last executing test programs:

2.905803053s ago: executing program 3 (id=1857):
r0 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0x7, 0x4, @tid=r0}, &(0x7f0000044000))
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{r1, r2+10000000}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f0000000040)={<r3=>0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000340)={{r3, r4+60000000}, {0x0, 0x9}}, 0x0)

2.044006644s ago: executing program 0 (id=1888):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x98, 0x30, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x6, 0x0, 0x8}, 0x2, r3}}]}, {0x4, 0xa}, {0xc}, {0xc}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x98}}, 0x0)

2.042858614s ago: executing program 3 (id=1891):
r0 = socket$netlink(0x10, 0x3, 0xf)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', 0x0, 0x200000, 0x0)
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSW2(r4, 0x5453, 0x0)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010001ffffdffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00100000000d0100280012800900010076657468"], 0x48}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000010801"], 0x14}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x1)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x174)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffff7ffffe9}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2f, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x400, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fc, 0x84, 0x9, 0x3, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x4, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x4, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x4, 0x4, 0x2, 0x81, 0x0, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x0, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0x1, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x4, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x723, 0x0, 0xe, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0xfffffffd, 0x5, 0x6042, 0xb87, 0x6, 0x8d8d, 0x55, 0x101, 0x8, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r7, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './bus\x00'})

2.014292035s ago: executing program 0 (id=1893):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
llistxattr(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000012c0)='./file0\x00', 0x29045e, &(0x7f0000001400), 0x1, 0x505, &(0x7f0000002200)="$eJzs3c9vI1cdAPDvOHHiZNMmLT0AgnZpCwtarZN426jqAcoJIVQJ0SNI25B4oyh2HMVOacIe0jNXJCpxgiN/AOeeuHNBcOOyHJD4EYE2SByMZjzOerP2Jmx+OIo/H2k0783z+vt9yc576+e1XwAj62ZE7EfERER8GBGz+fUkP+K9zpE+7tHBg5XDgwcrSbTbH/wjydrTa9HzZ1I38ucsRcQPvhPx4+TpuM3dvY3lWq26ndfnW/Wt+ebu3p31+vJada26WaksLS4tvHP37cq59fW1+kRe+vLD3+9/46dpWjP5ld5+nKdO14tHcVLjEfG9iwg2BGN5fyaGnQjPpRARL0fE69n9Pxtj2W8TALjO2u3ZaM/21gGA666QrYElhXK+FjAThUK53FnDeyWmC7VGs3X7fmNnc7WzVjYXxcL99Vp1IV8rnItiktYXs/LjeuVY/W5EvBQRP5+cyurllUZtdZj/8AGAEXbj2Pz/78nO/A8AXHOlYScAAFw68z8AjB7zPwCMHvM/AIyezvw/New0AIBL5PU/AIwe8z8AjJTvv/9+erQP8++/Xv1od2ej8dGd1Wpzo1zfWSmvNLa3ymuNxlr2nT31k56v1mhsLb4VOx/PfXOr2Zpv7u7dqzd2Nlv3su/1vlctZo/av4SeAQCDvPTaZ39K0hn53ansiJ69HIpDzQy4aIVhJwAMzdiwEwCGxm5fMLrO8Brf8gBcE3226H1Cqd8HhNrtdvviUgIu2K0vWP+HUdWz/u9/AcOIsf4Po8v6P4yudjs57Z7/cdoHAgBXmzV+YMD7/y/n59/kbw78aPX4Iz69yKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgauvu/1vO9wKfiUKhXI54ISLmopjcX69VFyLixYj442RxMq0vDjlnAOCsCn9N8v2/bs2+OfNE06s3jooTEfGTX37wi4+XW63tP0RMJP+c7F5vfZpfr1x+9gDAybrzdHbueSH/6ODBSve4zHz+9u2IKHXiHx5MxOFR/PEYz86lKEbE9L+SvN6R9KxdnMX+JxHx+X79T2ImWwPp7Hx6PH4a+4VLjV94In4ha+uc05/F584hFxg1n6Xjz3v97r9C3MzO/e//UjZCnV0+/qVPtXKYjYGP43fHv7EB49/N08Z463ff7ZSmnm77JOKL4xHd2Ic94083fjIg/punjP/nL736+qC29q8ibkX/+L2x5lv1rfnm7t6d9fryWnWtulmpLC0uLbxz9+3KfLZGPT94Nvj7u7dfHNSW9n86Irr74PfGL53Q/6+esv+//u+HP/zKM+J//Y1+/S/EK8+In+b7tVPGX57+bWlQWxp/dcDP/6Tf/+1Txn/4l72ntg0HAIanubu3sVyrVbcVFK5+If0rewXS6Fv41mXFmoj+TT97o3NPH2tqt58r1qAR4zxW3YCr4Oimj4j/DDsZAAAAAAAAAAAAAACgr//rg0HJ831iadh9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Pr6XwAAAP//LJ7JKA==")
lchown(&(0x7f00000017c0)='./file0\x00', 0xee00, 0xee01)
pipe(&(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r4, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet6(r2, &(0x7f0000000240)="dae3651eb05d55b57e67c9e8faeb5288204c29e8799b52ae4cd6667a384d944b7f65df59e41f97369dfa0407eb7f67d786", 0x31, 0x10008080, &(0x7f0000001380)={0xa, 0x4e21, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)
sendto$inet(r4, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r4, 0x0, r3, 0x0, 0xfea8, 0xa)
creat(&(0x7f0000000040)='./file0\x00', 0x86)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = msgget$private(0x0, 0x100)
msgsnd(r7, &(0x7f0000003900)=ANY=[@ANYBLOB="0100000000000000abdc"], 0xc56, 0x0)
write$selinux_attr(0xffffffffffffffff, 0x0, 0x0)

1.972730045s ago: executing program 3 (id=1895):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x43)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x12001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

1.124576676s ago: executing program 3 (id=1928):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRESDEC=r2, @ANYBLOB="9af2ef375400cf7ed8f144c2a90f07cbc13d79cfcba21265c4ce8226f7e8bf525bdaa42c6581c687b1244f374bf0f8fd3c7896520d1dd7e4c61bdee9b4903c"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c"], &(0x7f0000000300)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x178}, 0x18)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
chroot(&(0x7f0000000080)='./file0\x00')
r8 = socket$netlink(0x10, 0x3, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000640)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

974.297938ms ago: executing program 0 (id=1931):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0xffffffffffffffff}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x16, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r0}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x13c, 0x10, 0x713, 0x70bd28, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@dev={0xfe, 0x80, '\x00', 0x1b}, 0x0, 0x1, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@mcast1, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {0x0, 0x0, 0x8, 0x0, 0x438, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x2}, {0x8}, 0x70bd28, 0x0, 0xa}, [@algo_aead={0x4c, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0x0, 0x80}}]}, 0x13c}, 0x1, 0x0, 0x0, 0xc0}, 0x4000000)
setsockopt$sock_int(r4, 0x1, 0xd, &(0x7f0000000080)=0x101, 0x4)

930.057009ms ago: executing program 0 (id=1932):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000040000000050a01020000000000100000010020000c00024000000000000000010900010073797a31000000001400"], 0xdc}}, 0x0)

911.204498ms ago: executing program 0 (id=1935):
r0 = socket$netlink(0x10, 0x3, 0xf)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', 0x0, 0x200000, 0x0)
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSW2(r4, 0x5453, 0x0)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="4800000010001ffffdffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="00100000000d0100280012800900010076657468"], 0x48}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000010801"], 0x14}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x1)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x174)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffff7ffffe9}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000a00)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2f, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x400, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fc, 0x84, 0x9, 0x3, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x4, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x4, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x4, 0x4, 0x2, 0x81, 0x0, 0x10, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0xffffa3e0, 0x86b9, 0xff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x0, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0x1, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x0, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0x0, 0x4, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x723, 0x0, 0xe, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0xfffffffd, 0x5, 0x6042, 0xb87, 0x6, 0x8d8d, 0x55, 0x101, 0x8, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r7, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './bus\x00'})

862.367399ms ago: executing program 3 (id=1938):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x43)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x12001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)

845.661959ms ago: executing program 0 (id=1940):
pipe(&(0x7f00000001c0))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0x5d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}, 0x8000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000004}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)='D', 0x1, 0x4014, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_clone3(&(0x7f00000008c0)={0x4002000, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, &(0x7f0000000840)=[0x0], 0x1}, 0x58)

724.903421ms ago: executing program 1 (id=1944):
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x111, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
lgetxattr(0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYRESOCT=r5, @ANYRESOCT=r3, @ANYRES32=r4], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021bc0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000900003808c000080080003400000000280000b807c000180090001006c617374000000006c000280080001400000000508000140000000090c0002"], 0x140}}, 0x0)

689.262401ms ago: executing program 1 (id=1946):
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x7, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340))

688.970481ms ago: executing program 1 (id=1947):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e40)={0x20, r1, 0x1, 0x400000, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c050)

668.590172ms ago: executing program 1 (id=1949):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000)=0x1, r3, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0xffffffff, @loopback}, {0xa, 0x0, 0x0, @remote}, r3}}, 0x48)

633.034332ms ago: executing program 1 (id=1951):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_u}]}})

632.605122ms ago: executing program 2 (id=1953):
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x2)
close(r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')

614.445723ms ago: executing program 2 (id=1954):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000000000dfff000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e65766530000000000000000000140001006c6f0000000000000000000000000000080002"], 0xb4}}, 0x0)

591.765893ms ago: executing program 2 (id=1956):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

577.023073ms ago: executing program 2 (id=1957):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x43403d05, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg2\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000640)="4e0f83e4f4443c577509", 0xa, 0x2004c064, &(0x7f0000000040)={0x11, 0xf5, r2, 0x1, 0x0, 0x6, @random="45efee4000"}, 0x14)

539.767713ms ago: executing program 2 (id=1958):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
getrlimit(0x1, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00'}, 0x10)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x5, 0x6, 0x8, 0xad, 0x0, 0xffffffffffffffff, 0x4000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="a000000010003b0e2a1a86eb2636037f00000000", @ANYRES32=r3, @ANYBLOB="020000000000800080001200080001007674693674000200"], 0xa0}}, 0x0)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x3, 0xd, 0x6, 0x0, r1, 0x8001, '\x00', r3, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0xa, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="000000000ec2012c3d00000506b9ce0000005811", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2d0480b, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x80000000000001}, 0x18)
write$selinux_load(0xffffffffffffffff, &(0x7f0000000180)={0xf97cff8c, 0x8}, 0x10)
r7 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000680)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000400)="9ef0b94c0000", 0x0, 0xfffffbfc, 0x0, 0x100004, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x44800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x5, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @random="424e1aa2e0d4", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x1, 0x0, 0x11, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x29}}, {0x0, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)

538.675933ms ago: executing program 1 (id=1959):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'geneve1\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x8040, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r6 = syz_open_pts(r5, 0x141601)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write(r6, 0x0, 0x0)
ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000080)={0x8, 0x20000000, 0xfffffffc, 0x7fffffd, 0x1, "682341f2fd71a6a76177920ea7e60c0ac7a4a5"})
openat$selinux_member(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r9}, 0x10)
msgctl$IPC_SET(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))

432.665905ms ago: executing program 2 (id=1963):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010028bd7000ffdbdf251b00eb0008009a"], 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x20008080)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd85}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pipe2(&(0x7f0000000240), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x42000, 0x0)

369.923766ms ago: executing program 4 (id=1964):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f00000015c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
futimesat(0xffffffffffffffff, 0x0, 0x0)

354.748226ms ago: executing program 4 (id=1965):
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
creat(&(0x7f0000000140)='./file0\x00', 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')

343.942756ms ago: executing program 4 (id=1966):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRESDEC=r2, @ANYBLOB="9af2ef375400cf7ed8f144c2a90f07cbc13d79cfcba21265c4ce8226f7e8bf525bdaa42c6581c687b1244f374bf0f8fd3c7896520d1dd7e4c61bdee9b4903c"], 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c"], &(0x7f0000000300)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x178}, 0x18)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x14)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000640)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

255.103827ms ago: executing program 4 (id=1967):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

239.346767ms ago: executing program 4 (id=1968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = dup2(r2, r2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), r3)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52d, &(0x7f0000000640)="$eJzs3d9rZFcdAPDvnWSyyW62SdUHLbRWW8kW3ZmksW3woVYQfSqI9X2NySSETDIhM2k3oWj2LxBEVPBJX3wR/AMEWfDFRxEK+qxQUUS3CvqgvTIzd5I4uZPM1tlMdvL5wN17zrk/vufM5ty5Pw53Ariyno2I1yLi/TRNX4iImay8kE1x2J6a67334O2V5pREmr7x1ySSrKyzrySb38g2m4yIr3454hvJ6bj1/YPN5Wq1spvly42tnXJ9/+D2xtbyemW9sr24uPDy0itLLy3ND6SdNyPi1S/+8Xvf/smXXv3FZ976w50/3/pms1rT2fKT7XhI42ctbDe9eG2ya4PdDxjsMmq2p9jJTPW3zb1HWB8AAHprnuN/KCI+GREvxEyMnX06CwAAADyG0s9Px7+TiDTfRI9yAAAA4DFSaI2BTQqlbCzAdBQKpVJ7DO9H4nqhWqs3Pr1W29tebY+VnY1iYW2jWpnPxgrPRjFp5hda6eP8i135xYh4MiK+OzPVypdWatXVYd/8AAAAgCviRtf1/z9m2tf/AAAAwIiZHXYFAAAAgEfO9T8AAACMPtf/AAAAMNK+8vrrzSnt/P716pv7e5u1N2+vVuqbpa29ldJKbXentF6rrbfe2bd13v6qtdrOZ2N77265Uak3yvX9gztbtb3txp2NmLyQBgEAAACnPPnx+79LIuLwc1OtqWli2JUCLsT4USrJ5jm9//dPtOfvXlClgAsx1sc6717LL3eeAI+38e6CHn0dGD3FYVcAGLrknOU9B+/8Opt/YrD1AQAABm/uY/nP/wvnbnl4/irApaYTw9XV9fw/nRlWRYAL13r+3+9AHicLMFKKfY0ABEbZ//38/1xp+lAVAgAABm66NSWFUnZ7bzoKhVIp4mbrZwGKydpGtTIfEU9ExG9nitea+YXWlsm51wwAAAAAAAAAAAAAAAAAAAAAAAAAQFuaJpECAAAAIy2i8Kfkl+13+c/NPD/dfX9gIvlX6yeBJyLirR++8f27y43G7kKz/G9H5Y0fZOUvDuMOBgAAANCtc53emv9z2LUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNS89+Dtlc7Ux+pTg4r7ly9ExGxe/PGYbM0noxgR1/+exPiJ7ZKIGBtA/MN7EfHRvPhJs1pHIfPiD+JDOCd+zGafQl78GwOID1fZ/ebx57W8/leIZ1vz/P43HvE/+Q+q9/Evjo5/Yz36/80+Yzz1zs/KPePfi3hqPP/404mf9Ij/XJ/xv/61g4Ney9IfRcx1vn9aR7yTEY5T5cbWTrm+f3B7Y2t5vbJe2V5cXHh56ZWll5bmy2sb1Ur2b26M7zz98/fPav/13O+/JKtN7/Y/n7O/vO+k/7xz98GHO5nD0/FvPZcT/1c/ztY4Hb+QxflUlm4un+ukD9vpk5756W+eOav9q8ftLz7M//+tXjvtdqqjPN3vnw4A8AjU9w82l6vVyu7IJppX6ZegGhKXMPGtge4wTdO02adyFt2PiH72k8SAW1rIr89xoucRYNhHJgAAYNCOT/qHXRMAAAAAAAAAAAAAAAAAAAC4ui7iLWvdMY9fgZwM4hXaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8d8AAAD//42Q0/o=")

143.696438ms ago: executing program 4 (id=1969):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x245106554e791ab8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffa0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0xfffff800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='cachefiles_unlink\x00', r0, 0x0, 0xf61d}, 0x18)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x105443, 0x51)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x7, 0x0, 0x0, 0x2000000000100, 0x10020, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd23c, 0x0, @perf_bp={0x0, 0xe}, 0x104022, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x2, 0xffffffff, 0x0, 0x10040, 0x8f})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r6, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
r8 = syz_open_pts(r6, 0x0)
r9 = dup3(r8, r6, 0x0)
read(r9, &(0x7f00000000c0)=""/226, 0xe2)
read$watch_queue(r9, &(0x7f0000001d40)=""/4095, 0xfff)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000480)=0x1)

0s ago: executing program 3 (id=1970):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=") (async)
creat(&(0x7f0000000340)='./bus\x00', 0x0) (async)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) (async)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x6, 0x8001, 0x0, 0x6, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x2]}) (async)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x740, 0x140)
close(r1) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x200, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "080000000000000000008000"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x811}, 0x0) (async)
r5 = syz_io_uring_setup(0xfbb, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10000, 0x5, 0x1aa}, &(0x7f0000000100), &(0x7f0000000080))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2000004, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=' \x00']) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0xffffff8d) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
sendto$inet(r6, &(0x7f00000001c0)="b4979f35a50faecccd29a3094ac1f8741763aa1d62", 0x15, 0x41, 0x0, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x2, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x20000}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x2c}, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3, 0x0, 0x37c}]}]}, 0xfc}}, 0x0) (async)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0xec, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x9c, 0x11, [{@in=@private=0xa010100, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0x32, 0x3, 0x0, 0x2, 0x2, 0xa}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@dev={0xfe, 0x80, '\x00', 0x44}, @in=@rand_addr=0x64010102, @in6=@rand_addr=' \x01\x00', 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}]}]}, 0xec}}, 0x0) (async)
socket$inet6_udp(0xa, 0x2, 0x0)

kernel console output (not intermixed with test programs):

cket permissive=1
[   56.140010][ T5304] syz.0.757: attempt to access beyond end of device
[   56.140010][ T5304] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   56.189636][ T5304] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[   56.189636][ T5304]    program syz.0.757 not setting count and/or reply_len properly
[   56.207529][   T29] audit: type=1400 audit(1745978827.414:1501): avc:  denied  { ioctl } for  pid=5301 comm="syz.0.757" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   56.232952][   T29] audit: type=1326 audit(1745978827.414:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.256520][   T29] audit: type=1326 audit(1745978827.414:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.279929][   T29] audit: type=1326 audit(1745978827.414:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.303264][   T29] audit: type=1326 audit(1745978827.414:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.362362][ T5234] Set syz1 is full, maxelem 65536 reached
[   56.408892][   T29] audit: type=1326 audit(1745978827.444:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.432312][   T29] audit: type=1326 audit(1745978827.444:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.455639][   T29] audit: type=1326 audit(1745978827.444:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.479061][   T29] audit: type=1326 audit(1745978827.444:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.502306][   T29] audit: type=1326 audit(1745978827.444:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5301 comm="syz.0.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   56.536265][ T5319] nfs4: Bad value for 'source'
[   56.570717][ T5319] netlink: 24 bytes leftover after parsing attributes in process `syz.1.764'.
[   56.651298][ T5329] netlink: 40 bytes leftover after parsing attributes in process `syz.0.768'.
[   56.853496][ T5347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.774'.
[   57.213560][ T5364] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   57.243186][ T5367] netlink: 20 bytes leftover after parsing attributes in process `syz.4.782'.
[   57.281465][ T5369] netlink: 40 bytes leftover after parsing attributes in process `syz.4.783'.
[   57.568187][ T5384] sit0: entered promiscuous mode
[   57.601888][ T5390] netlink: 24 bytes leftover after parsing attributes in process `syz.2.791'.
[   57.614167][ T5384] netlink: 'syz.4.790': attribute type 1 has an invalid length.
[   57.621884][ T5384] netlink: 1 bytes leftover after parsing attributes in process `syz.4.790'.
[   57.678294][ T5392] netlink: 24 bytes leftover after parsing attributes in process `syz.2.792'.
[   57.852102][ T5398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.796'.
[   57.875286][ T5398] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=5398 comm=syz.2.796
[   57.965461][ T5398] netlink: 20 bytes leftover after parsing attributes in process `syz.2.796'.
[   58.081674][ T5418] loop1: detected capacity change from 0 to 512
[   58.108416][ T5418] EXT4-fs (loop1): invalid inodes per group: 4227858464
[   58.108416][ T5418] 
[   58.298739][ T5448] 9pnet_virtio: no channels available for device 
[   58.443807][ T5469] FAULT_INJECTION: forcing a failure.
[   58.443807][ T5469] name failslab, interval 1, probability 0, space 0, times 0
[   58.456481][ T5469] CPU: 0 UID: 0 PID: 5469 Comm: syz.3.818 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   58.456529][ T5469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   58.456542][ T5469] Call Trace:
[   58.456548][ T5469]  <TASK>
[   58.456555][ T5469]  __dump_stack+0x1d/0x30
[   58.456579][ T5469]  dump_stack_lvl+0xe8/0x140
[   58.456599][ T5469]  dump_stack+0x15/0x1b
[   58.456651][ T5469]  should_fail_ex+0x265/0x280
[   58.456682][ T5469]  should_failslab+0x8c/0xb0
[   58.456709][ T5469]  kmem_cache_alloc_node_noprof+0x57/0x320
[   58.456806][ T5469]  ? __alloc_skb+0x101/0x320
[   58.456834][ T5469]  __alloc_skb+0x101/0x320
[   58.456863][ T5469]  netlink_alloc_large_skb+0xba/0xf0
[   58.456892][ T5469]  netlink_sendmsg+0x3cf/0x6b0
[   58.457031][ T5469]  ? __pfx_netlink_sendmsg+0x10/0x10
[   58.457064][ T5469]  __sock_sendmsg+0x142/0x180
[   58.457088][ T5469]  ____sys_sendmsg+0x31e/0x4e0
[   58.457120][ T5469]  ___sys_sendmsg+0x17b/0x1d0
[   58.457193][ T5469]  __x64_sys_sendmsg+0xd4/0x160
[   58.457216][ T5469]  x64_sys_call+0x2999/0x2fb0
[   58.457236][ T5469]  do_syscall_64+0xd0/0x1a0
[   58.457258][ T5469]  ? clear_bhb_loop+0x25/0x80
[   58.457320][ T5469]  ? clear_bhb_loop+0x25/0x80
[   58.457341][ T5469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.457362][ T5469] RIP: 0033:0x7f5c0370e969
[   58.457432][ T5469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.457447][ T5469] RSP: 002b:00007f5c01d56038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   58.457465][ T5469] RAX: ffffffffffffffda RBX: 00007f5c03936080 RCX: 00007f5c0370e969
[   58.457498][ T5469] RDX: 0000000000000040 RSI: 00002000000007c0 RDI: 0000000000000003
[   58.457511][ T5469] RBP: 00007f5c01d56090 R08: 0000000000000000 R09: 0000000000000000
[   58.457542][ T5469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.457554][ T5469] R13: 0000000000000000 R14: 00007f5c03936080 R15: 00007ffd51d30718
[   58.457579][ T5469]  </TASK>
[   59.650784][ T5440] Set syz1 is full, maxelem 65536 reached
[   59.735595][ T5478] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   59.869006][ T5507] loop4: detected capacity change from 0 to 512
[   59.898643][ T5507] EXT4-fs (loop4): invalid inodes per group: 4227858464
[   59.898643][ T5507] 
[   59.953176][ T5513] loop1: detected capacity change from 0 to 512
[   59.977147][ T5513] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   60.003229][ T5513] EXT4-fs (loop1): 1 truncate cleaned up
[   60.027163][ T5513] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.102793][ T5507] SELinux:  policydb version 0 does not match my version range 15-34
[   60.132275][ T5507] SELinux: failed to load policy
[   60.192776][ T5531] nfs4: Bad value for 'source'
[   60.760481][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.077959][ T5578] loop4: detected capacity change from 0 to 128
[   61.097593][ T5578] vfat: Unknown parameter 'ÿÿÿÿ01777777777777777777777ÿÿÿÿ18446744073709551615'
[   61.229036][   T29] kauditd_printk_skb: 111 callbacks suppressed
[   61.229053][   T29] audit: type=1326 audit(1745978832.444:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5558 comm="syz.1.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   61.374796][   T29] audit: type=1326 audit(1745978832.574:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5558 comm="syz.1.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   61.398285][   T29] audit: type=1326 audit(1745978832.574:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5558 comm="syz.1.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   61.421637][   T29] audit: type=1326 audit(1745978832.574:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5558 comm="syz.1.855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   61.455598][ T5593] loop3: detected capacity change from 0 to 512
[   61.462562][ T5593] EXT4-fs (loop3): invalid inodes per group: 4227858464
[   61.462562][ T5593] 
[   61.530598][   T29] audit: type=1400 audit(1745978832.754:1626): avc:  denied  { sqpoll } for  pid=5585 comm="syz.2.868" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   61.587615][   T29] audit: type=1400 audit(1745978832.794:1627): avc:  denied  { search } for  pid=5585 comm="syz.2.868" name="/" dev="configfs" ino=1243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   61.609819][   T29] audit: type=1400 audit(1745978832.794:1628): avc:  denied  { read } for  pid=5585 comm="syz.2.868" name="/" dev="configfs" ino=1243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   61.631823][   T29] audit: type=1400 audit(1745978832.794:1629): avc:  denied  { open } for  pid=5585 comm="syz.2.868" path="/" dev="configfs" ino=1243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   62.303556][   T29] audit: type=1400 audit(1745978833.524:1630): avc:  denied  { ioctl } for  pid=5609 comm="syz.2.878" path="socket:[11528]" dev="sockfs" ino=11528 ioctlcmd=0x9402 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   62.468384][ T5626] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5626 comm=syz.0.883
[   62.539366][ T5635] nfs4: Bad value for 'source'
[   62.572480][ T5635] __nla_validate_parse: 8 callbacks suppressed
[   62.572572][ T5635] netlink: 24 bytes leftover after parsing attributes in process `syz.0.886'.
[   62.814142][ T5659] netlink: 20 bytes leftover after parsing attributes in process `syz.1.899'.
[   62.834185][ T5660] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   62.851921][ T5660] netlink: 'syz.0.898': attribute type 3 has an invalid length.
[   62.883132][ T5664] netlink: 24 bytes leftover after parsing attributes in process `syz.1.901'.
[   62.895892][ T5657] tipc: Resetting bearer <eth:syzkaller0>
[   62.965343][ T5667] netlink: 'syz.2.900': attribute type 39 has an invalid length.
[   62.983746][ T5667] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿ'
[   63.684383][   T29] audit: type=1400 audit(1745978834.904:1631): avc:  denied  { write } for  pid=5690 comm="syz.3.909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   64.383231][ T5657] tipc: Disabling bearer <eth:syzkaller0>
[   64.463141][ T5698] netlink: 20 bytes leftover after parsing attributes in process `syz.3.911'.
[   64.673809][ T5714] tipc: Started in network mode
[   64.680126][ T5714] tipc: Node identity ca59519f8fab, cluster identity 4711
[   64.687464][ T5714] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.700086][ T5715] loop0: detected capacity change from 0 to 512
[   64.706735][ T5715] ext4: Unknown parameter 'subj_user'
[   64.719841][ T5714] netlink: 'syz.3.919': attribute type 3 has an invalid length.
[   64.740562][ T5714] siw: device registration error -23
[   64.773767][ T5720] loop1: detected capacity change from 0 to 512
[   64.782273][ T5720] ext4: Unknown parameter 'subj_user'
[   64.802570][ T5725] loop4: detected capacity change from 0 to 512
[   64.809415][ T5712] tipc: Resetting bearer <eth:syzkaller0>
[   64.827213][ T5725] EXT4-fs (loop4): invalid inodes per group: 4227858464
[   64.827213][ T5725] 
[   64.877905][ T5712] tipc: Disabling bearer <eth:syzkaller0>
[   64.899810][ T5728] loop1: detected capacity change from 0 to 512
[   64.926747][ T5728] ext4: Unknown parameter 'subj_user'
[   65.265972][ T5750] netlink: 'syz.2.936': attribute type 13 has an invalid length.
[   65.600430][ T5750] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.607712][ T5750] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.855827][ T5763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.942'.
[   66.041701][ T5750] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.091631][ T5750] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.454487][ T5750] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.463493][ T5750] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.472429][ T5750] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.481329][ T5750] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.571811][ T5763] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.579413][ T5763] batman_adv: batadv0: Removing interface: batadv_slave_0
[   66.594800][ T5763] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   66.602314][ T5763] batman_adv: batadv0: Removing interface: batadv_slave_1
[   66.643489][   T29] kauditd_printk_skb: 100 callbacks suppressed
[   66.643577][   T29] audit: type=1326 audit(1745978837.864:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.679960][   T29] audit: type=1326 audit(1745978837.894:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.703414][   T29] audit: type=1326 audit(1745978837.894:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.726797][   T29] audit: type=1326 audit(1745978837.894:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.750197][   T29] audit: type=1326 audit(1745978837.894:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.773575][   T29] audit: type=1326 audit(1745978837.894:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.797007][   T29] audit: type=1326 audit(1745978837.894:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.820386][   T29] audit: type=1326 audit(1745978837.894:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.843728][   T29] audit: type=1326 audit(1745978837.894:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   66.867083][   T29] audit: type=1326 audit(1745978837.894:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5776 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   67.494571][ T5757] syz_tun: left allmulticast mode
[   67.499708][ T5757] syz_tun: left promiscuous mode
[   67.504831][ T5757] bridge0: port 1(syz_tun) entered disabled state
[   67.737770][ T5793] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.760040][ T5787] siw: device registration error -23
[   67.766545][ T5790] tipc: Resetting bearer <eth:syzkaller0>
[   67.784352][ T5786] tipc: Resetting bearer <eth:syzkaller0>
[   68.429197][ T5786] tipc: Disabling bearer <eth:syzkaller0>
[   68.600118][ T5814] loop3: detected capacity change from 0 to 512
[   68.606923][ T5814] ext4: Unknown parameter 'subj_user'
[   69.245360][ T5832] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   69.260628][ T5832] siw: device registration error -23
[   69.333192][ T5837] loop4: detected capacity change from 0 to 512
[   69.361854][ T5837] EXT4-fs (loop4): invalid inodes per group: 4227858464
[   69.361854][ T5837] 
[   69.471038][ T5843] loop3: detected capacity change from 0 to 2048
[   69.526048][ T5843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.538778][ T5843] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.563834][ T5843] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.967: bg 0: block 345: padding at end of block bitmap is not set
[   69.603553][ T5843] syz.3.967 (5843) used greatest stack depth: 10120 bytes left
[   70.090490][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.370213][ T5859] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   70.379014][ T5859] siw: device registration error -23
[   70.389104][ T5858] tipc: Resetting bearer <eth:syzkaller0>
[   70.421540][ T5858] tipc: Disabling bearer <eth:syzkaller0>
[   70.721939][ T5810] Falling back ldisc for ttyS3.
[   71.575690][ T5883] loop3: detected capacity change from 0 to 512
[   71.612451][ T5883] ext4: Unknown parameter 'subj_user'
[   71.670160][   T29] kauditd_printk_skb: 53 callbacks suppressed
[   71.670174][   T29] audit: type=1326 audit(1745978842.894:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.740978][ T5893] nfs4: Bad value for 'source'
[   71.768661][ T5893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.987'.
[   71.781372][   T29] audit: type=1326 audit(1745978842.924:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.804810][   T29] audit: type=1326 audit(1745978842.924:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.828195][   T29] audit: type=1326 audit(1745978842.934:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.851491][   T29] audit: type=1326 audit(1745978842.934:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.874911][   T29] audit: type=1326 audit(1745978842.934:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.898343][   T29] audit: type=1326 audit(1745978842.934:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.921573][   T29] audit: type=1326 audit(1745978842.934:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.944885][   T29] audit: type=1326 audit(1745978842.934:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   71.968184][   T29] audit: type=1326 audit(1745978842.934:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5879 comm="syz.2.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   72.120042][ T5895] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   72.137874][ T5895] siw: device registration error -23
[   72.158996][ T5894] tipc: Resetting bearer <eth:syzkaller0>
[   72.219376][ T5894] tipc: Disabling bearer <eth:syzkaller0>
[   72.570741][ T5913] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   72.592293][ T5913] siw: device registration error -23
[   72.900093][ T5927] tipc: Enabled bearer <udp:s>, priority 10
[   73.230722][ T5938] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1006'.
[   73.383262][ T5956] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1014'.
[   73.460475][ T5964] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1018'.
[   73.618379][ T5971] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1020'.
[   73.971543][ T5982] siw: device registration error -23
[   74.018062][ T5582] tipc: Node number set to 279155632
[   74.236237][ T5980] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   74.246274][ T5988] loop0: detected capacity change from 0 to 128
[   74.267367][ T5987] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1024'.
[   74.279430][ T5987] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1024'.
[   74.289916][ T5988] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   74.303758][ T5988] ext4 filesystem being mounted at /172/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   74.457231][ T5974] tipc: Resetting bearer <eth:syzkaller0>
[   75.022382][ T6001] nfs4: Bad value for 'source'
[   75.032665][ T6001] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1029'.
[   75.221604][ T5974] tipc: Disabling bearer <eth:syzkaller0>
[   75.275271][ T6012] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1033'.
[   75.373307][ T6022] loop4: detected capacity change from 0 to 256
[   75.460249][ T3309] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   75.604874][ T6031] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1041'.
[   76.124477][ T6045] syz.2.1047 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   77.095052][ T6094] nfs4: Bad value for 'source'
[   77.113242][ T6094] __nla_validate_parse: 2 callbacks suppressed
[   77.113256][ T6094] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1044'.
[   77.478292][   T29] kauditd_printk_skb: 352 callbacks suppressed
[   77.478305][   T29] audit: type=1400 audit(1745978848.694:2157): avc:  denied  { write } for  pid=6096 comm="syz.3.1067" name="ip6_tables_matches" dev="proc" ino=4026532962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   77.727079][   T29] audit: type=1326 audit(1745978848.944:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.754071][   T29] audit: type=1326 audit(1745978848.944:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.801159][   T29] audit: type=1326 audit(1745978848.944:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.824771][   T29] audit: type=1326 audit(1745978848.944:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.848178][   T29] audit: type=1326 audit(1745978848.974:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.871685][   T29] audit: type=1326 audit(1745978848.974:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.895105][   T29] audit: type=1326 audit(1745978848.974:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.918557][   T29] audit: type=1326 audit(1745978848.974:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.941967][   T29] audit: type=1326 audit(1745978848.974:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6119 comm="syz.0.1077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[   77.974577][ T6126] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1078'.
[   78.756946][ T6161] loop1: detected capacity change from 0 to 512
[   78.764217][ T6161] EXT4-fs (loop1): invalid inodes per group: 4227858464
[   78.764217][ T6161] 
[   78.774915][ T6148] bond1: entered promiscuous mode
[   78.780011][ T6148] bond1: entered allmulticast mode
[   78.785381][ T6148] 8021q: adding VLAN 0 to HW filter on device bond1
[   78.829921][ T6164] netlink: 'syz.0.1085': attribute type 8 has an invalid length.
[   78.840943][ T6148] bond1 (unregistering): Released all slaves
[   78.942688][ T6175] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1090'.
[   78.955691][ T6177] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1091'.
[   79.338575][ T6193] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1096'.
[   79.892148][ T6239] nfs4: Bad value for 'source'
[   79.910772][ T6239] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1116'.
[   79.965701][ T6243] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1119'.
[   79.983956][ T6244] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   80.030188][ T6245] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   80.060063][ T6251] siw: device registration error -23
[   80.187099][ T6262] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1124'.
[   80.200578][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1126'.
[   80.209591][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1126'.
[   80.406280][ T6281] syz.0.1126 uses obsolete (PF_INET,SOCK_PACKET)
[   80.427066][ T6280] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   80.439313][ T6279] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[   81.594854][ T6288] netlink: 'syz.4.1134': attribute type 8 has an invalid length.
[   82.424035][ T6299] __nla_validate_parse: 2 callbacks suppressed
[   82.424049][ T6299] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1138'.
[   82.534574][   T29] kauditd_printk_skb: 294 callbacks suppressed
[   82.534587][   T29] audit: type=1326 audit(1745978853.754:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   82.588065][   T29] audit: type=1326 audit(1745978853.794:2462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd59a20887 code=0x7ffc0000
[   82.611686][   T29] audit: type=1326 audit(1745978853.794:2463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fbd59a207fc code=0x7ffc0000
[   82.635092][   T29] audit: type=1326 audit(1745978853.794:2464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fbd59a20734 code=0x7ffc0000
[   82.658470][   T29] audit: type=1326 audit(1745978853.794:2465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbd59a1d5ca code=0x7ffc0000
[   82.681757][   T29] audit: type=1326 audit(1745978853.794:2466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   82.705407][   T29] audit: type=1326 audit(1745978853.794:2467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   82.728794][   T29] audit: type=1326 audit(1745978853.794:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   82.752121][   T29] audit: type=1326 audit(1745978853.794:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   82.775560][   T29] audit: type=1326 audit(1745978853.794:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6309 comm="syz.2.1143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   83.330434][ T6319] loop3: detected capacity change from 0 to 512
[   83.337251][ T6319] ext4: Unknown parameter 'subj_user'
[   83.383657][ T6321] loop3: detected capacity change from 0 to 4096
[   83.392796][ T6321] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.547370][ T6331] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1151'.
[   83.631844][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.641001][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.651172][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.677342][ T6342] FAULT_INJECTION: forcing a failure.
[   83.677342][ T6342] name failslab, interval 1, probability 0, space 0, times 0
[   83.690052][ T6342] CPU: 0 UID: 0 PID: 6342 Comm: syz.4.1156 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   83.690079][ T6342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   83.690096][ T6342] Call Trace:
[   83.690103][ T6342]  <TASK>
[   83.690110][ T6342]  __dump_stack+0x1d/0x30
[   83.690190][ T6342]  dump_stack_lvl+0xe8/0x140
[   83.690209][ T6342]  dump_stack+0x15/0x1b
[   83.690227][ T6342]  should_fail_ex+0x265/0x280
[   83.690258][ T6342]  should_failslab+0x8c/0xb0
[   83.690286][ T6342]  kmem_cache_alloc_noprof+0x50/0x310
[   83.690317][ T6342]  ? skb_clone+0x151/0x1f0
[   83.690336][ T6342]  skb_clone+0x151/0x1f0
[   83.690427][ T6342]  __netlink_deliver_tap+0x2c9/0x500
[   83.690591][ T6342]  netlink_unicast+0x64c/0x670
[   83.690617][ T6342]  netlink_sendmsg+0x58b/0x6b0
[   83.690723][ T6342]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.690769][ T6342]  __sock_sendmsg+0x142/0x180
[   83.690793][ T6342]  ____sys_sendmsg+0x31e/0x4e0
[   83.690833][ T6342]  ___sys_sendmsg+0x17b/0x1d0
[   83.690904][ T6342]  __x64_sys_sendmsg+0xd4/0x160
[   83.690924][ T6342]  x64_sys_call+0x2999/0x2fb0
[   83.690960][ T6342]  do_syscall_64+0xd0/0x1a0
[   83.690987][ T6342]  ? clear_bhb_loop+0x25/0x80
[   83.691085][ T6342]  ? clear_bhb_loop+0x25/0x80
[   83.691104][ T6342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.691124][ T6342] RIP: 0033:0x7fae9557e969
[   83.691140][ T6342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.691158][ T6342] RSP: 002b:00007fae93be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.691177][ T6342] RAX: ffffffffffffffda RBX: 00007fae957a5fa0 RCX: 00007fae9557e969
[   83.691267][ T6342] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[   83.691294][ T6342] RBP: 00007fae93be7090 R08: 0000000000000000 R09: 0000000000000000
[   83.691304][ T6342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.691313][ T6342] R13: 0000000000000000 R14: 00007fae957a5fa0 R15: 00007fff9d245ce8
[   83.691328][ T6342]  </TASK>
[   83.896657][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.905551][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.918235][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.945153][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.954134][ T6338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1154'.
[   83.981582][ T6346] Cannot find add_set index 0 as target
[   84.085038][ T6359] siw: device registration error -23
[   84.173570][ T6370] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   84.214295][ T6374] FAULT_INJECTION: forcing a failure.
[   84.214295][ T6374] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   84.227698][ T6374] CPU: 0 UID: 0 PID: 6374 Comm: syz.1.1168 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   84.227803][ T6374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   84.227814][ T6374] Call Trace:
[   84.227818][ T6374]  <TASK>
[   84.227826][ T6374]  __dump_stack+0x1d/0x30
[   84.227848][ T6374]  dump_stack_lvl+0xe8/0x140
[   84.227867][ T6374]  dump_stack+0x15/0x1b
[   84.227950][ T6374]  should_fail_ex+0x265/0x280
[   84.228068][ T6374]  should_fail_alloc_page+0xf2/0x100
[   84.228101][ T6374]  alloc_pages_bulk_noprof+0xef/0x540
[   84.228127][ T6374]  copy_splice_read+0xf3/0x5f0
[   84.228152][ T6374]  ? __pfx_copy_splice_read+0x10/0x10
[   84.228172][ T6374]  splice_direct_to_actor+0x26c/0x680
[   84.228219][ T6374]  ? __pfx_direct_splice_actor+0x10/0x10
[   84.228315][ T6374]  do_splice_direct+0xda/0x150
[   84.228406][ T6374]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   84.228429][ T6374]  do_sendfile+0x380/0x640
[   84.228463][ T6374]  __x64_sys_sendfile64+0x105/0x150
[   84.228586][ T6374]  x64_sys_call+0xb39/0x2fb0
[   84.228631][ T6374]  do_syscall_64+0xd0/0x1a0
[   84.228654][ T6374]  ? clear_bhb_loop+0x25/0x80
[   84.228675][ T6374]  ? clear_bhb_loop+0x25/0x80
[   84.228696][ T6374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.228731][ T6374] RIP: 0033:0x7fdbc85fe969
[   84.228746][ T6374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.228763][ T6374] RSP: 002b:00007fdbc6c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   84.228818][ T6374] RAX: ffffffffffffffda RBX: 00007fdbc8825fa0 RCX: 00007fdbc85fe969
[   84.228831][ T6374] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[   84.228843][ T6374] RBP: 00007fdbc6c67090 R08: 0000000000000000 R09: 0000000000000000
[   84.228854][ T6374] R10: 000000040000f63c R11: 0000000000000246 R12: 0000000000000001
[   84.228908][ T6374] R13: 0000000000000000 R14: 00007fdbc8825fa0 R15: 00007ffd4eceac58
[   84.228926][ T6374]  </TASK>
[   85.094540][ T6395] nfs4: Bad value for 'source'
[   85.118673][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.315759][ T6420] nfs4: Bad value for 'source'
[   85.324212][ T6422] netlink: 'syz.4.1181': attribute type 10 has an invalid length.
[   85.349072][ T6422] hsr_slave_0: left promiscuous mode
[   85.356271][ T6422] hsr_slave_1: left promiscuous mode
[   85.394263][ T6424] netlink: 'syz.1.1188': attribute type 8 has an invalid length.
[   85.573009][ T6436] infiniband syz!: set down
[   85.577675][ T6436] infiniband syz!: added team_slave_0
[   85.617275][ T6436] RDS/IB: syz!: added
[   85.622500][ T6436] smc: adding ib device syz! with port count 1
[   85.631347][ T6436] smc:    ib device syz! port 1 has pnetid 
[   85.759558][ T6443] FAULT_INJECTION: forcing a failure.
[   85.759558][ T6443] name failslab, interval 1, probability 0, space 0, times 0
[   85.772280][ T6443] CPU: 0 UID: 0 PID: 6443 Comm: syz.3.1195 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   85.772310][ T6443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   85.772321][ T6443] Call Trace:
[   85.772327][ T6443]  <TASK>
[   85.772335][ T6443]  __dump_stack+0x1d/0x30
[   85.772357][ T6443]  dump_stack_lvl+0xe8/0x140
[   85.772381][ T6443]  dump_stack+0x15/0x1b
[   85.772398][ T6443]  should_fail_ex+0x265/0x280
[   85.772430][ T6443]  should_failslab+0x8c/0xb0
[   85.772459][ T6443]  __kmalloc_noprof+0xa5/0x3e0
[   85.772484][ T6443]  ? usb_alloc_urb+0x42/0xc0
[   85.772564][ T6443]  usb_alloc_urb+0x42/0xc0
[   85.772591][ T6443]  do_proc_control+0x1a8/0x8b0
[   85.772622][ T6443]  ? should_fail_ex+0xdb/0x280
[   85.772703][ T6443]  proc_control+0x71/0xa0
[   85.772725][ T6443]  usbdev_ioctl+0x948/0x1710
[   85.772748][ T6443]  ? __pfx_usbdev_ioctl+0x10/0x10
[   85.772772][ T6443]  __se_sys_ioctl+0xcb/0x140
[   85.772873][ T6443]  __x64_sys_ioctl+0x43/0x50
[   85.772922][ T6443]  x64_sys_call+0x19a8/0x2fb0
[   85.772941][ T6443]  do_syscall_64+0xd0/0x1a0
[   85.772962][ T6443]  ? clear_bhb_loop+0x25/0x80
[   85.773043][ T6443]  ? clear_bhb_loop+0x25/0x80
[   85.773065][ T6443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.773086][ T6443] RIP: 0033:0x7f5c0370e969
[   85.773100][ T6443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.773118][ T6443] RSP: 002b:00007f5c01d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   85.773137][ T6443] RAX: ffffffffffffffda RBX: 00007f5c03935fa0 RCX: 00007f5c0370e969
[   85.773190][ T6443] RDX: 0000200000000080 RSI: 00000000c0185500 RDI: 0000000000000006
[   85.773202][ T6443] RBP: 00007f5c01d77090 R08: 0000000000000000 R09: 0000000000000000
[   85.773254][ T6443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.773303][ T6443] R13: 0000000000000000 R14: 00007f5c03935fa0 R15: 00007ffd51d30718
[   85.773322][ T6443]  </TASK>
[   86.778930][ T6453] vhci_hcd: invalid port number 236
[   86.784178][ T6453] vhci_hcd: invalid port number 236
[   87.017958][ T6470] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   87.460515][ T6479] netlink: 'syz.3.1210': attribute type 8 has an invalid length.
[   87.535547][ T6482] __nla_validate_parse: 6 callbacks suppressed
[   87.535573][ T6482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1211'.
[   87.550709][ T6482] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1211'.
[   87.737051][ T6469] tipc: Resetting bearer <eth:syzkaller0>
[   87.833344][ T6469] tipc: Disabling bearer <eth:syzkaller0>
[   87.882092][ T6487] loop4: detected capacity change from 0 to 512
[   87.888570][ T6477] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1209'.
[   87.962157][ T6487] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1212: Parent and EA inode have the same ino 15
[   87.985630][ T6487] EXT4-fs (loop4): 1 orphan inode deleted
[   87.999313][ T6487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.132615][   T29] kauditd_printk_skb: 87 callbacks suppressed
[   88.132658][   T29] audit: type=1400 audit(1745978859.324:2558): avc:  denied  { execute } for  pid=6493 comm="syz.2.1214" name="file0" dev="tmpfs" ino=1561 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   88.161097][   T29] audit: type=1400 audit(1745978859.324:2559): avc:  denied  { execute_no_trans } for  pid=6493 comm="syz.2.1214" path="/282/file0" dev="tmpfs" ino=1561 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   88.215851][ T6499] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   88.227013][ T6499] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[   88.272944][ T6498] tipc: Disabling bearer <eth:syzkaller0>
[   88.311880][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.330981][ T6500] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1217'.
[   88.356918][   T29] audit: type=1326 audit(1745978859.554:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.380403][   T29] audit: type=1326 audit(1745978859.554:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbd59a1d2d0 code=0x7ffc0000
[   88.403821][   T29] audit: type=1326 audit(1745978859.554:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.427239][   T29] audit: type=1326 audit(1745978859.554:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.450604][   T29] audit: type=1326 audit(1745978859.554:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.474095][   T29] audit: type=1326 audit(1745978859.554:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.497389][   T29] audit: type=1326 audit(1745978859.554:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[   88.520968][   T29] audit: type=1326 audit(1745978859.554:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6497 comm="syz.2.1217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd59a20887 code=0x7ffc0000
[   89.187748][ T6502] siw: device registration error -23
[   89.286845][ T6509] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   89.313263][ T6509] siw: device registration error -23
[   90.214923][ T6533] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   90.247635][ T6539] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1233'.
[   90.291791][ T6543] syz.0.1232: attempt to access beyond end of device
[   90.291791][ T6543] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   90.319596][ T6542] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   90.329897][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1233'.
[   90.398737][ T6542] unsupported nla_type 52263
[   90.427269][ T6539] team0 (unregistering): Port device team_slave_0 removed
[   90.447062][ T6542] SELinux:  policydb magic number 0xf900008c does not match expected magic number 0xf97cff8c
[   90.497011][ T6542] SELinux: failed to load policy
[   90.559569][ T6539] team0 (unregistering): Port device team_slave_1 removed
[   90.635423][ T6557] nfs4: Bad value for 'source'
[   90.745455][ T6549] sch_fq: defrate 4294967295 ignored.
[   90.775163][ T6557] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1239'.
[   91.023828][ T6555] loop0: detected capacity change from 0 to 512
[   91.036408][ T6555] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   91.079272][ T6555] EXT4-fs (loop0): 1 truncate cleaned up
[   91.119662][ T6555] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.134112][ T6574] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   91.150469][ T6573] tipc: Resetting bearer <eth:syzkaller0>
[   91.264616][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.297679][ T6573] tipc: Disabling bearer <eth:syzkaller0>
[   91.345319][ T6585] netlink: 'syz.2.1250': attribute type 8 has an invalid length.
[   92.081618][ T6598] syzkaller0: entered promiscuous mode
[   92.087202][ T6598] syzkaller0: entered allmulticast mode
[   92.240910][ T6567] Set syz1 is full, maxelem 65536 reached
[   92.337781][ T6606] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   92.353609][ T6603] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1255'.
[   92.384378][ T6611] siw: device registration error -23
[   92.453877][ T6610] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1255'.
[   92.558641][ T6610] syzkaller0: entered promiscuous mode
[   92.564151][ T6610] syzkaller0: entered allmulticast mode
[   92.686690][ T6628] nfs4: Bad value for 'source'
[   92.734801][ T6628] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1263'.
[   92.765045][ T6630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1264'.
[   93.047835][ T6644] team0 (unregistering): Port device team_slave_0 removed
[   93.067570][ T6644] team0 (unregistering): Port device team_slave_1 removed
[   93.110422][ T6638] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   93.120544][ T6650] loop1: detected capacity change from 0 to 512
[   93.137026][ T6637] tipc: Resetting bearer <eth:syzkaller0>
[   93.152932][ T6650] __quota_error: 225 callbacks suppressed
[   93.152945][ T6650] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[   93.169692][ T6650] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   93.198890][ T6650] EXT4-fs (loop1): mount failed
[   93.284318][ T6666] nfs4: Bad value for 'source'
[   93.297493][ T6666] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1277'.
[   94.122077][ T3365] tipc: Node number set to 1173508511
[   94.186637][ T6637] tipc: Disabling bearer <eth:syzkaller0>
[   94.313839][   T29] audit: type=1400 audit(1745978865.534:2793): avc:  denied  { ioctl } for  pid=6673 comm="syz.2.1281" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=14638 ioctlcmd=0x940c scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   94.385962][   T29] audit: type=1400 audit(1745978865.564:2794): avc:  denied  { kexec_image_load } for  pid=6673 comm="syz.2.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   94.409927][ T6685] loop3: detected capacity change from 0 to 512
[   94.416930][ T6685] EXT4-fs (loop3): invalid inodes per group: 4227858464
[   94.416930][ T6685] 
[   94.431163][ T6686] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1286'.
[   94.527612][ T6687] team0 (unregistering): Port device team_slave_0 removed
[   94.537262][ T6685] SELinux:  policydb version 0 does not match my version range 15-34
[   94.553904][ T6685] SELinux: failed to load policy
[   94.574492][ T6687] team0 (unregistering): Port device team_slave_1 removed
[   94.615987][ T6698] loop0: detected capacity change from 0 to 1024
[   94.622688][ T6698] EXT4-fs: test_dummy_encryption option not supported
[   94.762831][ T6700] loop3: detected capacity change from 0 to 8192
[   94.789303][ T6700] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   94.871980][ T6708] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   94.999530][   T29] audit: type=1326 audit(1745978866.224:2795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.031406][ T6722] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1299'.
[   95.104995][   T29] audit: type=1326 audit(1745978866.244:2796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.128473][   T29] audit: type=1326 audit(1745978866.244:2797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.151956][   T29] audit: type=1326 audit(1745978866.254:2798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.175415][   T29] audit: type=1326 audit(1745978866.254:2799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.198904][   T29] audit: type=1326 audit(1745978866.254:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.222458][   T29] audit: type=1326 audit(1745978866.274:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6719 comm="syz.4.1298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   95.257135][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1299'.
[   95.303836][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1299'.
[   95.727397][ T6733] loop1: detected capacity change from 0 to 512
[   95.734113][ T6733] EXT4-fs: Ignoring removed nobh option
[   95.741741][ T6733] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1301: invalid indirect mapped block 256 (level 2)
[   95.755486][ T6733] EXT4-fs (loop1): 2 truncates cleaned up
[   95.761861][ T6733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.785064][ T6733] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1301: bg 0: block 5: invalid block bitmap
[   95.797814][ T6733] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[   95.810158][ T6733] EXT4-fs (loop1): This should not happen!! Data will be lost
[   95.810158][ T6733] 
[   95.819862][ T6733] EXT4-fs (loop1): Total free blocks count 0
[   95.825839][ T6733] EXT4-fs (loop1): Free/Dirty block details
[   95.831750][ T6733] EXT4-fs (loop1): free_blocks=0
[   95.836684][ T6733] EXT4-fs (loop1): dirty_blocks=64
[   95.841827][ T6733] EXT4-fs (loop1): Block reservation details
[   95.847802][ T6733] EXT4-fs (loop1): i_reserved_data_blocks=64
[   96.173122][ T6733] syz.1.1301 (6733) used greatest stack depth: 9600 bytes left
[   96.276147][ T6738] nfs4: Bad value for 'source'
[   96.309054][ T6738] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1303'.
[   96.357847][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.432818][ T6746] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   96.465640][ T6749] loop4: detected capacity change from 0 to 164
[   96.524479][ T6762] nfs4: Bad value for 'source'
[   96.537418][ T6762] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1313'.
[   96.576539][ T6770] loop1: detected capacity change from 0 to 512
[   96.586400][ T6770] EXT4-fs (loop1): invalid inodes per group: 4227858464
[   96.586400][ T6770] 
[   96.623955][ T6773] 9pnet_fd: Insufficient options for proto=fd
[   96.627061][ T6775] nfs4: Bad value for 'source'
[   96.635726][ T6773] xt_socket: unknown flags 0xd0
[   96.676264][ T6775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1318'.
[   96.688643][ T6770] SELinux:  policydb version 0 does not match my version range 15-34
[   96.697123][ T6770] SELinux: failed to load policy
[   96.730062][ T6788] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   96.776468][ T6793] netlink: 'syz.3.1326': attribute type 3 has an invalid length.
[   96.789961][ T6793] netlink: 'syz.3.1326': attribute type 3 has an invalid length.
[   96.801625][ T6789] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   96.825036][ T6789] siw: device registration error -23
[   96.873624][ T6811] nfs4: Bad value for 'source'
[   96.962795][ T6827] loop1: detected capacity change from 0 to 512
[   96.987685][ T6827] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   97.121745][ T6838] loop3: detected capacity change from 0 to 128
[   97.128804][ T6827] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended
[   97.140790][ T6827] EXT4-fs error (device loop1): ext4_orphan_get:1391: comm syz.1.1340: inode #15: comm syz.1.1340: iget: illegal inode #
[   97.157197][ T6827] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1340: couldn't read orphan inode 15 (err -117)
[   97.172007][ T6838] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   97.184673][ T6838] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.197011][ T6827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.298542][ T6838] SELinux: syz.3.1343 (6838) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   97.324677][ T6844] netlink: 'syz.4.1344': attribute type 8 has an invalid length.
[   97.397650][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.427105][ T3314] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   97.826853][ T6859] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   97.835147][ T6859] siw: device registration error -23
[   97.842090][ T6858] tipc: Resetting bearer <eth:syzkaller0>
[   97.854493][ T6858] tipc: Disabling bearer <eth:syzkaller0>
[   97.963792][ T6863] nfs4: Bad value for 'source'
[   97.982899][ T6863] __nla_validate_parse: 9 callbacks suppressed
[   97.982912][ T6863] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1348'.
[   98.042769][ T6870] FAULT_INJECTION: forcing a failure.
[   98.042769][ T6870] name failslab, interval 1, probability 0, space 0, times 0
[   98.055440][ T6870] CPU: 0 UID: 0 PID: 6870 Comm: syz.1.1355 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   98.055465][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   98.055477][ T6870] Call Trace:
[   98.055498][ T6870]  <TASK>
[   98.055504][ T6870]  __dump_stack+0x1d/0x30
[   98.055522][ T6870]  dump_stack_lvl+0xe8/0x140
[   98.055537][ T6870]  dump_stack+0x15/0x1b
[   98.055599][ T6870]  should_fail_ex+0x265/0x280
[   98.055624][ T6870]  should_failslab+0x8c/0xb0
[   98.055653][ T6870]  kmem_cache_alloc_node_noprof+0x57/0x320
[   98.055747][ T6870]  ? __alloc_skb+0x101/0x320
[   98.055771][ T6870]  __alloc_skb+0x101/0x320
[   98.055793][ T6870]  ? audit_log_start+0x365/0x6c0
[   98.055875][ T6870]  audit_log_start+0x380/0x6c0
[   98.055960][ T6870]  audit_seccomp+0x48/0x100
[   98.055991][ T6870]  ? __seccomp_filter+0x68c/0x10d0
[   98.056009][ T6870]  __seccomp_filter+0x69d/0x10d0
[   98.056026][ T6870]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   98.056047][ T6870]  ? vfs_write+0x75e/0x8d0
[   98.056074][ T6870]  __secure_computing+0x82/0x150
[   98.056129][ T6870]  syscall_trace_enter+0xcf/0x1e0
[   98.056153][ T6870]  do_syscall_64+0xaa/0x1a0
[   98.056220][ T6870]  ? clear_bhb_loop+0x25/0x80
[   98.056238][ T6870]  ? clear_bhb_loop+0x25/0x80
[   98.056333][ T6870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.056352][ T6870] RIP: 0033:0x7fdbc85fe969
[   98.056365][ T6870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.056390][ T6870] RSP: 002b:00007fdbc6c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000083
[   98.056406][ T6870] RAX: ffffffffffffffda RBX: 00007fdbc8825fa0 RCX: 00007fdbc85fe969
[   98.056422][ T6870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   98.056491][ T6870] RBP: 00007fdbc6c67090 R08: 0000000000000000 R09: 0000000000000000
[   98.056504][ T6870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.056517][ T6870] R13: 0000000000000000 R14: 00007fdbc8825fa0 R15: 00007ffd4eceac58
[   98.056535][ T6870]  </TASK>
[   98.279250][   T29] kauditd_printk_skb: 177 callbacks suppressed
[   98.279265][   T29] audit: type=1326 audit(1745978869.484:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdbc85fd37c code=0x7ffc0000
[   98.308700][   T29] audit: type=1326 audit(1745978869.484:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbc85fd41f code=0x7ffc0000
[   98.331991][   T29] audit: type=1326 audit(1745978869.484:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdbc85fd5ca code=0x7ffc0000
[   98.355189][   T29] audit: type=1326 audit(1745978869.484:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   98.378638][   T29] audit: type=1326 audit(1745978869.484:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6869 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[   98.402877][ T6872] loop4: detected capacity change from 0 to 128
[   98.430559][ T6872] EXT4-fs: Ignoring removed nobh option
[   98.442284][ T6874] netlink: 'syz.0.1356': attribute type 8 has an invalid length.
[   98.475465][ T6872] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   98.476559][ T6882] loop1: detected capacity change from 0 to 512
[   98.493959][   T29] audit: type=1400 audit(1745978869.694:2982): avc:  denied  { connect } for  pid=6880 comm="syz.1.1360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   98.498979][ T6885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1361'.
[   98.514101][ T6882] ext4: Unknown parameter 'smackfsfloor'
[   98.522534][ T6872] ext4 filesystem being mounted at /272/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   98.573354][ T6885] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1361'.
[   98.585523][ T6889] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.605944][   T29] audit: type=1400 audit(1745978869.824:2983): avc:  denied  { remount } for  pid=6871 comm="syz.4.1354" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   98.606072][ T6889] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   98.635397][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1360'.
[   98.651322][ T6872] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro.
[   98.661419][ T6885] team0 (unregistering): Port device team_slave_0 removed
[   98.670817][ T6885] team0 (unregistering): Port device team_slave_1 removed
[   98.682966][ T6872] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   98.694038][ T6872] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w.
[   98.713772][ T3311] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   98.768826][   T29] audit: type=1326 audit(1745978869.984:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6894 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   98.816132][ T6895] loop4: detected capacity change from 0 to 164
[   98.823182][   T29] audit: type=1326 audit(1745978870.014:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6894 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[   98.846640][   T29] audit: type=1326 audit(1745978870.014:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6894 comm="syz.4.1363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fae9557e9a3 code=0x7ffc0000
[   98.883525][ T6895] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   98.911083][ T6895] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   98.929804][ T6895] Symlink component flag not implemented
[   98.935684][ T6895] Symlink component flag not implemented
[   98.943837][ T6895] Symlink component flag not implemented (7)
[   98.950374][ T6895] Symlink component flag not implemented (116)
[   99.194996][ T6914] nfs4: Bad value for 'source'
[   99.231682][ T6914] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1370'.
[   99.347515][ T6921] loop4: detected capacity change from 0 to 512
[   99.356155][ T6923] loop1: detected capacity change from 0 to 512
[   99.388812][ T6923] EXT4-fs (loop1): invalid inodes per group: 4227858464
[   99.388812][ T6923] 
[   99.532526][ T6938] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   99.540587][ T6937] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   99.551643][ T6923] SELinux:  policydb version 0 does not match my version range 15-34
[   99.559949][ T6923] SELinux: failed to load policy
[   99.587755][ T6940] nfs4: Bad value for 'source'
[   99.598042][ T6940] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1381'.
[   99.756295][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1390'.
[   99.771957][ T6965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1390'.
[   99.803471][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1386'.
[   99.834891][ T6972] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1393'.
[   99.877690][ T6976] nfs4: Bad value for 'source'
[   99.909987][ T6980] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   99.935153][ T6982] 9pnet_fd: Insufficient options for proto=fd
[  100.235296][ T7006] nfs4: Bad value for 'source'
[  100.279154][ T7010] 9pnet_fd: Insufficient options for proto=fd
[  100.372688][ T7016] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  100.596506][ T7029] 9pnet_fd: Insufficient options for proto=fd
[  100.703932][ T7032] tipc: New replicast peer: 255.255.255.255
[  100.710053][ T7032] tipc: Enabled bearer <udp:syz2>, priority 10
[  100.865237][ T7049] nfs4: Bad value for 'source'
[  100.985837][ T7061] loop1: detected capacity change from 0 to 512
[  100.993004][ T7061] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  101.021273][ T7061] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.033830][ T7061] ext4 filesystem being mounted at /276/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.045985][ T7061] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1425: corrupted xattr block 19: overlapping e_value 
[  101.061080][ T7061] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  101.070085][ T7061] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.1425: corrupted xattr block 19: overlapping e_value 
[  101.084633][ T7061] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  101.094785][ T7061] EXT4-fs error (device loop1): ext4_xattr_block_find:1869: inode #15: comm syz.1.1425: corrupted xattr block 19: overlapping e_value 
[  101.123009][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.250068][ T7077] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  101.315073][ T7087] nfs4: Bad value for 'source'
[  101.349374][ T7091] netlink: 'syz.4.1437': attribute type 8 has an invalid length.
[  101.579886][ T7107] loop4: detected capacity change from 0 to 8192
[  101.727367][ T7110] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  101.734992][ T7110] FAT-fs (loop4): Filesystem has been set read-only
[  101.745172][ T7107] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.753887][ T7110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.763445][ T7107] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.772176][ T7110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.781693][ T7107] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.790490][ T7110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.800659][ T7107] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.810076][ T7110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.819654][ T7107] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.828272][ T7110] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  101.939950][ T7121] netlink: 'syz.4.1449': attribute type 8 has an invalid length.
[  102.005975][ T7130] 9pnet_fd: Insufficient options for proto=fd
[  102.042916][ T7136] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  102.066668][ T7138] FAULT_INJECTION: forcing a failure.
[  102.066668][ T7138] name failslab, interval 1, probability 0, space 0, times 0
[  102.079418][ T7138] CPU: 1 UID: 0 PID: 7138 Comm: syz.3.1457 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  102.079445][ T7138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  102.079456][ T7138] Call Trace:
[  102.079463][ T7138]  <TASK>
[  102.079470][ T7138]  __dump_stack+0x1d/0x30
[  102.079586][ T7138]  dump_stack_lvl+0xe8/0x140
[  102.079612][ T7138]  dump_stack+0x15/0x1b
[  102.079695][ T7138]  should_fail_ex+0x265/0x280
[  102.079867][ T7138]  should_failslab+0x8c/0xb0
[  102.079974][ T7138]  kmem_cache_alloc_node_noprof+0x57/0x320
[  102.080049][ T7138]  ? __alloc_skb+0x101/0x320
[  102.080070][ T7138]  __alloc_skb+0x101/0x320
[  102.080102][ T7138]  netlink_alloc_large_skb+0xba/0xf0
[  102.080129][ T7138]  netlink_sendmsg+0x3cf/0x6b0
[  102.080153][ T7138]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.080232][ T7138]  __sock_sendmsg+0x142/0x180
[  102.080251][ T7138]  ____sys_sendmsg+0x31e/0x4e0
[  102.080348][ T7138]  ___sys_sendmsg+0x17b/0x1d0
[  102.080439][ T7138]  __x64_sys_sendmsg+0xd4/0x160
[  102.080456][ T7138]  x64_sys_call+0x2999/0x2fb0
[  102.080472][ T7138]  do_syscall_64+0xd0/0x1a0
[  102.080522][ T7138]  ? clear_bhb_loop+0x25/0x80
[  102.080539][ T7138]  ? clear_bhb_loop+0x25/0x80
[  102.080586][ T7138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.080602][ T7138] RIP: 0033:0x7f5c0370e969
[  102.080614][ T7138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.080628][ T7138] RSP: 002b:00007f5c01d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.080766][ T7138] RAX: ffffffffffffffda RBX: 00007f5c03935fa0 RCX: 00007f5c0370e969
[  102.080775][ T7138] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  102.080784][ T7138] RBP: 00007f5c01d77090 R08: 0000000000000000 R09: 0000000000000000
[  102.080793][ T7138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.080803][ T7138] R13: 0000000000000000 R14: 00007f5c03935fa0 R15: 00007ffd51d30718
[  102.080816][ T7138]  </TASK>
[  102.361203][ T7147] netlink: 'syz.1.1460': attribute type 8 has an invalid length.
[  102.384031][ T7151] netlink: 'syz.3.1462': attribute type 10 has an invalid length.
[  102.445711][ T7158] netlink: 'syz.1.1465': attribute type 10 has an invalid length.
[  102.728516][ T7196] FAULT_INJECTION: forcing a failure.
[  102.728516][ T7196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  102.741604][ T7196] CPU: 1 UID: 0 PID: 7196 Comm: syz.0.1474 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  102.741666][ T7196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  102.741679][ T7196] Call Trace:
[  102.741685][ T7196]  <TASK>
[  102.741692][ T7196]  __dump_stack+0x1d/0x30
[  102.741759][ T7196]  dump_stack_lvl+0xe8/0x140
[  102.741778][ T7196]  dump_stack+0x15/0x1b
[  102.741837][ T7196]  should_fail_ex+0x265/0x280
[  102.741862][ T7196]  should_fail+0xb/0x20
[  102.741891][ T7196]  should_fail_usercopy+0x1a/0x20
[  102.741910][ T7196]  _copy_from_user+0x1c/0xb0
[  102.742005][ T7196]  bm_register_write+0xce/0xbd0
[  102.742028][ T7196]  vfs_writev+0x3eb/0x870
[  102.742055][ T7196]  ? __pfx_bm_register_write+0x10/0x10
[  102.742092][ T7196]  __se_sys_pwritev2+0xfc/0x1c0
[  102.742138][ T7196]  __x64_sys_pwritev2+0x67/0x80
[  102.742199][ T7196]  x64_sys_call+0x1cea/0x2fb0
[  102.742220][ T7196]  do_syscall_64+0xd0/0x1a0
[  102.742241][ T7196]  ? clear_bhb_loop+0x25/0x80
[  102.742261][ T7196]  ? clear_bhb_loop+0x25/0x80
[  102.742363][ T7196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.742384][ T7196] RIP: 0033:0x7f2d3d83e969
[  102.742399][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.742462][ T7196] RSP: 002b:00007f2d3bea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  102.742477][ T7196] RAX: ffffffffffffffda RBX: 00007f2d3da65fa0 RCX: 00007f2d3d83e969
[  102.742488][ T7196] RDX: 0000000000000002 RSI: 0000200000000380 RDI: 0000000000000003
[  102.742498][ T7196] RBP: 00007f2d3bea7090 R08: 0000000000000005 R09: 0000000000000000
[  102.742511][ T7196] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001
[  102.742524][ T7196] R13: 0000000000000000 R14: 00007f2d3da65fa0 R15: 00007ffc59edde78
[  102.742617][ T7196]  </TASK>
[  102.968064][ T7203] netlink: 'syz.0.1475': attribute type 8 has an invalid length.
[  103.037204][ T7195] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.061965][ T7195] siw: device registration error -23
[  103.073801][ T7193] tipc: Resetting bearer <eth:syzkaller0>
[  103.091971][ T7193] tipc: Disabling bearer <eth:syzkaller0>
[  103.301521][   T29] kauditd_printk_skb: 729 callbacks suppressed
[  103.301536][   T29] audit: type=1326 audit(1745978874.524:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[  103.357996][   T29] audit: type=1326 audit(1745978874.524:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7210 comm="syz.2.1478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7fbd59a1e969 code=0x7ffc0000
[  103.390983][ T7213] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  103.434427][   T29] audit: type=1326 audit(1745978874.654:3718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.536170][   T29] audit: type=1326 audit(1745978874.684:3719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.559711][   T29] audit: type=1326 audit(1745978874.684:3720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.583292][   T29] audit: type=1326 audit(1745978874.684:3721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.606814][   T29] audit: type=1326 audit(1745978874.684:3722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.630322][   T29] audit: type=1326 audit(1745978874.684:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.653796][   T29] audit: type=1326 audit(1745978874.684:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.677260][   T29] audit: type=1326 audit(1745978874.684:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7214 comm="syz.3.1480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c0370e969 code=0x7ffc0000
[  103.736383][ T7225] __nla_validate_parse: 9 callbacks suppressed
[  103.736414][ T7225] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1481'.
[  103.879460][ T7239] netlink: 'syz.0.1486': attribute type 8 has an invalid length.
[  103.905165][ T7241] loop4: detected capacity change from 0 to 512
[  103.914258][ T7241] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1489: bg 0: block 131: padding at end of block bitmap is not set
[  103.950172][ T7241] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  103.971435][ T7241] EXT4-fs (loop4): 1 truncate cleaned up
[  103.977351][ T7241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.066169][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.169933][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1492'.
[  104.523150][ T7271] loop0: detected capacity change from 0 to 1024
[  104.544068][ T7271] EXT4-fs: Ignoring removed orlov option
[  104.549958][ T7271] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.561570][ T7281] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1505'.
[  104.591336][ T7285] FAULT_INJECTION: forcing a failure.
[  104.591336][ T7285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.604508][ T7285] CPU: 1 UID: 0 PID: 7285 Comm: syz.4.1507 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  104.604536][ T7285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  104.604556][ T7285] Call Trace:
[  104.604562][ T7285]  <TASK>
[  104.604568][ T7285]  __dump_stack+0x1d/0x30
[  104.604587][ T7285]  dump_stack_lvl+0xe8/0x140
[  104.604603][ T7285]  dump_stack+0x15/0x1b
[  104.604618][ T7285]  should_fail_ex+0x265/0x280
[  104.604695][ T7285]  should_fail+0xb/0x20
[  104.604772][ T7285]  should_fail_usercopy+0x1a/0x20
[  104.604791][ T7285]  _copy_from_iter+0xcf/0xdd0
[  104.604809][ T7285]  ? should_fail_ex+0xdb/0x280
[  104.604838][ T7285]  ? should_failslab+0x8c/0xb0
[  104.604988][ T7285]  ? __kmalloc_noprof+0x1dd/0x3e0
[  104.605006][ T7285]  ? kernfs_fop_write_iter+0xe1/0x2d0
[  104.605032][ T7285]  kernfs_fop_write_iter+0x129/0x2d0
[  104.605056][ T7285]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  104.605120][ T7285]  vfs_write+0x49d/0x8d0
[  104.605148][ T7285]  ksys_write+0xda/0x1a0
[  104.605173][ T7285]  __x64_sys_write+0x40/0x50
[  104.605206][ T7285]  x64_sys_call+0x2cdd/0x2fb0
[  104.605225][ T7285]  do_syscall_64+0xd0/0x1a0
[  104.605314][ T7285]  ? clear_bhb_loop+0x25/0x80
[  104.605344][ T7285]  ? clear_bhb_loop+0x25/0x80
[  104.605363][ T7285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.605415][ T7285] RIP: 0033:0x7fae9557e969
[  104.605427][ T7285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.605444][ T7285] RSP: 002b:00007fae93be7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  104.605463][ T7285] RAX: ffffffffffffffda RBX: 00007fae957a5fa0 RCX: 00007fae9557e969
[  104.605475][ T7285] RDX: 0000000000000012 RSI: 0000200000000000 RDI: 0000000000000006
[  104.605525][ T7285] RBP: 00007fae93be7090 R08: 0000000000000000 R09: 0000000000000000
[  104.605536][ T7285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.605546][ T7285] R13: 0000000000000000 R14: 00007fae957a5fa0 R15: 00007fff9d245ce8
[  104.605562][ T7285]  </TASK>
[  104.812071][ T7283] loop1: detected capacity change from 0 to 8192
[  104.820387][ T7278] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1503'.
[  104.840929][ T7271] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.857818][ T7283] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  104.917454][ T7278] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.924706][ T7278] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.933125][ T7278] bridge0: entered allmulticast mode
[  104.955308][ T7278] bridge_slave_1: left allmulticast mode
[  104.961012][ T7278] bridge_slave_1: left promiscuous mode
[  104.966769][ T7278] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.993278][ T7278] bridge_slave_0: left allmulticast mode
[  104.999007][ T7278] bridge_slave_0: left promiscuous mode
[  105.004748][ T7278] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.063562][ T7278] bridge0 (unregistering): left promiscuous mode
[  105.109989][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1516'.
[  105.255782][ T7327] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  105.342290][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.371440][ T7341] bond1: entered promiscuous mode
[  105.376538][ T7341] bond1: entered allmulticast mode
[  105.383638][ T7341] 8021q: adding VLAN 0 to HW filter on device bond1
[  105.398041][ T7341] bond1 (unregistering): Released all slaves
[  105.420778][ T7346] netlink: 'syz.3.1530': attribute type 39 has an invalid length.
[  105.510280][ T7357] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  105.569656][ T7368] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1542'.
[  105.654127][ T7378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1546'.
[  105.806811][ T7398] 9pnet_fd: Insufficient options for proto=fd
[  105.901886][ T7416] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1561'.
[  106.087003][ T7432] netlink: 'syz.2.1567': attribute type 8 has an invalid length.
[  106.167099][ T7444] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1573'.
[  106.214781][ T7446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1574'.
[  106.315090][ T7455] FAULT_INJECTION: forcing a failure.
[  106.315090][ T7455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.328230][ T7455] CPU: 0 UID: 0 PID: 7455 Comm: syz.4.1577 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  106.328289][ T7455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  106.328301][ T7455] Call Trace:
[  106.328306][ T7455]  <TASK>
[  106.328313][ T7455]  __dump_stack+0x1d/0x30
[  106.328331][ T7455]  dump_stack_lvl+0xe8/0x140
[  106.328388][ T7455]  dump_stack+0x15/0x1b
[  106.328401][ T7455]  should_fail_ex+0x265/0x280
[  106.328473][ T7455]  should_fail+0xb/0x20
[  106.328495][ T7455]  should_fail_usercopy+0x1a/0x20
[  106.328510][ T7455]  strncpy_from_user+0x25/0x230
[  106.328531][ T7455]  ? kmem_cache_alloc_noprof+0x186/0x310
[  106.328670][ T7455]  ? getname_flags+0x80/0x3b0
[  106.328694][ T7455]  getname_flags+0xae/0x3b0
[  106.328717][ T7455]  __x64_sys_execve+0x42/0x70
[  106.328800][ T7455]  x64_sys_call+0x13ab/0x2fb0
[  106.328819][ T7455]  do_syscall_64+0xd0/0x1a0
[  106.328837][ T7455]  ? clear_bhb_loop+0x25/0x80
[  106.328855][ T7455]  ? clear_bhb_loop+0x25/0x80
[  106.328878][ T7455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.328958][ T7455] RIP: 0033:0x7fae9557e969
[  106.328971][ T7455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.328986][ T7455] RSP: 002b:00007fae93be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  106.329006][ T7455] RAX: ffffffffffffffda RBX: 00007fae957a5fa0 RCX: 00007fae9557e969
[  106.329019][ T7455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  106.329032][ T7455] RBP: 00007fae93be7090 R08: 0000000000000000 R09: 0000000000000000
[  106.329078][ T7455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.329089][ T7455] R13: 0000000000000000 R14: 00007fae957a5fa0 R15: 00007fff9d245ce8
[  106.329104][ T7455]  </TASK>
[  106.564877][ T7467] netlink: 'syz.3.1583': attribute type 8 has an invalid length.
[  106.605580][ T7473] loop3: detected capacity change from 0 to 512
[  106.625780][ T7473] EXT4-fs: Ignoring removed orlov option
[  106.642313][ T7473] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  106.665815][ T7473] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  106.676137][ T7480] nfs4: Bad value for 'source'
[  106.692000][ T7473] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.1586: corrupted in-inode xattr: e_value size too large
[  106.722629][ T7473] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1586: couldn't read orphan inode 15 (err -117)
[  106.747273][ T7473] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.800170][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.826888][ T7493] netlink: 'syz.1.1596': attribute type 8 has an invalid length.
[  106.879432][ T7508] nfs4: Bad value for 'source'
[  106.969594][ T7519] vhci_hcd: invalid port number 224
[  107.536439][ T7600] xt_connbytes: Forcing CT accounting to be enabled
[  107.555742][ T7600] Cannot find del_set index 1 as target
[  107.670616][ T7577] Set syz1 is full, maxelem 65536 reached
[  107.703929][ T7607] FAULT_INJECTION: forcing a failure.
[  107.703929][ T7607] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.717035][ T7607] CPU: 1 UID: 0 PID: 7607 Comm: syz.3.1645 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  107.717110][ T7607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  107.717123][ T7607] Call Trace:
[  107.717129][ T7607]  <TASK>
[  107.717184][ T7607]  __dump_stack+0x1d/0x30
[  107.717211][ T7607]  dump_stack_lvl+0xe8/0x140
[  107.717236][ T7607]  dump_stack+0x15/0x1b
[  107.717253][ T7607]  should_fail_ex+0x265/0x280
[  107.717284][ T7607]  should_fail+0xb/0x20
[  107.717313][ T7607]  should_fail_usercopy+0x1a/0x20
[  107.717390][ T7607]  _copy_to_user+0x20/0xa0
[  107.717408][ T7607]  simple_read_from_buffer+0xb5/0x130
[  107.717430][ T7607]  proc_fail_nth_read+0x100/0x140
[  107.717505][ T7607]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  107.717525][ T7607]  vfs_read+0x19d/0x6f0
[  107.717544][ T7607]  ? __rcu_read_unlock+0x4f/0x70
[  107.717561][ T7607]  ? __fget_files+0x184/0x1c0
[  107.717611][ T7607]  ksys_read+0xda/0x1a0
[  107.717642][ T7607]  __x64_sys_read+0x40/0x50
[  107.717664][ T7607]  x64_sys_call+0x2d77/0x2fb0
[  107.717686][ T7607]  do_syscall_64+0xd0/0x1a0
[  107.717785][ T7607]  ? clear_bhb_loop+0x25/0x80
[  107.717807][ T7607]  ? clear_bhb_loop+0x25/0x80
[  107.717921][ T7607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.717940][ T7607] RIP: 0033:0x7f5c0370d37c
[  107.717954][ T7607] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  107.717974][ T7607] RSP: 002b:00007f5c01d77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  107.718041][ T7607] RAX: ffffffffffffffda RBX: 00007f5c03935fa0 RCX: 00007f5c0370d37c
[  107.718053][ T7607] RDX: 000000000000000f RSI: 00007f5c01d770a0 RDI: 0000000000000005
[  107.718065][ T7607] RBP: 00007f5c01d77090 R08: 0000000000000000 R09: 0000000000000000
[  107.718076][ T7607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.718087][ T7607] R13: 0000000000000000 R14: 00007f5c03935fa0 R15: 00007ffd51d30718
[  107.718104][ T7607]  </TASK>
[  107.955420][ T7620] loop3: detected capacity change from 0 to 512
[  107.962623][ T7620] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  107.989746][ T7620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.002526][ T7620] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.028987][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.096577][ T7641] FAULT_INJECTION: forcing a failure.
[  108.096577][ T7641] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.109741][ T7641] CPU: 1 UID: 0 PID: 7641 Comm: syz.4.1655 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  108.109770][ T7641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  108.109783][ T7641] Call Trace:
[  108.109789][ T7641]  <TASK>
[  108.109795][ T7641]  __dump_stack+0x1d/0x30
[  108.109817][ T7641]  dump_stack_lvl+0xe8/0x140
[  108.109856][ T7641]  dump_stack+0x15/0x1b
[  108.109872][ T7641]  should_fail_ex+0x265/0x280
[  108.109903][ T7641]  should_fail+0xb/0x20
[  108.109927][ T7641]  should_fail_usercopy+0x1a/0x20
[  108.109946][ T7641]  _copy_from_user+0x1c/0xb0
[  108.110056][ T7641]  memdup_user+0x5e/0xd0
[  108.110074][ T7641]  strndup_user+0x68/0xb0
[  108.110089][ T7641]  perf_uprobe_init+0x48/0x150
[  108.110154][ T7641]  perf_uprobe_event_init+0xea/0x150
[  108.110245][ T7641]  perf_try_init_event+0xd0/0x540
[  108.110266][ T7641]  ? perf_event_alloc+0xab1/0x15c0
[  108.110289][ T7641]  perf_event_alloc+0xabc/0x15c0
[  108.110311][ T7641]  __se_sys_perf_event_open+0x5a8/0x1170
[  108.110376][ T7641]  ? __rcu_read_unlock+0x4f/0x70
[  108.110411][ T7641]  __x64_sys_perf_event_open+0x67/0x80
[  108.110445][ T7641]  x64_sys_call+0x27ec/0x2fb0
[  108.110465][ T7641]  do_syscall_64+0xd0/0x1a0
[  108.110537][ T7641]  ? clear_bhb_loop+0x25/0x80
[  108.110558][ T7641]  ? clear_bhb_loop+0x25/0x80
[  108.110579][ T7641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.110600][ T7641] RIP: 0033:0x7fae9557e969
[  108.110696][ T7641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.110714][ T7641] RSP: 002b:00007fae93bc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  108.110733][ T7641] RAX: ffffffffffffffda RBX: 00007fae957a6080 RCX: 00007fae9557e969
[  108.110746][ T7641] RDX: 0000000000000000 RSI: 000000000000032c RDI: 0000200000000000
[  108.110757][ T7641] RBP: 00007fae93bc6090 R08: 0000000000000000 R09: 0000000000000000
[  108.110838][ T7641] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  108.110924][ T7641] R13: 0000000000000000 R14: 00007fae957a6080 R15: 00007fff9d245ce8
[  108.110941][ T7641]  </TASK>
[  108.492073][ T7679] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  108.944219][ T7683] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  108.969419][ T7683] siw: device registration error -23
[  108.998156][ T7682] tipc: Resetting bearer <eth:syzkaller0>
[  109.023121][ T7682] tipc: Disabling bearer <eth:syzkaller0>
[  109.102963][ T7706] loop0: detected capacity change from 0 to 512
[  109.129781][ T7706] EXT4-fs (loop0): invalid inodes per group: 4227858464
[  109.129781][ T7706] 
[  109.200185][ T7706] SELinux:  policydb version 0 does not match my version range 15-34
[  109.208413][ T7706] SELinux: failed to load policy
[  109.245188][   T29] kauditd_printk_skb: 722 callbacks suppressed
[  109.245271][   T29] audit: type=1400 audit(1745978880.464:4448): avc:  denied  { mount } for  pid=7721 comm="syz.3.1675" name="/" dev="ramfs" ino=18535 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  109.282056][ T7728] __nla_validate_parse: 7 callbacks suppressed
[  109.282072][ T7728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1677'.
[  109.297948][ T7724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1676'.
[  109.410272][ T7738] nfs4: Bad value for 'source'
[  109.512243][ T7738] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1681'.
[  109.526848][ T7743] 9pnet: Could not find request transport: fd0x0000000000000004
[  109.579647][   T29] audit: type=1326 audit(1745978880.774:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7747 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  109.603144][   T29] audit: type=1326 audit(1745978880.774:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7747 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  109.626875][   T29] audit: type=1326 audit(1745978880.774:4451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7747 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  109.638076][ T7753] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  109.650411][   T29] audit: type=1326 audit(1745978880.774:4452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7747 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  109.681377][   T29] audit: type=1326 audit(1745978880.774:4453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7747 comm="syz.0.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  109.773421][ T7759] loop0: detected capacity change from 0 to 128
[  109.788289][ T7759] EXT4-fs: Ignoring removed nobh option
[  109.796280][ T7761] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  109.809115][   T29] audit: type=1326 audit(1745978880.934:4454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7754 comm="syz.1.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[  109.832701][   T29] audit: type=1326 audit(1745978880.934:4455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7754 comm="syz.1.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[  109.839369][ T7759] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  109.856145][   T29] audit: type=1326 audit(1745978880.934:4456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7754 comm="syz.1.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[  109.879106][ T7761] siw: device registration error -23
[  109.891591][   T29] audit: type=1326 audit(1745978880.934:4457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7754 comm="syz.1.1689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbc85fe969 code=0x7ffc0000
[  109.983499][ T7759] ext4 filesystem being mounted at /284/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  110.039891][ T7759] FAULT_INJECTION: forcing a failure.
[  110.039891][ T7759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.053159][ T7759] CPU: 0 UID: 0 PID: 7759 Comm: syz.0.1687 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  110.053190][ T7759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  110.053203][ T7759] Call Trace:
[  110.053209][ T7759]  <TASK>
[  110.053273][ T7759]  __dump_stack+0x1d/0x30
[  110.053292][ T7759]  dump_stack_lvl+0xe8/0x140
[  110.053311][ T7759]  dump_stack+0x15/0x1b
[  110.053329][ T7759]  should_fail_ex+0x265/0x280
[  110.053409][ T7759]  should_fail+0xb/0x20
[  110.053500][ T7759]  should_fail_usercopy+0x1a/0x20
[  110.053567][ T7759]  _copy_from_user+0x1c/0xb0
[  110.053585][ T7759]  lo_ioctl+0x51a/0x1560
[  110.053612][ T7759]  ? avc_has_extended_perms+0x73d/0x940
[  110.053649][ T7759]  ? ioctl_has_perm+0x289/0x2e0
[  110.053776][ T7759]  ? blkdev_common_ioctl+0xad6/0x1ac0
[  110.053830][ T7759]  ? do_vfs_ioctl+0x993/0x15b0
[  110.053861][ T7759]  ? selinux_file_ioctl+0x2e3/0x370
[  110.053887][ T7759]  ? __pfx_lo_ioctl+0x10/0x10
[  110.053909][ T7759]  ? __pfx_blkdev_ioctl+0x10/0x10
[  110.053997][ T7759]  blkdev_ioctl+0x34f/0x440
[  110.054031][ T7759]  __se_sys_ioctl+0xcb/0x140
[  110.054053][ T7759]  __x64_sys_ioctl+0x43/0x50
[  110.054110][ T7759]  x64_sys_call+0x19a8/0x2fb0
[  110.054128][ T7759]  do_syscall_64+0xd0/0x1a0
[  110.054149][ T7759]  ? clear_bhb_loop+0x25/0x80
[  110.054246][ T7759]  ? clear_bhb_loop+0x25/0x80
[  110.054338][ T7759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.054413][ T7759] RIP: 0033:0x7f2d3d83e969
[  110.054427][ T7759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.054521][ T7759] RSP: 002b:00007f2d3bea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  110.054600][ T7759] RAX: ffffffffffffffda RBX: 00007f2d3da65fa0 RCX: 00007f2d3d83e969
[  110.054611][ T7759] RDX: 0000200000000a00 RSI: 0000000000004c04 RDI: 0000000000000004
[  110.054621][ T7759] RBP: 00007f2d3bea7090 R08: 0000000000000000 R09: 0000000000000000
[  110.054634][ T7759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.054647][ T7759] R13: 0000000000000000 R14: 00007f2d3da65fa0 R15: 00007ffc59edde78
[  110.054664][ T7759]  </TASK>
[  110.364675][ T3309] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.454253][ T7777] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  110.483784][ T7776] siw: device registration error -23
[  110.512109][ T7773] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.522917][ T7772] tipc: Resetting bearer <eth:syzkaller0>
[  110.540350][ T7781] 9pnet: Could not find request transport: fd0x0000000000000004
[  110.549067][ T7772] tipc: Disabling bearer <eth:syzkaller0>
[  110.627061][ T7794] FAULT_INJECTION: forcing a failure.
[  110.627061][ T7794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.640265][ T7794] CPU: 0 UID: 0 PID: 7794 Comm: syz.3.1704 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  110.640294][ T7794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  110.640313][ T7794] Call Trace:
[  110.640319][ T7794]  <TASK>
[  110.640325][ T7794]  __dump_stack+0x1d/0x30
[  110.640395][ T7794]  dump_stack_lvl+0xe8/0x140
[  110.640414][ T7794]  dump_stack+0x15/0x1b
[  110.640495][ T7794]  should_fail_ex+0x265/0x280
[  110.640521][ T7794]  should_fail+0xb/0x20
[  110.640579][ T7794]  should_fail_usercopy+0x1a/0x20
[  110.640595][ T7794]  _copy_from_user+0x1c/0xb0
[  110.640613][ T7794]  ___sys_sendmsg+0xc1/0x1d0
[  110.640639][ T7794]  __x64_sys_sendmsg+0xd4/0x160
[  110.640662][ T7794]  x64_sys_call+0x2999/0x2fb0
[  110.640745][ T7794]  do_syscall_64+0xd0/0x1a0
[  110.640763][ T7794]  ? clear_bhb_loop+0x25/0x80
[  110.640780][ T7794]  ? clear_bhb_loop+0x25/0x80
[  110.640799][ T7794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.640817][ T7794] RIP: 0033:0x7f5c0370e969
[  110.640893][ T7794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.640911][ T7794] RSP: 002b:00007f5c01d77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  110.641004][ T7794] RAX: ffffffffffffffda RBX: 00007f5c03935fa0 RCX: 00007f5c0370e969
[  110.641016][ T7794] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005
[  110.641029][ T7794] RBP: 00007f5c01d77090 R08: 0000000000000000 R09: 0000000000000000
[  110.641041][ T7794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.641094][ T7794] R13: 0000000000000000 R14: 00007f5c03935fa0 R15: 00007ffd51d30718
[  110.641112][ T7794]  </TASK>
[  110.682208][ T7796] loop1: detected capacity change from 0 to 512
[  110.716369][ T7798] loop0: detected capacity change from 0 to 512
[  110.730033][ T7796] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.788398][ T7803] bridge0: entered promiscuous mode
[  110.859469][ T7803] bridge0: port 4(macsec1) entered blocking state
[  110.865940][ T7803] bridge0: port 4(macsec1) entered disabled state
[  110.888753][ T7803] macsec1: entered allmulticast mode
[  110.894083][ T7803] bridge0: entered allmulticast mode
[  110.933334][ T7796] EXT4-fs (loop1): 1 truncate cleaned up
[  110.943735][ T7812] 9pnet_fd: Insufficient options for proto=fd
[  110.958478][ T7803] macsec1: left allmulticast mode
[  110.963546][ T7803] bridge0: left allmulticast mode
[  110.984048][ T7796] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.032989][ T7803] bridge0: left promiscuous mode
[  111.053358][ T7817] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  111.203511][ T7825] FAULT_INJECTION: forcing a failure.
[  111.203511][ T7825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.216705][ T7825] CPU: 1 UID: 0 PID: 7825 Comm: syz.4.1717 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  111.216789][ T7825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  111.216799][ T7825] Call Trace:
[  111.216804][ T7825]  <TASK>
[  111.216810][ T7825]  __dump_stack+0x1d/0x30
[  111.216828][ T7825]  dump_stack_lvl+0xe8/0x140
[  111.216903][ T7825]  dump_stack+0x15/0x1b
[  111.216917][ T7825]  should_fail_ex+0x265/0x280
[  111.216942][ T7825]  should_fail+0xb/0x20
[  111.216975][ T7825]  should_fail_usercopy+0x1a/0x20
[  111.216993][ T7825]  _copy_from_user+0x1c/0xb0
[  111.217032][ T7825]  bpf_prog_create_from_user+0xb0/0x260
[  111.217158][ T7825]  ? __pfx_seccomp_check_filter+0x10/0x10
[  111.217181][ T7825]  do_seccomp+0x5ef/0xa40
[  111.217202][ T7825]  ? __bpf_trace_sys_enter+0x10/0x30
[  111.217286][ T7825]  ? trace_sys_enter+0xd0/0x110
[  111.217309][ T7825]  __x64_sys_seccomp+0x40/0x50
[  111.217330][ T7825]  x64_sys_call+0x2395/0x2fb0
[  111.217349][ T7825]  do_syscall_64+0xd0/0x1a0
[  111.217367][ T7825]  ? clear_bhb_loop+0x25/0x80
[  111.217475][ T7825]  ? clear_bhb_loop+0x25/0x80
[  111.217569][ T7825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.217646][ T7825] RIP: 0033:0x7fae9557e969
[  111.217666][ T7825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.217685][ T7825] RSP: 002b:00007fae93be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013d
[  111.217700][ T7825] RAX: ffffffffffffffda RBX: 00007fae957a5fa0 RCX: 00007fae9557e969
[  111.217711][ T7825] RDX: 0000200000000340 RSI: 000000000000000c RDI: 0000000000000001
[  111.217722][ T7825] RBP: 00007fae93be7090 R08: 0000000000000000 R09: 0000000000000000
[  111.217800][ T7825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.217813][ T7825] R13: 0000000000000001 R14: 00007fae957a5fa0 R15: 00007fff9d245ce8
[  111.217832][ T7825]  </TASK>
[  111.424581][ T7823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1716'.
[  111.433971][ T7823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1716'.
[  111.507856][ T7831] Invalid ELF header magic: != ELF
[  111.547257][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.579111][ T7839] 9pnet_fd: Insufficient options for proto=fd
[  111.579376][ T7841] syz.4.1724: attempt to access beyond end of device
[  111.579376][ T7841] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  111.618116][ T7845] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1725'.
[  111.627763][ T7847] 9pnet_fd: Insufficient options for proto=fd
[  111.750286][ T7868] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  111.760989][ T7868] siw: device registration error -23
[  111.814314][ T7870] 9pnet_fd: Insufficient options for proto=fd
[  111.850571][ T7874] openvswitch: netlink: Message has 6 unknown bytes.
[  111.862495][ T7874] netlink: 'syz.2.1739': attribute type 27 has an invalid length.
[  111.909006][ T7878] loop0: detected capacity change from 0 to 512
[  111.916666][ T7878] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  111.928099][ T7886] 9pnet_fd: Insufficient options for proto=fd
[  111.948533][ T7878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.961246][ T7878] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.119283][ T7899] 9pnet_fd: Insufficient options for proto=fd
[  112.219753][ T7901] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  112.231056][ T7901] siw: device registration error -23
[  112.238859][ T7910] loop3: detected capacity change from 0 to 512
[  112.249780][ T7906] xt_hashlimit: max too large, truncated to 1048576
[  112.258035][ T7910] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1752: Failed to acquire dquot type 1
[  112.270586][ T7910] EXT4-fs (loop3): 1 truncate cleaned up
[  112.276672][ T7910] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.290439][ T7910] ext4 filesystem being mounted at /340/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.301801][ T7910] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.342811][ T7921] 9pnet_fd: Insufficient options for proto=fd
[  112.522340][ T7942] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1766'.
[  112.531444][ T7942] tipc: Invalid UDP bearer configuration
[  112.531457][ T7942] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  112.617394][ T7949] 9pnet_fd: Insufficient options for proto=fd
[  112.759916][ T7878] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.782086][ T7968] FAULT_INJECTION: forcing a failure.
[  112.782086][ T7968] name failslab, interval 1, probability 0, space 0, times 0
[  112.794782][ T7968] CPU: 0 UID: 0 PID: 7968 Comm: syz.1.1776 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  112.794841][ T7968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  112.794855][ T7968] Call Trace:
[  112.794861][ T7968]  <TASK>
[  112.794868][ T7968]  __dump_stack+0x1d/0x30
[  112.794890][ T7968]  dump_stack_lvl+0xe8/0x140
[  112.794937][ T7968]  dump_stack+0x15/0x1b
[  112.794955][ T7968]  should_fail_ex+0x265/0x280
[  112.794986][ T7968]  should_failslab+0x8c/0xb0
[  112.795039][ T7968]  kmem_cache_alloc_noprof+0x50/0x310
[  112.795066][ T7968]  ? getname_flags+0x80/0x3b0
[  112.795090][ T7968]  getname_flags+0x80/0x3b0
[  112.795115][ T7968]  __x64_sys_link+0x33/0x70
[  112.795215][ T7968]  x64_sys_call+0x2af9/0x2fb0
[  112.795234][ T7968]  do_syscall_64+0xd0/0x1a0
[  112.795253][ T7968]  ? clear_bhb_loop+0x25/0x80
[  112.795273][ T7968]  ? clear_bhb_loop+0x25/0x80
[  112.795346][ T7968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.795366][ T7968] RIP: 0033:0x7fdbc85fe969
[  112.795380][ T7968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.795397][ T7968] RSP: 002b:00007fdbc6c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  112.795416][ T7968] RAX: ffffffffffffffda RBX: 00007fdbc8825fa0 RCX: 00007fdbc85fe969
[  112.795427][ T7968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000680
[  112.795469][ T7968] RBP: 00007fdbc6c67090 R08: 0000000000000000 R09: 0000000000000000
[  112.795481][ T7968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.795493][ T7968] R13: 0000000000000000 R14: 00007fdbc8825fa0 R15: 00007ffd4eceac58
[  112.795509][ T7968]  </TASK>
[  113.042714][ T7984] loop0: detected capacity change from 0 to 512
[  113.049325][ T7984] ext4: Unknown parameter 'nouser_xattr'
[  113.068945][ T7985] loop1: detected capacity change from 0 to 512
[  113.076063][ T7985] ext4: Unknown parameter 'prjquota"errors'
[  113.197504][ T7997] 9pnet_fd: Insufficient options for proto=fd
[  113.339212][ T8011] loop4: detected capacity change from 0 to 128
[  113.366375][ T8015] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1797'.
[  113.405243][ T8019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1800'.
[  113.420849][ T8015] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8015 comm=syz.1.1797
[  113.491429][ T8034] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1806'.
[  113.644390][ T8056] nfs4: Bad value for 'source'
[  113.703583][ T8066] 9pnet_fd: Insufficient options for proto=fd
[  113.724412][ T3380] IPVS: starting estimator thread 0...
[  113.730493][ T8062] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  113.773625][ T8077] netlink: 'syz.4.1825': attribute type 58 has an invalid length.
[  113.801213][ T8081] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  113.828036][ T8071] IPVS: using max 2880 ests per chain, 144000 per kthread
[  113.863505][ T8091] nfs4: Bad value for 'source'
[  113.887675][ T8093] FAULT_INJECTION: forcing a failure.
[  113.887675][ T8093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.900943][ T8093] CPU: 1 UID: 0 PID: 8093 Comm: syz.1.1831 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  113.900988][ T8093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  113.900999][ T8093] Call Trace:
[  113.901003][ T8093]  <TASK>
[  113.901009][ T8093]  __dump_stack+0x1d/0x30
[  113.901030][ T8093]  dump_stack_lvl+0xe8/0x140
[  113.901050][ T8093]  dump_stack+0x15/0x1b
[  113.901135][ T8093]  should_fail_ex+0x265/0x280
[  113.901159][ T8093]  should_fail+0xb/0x20
[  113.901182][ T8093]  should_fail_usercopy+0x1a/0x20
[  113.901200][ T8093]  _copy_from_user+0x1c/0xb0
[  113.901248][ T8093]  __sys_bpf+0x178/0x790
[  113.901278][ T8093]  __x64_sys_bpf+0x41/0x50
[  113.901303][ T8093]  x64_sys_call+0x2478/0x2fb0
[  113.901344][ T8093]  do_syscall_64+0xd0/0x1a0
[  113.901362][ T8093]  ? clear_bhb_loop+0x25/0x80
[  113.901380][ T8093]  ? clear_bhb_loop+0x25/0x80
[  113.901471][ T8093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.901488][ T8093] RIP: 0033:0x7fdbc85fe969
[  113.901501][ T8093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.901580][ T8093] RSP: 002b:00007fdbc6c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  113.901599][ T8093] RAX: ffffffffffffffda RBX: 00007fdbc8825fa0 RCX: 00007fdbc85fe969
[  113.901612][ T8093] RDX: 0000000000000020 RSI: 0000200000001680 RDI: 000000000000001c
[  113.901623][ T8093] RBP: 00007fdbc6c67090 R08: 0000000000000000 R09: 0000000000000000
[  113.901634][ T8093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.901644][ T8093] R13: 0000000000000000 R14: 00007fdbc8825fa0 R15: 00007ffd4eceac58
[  113.901698][ T8093]  </TASK>
[  114.109126][ T8100] 9pnet_fd: Insufficient options for proto=fd
[  114.115595][ T8104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.124209][ T8104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.166670][ T8112] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  114.168960][ T8116] FAULT_INJECTION: forcing a failure.
[  114.168960][ T8116] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.188547][ T8116] CPU: 0 UID: 0 PID: 8116 Comm: syz.1.1840 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  114.188636][ T8116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  114.188645][ T8116] Call Trace:
[  114.188651][ T8116]  <TASK>
[  114.188657][ T8116]  __dump_stack+0x1d/0x30
[  114.188674][ T8116]  dump_stack_lvl+0xe8/0x140
[  114.188688][ T8116]  dump_stack+0x15/0x1b
[  114.188701][ T8116]  should_fail_ex+0x265/0x280
[  114.188748][ T8116]  should_fail+0xb/0x20
[  114.188768][ T8116]  should_fail_usercopy+0x1a/0x20
[  114.188782][ T8116]  _copy_from_user+0x1c/0xb0
[  114.188799][ T8116]  lo_ioctl+0x51a/0x1560
[  114.188864][ T8116]  ? avc_has_extended_perms+0x73d/0x940
[  114.188895][ T8116]  ? ioctl_has_perm+0x289/0x2e0
[  114.188916][ T8116]  ? blkdev_common_ioctl+0xad6/0x1ac0
[  114.189032][ T8116]  ? do_vfs_ioctl+0x993/0x15b0
[  114.189128][ T8116]  ? selinux_file_ioctl+0x2e3/0x370
[  114.189150][ T8116]  ? __pfx_lo_ioctl+0x10/0x10
[  114.189192][ T8116]  ? __pfx_blkdev_ioctl+0x10/0x10
[  114.189215][ T8116]  blkdev_ioctl+0x34f/0x440
[  114.189239][ T8116]  __se_sys_ioctl+0xcb/0x140
[  114.189262][ T8116]  __x64_sys_ioctl+0x43/0x50
[  114.189277][ T8116]  x64_sys_call+0x19a8/0x2fb0
[  114.189293][ T8116]  do_syscall_64+0xd0/0x1a0
[  114.189339][ T8116]  ? clear_bhb_loop+0x25/0x80
[  114.189355][ T8116]  ? clear_bhb_loop+0x25/0x80
[  114.189370][ T8116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.189406][ T8116] RIP: 0033:0x7fdbc85fe969
[  114.189427][ T8116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.189441][ T8116] RSP: 002b:00007fdbc6c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.189456][ T8116] RAX: ffffffffffffffda RBX: 00007fdbc8825fa0 RCX: 00007fdbc85fe969
[  114.189466][ T8116] RDX: 0000000000000000 RSI: 0000000000004c04 RDI: 0000000000000004
[  114.189475][ T8116] RBP: 00007fdbc6c67090 R08: 0000000000000000 R09: 0000000000000000
[  114.189484][ T8116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.189541][ T8116] R13: 0000000000000000 R14: 00007fdbc8825fa0 R15: 00007ffd4eceac58
[  114.189555][ T8116]  </TASK>
[  114.414519][   T29] kauditd_printk_skb: 749 callbacks suppressed
[  114.414589][   T29] audit: type=1326 audit(1745978885.686:5205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8117 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  114.445335][   T29] audit: type=1326 audit(1745978885.686:5206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8117 comm="syz.0.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d3d83e969 code=0x7ffc0000
[  114.468869][   T29] audit: type=1326 audit(1745978885.726:5207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.492362][   T29] audit: type=1326 audit(1745978885.726:5208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.533995][ T8124] nfs4: Bad value for 'source'
[  114.535065][   T29] audit: type=1326 audit(1745978885.796:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.562238][   T29] audit: type=1326 audit(1745978885.796:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.585663][   T29] audit: type=1326 audit(1745978885.796:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.609322][   T29] audit: type=1326 audit(1745978885.796:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.613494][ T8128] loop1: detected capacity change from 0 to 128
[  114.632665][   T29] audit: type=1326 audit(1745978885.796:5213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.632695][   T29] audit: type=1326 audit(1745978885.796:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8120 comm="syz.4.1842" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fae9557e969 code=0x7ffc0000
[  114.711875][ T8124] __nla_validate_parse: 5 callbacks suppressed
[  114.711891][ T8124] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1845'.
[  114.721722][ T8132] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1846'.
[  114.770655][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.770655][ T8128] loop1: rw=2049, sector=225, nr_sectors = 16 limit=128
[  114.786299][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.786299][ T8128] loop1: rw=2049, sector=249, nr_sectors = 16 limit=128
[  114.800769][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.800769][ T8128] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  114.814995][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.814995][ T8128] loop1: rw=2049, sector=289, nr_sectors = 8 limit=128
[  114.832184][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.832184][ T8128] loop1: rw=2049, sector=305, nr_sectors = 8 limit=128
[  114.846928][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.846928][ T8128] loop1: rw=2049, sector=321, nr_sectors = 8 limit=128
[  114.865265][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.865265][ T8128] loop1: rw=2049, sector=337, nr_sectors = 8 limit=128
[  114.884082][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.884082][ T8128] loop1: rw=2049, sector=353, nr_sectors = 8 limit=128
[  114.905175][ T8128] syz.1.1843: attempt to access beyond end of device
[  114.905175][ T8128] loop1: rw=2049, sector=369, nr_sectors = 8 limit=128
[  114.930261][ T8145] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1851'.
[  114.956522][ T8151] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  114.992292][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1858'.
[  115.035814][ T8163] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.104668][ T8177] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1864'.
[  115.142607][ T8163] siw: device registration error -23
[  115.149056][ T8179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1865'.
[  115.200958][ T8182] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  115.244111][ T8162] tipc: Resetting bearer <eth:syzkaller0>
[  115.259311][ T8162] tipc: Disabling bearer <eth:syzkaller0>
[  115.512072][ T8196] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  115.522882][ T8195] tipc: Resetting bearer <eth:syzkaller0>
[  115.570457][ T8195] tipc: Disabling bearer <eth:syzkaller0>
[  115.604318][ T8220] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1879'.
[  115.677592][ T8228] loop1: detected capacity change from 0 to 512
[  115.687619][ T8228] EXT4-fs (loop1): invalid inodes per group: 4227858464
[  115.687619][ T8228] 
[  115.723811][ T8232] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1883'.
[  115.740172][ T8228] SELinux:  policydb version 0 does not match my version range 15-34
[  115.744004][ T8235] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  115.748690][ T8228] SELinux: failed to load policy
[  115.759841][ T8235] siw: device registration error -23
[  115.812571][ T8246] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1889'.
[  115.827060][ T8242] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  115.852609][ T8248] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1891'.
[  115.872434][ T8254] loop0: detected capacity change from 0 to 512
[  115.886651][ T8256] x_tables: ip6_tables: SNPT target: used from hooks FORWARD, but only usable from INPUT/POSTROUTING
[  116.022760][ T8278] 9pnet_fd: Insufficient options for proto=fd
[  116.058403][ T8283] bond0 (unregistering): Released all slaves
[  116.180907][ T8297] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  116.190600][ T8297] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  116.206355][ T8296] tipc: Resetting bearer <eth:syzkaller0>
[  116.222942][ T8296] tipc: Disabling bearer <eth:syzkaller0>
[  116.292931][ T8307] 9pnet_fd: Insufficient options for proto=fd
[  116.315059][ T8309] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  116.374437][ T8313] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.376391][ T8314] loop4: detected capacity change from 0 to 512
[  116.444568][ T8321] loop4: detected capacity change from 0 to 164
[  116.452075][ T8321] rock: directory entry would overflow storage
[  116.458281][ T8321] rock: sig=0x4543, size=28, remaining=18
[  116.478319][ T8320] delete_channel: no stack
[  116.507809][ T8325] loop4: detected capacity change from 0 to 128
[  116.559869][ T8331] program syz.4.1923 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  116.617443][ T8337] program syz.4.1926 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  116.626729][ T8337] FAULT_INJECTION: forcing a failure.
[  116.626729][ T8337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.639879][ T8337] CPU: 1 UID: 0 PID: 8337 Comm: syz.4.1926 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  116.639899][ T8337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  116.639981][ T8337] Call Trace:
[  116.639986][ T8337]  <TASK>
[  116.639991][ T8337]  __dump_stack+0x1d/0x30
[  116.640007][ T8337]  dump_stack_lvl+0xe8/0x140
[  116.640018][ T8337]  dump_stack+0x15/0x1b
[  116.640027][ T8337]  should_fail_ex+0x265/0x280
[  116.640055][ T8337]  should_fail+0xb/0x20
[  116.640159][ T8337]  should_fail_usercopy+0x1a/0x20
[  116.640178][ T8337]  _copy_from_user+0x1c/0xb0
[  116.640199][ T8337]  scsi_ioctl+0x1102/0x1500
[  116.640218][ T8337]  ? avc_has_perm+0xd3/0x150
[  116.640308][ T8337]  ? file_has_perm+0x324/0x370
[  116.640351][ T8337]  ? do_vfs_ioctl+0x993/0x15b0
[  116.640364][ T8337]  sg_ioctl+0xdf6/0x1360
[  116.640380][ T8337]  ? __pfx_sg_ioctl+0x10/0x10
[  116.640394][ T8337]  __se_sys_ioctl+0xcb/0x140
[  116.640476][ T8337]  __x64_sys_ioctl+0x43/0x50
[  116.640487][ T8337]  x64_sys_call+0x19a8/0x2fb0
[  116.640499][ T8337]  do_syscall_64+0xd0/0x1a0
[  116.640511][ T8337]  ? clear_bhb_loop+0x25/0x80
[  116.640529][ T8337]  ? clear_bhb_loop+0x25/0x80
[  116.640579][ T8337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.640595][ T8337] RIP: 0033:0x7fae9557e969
[  116.640605][ T8337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.640615][ T8337] RSP: 002b:00007fae93be7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  116.640627][ T8337] RAX: ffffffffffffffda RBX: 00007fae957a5fa0 RCX: 00007fae9557e969
[  116.640692][ T8337] RDX: 0000200000000680 RSI: 0000000000000001 RDI: 0000000000000006
[  116.640699][ T8337] RBP: 00007fae93be7090 R08: 0000000000000000 R09: 0000000000000000
[  116.640706][ T8337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.640713][ T8337] R13: 0000000000000000 R14: 00007fae957a5fa0 R15: 00007fff9d245ce8
[  116.640723][ T8337]  </TASK>
[  116.654313][ T8339] program syz.4.1927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  116.774865][ T8341] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  116.880396][ T8345] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  116.888569][ T8344] loop1: detected capacity change from 0 to 512
[  116.899340][ T8345] loop4: detected capacity change from 0 to 512
[  116.909428][ T8344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.922397][ T8345] ext4: Bad value for 'stripe'
[  116.926342][ T8344] ext4 filesystem being mounted at /367/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.966198][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.020987][ T8362] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  117.098971][ T8375] loop4: detected capacity change from 0 to 1024
[  117.105946][ T8375] EXT4-fs: Ignoring removed i_version option
[  117.112104][ T8375] EXT4-fs: Ignoring removed mblk_io_submit option
[  117.118991][ T8375] EXT4-fs: Ignoring removed nobh option
[  117.124578][ T8375] EXT4-fs: Ignoring removed oldalloc option
[  117.130552][ T8375] EXT4-fs: Ignoring removed bh option
[  117.140240][ T8375] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.237725][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.275466][ T8405] vlan2: entered allmulticast mode
[  117.280700][ T8405] batadv0: entered allmulticast mode
[  117.406433][ T8419] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  117.433703][ T8418] tipc: Disabling bearer <eth:syzkaller0>
[  117.546671][ T8430] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  117.651174][ T8434] loop4: detected capacity change from 0 to 512
[  117.669885][ T8434] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1968: bg 0: block 248: padding at end of block bitmap is not set
[  117.684535][ T8434] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1968: Failed to acquire dquot type 1
[  117.696509][ T8434] EXT4-fs (loop4): 1 truncate cleaned up
[  117.702624][ T8434] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.715219][ T8434] ext4 filesystem being mounted at /422/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.735125][ T8434] syz.4.1968 (8434) used greatest stack depth: 9360 bytes left
[  117.743586][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.884049][ T8441] ==================================================================
[  117.892157][ T8441] BUG: KCSAN: data-race in mas_state_walk / mas_wmb_replace
[  117.899426][ T8441] 
[  117.901730][ T8441] write to 0xffff888104463600 of 8 bytes by task 8440 on cpu 1:
[  117.909462][ T8441]  mas_wmb_replace+0xe46/0x14a0
[  117.914296][ T8441]  mas_wr_store_entry+0x17ae/0x2b60
[  117.919476][ T8441]  mas_store_prealloc+0x74d/0x9e0
[  117.924481][ T8441]  vma_iter_store_new+0x1c5/0x200
[  117.929493][ T8441]  vma_complete+0x125/0x570
[  117.933978][ T8441]  __split_vma+0x54c/0x610
[  117.938379][ T8441]  vma_modify+0x107/0x210
[  117.942696][ T8441]  vma_modify_flags+0x101/0x130
[  117.947531][ T8441]  mprotect_fixup+0x2cc/0x570
[  117.952192][ T8441]  do_mprotect_pkey+0x6d6/0x980
[  117.957020][ T8441]  __x64_sys_mprotect+0x48/0x60
[  117.961854][ T8441]  x64_sys_call+0x2794/0x2fb0
[  117.966512][ T8441]  do_syscall_64+0xd0/0x1a0
[  117.970994][ T8441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.976878][ T8441] 
[  117.979198][ T8441] read to 0xffff888104463600 of 8 bytes by task 8441 on cpu 0:
[  117.986741][ T8441]  mas_state_walk+0x485/0x650
[  117.991402][ T8441]  mas_walk+0x30/0x120
[  117.995451][ T8441]  lock_vma_under_rcu+0xa2/0x2f0
[  118.000374][ T8441]  do_user_addr_fault+0x233/0x1090
[  118.005471][ T8441]  exc_page_fault+0x54/0xc0
[  118.009961][ T8441]  asm_exc_page_fault+0x26/0x30
[  118.014798][ T8441] 
[  118.017101][ T8441] value changed: 0xffff88810494d106 -> 0xffff888104463600
[  118.024185][ T8441] 
[  118.026489][ T8441] Reported by Kernel Concurrency Sanitizer on:
[  118.032618][ T8441] CPU: 0 UID: 0 PID: 8441 Comm: syz.3.1970 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[  118.045007][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  118.055053][ T8441] ==================================================================