0: p1 size 196608 extends beyond EOD, truncated
[   85.284305][ T5758] loop0: p2 start 4292936063 is beyond EOD, truncated
[   85.291272][ T5758] loop0: p4 size 50331648 extends beyond EOD, truncated
[   85.445333][ T5775] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   85.646226][ T5786] loop2: detected capacity change from 0 to 512
[   85.689324][ T5786] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.714086][ T5807] loop3: detected capacity change from 0 to 1024
[   85.786462][ T5786] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.797820][ T5807] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.829683][ T5807] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.899989][ T5812] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   85.907734][ T5812] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   85.916460][ T5812] vhci_hcd vhci_hcd.0: Device attached
[   86.052344][ T5815] netlink: 4 bytes leftover after parsing attributes in process `syz.4.808'.
[   86.070607][ T5813] vhci_hcd: connection closed
[   86.073507][ T4453] vhci_hcd: stop threads
[   86.083365][ T4453] vhci_hcd: release socket
[   86.088975][ T4453] vhci_hcd: disconnect device
[   86.112283][ T3394] vhci_hcd: vhci_device speed not set
[   86.228599][ T5835] loop0: detected capacity change from 0 to 8192
[   86.290426][ T5835]  loop0: p1 p2[DM] p4
[   86.297049][ T5835] loop0: p1 size 196608 extends beyond EOD, truncated
[   86.308518][ T5835] loop0: p2 start 4292936063 is beyond EOD, truncated
[   86.315636][ T5835] loop0: p4 size 50331648 extends beyond EOD, truncated
[   86.390544][ T5849] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   86.417833][ T5853] netlink: 'syz.1.822': attribute type 1 has an invalid length.
[   86.439664][ T5855] FAULT_INJECTION: forcing a failure.
[   86.439664][ T5855] name failslab, interval 1, probability 0, space 0, times 0
[   86.452775][ T5855] CPU: 1 UID: 0 PID: 5855 Comm: syz.2.823 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   86.452965][ T5855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   86.452977][ T5855] Call Trace:
[   86.452985][ T5855]  <TASK>
[   86.452995][ T5855]  __dump_stack+0x1d/0x30
[   86.453016][ T5855]  dump_stack_lvl+0xe8/0x140
[   86.453064][ T5855]  dump_stack+0x15/0x1b
[   86.453078][ T5855]  should_fail_ex+0x265/0x280
[   86.453108][ T5855]  should_failslab+0x8c/0xb0
[   86.453137][ T5855]  __kvmalloc_node_noprof+0x126/0x4d0
[   86.453187][ T5855]  ? seq_read_iter+0x13e/0x940
[   86.453205][ T5855]  seq_read_iter+0x13e/0x940
[   86.453220][ T5855]  ? kstrtoull+0x111/0x140
[   86.453249][ T5855]  seq_read+0x1f7/0x240
[   86.453270][ T5855]  ? __pfx_seq_read+0x10/0x10
[   86.453316][ T5855]  vfs_read+0x19d/0x6f0
[   86.453378][ T5855]  ? __rcu_read_unlock+0x4f/0x70
[   86.453399][ T5855]  ? __fget_files+0x184/0x1c0
[   86.453426][ T5855]  ksys_read+0xda/0x1a0
[   86.453448][ T5855]  __x64_sys_read+0x40/0x50
[   86.453511][ T5855]  x64_sys_call+0x2d77/0x2fb0
[   86.453528][ T5855]  do_syscall_64+0xd0/0x1a0
[   86.453548][ T5855]  ? clear_bhb_loop+0x40/0x90
[   86.453565][ T5855]  ? clear_bhb_loop+0x40/0x90
[   86.453583][ T5855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.453718][ T5855] RIP: 0033:0x7f2b7ab2e969
[   86.453732][ T5855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.453751][ T5855] RSP: 002b:00007f2b79197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.453769][ T5855] RAX: ffffffffffffffda RBX: 00007f2b7ad55fa0 RCX: 00007f2b7ab2e969
[   86.453844][ T5855] RDX: 0000000000000091 RSI: 0000200000000100 RDI: 0000000000000006
[   86.453855][ T5855] RBP: 00007f2b79197090 R08: 0000000000000000 R09: 0000000000000000
[   86.453896][ T5855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.453906][ T5855] R13: 0000000000000000 R14: 00007f2b7ad55fa0 R15: 00007ffd17139f18
[   86.453921][ T5855]  </TASK>
[   86.719522][ T5871] netdevsim netdevsim4: Direct firmware load for art failed with error -2
[   86.733564][ T5875] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   86.803836][ T5883] loop1: detected capacity change from 0 to 512
[   86.819966][ T5883] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   86.833416][ T5883] EXT4-fs (loop1): 1 truncate cleaned up
[   86.855602][ T5881] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   86.870211][ T5881] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.881881][ T5881] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.958395][ T5892] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   86.965376][ T5892] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   86.974037][ T5892] vhci_hcd vhci_hcd.0: Device attached
[   87.067228][ T5892] netlink: 4 bytes leftover after parsing attributes in process `syz.4.840'.
[   87.077006][ T5893] vhci_hcd: connection closed
[   87.077261][ T4462] vhci_hcd: stop threads
[   87.086575][ T4462] vhci_hcd: release socket
[   87.091520][ T4462] vhci_hcd: disconnect device
[   87.122973][ T5911] process 'syz.0.843' launched '/dev/fd/4' with NULL argv: empty string added
[   87.264379][ T5919] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   87.328691][ T5923] loop3: detected capacity change from 0 to 512
[   87.364716][ T5923] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   87.385221][ T5923] EXT4-fs (loop3): 1 truncate cleaned up
[   87.538775][ T5929] loop0: detected capacity change from 0 to 1024
[   87.562903][ T5929] EXT4-fs: Ignoring removed nomblk_io_submit option
[   87.615400][ T5929] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.690772][ T5933] loop4: detected capacity change from 0 to 8192
[   87.712363][ T4326]  loop4: p1 p2[DM] p4
[   87.731477][ T4326] loop4: p1 size 196608 extends beyond EOD, truncated
[   87.760350][ T4326] loop4: p2 start 4292936063 is beyond EOD, truncated
[   87.767503][ T4326] loop4: p4 size 50331648 extends beyond EOD, truncated
[   88.002428][ T5933]  loop4: p1 p2[DM] p4
[   88.020478][ T5947] loop0: detected capacity change from 0 to 512
[   88.029294][ T5933] loop4: p1 size 196608 extends beyond EOD, truncated
[   88.054085][ T5933] loop4: p2 start 4292936063 is beyond EOD, truncated
[   88.061253][ T5933] loop4: p4 size 50331648 extends beyond EOD, truncated
[   88.154262][ T5947] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   88.223989][ T5947] EXT4-fs (loop0): 1 truncate cleaned up
[   88.423123][ T5953] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   88.450664][   T29] kauditd_printk_skb: 274 callbacks suppressed
[   88.450679][   T29] audit: type=1326 audit(2000000044.350:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.480420][   T29] audit: type=1326 audit(2000000044.350:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.504595][   T29] audit: type=1326 audit(2000000044.350:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.528191][   T29] audit: type=1326 audit(2000000044.350:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.552150][   T29] audit: type=1326 audit(2000000044.350:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.576458][   T29] audit: type=1326 audit(2000000044.350:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.602368][   T29] audit: type=1326 audit(2000000044.350:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.626588][   T29] audit: type=1326 audit(2000000044.350:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.650242][   T29] audit: type=1326 audit(2000000044.350:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.674397][   T29] audit: type=1326 audit(2000000044.350:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5950 comm="syz.2.857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   88.773676][ T5963] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[   88.780268][ T5963] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   88.788051][ T5963] vhci_hcd vhci_hcd.0: Device attached
[   88.820776][ T5966] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   88.846006][ T5961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.855335][ T5961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.888625][ T5963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.862'.
[   88.898502][ T5964] vhci_hcd: connection closed
[   88.898710][ T4461] vhci_hcd: stop threads
[   88.907824][ T4461] vhci_hcd: release socket
[   88.912583][ T4461] vhci_hcd: disconnect device
[   89.161323][ T5974] loop3: detected capacity change from 0 to 1024
[   89.168581][ T5974] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.189457][ T5974] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.282510][ T5987] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   89.317043][ T5991] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5991 comm=syz.3.871
[   89.331134][ T5991] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5991 comm=syz.3.871
[   89.380137][ T5997] loop3: detected capacity change from 0 to 2048
[   89.389420][ T5995] loop2: detected capacity change from 0 to 8192
[   89.465567][ T3302]  loop2: p1 p2[DM] p4
[   89.469748][ T3302] loop2: p1 size 196608 extends beyond EOD, truncated
[   89.499615][ T3302] loop2: p2 start 4292936063 is beyond EOD, truncated
[   89.506584][ T3302] loop2: p4 size 50331648 extends beyond EOD, truncated
[   89.536732][ T6011] loop0: detected capacity change from 0 to 1024
[   89.562277][ T6011] EXT4-fs: Ignoring removed nomblk_io_submit option
[   89.587720][ T5997] 9pnet_fd: Insufficient options for proto=fd
[   89.596216][ T5997] EXT4-fs (loop3): shut down requested (2)
[   89.620988][ T5995]  loop2: p1 p2[DM] p4
[   89.625243][ T5995] loop2: p1 size 196608 extends beyond EOD, truncated
[   89.633459][ T5995] loop2: p2 start 4292936063 is beyond EOD, truncated
[   89.640302][ T5995] loop2: p4 size 50331648 extends beyond EOD, truncated
[   89.651491][ T6011] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.732851][ T6023] loop3: detected capacity change from 0 to 2048
[   89.797345][ T6031] FAULT_INJECTION: forcing a failure.
[   89.797345][ T6031] name failslab, interval 1, probability 0, space 0, times 0
[   89.810340][ T6031] CPU: 0 UID: 0 PID: 6031 Comm: syz.0.880 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   89.810377][ T6031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   89.810390][ T6031] Call Trace:
[   89.810397][ T6031]  <TASK>
[   89.810405][ T6031]  __dump_stack+0x1d/0x30
[   89.810458][ T6031]  dump_stack_lvl+0xe8/0x140
[   89.810477][ T6031]  dump_stack+0x15/0x1b
[   89.810492][ T6031]  should_fail_ex+0x265/0x280
[   89.810525][ T6031]  should_failslab+0x8c/0xb0
[   89.810553][ T6031]  kmem_cache_alloc_node_noprof+0x57/0x320
[   89.810643][ T6031]  ? __alloc_skb+0x101/0x320
[   89.810716][ T6031]  __alloc_skb+0x101/0x320
[   89.810761][ T6031]  netlink_alloc_large_skb+0xba/0xf0
[   89.810828][ T6031]  netlink_sendmsg+0x3cf/0x6b0
[   89.810848][ T6031]  ? __pfx_netlink_sendmsg+0x10/0x10
[   89.810867][ T6031]  __sock_sendmsg+0x145/0x180
[   89.810997][ T6031]  ____sys_sendmsg+0x31e/0x4e0
[   89.811018][ T6031]  ___sys_sendmsg+0x17b/0x1d0
[   89.811114][ T6031]  __x64_sys_sendmsg+0xd4/0x160
[   89.811136][ T6031]  x64_sys_call+0x2999/0x2fb0
[   89.811154][ T6031]  do_syscall_64+0xd0/0x1a0
[   89.811257][ T6031]  ? clear_bhb_loop+0x40/0x90
[   89.811274][ T6031]  ? clear_bhb_loop+0x40/0x90
[   89.811294][ T6031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.811314][ T6031] RIP: 0033:0x7fbb308fe969
[   89.811385][ T6031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.811400][ T6031] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.811418][ T6031] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[   89.811430][ T6031] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000006
[   89.811442][ T6031] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[   89.811493][ T6031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.811505][ T6031] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[   89.811522][ T6031]  </TASK>
[   89.821538][ T6030] netlink: 56 bytes leftover after parsing attributes in process `syz.1.881'.
[   89.996992][ T6043] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6043 comm=syz.0.883
[   90.045937][ T6034] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6034 comm=syz.0.883
[   90.089597][ T6052] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.121410][ T6048] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   90.134432][ T6048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.143921][ T6048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.185488][ T6052] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.201528][ T6057] loop2: detected capacity change from 0 to 1024
[   90.217920][ T6057] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   90.243694][ T6052] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.246687][ T6057] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   90.266148][ T6057] EXT4-fs (loop2): This should not happen!! Data will be lost
[   90.266148][ T6057] 
[   90.275861][ T6057] EXT4-fs (loop2): Total free blocks count 0
[   90.281991][ T6057] EXT4-fs (loop2): Free/Dirty block details
[   90.287887][ T6057] EXT4-fs (loop2): free_blocks=68451041280
[   90.293839][ T6057] EXT4-fs (loop2): dirty_blocks=80
[   90.298960][ T6057] EXT4-fs (loop2): Block reservation details
[   90.304967][ T6057] EXT4-fs (loop2): i_reserved_data_blocks=5
[   90.321760][ T6069] loop4: detected capacity change from 0 to 1024
[   90.334223][ T6052] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.366997][ T6069] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   90.387657][ T6072] loop1: detected capacity change from 0 to 1024
[   90.433349][ T6052] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.441703][ T6069] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   90.454092][ T6069] EXT4-fs (loop4): This should not happen!! Data will be lost
[   90.454092][ T6069] 
[   90.456349][ T6072] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.463842][ T6069] EXT4-fs (loop4): Total free blocks count 0
[   90.476579][ T6069] EXT4-fs (loop4): Free/Dirty block details
[   90.482508][ T6069] EXT4-fs (loop4): free_blocks=68451041280
[   90.488505][ T6069] EXT4-fs (loop4): dirty_blocks=80
[   90.493657][ T6069] EXT4-fs (loop4): Block reservation details
[   90.495126][ T6052] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.499640][ T6069] EXT4-fs (loop4): i_reserved_data_blocks=5
[   90.519822][ T6072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   90.526715][ T6052] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.550917][ T6052] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.666671][ T6096] FAULT_INJECTION: forcing a failure.
[   90.666671][ T6096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.679960][ T6096] CPU: 0 UID: 0 PID: 6096 Comm: syz.4.899 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   90.680092][ T6096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   90.680103][ T6096] Call Trace:
[   90.680109][ T6096]  <TASK>
[   90.680117][ T6096]  __dump_stack+0x1d/0x30
[   90.680139][ T6096]  dump_stack_lvl+0xe8/0x140
[   90.680221][ T6096]  dump_stack+0x15/0x1b
[   90.680237][ T6096]  should_fail_ex+0x265/0x280
[   90.680269][ T6096]  should_fail+0xb/0x20
[   90.680295][ T6096]  should_fail_usercopy+0x1a/0x20
[   90.680360][ T6096]  _copy_from_user+0x1c/0xb0
[   90.680427][ T6096]  __sys_bpf+0x178/0x790
[   90.680459][ T6096]  __x64_sys_bpf+0x41/0x50
[   90.680482][ T6096]  x64_sys_call+0x2478/0x2fb0
[   90.680560][ T6096]  do_syscall_64+0xd0/0x1a0
[   90.680582][ T6096]  ? clear_bhb_loop+0x40/0x90
[   90.680610][ T6096]  ? clear_bhb_loop+0x40/0x90
[   90.680637][ T6096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.680656][ T6096] RIP: 0033:0x7f54bff5e969
[   90.680671][ T6096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.680687][ T6096] RSP: 002b:00007f54be5c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   90.680724][ T6096] RAX: ffffffffffffffda RBX: 00007f54c0185fa0 RCX: 00007f54bff5e969
[   90.680735][ T6096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[   90.680745][ T6096] RBP: 00007f54be5c7090 R08: 0000000000000000 R09: 0000000000000000
[   90.680754][ T6096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.680765][ T6096] R13: 0000000000000000 R14: 00007f54c0185fa0 R15: 00007ffe671f1ca8
[   90.680784][ T6096]  </TASK>
[   90.859590][ T6100] loop1: detected capacity change from 0 to 8192
[   90.903286][ T4326]  loop1: p1 p2[DM] p4
[   90.907590][ T4326] loop1: p1 size 196608 extends beyond EOD, truncated
[   90.915948][ T4326] loop1: p2 start 4292936063 is beyond EOD, truncated
[   90.922891][ T4326] loop1: p4 size 50331648 extends beyond EOD, truncated
[   90.933661][ T6100]  loop1: p1 p2[DM] p4
[   90.938029][ T6100] loop1: p1 size 196608 extends beyond EOD, truncated
[   90.969946][ T6100] loop1: p2 start 4292936063 is beyond EOD, truncated
[   90.976875][ T6100] loop1: p4 size 50331648 extends beyond EOD, truncated
[   90.998321][ T6120] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.029690][ T6121] loop0: detected capacity change from 0 to 1024
[   91.052541][ T6121] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.059815][ T6123] loop4: detected capacity change from 0 to 512
[   91.071340][ T6123] EXT4-fs: Ignoring removed oldalloc option
[   91.090769][ T6123] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.908: Parent and EA inode have the same ino 15
[   91.109023][ T6121] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.117888][ T6123] EXT4-fs (loop4): Remounting filesystem read-only
[   91.124473][ T6123] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[   91.135272][ T6123] EXT4-fs (loop4): 1 orphan inode deleted
[   91.242740][ T6134] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   91.276472][ T6134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.293144][ T6134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.321045][ T6143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.390924][ T6143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.403273][ T6154] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.445138][ T6143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.498225][ T6161] FAULT_INJECTION: forcing a failure.
[   91.498225][ T6161] name failslab, interval 1, probability 0, space 0, times 0
[   91.511041][ T6161] CPU: 0 UID: 0 PID: 6161 Comm: +}[@ Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   91.511065][ T6161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   91.511151][ T6161] Call Trace:
[   91.511157][ T6161]  <TASK>
[   91.511223][ T6161]  __dump_stack+0x1d/0x30
[   91.511244][ T6161]  dump_stack_lvl+0xe8/0x140
[   91.511271][ T6161]  dump_stack+0x15/0x1b
[   91.511288][ T6161]  should_fail_ex+0x265/0x280
[   91.511320][ T6161]  should_failslab+0x8c/0xb0
[   91.511426][ T6161]  kmem_cache_alloc_noprof+0x50/0x310
[   91.511443][ T6161]  ? getname_flags+0x80/0x3b0
[   91.511468][ T6161]  getname_flags+0x80/0x3b0
[   91.511497][ T6161]  do_readlinkat+0x64/0x320
[   91.511573][ T6161]  __x64_sys_readlinkat+0x51/0x60
[   91.511650][ T6161]  x64_sys_call+0x2768/0x2fb0
[   91.511725][ T6161]  do_syscall_64+0xd0/0x1a0
[   91.511749][ T6161]  ? clear_bhb_loop+0x40/0x90
[   91.511767][ T6161]  ? clear_bhb_loop+0x40/0x90
[   91.511861][ T6161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.511877][ T6161] RIP: 0033:0x7fbb308fe969
[   91.511890][ T6161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.511909][ T6161] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[   91.511993][ T6161] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[   91.512002][ T6161] RDX: 0000200000000600 RSI: 0000200000000140 RDI: 0000000000000006
[   91.512011][ T6161] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[   91.512020][ T6161] R10: 00000000000000d5 R11: 0000000000000246 R12: 0000000000000001
[   91.512115][ T6161] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[   91.512130][ T6161]  </TASK>
[   91.693501][ T6143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.765821][ T6173] loop1: detected capacity change from 0 to 1024
[   91.788378][ T6173] EXT4-fs: Ignoring removed nomblk_io_submit option
[   91.790514][ T6143] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.795668][ T6173] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.825667][ T6143] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.838942][ T6143] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.852031][ T6143] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.941795][ T6188] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   91.980629][ T6194] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.933'.
[   92.021747][ T6197] netlink: 'syz.1.934': attribute type 1 has an invalid length.
[   92.043086][ T6195] loop2: detected capacity change from 0 to 8192
[   92.062365][ T6028]  loop2: p1 p2[DM] p4
[   92.066603][ T6028] loop2: p1 size 196608 extends beyond EOD, truncated
[   92.076159][ T6028] loop2: p2 start 4292936063 is beyond EOD, truncated
[   92.083140][ T6028] loop2: p4 size 50331648 extends beyond EOD, truncated
[   92.092077][ T6195]  loop2: p1 p2[DM] p4
[   92.096484][ T6195] loop2: p1 size 196608 extends beyond EOD, truncated
[   92.104407][ T6195] loop2: p2 start 4292936063 is beyond EOD, truncated
[   92.111189][ T6195] loop2: p4 size 50331648 extends beyond EOD, truncated
[   92.209284][ T6210] loop3: detected capacity change from 0 to 1024
[   92.233404][ T6210] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.245913][ T6210] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.294328][ T6214] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[   92.306979][ T6214] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.315631][ T6214] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.580515][ T6233] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   92.617122][ T6237] netlink: 65055 bytes leftover after parsing attributes in process `syz.3.947'.
[   92.645634][ T6239] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.696567][ T6239] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.764394][ T6239] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.813817][ T6239] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.876450][ T6248] loop2: detected capacity change from 0 to 512
[   92.903371][ T6248] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   92.918161][ T6248] EXT4-fs (loop2): 1 truncate cleaned up
[   92.918324][ T6249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   92.932646][ T6249] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.157339][ T6265] loop3: detected capacity change from 0 to 2048
[   93.460554][ T5582] hid-generic 00C6:0009:0000.0001: collection stack underflow
[   93.468216][ T5582] hid-generic 00C6:0009:0000.0001: item 0 0 0 12 parsing failed
[   93.494372][ T5582] hid-generic 00C6:0009:0000.0001: probe with driver hid-generic failed with error -22
[   93.568039][   T29] kauditd_printk_skb: 238 callbacks suppressed
[   93.568056][   T29] audit: type=1326 audit(2000000049.480:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.597767][   T29] audit: type=1326 audit(2000000049.480:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.621363][   T29] audit: type=1326 audit(2000000049.480:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.644932][   T29] audit: type=1326 audit(2000000049.480:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.657161][ T6285] netlink: 'syz.3.964': attribute type 1 has an invalid length.
[   93.668433][   T29] audit: type=1326 audit(2000000049.480:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.699300][   T29] audit: type=1326 audit(2000000049.480:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.722954][   T29] audit: type=1326 audit(2000000049.480:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.746495][   T29] audit: type=1326 audit(2000000049.480:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.770015][   T29] audit: type=1326 audit(2000000049.480:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.793338][   T29] audit: type=1326 audit(2000000049.480:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6282 comm="syz.4.963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f54bff5e969 code=0x7ffc0000
[   93.898932][ T6293] loop3: detected capacity change from 0 to 2048
[   94.034958][ T6309] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.044557][ T6309] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.191287][ T6322] netlink: 'syz.1.977': attribute type 32 has an invalid length.
[   94.207432][ T6324] netlink: 'syz.3.978': attribute type 1 has an invalid length.
[   94.225326][ T6326] netlink: 'syz.1.979': attribute type 1 has an invalid length.
[   94.594317][ T6347] loop2: detected capacity change from 0 to 512
[   94.609328][ T6239] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.619065][ T6361] netlink: 'syz.4.990': attribute type 1 has an invalid length.
[   94.621948][ T6239] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.636810][ T6347] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.639193][ T6239] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.658500][ T6239] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.677092][ T6365] netlink: 'syz.4.991': attribute type 1 has an invalid length.
[   94.799100][ T6379] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   94.805634][ T6379] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   94.813476][ T6379] vhci_hcd vhci_hcd.0: Device attached
[   94.868288][ T6392] loop1: detected capacity change from 0 to 512
[   94.884403][ T6379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.996'.
[   94.894395][ T6381] vhci_hcd: connection closed
[   94.894595][ T4455] vhci_hcd: stop threads
[   94.903570][ T4455] vhci_hcd: release socket
[   94.908061][ T4455] vhci_hcd: disconnect device
[   94.913372][ T6392] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.920525][ T6392] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   94.932338][ T6392] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   94.940275][ T6392] EXT4-fs (loop1): orphan cleanup on readonly fs
[   94.947401][ T6392] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.999: Invalid block bitmap block 0 in block_group 0
[   94.961516][ T6392] EXT4-fs (loop1): Remounting filesystem read-only
[   94.969848][ T6392] EXT4-fs (loop1): 1 orphan inode deleted
[   94.977640][ T6401] netlink: 'syz.4.1003': attribute type 1 has an invalid length.
[   95.001517][ T6403] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.043763][ T6403] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.093616][ T6403] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.133974][ T6403] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.252020][ T6426] FAULT_INJECTION: forcing a failure.
[   95.252020][ T6426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.265129][ T6426] CPU: 0 UID: 0 PID: 6426 Comm: syz.3.1011 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[   95.265153][ T6426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   95.265164][ T6426] Call Trace:
[   95.265170][ T6426]  <TASK>
[   95.265177][ T6426]  __dump_stack+0x1d/0x30
[   95.265278][ T6426]  dump_stack_lvl+0xe8/0x140
[   95.265289][ T6426]  dump_stack+0x15/0x1b
[   95.265297][ T6426]  should_fail_ex+0x265/0x280
[   95.265315][ T6426]  should_fail+0xb/0x20
[   95.265358][ T6426]  should_fail_usercopy+0x1a/0x20
[   95.265369][ T6426]  _copy_from_user+0x1c/0xb0
[   95.265381][ T6426]  __sys_sendto+0x19e/0x330
[   95.265456][ T6426]  __x64_sys_sendto+0x76/0x90
[   95.265517][ T6426]  x64_sys_call+0x2eb6/0x2fb0
[   95.265537][ T6426]  do_syscall_64+0xd0/0x1a0
[   95.265559][ T6426]  ? clear_bhb_loop+0x40/0x90
[   95.265641][ T6426]  ? clear_bhb_loop+0x40/0x90
[   95.265652][ T6426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.265664][ T6426] RIP: 0033:0x7fd250d7e969
[   95.265673][ T6426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.265683][ T6426] RSP: 002b:00007fd24f3e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   95.265751][ T6426] RAX: ffffffffffffffda RBX: 00007fd250fa5fa0 RCX: 00007fd250d7e969
[   95.265763][ T6426] RDX: 000000000000ff04 RSI: 0000200000000100 RDI: 0000000000000003
[   95.265774][ T6426] RBP: 00007fd24f3e7090 R08: 00002000000000c0 R09: 0000000000000010
[   95.265786][ T6426] R10: 00000000040048c4 R11: 0000000000000246 R12: 0000000000000001
[   95.265798][ T6426] R13: 0000000000000000 R14: 00007fd250fa5fa0 R15: 00007ffc36cae178
[   95.265841][ T6426]  </TASK>
[   95.537153][ T6438] loop3: detected capacity change from 0 to 2048
[   95.667009][ T6448] loop3: detected capacity change from 0 to 8192
[   95.712978][ T6448]  loop3: p1 p2[DM] p4
[   95.723215][ T6448] loop3: p1 size 196608 extends beyond EOD, truncated
[   95.739238][ T6448] loop3: p2 start 4292936063 is beyond EOD, truncated
[   95.746126][ T6448] loop3: p4 size 50331648 extends beyond EOD, truncated
[   95.822810][ T6461] loop1: detected capacity change from 0 to 512
[   95.830127][ T6461] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   95.845678][ T6461] EXT4-fs (loop1): 1 truncate cleaned up
[   95.986753][ T6403] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.998818][ T6403] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.011270][ T6403] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.023727][ T6403] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.457265][ T6474] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   96.463807][ T6474] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   96.472038][ T6474] vhci_hcd vhci_hcd.0: Device attached
[   96.483206][ T6471] loop4: detected capacity change from 0 to 1024
[   96.506549][ T6471] EXT4-fs: Ignoring removed nomblk_io_submit option
[   96.544161][ T6471] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   96.559198][ T6485] loop3: detected capacity change from 0 to 2048
[   96.574586][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1026'.
[   96.591794][ T6475] vhci_hcd: connection closed
[   96.592293][ T4455] vhci_hcd: stop threads
[   96.601245][ T4455] vhci_hcd: release socket
[   96.606270][ T4455] vhci_hcd: disconnect device
[   96.652318][ T6489] loop2: detected capacity change from 0 to 128
[   96.658721][ T5602] vhci_hcd: vhci_device speed not set
[   96.682542][ T6489] ext4 filesystem being mounted at /186/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   96.717641][ T6489] EXT4-fs warning (device loop2): verify_group_input:137: Cannot add at group 9 (only 1 groups)
[   96.740649][ T6495] loop4: detected capacity change from 0 to 1024
[   96.760799][ T6495] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   96.785762][ T6495] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   96.798093][ T6495] EXT4-fs (loop4): This should not happen!! Data will be lost
[   96.798093][ T6495] 
[   96.807827][ T6495] EXT4-fs (loop4): Total free blocks count 0
[   96.813949][ T6495] EXT4-fs (loop4): Free/Dirty block details
[   96.819898][ T6495] EXT4-fs (loop4): free_blocks=68451041280
[   96.825789][ T6495] EXT4-fs (loop4): dirty_blocks=80
[   96.831118][ T6495] EXT4-fs (loop4): Block reservation details
[   96.837213][ T6495] EXT4-fs (loop4): i_reserved_data_blocks=5
[   96.980912][ T6525] loop4: detected capacity change from 0 to 2048
[   97.047919][ T6529] loop2: detected capacity change from 0 to 8192
[   97.102352][ T4326]  loop2: p1 p2[DM] p4
[   97.106529][ T4326] loop2: p1 size 196608 extends beyond EOD, truncated
[   97.114197][ T4326] loop2: p2 start 4292936063 is beyond EOD, truncated
[   97.121044][ T4326] loop2: p4 size 50331648 extends beyond EOD, truncated
[   97.133079][ T6529]  loop2: p1 p2[DM] p4
[   97.154297][ T6529] loop2: p1 size 196608 extends beyond EOD, truncated
[   97.168148][ T6525] bridge_slave_1: left allmulticast mode
[   97.172459][ T6529] loop2: p2 start 4292936063 is beyond EOD, truncated
[   97.173971][ T6525] bridge_slave_1: left promiscuous mode
[   97.180680][ T6529] loop2: p4 size 50331648 extends beyond EOD, truncated
[   97.194405][ T6525] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.202537][ T6525] bridge_slave_0: left allmulticast mode
[   97.208206][ T6525] bridge_slave_0: left promiscuous mode
[   97.213998][ T6525] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.359335][ T6545] loop0: detected capacity change from 0 to 1024
[   97.377769][ T6545] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   97.393129][ T6545] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   97.405391][ T6545] EXT4-fs (loop0): This should not happen!! Data will be lost
[   97.405391][ T6545] 
[   97.415120][ T6545] EXT4-fs (loop0): Total free blocks count 0
[   97.421220][ T6545] EXT4-fs (loop0): Free/Dirty block details
[   97.427162][ T6545] EXT4-fs (loop0): free_blocks=68451041280
[   97.433087][ T6545] EXT4-fs (loop0): dirty_blocks=80
[   97.438208][ T6545] EXT4-fs (loop0): Block reservation details
[   97.444209][ T6545] EXT4-fs (loop0): i_reserved_data_blocks=5
[   97.839969][ T6575] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.888222][ T6575] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.945882][ T6575] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.017639][ T6575] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.062644][ T6575] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.074815][ T6575] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.086404][ T6575] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.098435][ T6575] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.505158][ T6591] loop1: detected capacity change from 0 to 2048
[   98.531231][ T6591] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1066'.
[   98.629128][ T6587] xt_hashlimit: max too large, truncated to 1048576
[   98.636445][ T6587] Cannot find set identified by id 0 to match
[   98.743774][ T6605] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   98.783207][ T6606] loop0: detected capacity change from 0 to 8192
[   98.812709][ T6606]  loop0: p1 p2[DM] p4
[   98.816992][ T6606] loop0: p1 size 196608 extends beyond EOD, truncated
[   98.824753][ T6606] loop0: p2 start 4292936063 is beyond EOD, truncated
[   98.831639][ T6606] loop0: p4 size 50331648 extends beyond EOD, truncated
[   99.022454][   T29] kauditd_printk_skb: 249 callbacks suppressed
[   99.022468][   T29] audit: type=1400 audit(2000000054.940:2355): avc:  denied  { map } for  pid=6620 comm="syz.3.1078" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   99.028677][ T6621] loop3: detected capacity change from 0 to 1024
[   99.029242][ T6621] EXT4-fs: Ignoring removed oldalloc option
[   99.066183][ T6621] EXT4-fs: Ignoring removed nomblk_io_submit option
[   99.092428][ T6625] loop1: detected capacity change from 0 to 512
[   99.106246][ T6625] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   99.127738][   T29] audit: type=1400 audit(2000000055.040:2356): avc:  denied  { connect } for  pid=6620 comm="syz.3.1078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   99.148038][   T29] audit: type=1400 audit(2000000055.060:2357): avc:  denied  { read } for  pid=6620 comm="syz.3.1078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   99.150411][ T6621] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1078'.
[   99.227987][ T6630] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.265312][ T6630] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.315805][ T6630] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.336561][ T6639] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6639 comm=syz.1.1083
[   99.353826][ T6630] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.477091][   T29] audit: type=1326 audit(2000000055.390:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.499988][   T29] audit: type=1326 audit(2000000055.390:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.519728][ T6652] loop2: detected capacity change from 0 to 2048
[   99.522859][   T29] audit: type=1326 audit(2000000055.390:2360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.533572][   T29] audit: type=1326 audit(2000000055.390:2361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.575382][   T29] audit: type=1326 audit(2000000055.390:2362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.598187][   T29] audit: type=1326 audit(2000000055.390:2363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.621072][   T29] audit: type=1326 audit(2000000055.390:2364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6647 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[   99.664369][ T6652] EXT4-fs mount: 64 callbacks suppressed
[   99.664385][ T6652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.666213][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1089'.
[  100.174280][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.247317][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.313182][ T6695] loop4: detected capacity change from 0 to 512
[  100.320063][ T6695] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  100.331731][ T6695] EXT4-fs (loop4): 1 truncate cleaned up
[  100.337866][ T6695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.371132][ T6697] loop2: detected capacity change from 0 to 8192
[  100.432356][ T6697]  loop2: p1 p2[DM] p4
[  100.436747][ T6697] loop2: p1 size 196608 extends beyond EOD, truncated
[  100.452630][ T6697] loop2: p2 start 4292936063 is beyond EOD, truncated
[  100.459619][ T6697] loop2: p4 size 50331648 extends beyond EOD, truncated
[  100.483553][ T6700] FAULT_INJECTION: forcing a failure.
[  100.483553][ T6700] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.496641][ T6700] CPU: 1 UID: 0 PID: 6700 Comm: syz.1.1104 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  100.496665][ T6700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  100.496677][ T6700] Call Trace:
[  100.496683][ T6700]  <TASK>
[  100.496691][ T6700]  __dump_stack+0x1d/0x30
[  100.496711][ T6700]  dump_stack_lvl+0xe8/0x140
[  100.496766][ T6700]  dump_stack+0x15/0x1b
[  100.496779][ T6700]  should_fail_ex+0x265/0x280
[  100.496809][ T6700]  should_fail+0xb/0x20
[  100.496833][ T6700]  should_fail_usercopy+0x1a/0x20
[  100.496879][ T6700]  strncpy_from_user+0x25/0x230
[  100.496900][ T6700]  ? kmem_cache_alloc_noprof+0x186/0x310
[  100.496917][ T6700]  ? getname_flags+0x80/0x3b0
[  100.496944][ T6700]  getname_flags+0xae/0x3b0
[  100.497036][ T6700]  __se_sys_quotactl+0x16a/0x670
[  100.497076][ T6700]  ? fput+0x8f/0xc0
[  100.497093][ T6700]  __x64_sys_quotactl+0x55/0x70
[  100.497110][ T6700]  x64_sys_call+0x2886/0x2fb0
[  100.497127][ T6700]  do_syscall_64+0xd0/0x1a0
[  100.497147][ T6700]  ? clear_bhb_loop+0x40/0x90
[  100.497194][ T6700]  ? clear_bhb_loop+0x40/0x90
[  100.497212][ T6700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.497230][ T6700] RIP: 0033:0x7f43b7ffe969
[  100.497243][ T6700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.497294][ T6700] RSP: 002b:00007f43b6667038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  100.497317][ T6700] RAX: ffffffffffffffda RBX: 00007f43b8225fa0 RCX: 00007f43b7ffe969
[  100.497328][ T6700] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffff80000800
[  100.497338][ T6700] RBP: 00007f43b6667090 R08: 0000000000000000 R09: 0000000000000000
[  100.497348][ T6700] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  100.497358][ T6700] R13: 0000000000000000 R14: 00007f43b8225fa0 R15: 00007ffeaab72128
[  100.497373][ T6700]  </TASK>
[  100.771414][ T6711] loop0: detected capacity change from 0 to 1024
[  100.778400][ T6711] EXT4-fs: Ignoring removed orlov option
[  100.786288][ T6711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.857261][ T6719] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  100.905155][ T6719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1107'.
[  100.997643][ T6723] netlink: 'syz.0.1107': attribute type 32 has an invalid length.
[  101.163960][ T6729] SELinux: ebitmap: truncated map
[  101.169661][ T6729] SELinux: failed to load policy
[  101.205324][ T6732] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1110'.
[  101.263373][ T6736] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  101.509951][ T6753] 8021q: adding VLAN 0 to HW filter on device bond1
[  101.533973][ T6753] bond1 (unregistering): Released all slaves
[  101.693994][ T6756] loop1: detected capacity change from 0 to 2048
[  101.716377][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.726352][ T6756] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.776842][ T6756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1121'.
[  101.788112][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.798151][ T6763] FAULT_INJECTION: forcing a failure.
[  101.798151][ T6763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.811786][ T6763] CPU: 0 UID: 0 PID: 6763 Comm: syz.0.1123 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  101.811812][ T6763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  101.811825][ T6763] Call Trace:
[  101.811831][ T6763]  <TASK>
[  101.811838][ T6763]  __dump_stack+0x1d/0x30
[  101.811857][ T6763]  dump_stack_lvl+0xe8/0x140
[  101.811950][ T6763]  dump_stack+0x15/0x1b
[  101.811964][ T6763]  should_fail_ex+0x265/0x280
[  101.812051][ T6763]  should_fail+0xb/0x20
[  101.812078][ T6763]  should_fail_usercopy+0x1a/0x20
[  101.812097][ T6763]  _copy_from_user+0x1c/0xb0
[  101.812118][ T6763]  ___sys_sendmsg+0xc1/0x1d0
[  101.812186][ T6763]  __x64_sys_sendmsg+0xd4/0x160
[  101.812210][ T6763]  x64_sys_call+0x2999/0x2fb0
[  101.812237][ T6763]  do_syscall_64+0xd0/0x1a0
[  101.812311][ T6763]  ? clear_bhb_loop+0x40/0x90
[  101.812364][ T6763]  ? clear_bhb_loop+0x40/0x90
[  101.812397][ T6763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.812416][ T6763] RIP: 0033:0x7fbb308fe969
[  101.812429][ T6763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.812444][ T6763] RSP: 002b:00007fbb2ef67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.812523][ T6763] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fe969
[  101.812535][ T6763] RDX: 0000000000040000 RSI: 0000200000000080 RDI: 0000000000000006
[  101.812548][ T6763] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[  101.812559][ T6763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.812569][ T6763] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[  101.812584][ T6763]  </TASK>
[  102.011424][ T6769] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  102.092748][ T6774] loop4: detected capacity change from 0 to 1024
[  102.099674][ T6774] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.127450][ T6774] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  102.152888][ T6773] bridge_slave_0: left allmulticast mode
[  102.159038][ T6773] bridge_slave_0: left promiscuous mode
[  102.166147][ T6773] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.180927][ T6774] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.186024][ T6773] bridge_slave_1: left allmulticast mode
[  102.204857][ T6773] bridge_slave_1: left promiscuous mode
[  102.211824][ T6773] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.239863][ T6773] bond0: (slave bond_slave_0): Releasing backup interface
[  102.266887][ T6773] bond0: (slave bond_slave_1): Releasing backup interface
[  102.302861][ T6773] team0: Port device team_slave_0 removed
[  102.330946][ T6773] team0: Port device team_slave_1 removed
[  102.441256][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.441385][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.454050][ T6630] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.483653][ T6630] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.509490][ T6630] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.539264][ T6785] loop1: detected capacity change from 0 to 2048
[  102.539608][ T6630] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.577692][ T6792] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.1134'.
[  102.588039][ T6785] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.626330][ T6799] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  102.636003][ T6800] tipc: Enabling of bearer <eth:syz> rejected, failed to enable media
[  102.774692][ T6816] loop2: detected capacity change from 0 to 1024
[  102.781371][ T6816] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.790368][ T6816] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  102.818502][ T6819] loop3: detected capacity change from 0 to 164
[  102.885926][ T6819] Unable to read rock-ridge attributes
[  102.909306][ T6816] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.935644][ T6819] FAULT_INJECTION: forcing a failure.
[  102.935644][ T6819] name failslab, interval 1, probability 0, space 0, times 0
[  102.949014][ T6819] CPU: 0 UID: 0 PID: 6819 Comm: syz.3.1144 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  102.949043][ T6819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  102.949115][ T6819] Call Trace:
[  102.949121][ T6819]  <TASK>
[  102.949128][ T6819]  __dump_stack+0x1d/0x30
[  102.949150][ T6819]  dump_stack_lvl+0xe8/0x140
[  102.949168][ T6819]  dump_stack+0x15/0x1b
[  102.949256][ T6819]  should_fail_ex+0x265/0x280
[  102.949289][ T6819]  should_failslab+0x8c/0xb0
[  102.949371][ T6819]  kmem_cache_alloc_node_noprof+0x57/0x320
[  102.949393][ T6819]  ? __alloc_skb+0x101/0x320
[  102.949420][ T6819]  __alloc_skb+0x101/0x320
[  102.949451][ T6819]  netlink_alloc_large_skb+0xba/0xf0
[  102.949537][ T6819]  netlink_sendmsg+0x3cf/0x6b0
[  102.949558][ T6819]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.949577][ T6819]  __sock_sendmsg+0x145/0x180
[  102.949604][ T6819]  ____sys_sendmsg+0x31e/0x4e0
[  102.949628][ T6819]  ___sys_sendmsg+0x17b/0x1d0
[  102.949693][ T6819]  __x64_sys_sendmsg+0xd4/0x160
[  102.949718][ T6819]  x64_sys_call+0x2999/0x2fb0
[  102.949739][ T6819]  do_syscall_64+0xd0/0x1a0
[  102.949808][ T6819]  ? clear_bhb_loop+0x40/0x90
[  102.949827][ T6819]  ? clear_bhb_loop+0x40/0x90
[  102.949848][ T6819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.949870][ T6819] RIP: 0033:0x7fd250d7e969
[  102.949897][ T6819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.949990][ T6819] RSP: 002b:00007fd24f3e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.950009][ T6819] RAX: ffffffffffffffda RBX: 00007fd250fa5fa0 RCX: 00007fd250d7e969
[  102.950070][ T6819] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  102.950083][ T6819] RBP: 00007fd24f3e7090 R08: 0000000000000000 R09: 0000000000000000
[  102.950094][ T6819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.950106][ T6819] R13: 0000000000000000 R14: 00007fd250fa5fa0 R15: 00007ffc36cae178
[  102.950232][ T6819]  </TASK>
[  103.155547][ T3326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.228544][ T6834] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.252816][ T6834] bond1 (unregistering): Released all slaves
[  103.295529][ T6843] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.323031][ T6843] bond0 (unregistering): Released all slaves
[  103.355902][ T6850] FAULT_INJECTION: forcing a failure.
[  103.355902][ T6850] name failslab, interval 1, probability 0, space 0, times 0
[  103.368559][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.0.1150 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  103.368588][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  103.368601][ T6850] Call Trace:
[  103.368608][ T6850]  <TASK>
[  103.368615][ T6850]  __dump_stack+0x1d/0x30
[  103.368644][ T6850]  dump_stack_lvl+0xe8/0x140
[  103.368663][ T6850]  dump_stack+0x15/0x1b
[  103.368680][ T6850]  should_fail_ex+0x265/0x280
[  103.368712][ T6850]  should_failslab+0x8c/0xb0
[  103.368820][ T6850]  kmem_cache_alloc_noprof+0x50/0x310
[  103.368844][ T6850]  ? __nf_conntrack_alloc+0xc7/0x270
[  103.368861][ T6850]  __nf_conntrack_alloc+0xc7/0x270
[  103.368878][ T6850]  init_conntrack+0xd7/0x830
[  103.368904][ T6850]  nf_conntrack_in+0x8bb/0xf40
[  103.368928][ T6850]  ipv4_conntrack_in+0x1d/0x30
[  103.369035][ T6850]  ? __pfx_ipv4_conntrack_in+0x10/0x10
[  103.369074][ T6850]  nf_hook_slow+0x78/0x180
[  103.369137][ T6850]  ip_rcv+0xfe/0x140
[  103.369166][ T6850]  ? __pfx_ip_rcv_finish+0x10/0x10
[  103.369195][ T6850]  ? __pfx_ip_rcv+0x10/0x10
[  103.369282][ T6850]  __netif_receive_skb+0xff/0x270
[  103.369304][ T6850]  ? tun_rx_batched+0xc7/0x430
[  103.369324][ T6850]  netif_receive_skb+0x4b/0x2e0
[  103.369442][ T6850]  ? tun_rx_batched+0xc7/0x430
[  103.369462][ T6850]  tun_rx_batched+0xfc/0x430
[  103.369483][ T6850]  tun_get_user+0x1e07/0x24d0
[  103.369531][ T6850]  ? ref_tracker_alloc+0x1f2/0x2f0
[  103.369576][ T6850]  tun_chr_write_iter+0x15e/0x210
[  103.369617][ T6850]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  103.369637][ T6850]  vfs_write+0x49d/0x8d0
[  103.369662][ T6850]  ksys_write+0xda/0x1a0
[  103.369687][ T6850]  __x64_sys_write+0x40/0x50
[  103.369739][ T6850]  x64_sys_call+0x2cdd/0x2fb0
[  103.369758][ T6850]  do_syscall_64+0xd0/0x1a0
[  103.369781][ T6850]  ? clear_bhb_loop+0x40/0x90
[  103.369917][ T6850]  ? clear_bhb_loop+0x40/0x90
[  103.369936][ T6850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.369958][ T6850] RIP: 0033:0x7fbb308fd41f
[  103.369972][ T6850] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  103.369987][ T6850] RSP: 002b:00007fbb2ef67000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  103.370004][ T6850] RAX: ffffffffffffffda RBX: 00007fbb30b25fa0 RCX: 00007fbb308fd41f
[  103.370016][ T6850] RDX: 000000000000002a RSI: 00002000000004c0 RDI: 00000000000000c8
[  103.370085][ T6850] RBP: 00007fbb2ef67090 R08: 0000000000000000 R09: 0000000000000000
[  103.370096][ T6850] R10: 000000000000002a R11: 0000000000000293 R12: 0000000000000001
[  103.370106][ T6850] R13: 0000000000000000 R14: 00007fbb30b25fa0 R15: 00007ffd52641de8
[  103.370121][ T6850]  </TASK>
[  103.636390][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.700249][ T6859] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  103.789401][ T6874] loop3: detected capacity change from 0 to 1024
[  103.796870][ T6874] EXT4-fs: Ignoring removed nomblk_io_submit option
[  103.809553][ T6874] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  103.843822][ T6879] loop1: detected capacity change from 0 to 512
[  103.888850][ T6879] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  103.910344][ T6874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.937902][ T6879] EXT4-fs (loop1): 1 truncate cleaned up
[  103.943963][ T6879] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.958505][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.008346][ T6893] netlink: 65055 bytes leftover after parsing attributes in process `syz.4.1163'.
[  104.044219][ T6896] loop4: detected capacity change from 0 to 512
[  104.051972][ T6896] EXT4-fs: Ignoring removed oldalloc option
[  104.087448][ T6896] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1164: Parent and EA inode have the same ino 15
[  104.100239][ T6896] EXT4-fs (loop4): Remounting filesystem read-only
[  104.106874][ T6896] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[  104.117508][ T6896] EXT4-fs (loop4): 1 orphan inode deleted
[  104.123725][ T6896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.143553][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.326871][   T29] kauditd_printk_skb: 91 callbacks suppressed
[  104.326926][   T29] audit: type=1326 audit(2000000060.240:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.419005][ T6905] FAULT_INJECTION: forcing a failure.
[  104.419005][ T6905] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.432131][ T6905] CPU: 1 UID: 0 PID: 6905 Comm: syz.2.1167 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  104.432205][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  104.432217][ T6905] Call Trace:
[  104.432223][ T6905]  <TASK>
[  104.432230][ T6905]  __dump_stack+0x1d/0x30
[  104.432251][ T6905]  dump_stack_lvl+0xe8/0x140
[  104.432278][ T6905]  dump_stack+0x15/0x1b
[  104.432316][ T6905]  should_fail_ex+0x265/0x280
[  104.432350][ T6905]  should_fail+0xb/0x20
[  104.432375][ T6905]  should_fail_usercopy+0x1a/0x20
[  104.432454][ T6905]  _copy_from_user+0x1c/0xb0
[  104.432473][ T6905]  __sys_sendto+0x19e/0x330
[  104.432548][ T6905]  __x64_sys_sendto+0x76/0x90
[  104.432578][ T6905]  x64_sys_call+0x2eb6/0x2fb0
[  104.432601][ T6905]  do_syscall_64+0xd0/0x1a0
[  104.432661][ T6905]  ? clear_bhb_loop+0x40/0x90
[  104.432678][ T6905]  ? clear_bhb_loop+0x40/0x90
[  104.432698][ T6905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.432720][ T6905] RIP: 0033:0x7f2b7ab2e969
[  104.432735][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.432844][ T6905] RSP: 002b:00007f2b79197038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  104.432864][ T6905] RAX: ffffffffffffffda RBX: 00007f2b7ad55fa0 RCX: 00007f2b7ab2e969
[  104.432877][ T6905] RDX: 000000000000ff04 RSI: 0000200000000100 RDI: 0000000000000003
[  104.432890][ T6905] RBP: 00007f2b79197090 R08: 00002000000000c0 R09: 0000000000000010
[  104.432900][ T6905] R10: 00000000040048c4 R11: 0000000000000246 R12: 0000000000000001
[  104.432910][ T6905] R13: 0000000000000000 R14: 00007f2b7ad55fa0 R15: 00007ffd17139f18
[  104.432931][ T6905]  </TASK>
[  104.438255][   T29] audit: type=1326 audit(2000000060.270:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.632883][   T29] audit: type=1326 audit(2000000060.270:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.655726][   T29] audit: type=1326 audit(2000000060.270:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.678547][   T29] audit: type=1326 audit(2000000060.270:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.701593][   T29] audit: type=1326 audit(2000000060.270:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.724465][   T29] audit: type=1326 audit(2000000060.270:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.747365][   T29] audit: type=1326 audit(2000000060.270:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.770228][   T29] audit: type=1326 audit(2000000060.270:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.793057][   T29] audit: type=1326 audit(2000000060.270:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6901 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f2b7ab2e969 code=0x7ffc0000
[  104.932825][ T6921] loop3: detected capacity change from 0 to 2048
[  104.941151][ T6924] loop0: detected capacity change from 0 to 1024
[  104.970045][ T6924] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.988478][ T6924] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  105.002961][ T6924] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.016466][ T6925] loop4: detected capacity change from 0 to 1024
[  105.024899][ T6925] EXT4-fs: Ignoring removed nomblk_io_submit option
[  105.032636][ T6921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.054055][ T6925] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  105.057013][ T6921] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'.
[  105.092171][ T6925] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.131537][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.165275][ T6937] netlink: 65055 bytes leftover after parsing attributes in process `syz.2.1177'.
[  105.186889][ T3316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.208683][ T6943] netlink: 'syz.0.1180': attribute type 1 has an invalid length.
[  105.221286][ T4326] ==================================================================
[  105.229469][ T4326] BUG: KCSAN: data-race in fill_mg_cmtime / shmem_symlink
[  105.236577][ T4326] 
[  105.238888][ T4326] write to 0xffff8881049c4f7c of 4 bytes by task 6028 on cpu 1:
[  105.246502][ T4326]  shmem_symlink+0x368/0x3c0
[  105.251084][ T4326]  vfs_symlink+0xd1/0x1e0
[  105.255404][ T4326]  do_symlinkat+0xc7/0x3c0
[  105.259816][ T4326]  __x64_sys_symlink+0x50/0x60
[  105.264569][ T4326]  x64_sys_call+0x2d8d/0x2fb0
[  105.269237][ T4326]  do_syscall_64+0xd0/0x1a0
[  105.273728][ T4326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.279608][ T4326] 
[  105.281918][ T4326] read to 0xffff8881049c4f7c of 4 bytes by task 4326 on cpu 0:
[  105.289446][ T4326]  fill_mg_cmtime+0x5b/0x260
[  105.294032][ T4326]  generic_fillattr+0x24a/0x340
[  105.298886][ T4326]  shmem_getattr+0x181/0x200
[  105.303466][ T4326]  vfs_getattr_nosec+0x143/0x1e0
[  105.308394][ T4326]  vfs_statx+0x11a/0x380
[  105.312629][ T4326]  vfs_fstatat+0xe1/0x160
[  105.316967][ T4326]  __se_sys_newfstatat+0x55/0x260
[  105.321981][ T4326]  __x64_sys_newfstatat+0x55/0x70
[  105.326990][ T4326]  x64_sys_call+0x2c22/0x2fb0
[  105.331654][ T4326]  do_syscall_64+0xd0/0x1a0
[  105.336145][ T4326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.342024][ T4326] 
[  105.344328][ T4326] value changed: 0x07bfa8eb -> 0x08816c7c
[  105.350026][ T4326] 
[  105.352337][ T4326] Reported by Kernel Concurrency Sanitizer on:
[  105.358478][ T4326] CPU: 0 UID: 0 PID: 4326 Comm: udevd Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(voluntary) 
[  105.370460][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  105.380509][ T4326] ==================================================================
[  105.408205][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1178'.
[  105.413817][ T6943] 8021q: adding VLAN 0 to HW filter on device bond1
[  105.418655][ T6947] netlink: 'syz.4.1178': attribute type 16 has an invalid length.
[  105.431591][ T6947] netlink: 'syz.4.1178': attribute type 17 has an invalid length.
[  105.441818][ T6945] bond1 (unregistering): Released all slaves
[  105.475939][ T6947] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  105.575271][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.701500][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.