last executing test programs:

2m53.172001738s ago: executing program 0 (id=2652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x7, 0x7fe2, 0x3}, 0x50)
unshare(0x2a020400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r1, 0xd}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20)

2m53.133777681s ago: executing program 0 (id=2654):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f00000000c0)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)

2m53.089451164s ago: executing program 0 (id=2657):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x83, &(0x7f0000000180)={0x0, 0x1}, 0x8)

2m53.060314437s ago: executing program 0 (id=2659):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
setpriority(0x2, 0x0, 0x1)

2m53.032775708s ago: executing program 0 (id=2662):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000014"], 0x14}}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf251500000008000300", @ANYRES32=r2, @ANYBLOB="2c002b80200003800c000400000000000000000006000100020000000700020003000000080001"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x2040094)

2m52.795364018s ago: executing program 0 (id=2675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d920000000000000", @ANYRES32, @ANYBLOB="0000000001"], 0x50)

2m52.776957679s ago: executing program 32 (id=2675):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d920000000000000", @ANYRES32, @ANYBLOB="0000000001"], 0x50)

42.109052457s ago: executing program 2 (id=8815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

42.06554185s ago: executing program 2 (id=8819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

42.033030333s ago: executing program 2 (id=8821):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003000afe6cbf96caa5debdad61b67ddb2fb68fcf19f7807076430a00010071756f7461"], 0xc8}, 0x1, 0x0, 0x0, 0x4000005}, 0x20000004)

42.002793245s ago: executing program 2 (id=8824):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x84000, 0x0)

41.976002198s ago: executing program 2 (id=8827):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0xfc, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
nanosleep(&(0x7f0000000140), 0x0)

41.82082372s ago: executing program 2 (id=8833):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)

41.82072075s ago: executing program 33 (id=8833):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x1ff)

3.596275412s ago: executing program 6 (id=10445):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000040)={0x1802, 0x0, 0x0, 0x2, 0x8000, r1, 0x0, 0x0, 0x1, 0x0, 0x1, r1}])
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000)

3.481354682s ago: executing program 6 (id=10449):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x7, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

3.427744266s ago: executing program 5 (id=10453):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0xfdef)

3.426004916s ago: executing program 6 (id=10461):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

3.365848491s ago: executing program 1 (id=10457):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x593, &(0x7f0000000400)={0x0, 0xc458, 0x800, 0x2, 0x3a1}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000a40)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000b00)=@IORING_OP_UNLINKAT={0x24, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200, 0x1})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)

3.365533931s ago: executing program 6 (id=10458):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000000080)="4f1002f8839db50f6b17361b582bfe9feb19d7b9c72398ebc5d62d88240efa790e029c862ad6e8cc2a59181be765a2f2df", 0x31)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

3.288129287s ago: executing program 4 (id=10462):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
creat(&(0x7f0000000080)='./file0\x00', 0xa)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ff", @ANYRES16], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}})

3.287904197s ago: executing program 5 (id=10463):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r1, @ANYBLOB="927de77c9f34632c44f73d7d9f8bdee77c082e6f81f1271025ebdc6cb5d59da7d2c0751e20fae4ea23f86a81a77af8aa0696d4"], 0x3c}}, 0x0)

3.211418663s ago: executing program 5 (id=10465):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
wait4(r0, 0x0, 0x2, 0x0)
syz_open_procfs(r0, 0x0)

3.071185405s ago: executing program 1 (id=10466):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

3.070602955s ago: executing program 4 (id=10467):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000007000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000040)={@multicast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x4e21, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x0, 0x8}}}}}, 0x0)

3.070308275s ago: executing program 1 (id=10468):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000004000000020000000000000f0400000000005f"], 0x0, 0x28}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ///+864GIw8IlpAdcIJ0Yrq6u+//pzLASAS5d6/5/vwN5nCzASCn2NQIQGGX/9/3/c6XpQyUEAAAM3HRrSgql7Ou96SgUSqWIm62fBSgmaxvVynxEPBERv50pXmvWF1pbJn2MEQAAAAAAAAAAAAAAAAAAAAAAAAAAovVU7iRSAAAAYKRFFP6U/LL9LP+5meenu78fmEj+1fpJ4ImIeOuHb3z/7nKjsbvQXP63o+WNH2TLXxzGNxgAAABAt851emv+z2FnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCoee/B2yudqY+XTw0q7l++EBGzefHHY7I1n4xiRFz/exLjJ7ZLImJsAPEP70XER/PiJ820jkLmxR/Em3BO/JjN3oW8+DcGEB+usvvN489ref2vEM+25vn9bzzif+ofVO/jXxwd/8Z69P+bfcZ46p2flXvGvxfx1Hj+8acTP+kR/7k+43/9awcHvdalP4qY63z+tI54JyMcl8qNrZ1yff/g9sbW8nplvbK9uLjw8tIrSy8tzZfXNqqV7N/cGN95+ufvn9X+67mff0mWTe/2P5+zv7zPpP+8c/fBhzuVw9Pxbz2XE/9XP85ecTp+IYvzqazcXD/XKR+2yyc989PfPHNW+1eP2198mP//W7122u1UR3m63z8dAOAC1PcPNper1cruyBaaV+mPQBoKj2DhWwPdYZqmabNP5ay6HxH97CeJAbe0kJ/PcaHnEWDYRyYAAGDQjk/6h50JAAAAAAAAAAAAAAAAAAAAXF2X8ZS17pjHj0BOBvEIbQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgfhvAAAA//89e9P5")
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x4, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r2, 0x3, '\x00', 0x0, r0, 0x3, 0x80}, 0x50)

3.069854435s ago: executing program 4 (id=10469):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4)

2.988669311s ago: executing program 3 (id=10470):
socket$kcm(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x10, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18006daaed13ff00000000000000000028"], 0x0}, 0x90)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="98eb000014006bcd9e", 0xeb98}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)
recvmsg(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x1e20)

2.982328111s ago: executing program 3 (id=10471):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

2.922693026s ago: executing program 3 (id=10472):
perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000070000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_clone(0x160480, 0x0, 0x0, 0x0, 0x0, 0x0)
close(0x3)

2.890940669s ago: executing program 4 (id=10473):
unshare(0x22020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x2, 0x4, 0x4, 0x9}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r0}, 0x50)
close(r0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)

2.890154989s ago: executing program 1 (id=10474):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendto$inet(r2, 0x0, 0xe0, 0x0, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)

2.820980075s ago: executing program 5 (id=10475):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f00000006c0), &(0x7f0000000700)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2.820686965s ago: executing program 1 (id=10476):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x3c, r1, 0x8, 0x3, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x40081)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x9}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}]}, 0x88}, 0x1, 0x7}, 0x0)

2.800568266s ago: executing program 5 (id=10477):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'netdevsim0\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r3, r4, 0x4, r0}, 0x10)

2.800298616s ago: executing program 4 (id=10478):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r1}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

2.720714752s ago: executing program 6 (id=10479):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0xf1, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)

2.62475162s ago: executing program 1 (id=10480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

2.62459517s ago: executing program 34 (id=10480):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

2.37592758s ago: executing program 6 (id=10482):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)

2.37573671s ago: executing program 35 (id=10482):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
r0 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)

2.305992186s ago: executing program 4 (id=10484):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xa, 0xf2, 0x0, 0x0, 0xfffffffe)

2.305271516s ago: executing program 36 (id=10484):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xa, 0xf2, 0x0, 0x0, 0xfffffffe)

2.062508355s ago: executing program 5 (id=10485):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0xfffc, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000040)="a276", 0x2, 0x810, 0x0, 0x0)

2.062327845s ago: executing program 37 (id=10485):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0xfffc, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x1, 0x4)
sendto$inet6(r1, &(0x7f0000000040)="a276", 0x2, 0x810, 0x0, 0x0)

143.680109ms ago: executing program 3 (id=10486):
r0 = socket(0x15, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
getsockopt(r0, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))

143.471229ms ago: executing program 9 (id=10492):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TCXONC(r0, 0x540a, 0x2)

89.054403ms ago: executing program 9 (id=10487):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r0}, &(0x7f0000000200), &(0x7f0000000400)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

32.709718ms ago: executing program 3 (id=10488):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="04010000100007000000000000000000ff020000000000000000000000000001e00000020000000000000000000000004e200000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc00000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000001000000000feffffffffffffff0951000001000000090000000000000000000000000000000000200000000000070000000000000000000000000000000000040000000000e80a000000000000000000000a000200700000000000100014000e"], 0x104}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

28.805058ms ago: executing program 9 (id=10489):
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000680), 0x80c02, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
write$cgroup_int(r0, 0x0, 0x2)

887.111µs ago: executing program 9 (id=10490):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000000080)="4f1002f8839db50f6b17361b582bfe9feb19d7b9c72398ebc5d62d88240efa790e029c862ad6e8cc2a59181be765a2f2df", 0x31)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

0s ago: executing program 3 (id=10499):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000200), &(0x7f0000000240)=r2}, 0x20)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f00000006c0)=@newtaction={0xa0, 0x30, 0x9, 0xf00, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {0x0, 0x0, 0xfe}, {}, {0x6}, {0x2, 0x3, 0x8, 0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x40040c0)

kernel console output (not intermixed with test programs):

r:sysadm_t pid=22117 comm="syz.1.7591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f174f7f5ba7 code=0x7ffc0000
[  202.886662][T22134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7599'.
[  202.895920][T22134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7599'.
[  203.048784][T22161] loop2: detected capacity change from 0 to 512
[  203.055673][T22161] EXT4-fs: Ignoring removed nobh option
[  203.063170][T22161] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.176095][T22157] loop5: detected capacity change from 0 to 32768
[  203.306689][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.364880][T22191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7623'.
[  203.374271][T22191] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  203.383216][T22191] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (133)
[  203.622766][T22233] loop5: detected capacity change from 0 to 164
[  203.648760][T22235] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7644'.
[  203.657810][T22235] netlink: 108 bytes leftover after parsing attributes in process `syz.4.7644'.
[  203.667430][T22233] Unable to read rock-ridge attributes
[  203.678837][T22233] Unable to read rock-ridge attributes
[  203.678909][T22235] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7644'.
[  203.708262][T22235] netlink: 108 bytes leftover after parsing attributes in process `syz.4.7644'.
[  203.727687][T22241] loop2: detected capacity change from 0 to 128
[  203.764450][T22250] loop5: detected capacity change from 0 to 512
[  203.778539][T22250] EXT4-fs: Ignoring removed orlov option
[  203.786826][T22250] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  203.798522][T22250] EXT4-fs (loop5): orphan cleanup on readonly fs
[  203.806201][T22250] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7649: bg 0: block 248: padding at end of block bitmap is not set
[  203.821228][T22250] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.7649: Failed to acquire dquot type 1
[  203.853089][T22250] EXT4-fs (loop5): 1 truncate cleaned up
[  203.865531][T22250] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  203.959303][T22250] EXT4-fs: Ignoring removed orlov option
[  203.969161][T22250] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  203.993716][T22250] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  204.016343][T22250] EXT4-fs error (device loop5): __ext4_remount:6740: comm syz.5.7649: Abort forced by user
[  204.032277][T22250] EXT4-fs (loop5): Remounting filesystem read-only
[  204.038966][T22250] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  204.047921][T22250] ext4 filesystem being remounted at /1005/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  204.076925][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.124169][T22304] loop2: detected capacity change from 0 to 1764
[  204.227197][T22327] IPv6: Can't replace route, no match found
[  204.398505][T22364] 9pnet_fd: Insufficient options for proto=fd
[  204.418725][T22370] openvswitch: netlink: Message has 6 unknown bytes.
[  204.634178][T22409] loop5: detected capacity change from 0 to 128
[  204.661280][T22409] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  204.666445][T22413] dummy0: entered promiscuous mode
[  204.669373][T22409] FAT-fs (loop5): Filesystem has been set read-only
[  204.681840][T22413] dummy0: left promiscuous mode
[  204.688322][T22409] syz.5.7713: attempt to access beyond end of device
[  204.688322][T22409] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  204.704870][T22409] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  204.712744][T22409] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  204.733162][T22409] syz.5.7713: attempt to access beyond end of device
[  204.733162][T22409] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  204.748082][T22409] syz.5.7713: attempt to access beyond end of device
[  204.748082][T22409] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  204.761587][T22409] syz.5.7713: attempt to access beyond end of device
[  204.761587][T22409] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  204.783208][T22409] syz.5.7713: attempt to access beyond end of device
[  204.783208][T22409] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  204.852184][T22433] loop2: detected capacity change from 0 to 1024
[  204.878979][T22433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.977178][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.232049][T22484] loop2: detected capacity change from 0 to 164
[  205.269196][T22484] Unable to read rock-ridge attributes
[  205.280644][T22484] Unable to read rock-ridge attributes
[  205.352339][T22506] GUP no longer grows the stack in syz.5.7750 (22506): 200000004000-20000000a000 (200000002000)
[  205.363022][T22506] CPU: 0 UID: 0 PID: 22506 Comm: syz.5.7750 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  205.363049][T22506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  205.363065][T22506] Call Trace:
[  205.363134][T22506]  <TASK>
[  205.363142][T22506]  __dump_stack+0x1d/0x30
[  205.363169][T22506]  dump_stack_lvl+0xe8/0x140
[  205.363188][T22506]  dump_stack+0x15/0x1b
[  205.363207][T22506]  __get_user_pages+0x198d/0x1fa0
[  205.363312][T22506]  ? __rcu_read_unlock+0x4f/0x70
[  205.363342][T22506]  get_user_pages_remote+0x1d5/0x6d0
[  205.363381][T22506]  __access_remote_vm+0x15c/0x590
[  205.363493][T22506]  access_remote_vm+0x32/0x40
[  205.363524][T22506]  proc_pid_cmdline_read+0x32b/0x6c0
[  205.363559][T22506]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  205.363691][T22506]  vfs_readv+0x3fb/0x690
[  205.363741][T22506]  __x64_sys_preadv+0xfd/0x1c0
[  205.363774][T22506]  x64_sys_call+0x282a/0x2ff0
[  205.363862][T22506]  do_syscall_64+0xd2/0x200
[  205.363897][T22506]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  205.363967][T22506]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  205.364000][T22506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.364026][T22506] RIP: 0033:0x7f7120cdebe9
[  205.364053][T22506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.364076][T22506] RSP: 002b:00007f711f73f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  205.364102][T22506] RAX: ffffffffffffffda RBX: 00007f7120f05fa0 RCX: 00007f7120cdebe9
[  205.364148][T22506] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  205.364170][T22506] RBP: 00007f7120d61e19 R08: 0000000000000000 R09: 0000000000000000
[  205.364186][T22506] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  205.364201][T22506] R13: 00007f7120f06038 R14: 00007f7120f05fa0 R15: 00007ffe114d9b48
[  205.364383][T22506]  </TASK>
[  205.569793][T22508] SELinux:  Context system_u:object_r:iptables_unit_file_t:s0 is not valid (left unmapped).
[  206.209284][T22600] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.274067][T22600] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.444101][T22625] 9pnet_fd: Insufficient options for proto=fd
[  206.550348][T22640] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649
[  206.629627][T22645] netlink: 'syz.4.7810': attribute type 5 has an invalid length.
[  206.690485][T22651] loop2: detected capacity change from 0 to 1024
[  206.725719][T22651] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  206.768837][T22651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.806400][T22665] __nla_validate_parse: 7 callbacks suppressed
[  206.806416][T22665] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7818'.
[  206.987246][T22679] loop5: detected capacity change from 0 to 512
[  207.004245][T22679] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.7825: bg 0: block 16: invalid block bitmap
[  207.025442][T22679] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  207.047477][T22679] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.7825: attempt to clear invalid blocks 1669132790 len 1
[  207.068252][T22679] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.7825: invalid indirect mapped block 4294967295 (level 1)
[  207.082883][T22679] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.7825: invalid indirect mapped block 4294967295 (level 2)
[  207.098923][T22679] EXT4-fs (loop5): 1 truncate cleaned up
[  207.108785][T22679] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.140816][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.157508][T22689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7828'.
[  207.166550][T22689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7828'.
[  207.177604][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.223300][T22698] SELinux: failed to load policy
[  207.240335][   T29] kauditd_printk_skb: 339 callbacks suppressed
[  207.240355][   T29] audit: type=1326 audit(1755980990.162:8517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22700 comm="syz.5.7831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  207.289951][   T29] audit: type=1326 audit(1755980990.202:8518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22700 comm="syz.5.7831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  207.313653][   T29] audit: type=1326 audit(1755980990.202:8519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22700 comm="syz.5.7831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  207.337372][   T29] audit: type=1326 audit(1755980990.202:8520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22700 comm="syz.5.7831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  207.360923][   T29] audit: type=1400 audit(1755980990.202:8521): avc:  denied  { mounton } for  pid=22703 comm="syz.2.7834" path="/proc/2885/task" dev="proc" ino=62084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  207.454010][   T29] audit: type=1326 audit(1755980990.372:8522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22719 comm="syz.2.7840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  207.477663][   T29] audit: type=1326 audit(1755980990.372:8523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22719 comm="syz.2.7840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  207.501270][   T29] audit: type=1326 audit(1755980990.372:8524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22719 comm="syz.2.7840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  207.525113][   T29] audit: type=1326 audit(1755980990.372:8525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22719 comm="syz.2.7840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  207.548664][   T29] audit: type=1326 audit(1755980990.372:8526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22719 comm="syz.2.7840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  207.908231][T22783] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  207.908231][T22783]    program syz.5.7870 not setting count and/or reply_len properly
[  208.183048][T22800] loop2: detected capacity change from 0 to 512
[  208.211316][T22800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.225751][T22800] ext4 filesystem being mounted at /1360/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.242782][T22800] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  208.299194][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.333790][T22819] netlink: 'syz.3.7883': attribute type 13 has an invalid length.
[  208.363217][T22819] syz_tun: left promiscuous mode
[  208.380215][T22819] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.458256][T22827] ipvlan2: entered promiscuous mode
[  208.467906][T22827] bridge0: port 3(ipvlan2) entered blocking state
[  208.474422][T22827] bridge0: port 3(ipvlan2) entered disabled state
[  208.481546][T22827] ipvlan2: entered allmulticast mode
[  208.486931][T22827] bridge0: entered allmulticast mode
[  208.496460][T22827] ipvlan2: left allmulticast mode
[  208.501563][T22827] bridge0: left allmulticast mode
[  208.654708][T22842] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  208.662425][T22842] IPv6: NLM_F_CREATE should be set when creating new route
[  208.917207][T22861] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  208.940490][T22863] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  209.163088][T22885] netlink: 64859 bytes leftover after parsing attributes in process `syz.5.7911'.
[  209.198020][T22889] netlink: 'syz.2.7913': attribute type 4 has an invalid length.
[  209.431281][T22915] netlink: 'syz.3.7925': attribute type 4 has an invalid length.
[  209.439166][T22915] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7925'.
[  209.554569][T22911] loop2: detected capacity change from 0 to 32768
[  209.733845][T22943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7936'.
[  209.743592][T22943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7936'.
[  209.884247][T22959] loop2: detected capacity change from 0 to 512
[  209.896147][T22959] EXT4-fs (loop2): too many log groups per flexible block group
[  209.903956][T22959] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  209.910944][T22959] EXT4-fs (loop2): mount failed
[  209.994291][T22976] binfmt_misc: register: failed to install interpreter file ./file0
[  210.016682][T22978] loop2: detected capacity change from 0 to 128
[  210.211345][T23002] SELinux: failed to load policy
[  210.504839][T23040] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7979'.
[  210.524313][T23043] 9pnet_fd: Insufficient options for proto=fd
[  210.618956][T23054] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23054 comm=syz.1.7983
[  210.657308][T23054] netlink: 60 bytes leftover after parsing attributes in process `syz.1.7983'.
[  210.824687][T23091] netlink: 'syz.1.8000': attribute type 13 has an invalid length.
[  210.863240][T23091] 8021q: adding VLAN 0 to HW filter on device team0
[  210.889443][T23091] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  211.077084][T23132] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8017'.
[  211.174322][T23161] team_slave_0: entered promiscuous mode
[  211.180240][T23161] team_slave_1: entered promiscuous mode
[  211.188579][T23161] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  211.199174][T23161] team0: Device macvtap1 is already an upper device of the team interface
[  211.208887][T23161] team_slave_0: left promiscuous mode
[  211.214319][T23161] team_slave_1: left promiscuous mode
[  211.305058][T23177] netlink: 'syz.1.8035': attribute type 1 has an invalid length.
[  211.593078][T23214] vxcan0: tx address claim with dlc 0
[  211.989270][T23247] IPv6: Can't replace route, no match found
[  212.158291][T23269] loop5: detected capacity change from 0 to 512
[  212.204327][T23269] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  212.219411][T23269] ext4 filesystem being mounted at /1084/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.235175][T23276] __nla_validate_parse: 2 callbacks suppressed
[  212.235195][T23276] netlink: 44 bytes leftover after parsing attributes in process `syz.3.8077'.
[  212.258583][   T29] kauditd_printk_skb: 252 callbacks suppressed
[  212.258602][   T29] audit: type=1400 audit(1755980995.182:8779): avc:  denied  { add_name } for  pid=23268 comm="syz.5.8074" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  212.291445][   T29] audit: type=1400 audit(1755980995.182:8780): avc:  denied  { create } for  pid=23268 comm="syz.5.8074" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  212.312113][   T29] audit: type=1400 audit(1755980995.182:8781): avc:  denied  { read write open } for  pid=23268 comm="syz.5.8074" path="/1084/file0/file1" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  212.337407][   T29] audit: type=1400 audit(1755980995.212:8782): avc:  denied  { create } for  pid=23277 comm="syz.3.8078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  212.356948][   T29] audit: type=1400 audit(1755980995.212:8783): avc:  denied  { connect } for  pid=23277 comm="syz.3.8078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  212.376625][   T29] audit: type=1400 audit(1755980995.212:8784): avc:  denied  { setopt } for  pid=23277 comm="syz.3.8078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  212.397119][   T29] audit: type=1400 audit(1755980995.322:8785): avc:  denied  { unmount } for  pid=9929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  212.418999][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  212.501441][T23286] loop5: detected capacity change from 0 to 512
[  212.546623][T23286] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.564962][T23286] ext4 filesystem being mounted at /1085/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.579101][T23295] netlink: 'syz.2.8083': attribute type 153 has an invalid length.
[  212.602934][   T29] audit: type=1400 audit(1755980995.522:8786): avc:  denied  { setattr } for  pid=23285 comm="syz.5.8081" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  212.666831][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.749274][T23312] sd 0:0:1:0: device reset
[  212.751126][   T29] audit: type=1400 audit(1755980995.672:8787): avc:  denied  { read } for  pid=23311 comm="syz.1.8090" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  212.777575][   T29] audit: type=1400 audit(1755980995.672:8788): avc:  denied  { open } for  pid=23311 comm="syz.1.8090" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  213.022460][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.050593][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.082952][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.093818][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.122009][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.152155][T23365] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8113'.
[  213.174372][T23349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8108'.
[  213.203662][T23373] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8115'.
[  213.647123][T23417] sg_write: data in/out 1048540/10 bytes for SCSI command 0xc0-- guessing data in;
[  213.647123][T23417]    program syz.5.8135 not setting count and/or reply_len properly
[  213.771517][T23448] loop5: detected capacity change from 0 to 512
[  213.780257][T23448] EXT4-fs: Ignoring removed mblk_io_submit option
[  213.787482][T23448] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  213.802154][T23448] EXT4-fs (loop5): 1 truncate cleaned up
[  213.808405][T23448] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.824011][T23401] loop2: detected capacity change from 0 to 32768
[  214.661724][T23503] loop2: detected capacity change from 0 to 1024
[  214.685946][T23503] EXT4-fs: Ignoring removed bh option
[  214.691923][T23503] EXT4-fs: inline encryption not supported
[  214.704669][T23503] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  214.738484][T23503] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  214.747979][T23503] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 2: comm syz.2.8157: lblock 2 mapped to illegal pblock 2 (length 1)
[  214.766545][T23503] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.8157: lblock 0 mapped to illegal pblock 48 (length 1)
[  214.781384][T23503] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.8157: Failed to acquire dquot type 0
[  214.796451][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.821244][T23503] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  214.849660][T23503] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.8157: mark_inode_dirty error
[  214.880166][T23503] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  214.892001][T23503] EXT4-fs (loop2): 1 orphan inode deleted
[  214.898414][T23503] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.914527][ T8194] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  214.946405][ T8194] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:12: Failed to release dquot type 0
[  214.963433][T23528] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8168'.
[  214.975097][T23503] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 48: comm syz.2.8157: lblock 0 mapped to illegal pblock 48 (length 1)
[  215.002989][T23530] loop5: detected capacity change from 0 to 512
[  215.029224][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.040627][T23530] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  215.107595][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.477157][T23607] netlink: 'syz.4.8201': attribute type 1 has an invalid length.
[  215.710983][T23649] SELinux: failed to load policy
[  215.777724][T23662] loop5: detected capacity change from 0 to 512
[  215.799861][T23662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.812974][T23662] ext4 filesystem being mounted at /1103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  215.842720][T23671] 9pnet: Could not find request transport: 0xffffffffffffffff
[  215.903663][T23662] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.649029][T23743] loop2: detected capacity change from 0 to 256
[  216.789677][T23759] vhci_hcd: default hub control req: 1f18 v0008 i0000 l2
[  216.838608][T23763] syzkaller1: entered promiscuous mode
[  216.844259][T23763] syzkaller1: entered allmulticast mode
[  217.240612][T23820] 9pnet_fd: Insufficient options for proto=fd
[  217.510781][T23861] loop2: detected capacity change from 0 to 512
[  217.562721][T23861] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.660279][T23861] ext4 filesystem being mounted at /1447/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.682233][T23861] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.8296: corrupted xattr block 33: invalid header
[  217.706097][T23861] EXT4-fs (loop2): Remounting filesystem read-only
[  217.713037][T23861] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  217.728615][T23861] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=15
[  217.760923][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  217.761005][   T29] audit: type=1400 audit(1755981000.602:8967): avc:  denied  { read write } for  pid=23869 comm="syz.1.8298" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  217.791298][   T29] audit: type=1400 audit(1755981000.602:8968): avc:  denied  { open } for  pid=23869 comm="syz.1.8298" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  217.816039][   T29] audit: type=1400 audit(1755981000.682:8969): avc:  denied  { bind } for  pid=23874 comm="syz.3.8300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  217.842965][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.874875][   T29] audit: type=1400 audit(1755981000.792:8970): avc:  denied  { read } for  pid=23876 comm="syz.1.8302" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  217.897751][   T29] audit: type=1400 audit(1755981000.792:8971): avc:  denied  { open } for  pid=23876 comm="syz.1.8302" path="/dev/cpu/1/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  217.992358][   T29] audit: type=1326 audit(1755981000.912:8972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  218.032642][   T29] audit: type=1326 audit(1755981000.912:8973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  218.056470][   T29] audit: type=1326 audit(1755981000.942:8974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  218.080235][   T29] audit: type=1326 audit(1755981000.942:8975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  218.104882][   T29] audit: type=1326 audit(1755981000.942:8976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23889 comm="syz.2.8306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  218.354647][T23923] vcan0: tx drop: invalid sa for name 0x0000000000000004
[  218.717034][T23977] 9pnet_fd: Insufficient options for proto=fd
[  219.073392][T24015] loop5: detected capacity change from 0 to 1024
[  219.080540][T24015] EXT4-fs: inline encryption not supported
[  219.087194][T24015] EXT4-fs: Ignoring removed bh option
[  219.102017][T24015] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.156600][T24024] sd 0:0:1:0: device reset
[  219.176802][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.336087][T24060] openvswitch: netlink: Message has 6 unknown bytes.
[  219.702552][T24109] __nla_validate_parse: 11 callbacks suppressed
[  219.702574][T24109] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8394'.
[  219.807301][T24113] netlink: 'syz.1.8396': attribute type 3 has an invalid length.
[  220.914213][T24203] netlink: 64 bytes leftover after parsing attributes in process `syz.3.8421'.
[  221.174434][T24243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8436'.
[  221.234393][T24252] loop5: detected capacity change from 0 to 512
[  221.247098][T24252] EXT4-fs: Ignoring removed oldalloc option
[  221.253766][T24252] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  221.267653][T24252] EXT4-fs (loop5): 1 truncate cleaned up
[  221.273716][T24252] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.307414][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.459586][T24285] openvswitch: netlink: Message has 6 unknown bytes.
[  221.549888][T24293] netlink: 52 bytes leftover after parsing attributes in process `syz.5.8456'.
[  221.791593][T24341] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24341 comm=syz.4.8474
[  222.727591][T24443] loop5: detected capacity change from 0 to 1024
[  222.738317][T24443] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  222.869552][   T29] kauditd_printk_skb: 150 callbacks suppressed
[  222.869569][   T29] audit: type=1326 audit(1755981005.792:9127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  222.933750][   T29] audit: type=1326 audit(1755981005.822:9128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  222.957490][   T29] audit: type=1326 audit(1755981005.822:9129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  222.981107][   T29] audit: type=1326 audit(1755981005.822:9130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.004801][   T29] audit: type=1326 audit(1755981005.822:9131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.028332][   T29] audit: type=1326 audit(1755981005.822:9132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.051893][   T29] audit: type=1326 audit(1755981005.822:9133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.076234][   T29] audit: type=1326 audit(1755981005.822:9134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.100108][   T29] audit: type=1326 audit(1755981005.852:9135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.124223][   T29] audit: type=1326 audit(1755981005.852:9136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24459 comm="syz.3.8517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf3ff6ebe9 code=0x7ffc0000
[  223.292110][T24484] atomic_op ffff888118e68128 conn xmit_atomic 0000000000000000
[  224.336690][T24597] syzkaller1: entered promiscuous mode
[  224.342642][T24597] syzkaller1: entered allmulticast mode
[  224.504922][T24619] pim6reg: entered allmulticast mode
[  224.519029][T24619] pim6reg: left allmulticast mode
[  224.616123][T24642] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8570'.
[  224.625363][T24642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8570'.
[  224.672726][T24646] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1546 sclass=netlink_route_socket pid=24646 comm=syz.3.8574
[  224.701961][T24646] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8574'.
[  224.949735][T24684] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  224.962164][T24683] IPVS: stopping master sync thread 24684 ...
[  225.221154][T24725] syzkaller0: entered promiscuous mode
[  225.226982][T24725] syzkaller0: entered allmulticast mode
[  225.555749][T24788] loop5: detected capacity change from 0 to 512
[  225.565212][T24788] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  225.637652][T24788] EXT4-fs (loop5): failed to open journal device unknown-block(0,8) -6
[  225.760642][T24821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8643'.
[  225.769620][T24821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8643'.
[  225.803201][T24825] netlink: 6032 bytes leftover after parsing attributes in process `syz.2.8645'.
[  226.528567][T24899] loop5: detected capacity change from 0 to 1024
[  226.567168][T24899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.569421][T24904] loop2: detected capacity change from 0 to 512
[  226.593049][T24904] EXT4-fs: Ignoring removed bh option
[  226.610884][T24904] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  226.620307][T24904] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  226.692455][T24904] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  226.713320][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.725953][T24904] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  226.735703][T24904] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.789700][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.852689][T24956] netlink: 'syz.5.8685': attribute type 1 has an invalid length.
[  226.860607][T24956] netlink: 224 bytes leftover after parsing attributes in process `syz.5.8685'.
[  226.971205][T24964] netlink: 4436 bytes leftover after parsing attributes in process `syz.5.8690'.
[  227.631215][T25043] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8724'.
[  227.688233][T25051] netlink: 6032 bytes leftover after parsing attributes in process `syz.3.8728'.
[  228.014850][   T29] kauditd_printk_skb: 279 callbacks suppressed
[  228.014869][   T29] audit: type=1326 audit(1755981010.932:9416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.044877][   T29] audit: type=1326 audit(1755981010.932:9417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.136283][   T29] audit: type=1400 audit(1755981011.002:9418): avc:  denied  { mounton } for  pid=25094 comm="syz.5.8749" path="/1208/file0" dev="tmpfs" ino=6223 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  228.159881][   T29] audit: type=1326 audit(1755981011.002:9419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.184494][   T29] audit: type=1326 audit(1755981011.002:9420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.208749][   T29] audit: type=1326 audit(1755981011.002:9421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.232809][   T29] audit: type=1326 audit(1755981011.002:9422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.256756][   T29] audit: type=1326 audit(1755981011.002:9423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.282978][   T29] audit: type=1326 audit(1755981011.002:9424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.307691][   T29] audit: type=1326 audit(1755981011.002:9425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25092 comm="syz.2.8748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a65cebe9 code=0x7ffc0000
[  228.358717][T25116] loop2: detected capacity change from 0 to 1024
[  228.365695][T25116] EXT4-fs: Ignoring removed nomblk_io_submit option
[  228.378444][T25116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.450806][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.703739][T25168] netlink: 'syz.4.8778': attribute type 1 has an invalid length.
[  228.739925][T25173] syzkaller1: entered promiscuous mode
[  228.745681][T25173] syzkaller1: entered allmulticast mode
[  228.851798][T25193] SELinux:  Context system_u:object_r:gpg_agent_exec_t:s0 is not valid (left unmapped).
[  229.009565][T25205] netlink: 180 bytes leftover after parsing attributes in process `syz.3.8791'.
[  229.165181][T25229] netlink: 'syz.3.8801': attribute type 9 has an invalid length.
[  229.174527][ T2956] kernel write not supported for file 2557/net/vlan/vlan1 (pid: 2956 comm: kworker/1:2)
[  229.423705][T25261] openvswitch: netlink: Message has 6 unknown bytes.
[  229.537735][T25280] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  229.654210][   T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.729088][   T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.799130][   T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.848154][   T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.027462][   T31] tipc: Disabling bearer <udp:s>
[  230.032515][   T31] tipc: Left network mode
[  230.054292][   T31] IPVS: stopping backup sync thread 4863 ...
[  230.179159][   T31] hsr_slave_0: left promiscuous mode
[  230.191902][   T31] hsr_slave_1: left promiscuous mode
[  230.198581][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.206524][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.225286][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.235478][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.259009][   T31] veth1_macvtap: left promiscuous mode
[  230.266695][   T31] veth0_macvtap: left promiscuous mode
[  230.278662][   T31] veth1_vlan: left promiscuous mode
[  230.284045][   T31] veth0_vlan: left promiscuous mode
[  230.407206][   T31] team0 (unregistering): Port device team_slave_1 removed
[  230.423094][   T31] team0 (unregistering): Port device team_slave_0 removed
[  230.487269][T25314] chnl_net:caif_netlink_parms(): no params data found
[  230.567447][T25314] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.574921][T25314] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.582376][T25314] bridge_slave_0: entered allmulticast mode
[  230.589343][T25314] bridge_slave_0: entered promiscuous mode
[  230.598010][T25314] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.605388][T25314] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.612724][T25314] bridge_slave_1: entered allmulticast mode
[  230.619691][T25314] bridge_slave_1: entered promiscuous mode
[  230.644933][T25314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.666201][T25314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.695171][T25314] team0: Port device team_slave_0 added
[  230.702204][T25314] team0: Port device team_slave_1 added
[  230.744020][T25314] batman_adv: batadv0: Adding interface: batadv_slave_0
[  230.751347][T25314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.779328][T25314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  230.799275][T25314] batman_adv: batadv0: Adding interface: batadv_slave_1
[  230.806686][T25314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  230.833030][T25314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  230.851573][   T31] IPVS: stop unused estimator thread 0...
[  230.875289][T25314] hsr_slave_0: entered promiscuous mode
[  230.882998][T25314] hsr_slave_1: entered promiscuous mode
[  230.890456][T25314] debugfs: 'hsr0' already exists in 'hsr'
[  230.896330][T25314] Cannot create hsr debugfs directory
[  231.020881][    C1] vcan0: j1939_tp_rxtimer: 0xffff88811cbf9c00: rx timeout, send abort
[  231.024287][T25314] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  231.029238][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88811cbf9c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  231.055000][T25314] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  231.067031][T25314] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  231.097039][T25314] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  231.173984][T25314] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.205005][T25314] 8021q: adding VLAN 0 to HW filter on device team0
[  231.223538][T22035] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.230731][T22035] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.257996][ T3432] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.265265][ T3432] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.294467][T25314] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  231.304977][T25314] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.437534][T25314] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.483423][T25792] 9pnet_fd: Insufficient options for proto=fd
[  231.558905][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.568320][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.577407][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.633965][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.643060][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.652088][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.679616][T25820] C: renamed from team_slave_0 (while UP)
[  231.703822][T25824] loop5: detected capacity change from 0 to 512
[  231.718895][T25820] netlink: 'syz.3.8899': attribute type 1 has an invalid length.
[  231.737504][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.746566][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.755858][T25806] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8895'.
[  231.766618][T25820] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  231.792209][T25824] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  231.803215][T25314] veth0_vlan: entered promiscuous mode
[  231.823523][T25314] veth1_vlan: entered promiscuous mode
[  231.870074][T25314] veth0_macvtap: entered promiscuous mode
[  231.890937][T25314] veth1_macvtap: entered promiscuous mode
[  232.046329][T25824] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.076446][T25824] ext4 filesystem being mounted at /1240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  232.099022][T25314] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.119276][T25824] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.8900: corrupted xattr block 19: overlapping e_value 
[  232.121549][T25314] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.161269][T25824] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  232.181630][   T37] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.201907][   T37] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.228162][T25824] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.8900: corrupted xattr block 19: overlapping e_value 
[  232.243866][   T37] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.254683][T25843] netlink: 116 bytes leftover after parsing attributes in process `syz.3.8906'.
[  232.264430][   T37] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.302696][T25824] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  232.348111][T25824] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.8900: corrupted xattr block 19: overlapping e_value 
[  232.498670][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.785460][T25892] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  232.793047][T25892] IPv6: NLM_F_CREATE should be set when creating new route
[  232.800316][T25892] IPv6: NLM_F_CREATE should be set when creating new route
[  233.050168][T25912] openvswitch: netlink: Message has 6 unknown bytes.
[  233.081102][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  233.081120][   T29] audit: type=1400 audit(1755981016.002:9557): avc:  denied  { ioctl } for  pid=25913 comm="syz.5.8934" path="socket:[69937]" dev="sockfs" ino=69937 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  233.081302][T25914] netlink: 'syz.5.8934': attribute type 1 has an invalid length.
[  233.301235][   T29] audit: type=1400 audit(1755981016.222:9558): avc:  denied  { read write } for  pid=25314 comm="syz-executor" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  233.326320][   T29] audit: type=1400 audit(1755981016.222:9559): avc:  denied  { open } for  pid=25314 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  233.351127][   T29] audit: type=1400 audit(1755981016.222:9560): avc:  denied  { ioctl } for  pid=25314 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  233.453180][T25945] random: crng reseeded on system resumption
[  233.471372][   T29] audit: type=1400 audit(1755981016.282:9561): avc:  denied  { prog_load } for  pid=25934 comm="syz.5.8947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  233.473659][T25945] Restarting kernel threads ...
[  233.491201][   T29] audit: type=1400 audit(1755981016.282:9562): avc:  denied  { bpf } for  pid=25934 comm="syz.5.8947" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  233.500832][T25945] Done restarting kernel threads.
[  233.517585][   T29] audit: type=1400 audit(1755981016.292:9563): avc:  denied  { perfmon } for  pid=25934 comm="syz.5.8947" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  233.543982][   T29] audit: type=1400 audit(1755981016.292:9564): avc:  denied  { prog_run } for  pid=25934 comm="syz.5.8947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  233.563211][   T29] audit: type=1326 audit(1755981016.302:9565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25937 comm="syz.4.8945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  233.587239][   T29] audit: type=1400 audit(1755981016.312:9566): avc:  denied  { create } for  pid=25933 comm="syz.6.8946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  233.888513][T25973] chnl_net:caif_netlink_parms(): no params data found
[  233.996533][T25985] loop5: detected capacity change from 0 to 1024
[  234.023299][T25985] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  234.034585][T25985] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  234.076532][T25985] JBD2: no valid journal superblock found
[  234.082359][T25985] EXT4-fs (loop5): Could not load journal inode
[  234.113602][T25985] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  234.347653][ T3432] tipc: Subscription rejected, illegal request
[  234.537869][T26042] chnl_net:caif_netlink_parms(): no params data found
[  234.681573][T26059] bond2: entered promiscuous mode
[  234.686842][T26059] bond2: entered allmulticast mode
[  234.696905][T26059] 8021q: adding VLAN 0 to HW filter on device bond2
[  234.714628][T26059] bond2 (unregistering): Released all slaves
[  234.941667][T26166] SELinux:  Context ׸ý is not valid (left unmapped).
[  235.158840][T26184] loop5: detected capacity change from 0 to 8192
[  235.472607][T26206] FAT-fs (loop5): error, corrupted directory (invalid entries)
[  235.481092][T26206] FAT-fs (loop5): Filesystem has been set read-only
[  236.055601][T26297] loop6: detected capacity change from 0 to 128
[  236.105202][T26302] netlink: 'syz.5.9065': attribute type 4 has an invalid length.
[  236.172628][T26312] smc: adding net device bond0 with user defined pnetid SYZ2
[  236.182707][T26312] bond0: entered promiscuous mode
[  236.188002][T26312] bond0: entered allmulticast mode
[  236.210353][T26312] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.231456][T26312] smc: removing net device bond0 with user defined pnetid SYZ2
[  236.246836][T26312] bond0 (unregistering): Released all slaves
[  236.497623][T26409] loop5: detected capacity change from 0 to 512
[  236.509663][T26409] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  236.539420][T26409] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  236.628440][   T31] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  237.384214][T26554] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  237.520937][T26588] loop6: detected capacity change from 0 to 512
[  237.575990][T26588] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 0 overlaps superblock
[  237.588437][T26588] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (45506!=33349)
[  237.601432][T26588] EXT4-fs error (device loop6): __ext4_get_inode_loc:4861: comm syz.6.9123: Invalid inode table block 1 in block_group 0
[  237.642556][T26588] EXT4-fs (loop6): Remounting filesystem read-only
[  237.649444][T26588] EXT4-fs (loop6): get root inode failed
[  237.655409][T26588] EXT4-fs (loop6): mount failed
[  237.743974][T26609] __nla_validate_parse: 7 callbacks suppressed
[  237.743995][T26609] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9131'.
[  237.811997][T26615] loop6: detected capacity change from 0 to 512
[  237.842601][T26615] EXT4-fs: Ignoring removed orlov option
[  237.871426][T26615] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  237.887525][T26615] EXT4-fs (loop6): orphan cleanup on readonly fs
[  237.894698][T26615] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.9134: bg 0: block 248: padding at end of block bitmap is not set
[  237.932416][T26615] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.9134: Failed to acquire dquot type 1
[  237.946314][T26615] EXT4-fs (loop6): 1 truncate cleaned up
[  237.953115][T26615] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  237.978097][T26615] EXT4-fs: Ignoring removed orlov option
[  237.984910][T26615] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  238.004851][T26615] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  238.036838][T26615] EXT4-fs error (device loop6): __ext4_remount:6740: comm syz.6.9134: Abort forced by user
[  238.047526][T26615] EXT4-fs (loop6): Remounting filesystem read-only
[  238.054216][T26615] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  238.064986][T26615] ext4 filesystem being remounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  238.098796][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  238.098813][   T29] audit: type=1400 audit(1755981021.022:9773): avc:  denied  { unmount } for  pid=25314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  238.131786][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.142472][   T29] audit: type=1400 audit(1755981021.072:9774): avc:  denied  { read write } for  pid=26650 comm="syz.5.9148" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  238.166857][   T29] audit: type=1400 audit(1755981021.072:9775): avc:  denied  { open } for  pid=26650 comm="syz.5.9148" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  238.205028][   T29] audit: type=1400 audit(1755981021.122:9776): avc:  denied  { ioctl } for  pid=26650 comm="syz.5.9148" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  238.290937][   T29] audit: type=1326 audit(1755981021.212:9777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.315187][   T29] audit: type=1326 audit(1755981021.212:9778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.385607][   T29] audit: type=1326 audit(1755981021.212:9779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.409943][   T29] audit: type=1326 audit(1755981021.212:9780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.433799][   T29] audit: type=1326 audit(1755981021.212:9781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.457810][   T29] audit: type=1326 audit(1755981021.272:9782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.9153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  238.491915][T26675] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  238.507775][T26675] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[  238.516339][T26675] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  238.667632][T26703] loop6: detected capacity change from 0 to 512
[  238.676169][T26704] loop5: detected capacity change from 0 to 512
[  238.698338][T26703] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.715105][T26704] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  238.735007][T26703] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.743047][T26704] EXT4-fs (loop5): mount failed
[  238.754484][T26709] 9pnet: Could not find request transport: 0xffffffffffffffff
[  238.763743][T26703] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  238.797333][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.852297][T26731] futex_wake_op: syz.3.9176 tries to shift op by -1; fix this program
[  239.168533][T26791] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26791 comm=syz.3.9199
[  239.636508][T26835] syzkaller1: entered promiscuous mode
[  239.642109][T26835] syzkaller1: entered allmulticast mode
[  239.752334][T26853] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  239.796051][T26862] loop6: detected capacity change from 0 to 128
[  239.808564][T26862] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  239.838325][T26862] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.858793][T26862] EXT4-fs (loop6): shut down requested (1)
[  239.878051][T26871] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  239.887531][T25314] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  239.928865][T26875] SELinux: failed to load policy
[  240.108195][T26902] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9247'.
[  240.127681][T26906] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  240.215497][T26919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.230250][T26919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.566810][T26963] all (unregistering): Released all slaves
[  240.716604][T27048] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  240.842698][T27068] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=27068 comm=syz.1.9291
[  241.135923][T27116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9314'.
[  241.145179][T27116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9314'.
[  241.154603][T27116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9314'.
[  241.173248][T27116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9314'.
[  241.182645][T27116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9314'.
[  241.426754][T27140] netlink: 'syz.1.9324': attribute type 1 has an invalid length.
[  241.743277][T27176] SELinux:  Context system_u:object_r:hald_acl_exec_t:s0 is not valid (left unmapped).
[  241.802602][T27186] atomic_op ffff88811165cd28 conn xmit_atomic 0000000000000000
[  242.535554][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.544694][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.553804][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.563069][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.572265][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.581433][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.590789][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.599966][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.609097][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.618382][T27208] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  242.706245][T20875] kernel write not supported for file /3894/coredump_filter (pid: 20875 comm: kworker/0:10)
[  242.938446][T20866] kernel write not supported for file /2812/coredump_filter (pid: 20866 comm: kworker/1:10)
[  243.029858][T27270] __nla_validate_parse: 4 callbacks suppressed
[  243.029885][T27270] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9381'.
[  243.068249][T27268] loop6: detected capacity change from 0 to 2048
[  243.117355][T27268] Alternate GPT is invalid, using primary GPT.
[  243.126618][T27268]  loop6: p1 p2 p3
[  243.193301][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  243.193317][   T29] audit: type=1326 audit(1755981026.116:10152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.252587][   T29] audit: type=1326 audit(1755981026.116:10153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.276361][   T29] audit: type=1326 audit(1755981026.116:10154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.300305][   T29] audit: type=1326 audit(1755981026.116:10155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.324280][   T29] audit: type=1326 audit(1755981026.116:10156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.348013][   T29] audit: type=1326 audit(1755981026.116:10157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.372130][   T29] audit: type=1326 audit(1755981026.116:10158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.396018][   T29] audit: type=1326 audit(1755981026.116:10159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.419825][   T29] audit: type=1326 audit(1755981026.116:10160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.443569][   T29] audit: type=1326 audit(1755981026.156:10161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27293 comm="syz.6.9383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56856febe9 code=0x7ffc0000
[  243.689985][T27333] loop6: detected capacity change from 0 to 2048
[  243.756642][T27333]  loop6: p1 < > p3 p4 < >
[  243.763063][T27333] loop6: p3 start 4284289 is beyond EOD, truncated
[  243.816828][    C1] operation not supported error, dev loop6, sector 0 op 0x9:(WRITE_ZEROES) flags 0x20000800 phys_seg 0 prio class 2
[  243.889518][T27370] 9pnet_fd: Insufficient options for proto=fd
[  244.134004][T27424] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9412'.
[  244.144445][T27424] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9412'.
[  244.243991][T27440] loop5: detected capacity change from 0 to 1024
[  244.267719][T27440] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  244.304247][T27440] ext4 filesystem being mounted at /1341/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.371325][ T2254] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  244.388746][T27460] netlink: 'syz.4.9427': attribute type 1 has an invalid length.
[  244.419230][ T2254] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  244.431699][ T2254] EXT4-fs (loop5): This should not happen!! Data will be lost
[  244.431699][ T2254] 
[  244.441551][ T2254] EXT4-fs (loop5): Total free blocks count 0
[  244.447833][ T2254] EXT4-fs (loop5): Free/Dirty block details
[  244.453839][ T2254] EXT4-fs (loop5): free_blocks=4293918720
[  244.457821][T27472] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=27472 comm=syz.4.9434
[  244.459636][ T2254] EXT4-fs (loop5): dirty_blocks=80
[  244.477612][ T2254] EXT4-fs (loop5): Block reservation details
[  244.483610][ T2254] EXT4-fs (loop5): i_reserved_data_blocks=5
[  244.495662][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  244.513037][T27470] loop6: detected capacity change from 0 to 1024
[  244.527140][T27470] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.554691][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.651206][T27501] netlink: 92 bytes leftover after parsing attributes in process `syz.3.9444'.
[  244.708268][T27513] 9pnet: Could not find request transport: r
[  244.791331][T27528] team0: Device gre1 is of different type
[  244.869850][T27541] blkio.reset_stats is deprecated
[  244.922952][T27549] netlink: 'syz.6.9464': attribute type 10 has an invalid length.
[  244.931214][T27549] netlink: 'syz.6.9464': attribute type 19 has an invalid length.
[  244.939109][T27549] netlink: 14536 bytes leftover after parsing attributes in process `syz.6.9464'.
[  245.011498][T27562] netlink: 180 bytes leftover after parsing attributes in process `syz.1.9471'.
[  245.057916][T27562] netlink: 180 bytes leftover after parsing attributes in process `syz.1.9471'.
[  245.108117][T27579] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9478'.
[  245.181766][T27589] loop6: detected capacity change from 0 to 256
[  245.288733][T27604] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9487'.
[  245.298465][T27604] IPVS: Error joining to the multicast group
[  245.437951][T27622] syzkaller1: entered promiscuous mode
[  245.443527][T27622] syzkaller1: entered allmulticast mode
[  246.097202][T27683] lo speed is unknown, defaulting to 1000
[  246.114856][T27683] lo speed is unknown, defaulting to 1000
[  246.120883][T27683] lo speed is unknown, defaulting to 1000
[  246.135037][T27683] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  246.182782][T27683] lo speed is unknown, defaulting to 1000
[  246.203369][T27683] lo speed is unknown, defaulting to 1000
[  246.211649][T27683] lo speed is unknown, defaulting to 1000
[  246.218349][T27683] lo speed is unknown, defaulting to 1000
[  246.224614][T27683] lo speed is unknown, defaulting to 1000
[  246.233255][T27705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9527'.
[  246.247326][T27683] lo speed is unknown, defaulting to 1000
[  246.611137][T27776] netlink: 'syz.6.9554': attribute type 3 has an invalid length.
[  246.670153][T27788] SELinux:  policydb version -299076691 does not match my version range 15-35
[  246.682215][T27788] SELinux: failed to load policy
[  246.864622][T27830] loop5: detected capacity change from 0 to 1024
[  246.886887][T27830] EXT4-fs: Ignoring removed nomblk_io_submit option
[  246.916268][T27830] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.966806][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.685937][T27894] 9pnet: Could not find request transport: f
[  248.119151][   T29] kauditd_printk_skb: 370 callbacks suppressed
[  248.119167][   T29] audit: type=1400 audit(1755981799.124:10532): avc:  denied  { unmount } for  pid=9929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  248.262296][   T29] audit: type=1400 audit(1755981799.271:10533): avc:  denied  { connect } for  pid=27951 comm="syz.4.9626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  248.315095][   T29] audit: type=1400 audit(1755981799.334:10535): avc:  denied  { read write } for  pid=27959 comm="syz.4.9631" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  248.339027][   T29] audit: type=1400 audit(1755981799.334:10536): avc:  denied  { open } for  pid=27959 comm="syz.4.9631" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  248.362961][   T29] audit: type=1400 audit(1755981799.334:10534): avc:  denied  { name_connect } for  pid=27960 comm="syz.5.9630" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  248.385826][T27962] syz.5.9630 (27962) used greatest stack depth: 8616 bytes left
[  248.443765][T27971] netlink: 'syz.5.9636': attribute type 21 has an invalid length.
[  248.451828][T27971] IPv6: NLM_F_CREATE should be specified when creating new route
[  248.508797][   T29] audit: type=1400 audit(1755981799.534:10537): avc:  denied  { create } for  pid=27979 comm="syz.4.9640" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  248.621538][   T29] audit: type=1400 audit(1755981799.649:10538): avc:  denied  { create } for  pid=27991 comm="syz.6.9646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  248.650062][   T29] audit: type=1400 audit(1755981799.681:10539): avc:  denied  { ioctl } for  pid=27991 comm="syz.6.9646" path="socket:[75436]" dev="sockfs" ino=75436 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  248.729804][   T29] audit: type=1400 audit(1755981799.765:10540): avc:  denied  { create } for  pid=28001 comm="syz.5.9660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  248.759408][T28004] netlink: 'syz.3.9650': attribute type 21 has an invalid length.
[  248.767519][T28004] IPv6: NLM_F_CREATE should be specified when creating new route
[  248.779125][T28003] __nla_validate_parse: 5 callbacks suppressed
[  248.779153][T28003] netlink: 104 bytes leftover after parsing attributes in process `syz.5.9660'.
[  248.883131][   T29] audit: type=1400 audit(1755981799.817:10541): avc:  denied  { write } for  pid=28001 comm="syz.5.9660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  248.963795][T28012] net_ratelimit: 3319 callbacks suppressed
[  248.963811][T28012] openvswitch: netlink: Message has 6 unknown bytes.
[  249.112019][T28034] netlink: 27 bytes leftover after parsing attributes in process `syz.6.9663'.
[  249.174442][T28037] loop6: detected capacity change from 0 to 128
[  249.195812][T28037] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  249.208548][T28037] System zones: 1-3, 19-19, 35-36
[  249.221952][T28037] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  249.235056][T28037] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  249.320061][T25314] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  249.331212][T28049] netlink: 76 bytes leftover after parsing attributes in process `syz.3.9671'.
[  249.400253][T28059] netlink: 3 bytes leftover after parsing attributes in process `syz.6.9673'.
[  249.435584][T28059] 0ªX¹¦À: renamed from caif0
[  249.462626][T28059] 0ªX¹¦À: entered allmulticast mode
[  249.467976][T28059] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  249.599965][T28083] netlink: 16 bytes leftover after parsing attributes in process `syz.6.9681'.
[  249.666629][T28098] loop5: detected capacity change from 0 to 128
[  250.177441][T28186] loop6: detected capacity change from 0 to 1024
[  250.194657][T28186] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  250.207574][T28186] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.256468][T22035] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  250.273449][T22035] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  250.285991][T22035] EXT4-fs (loop6): This should not happen!! Data will be lost
[  250.285991][T22035] 
[  250.295906][T22035] EXT4-fs (loop6): Total free blocks count 0
[  250.302071][T22035] EXT4-fs (loop6): Free/Dirty block details
[  250.306633][T28201] IPv6: NLM_F_CREATE should be specified when creating new route
[  250.308034][T22035] EXT4-fs (loop6): free_blocks=4293918720
[  250.322668][T22035] EXT4-fs (loop6): dirty_blocks=80
[  250.328456][T22035] EXT4-fs (loop6): Block reservation details
[  250.335494][T22035] EXT4-fs (loop6): i_reserved_data_blocks=5
[  250.424100][T28219] netlink: 3 bytes leftover after parsing attributes in process `syz.3.9703'.
[  250.442218][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  250.452161][T28221] wireguard0: entered promiscuous mode
[  250.457677][T28221] wireguard0: entered allmulticast mode
[  250.481366][T28219] batadv1: entered promiscuous mode
[  250.486888][T28219] batadv1: entered allmulticast mode
[  250.499283][T28224] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9705'.
[  251.818571][T28370] loop6: detected capacity change from 0 to 1024
[  251.835033][T28370] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.865628][T28378] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9736'.
[  251.875753][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.926190][T28388] loop5: detected capacity change from 0 to 512
[  251.933262][T28388] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  252.029011][T28409] IPVS: stopping master sync thread 16104 ...
[  252.110575][T28421] loop6: detected capacity change from 0 to 512
[  252.117679][T28421] journal_path: Non-blockdev passed as './bus'
[  252.123903][T28421] EXT4-fs: error: could not find journal device path
[  252.209586][T28439] netlink: 180 bytes leftover after parsing attributes in process `syz.5.9754'.
[  252.221536][T28439] netlink: 180 bytes leftover after parsing attributes in process `syz.5.9754'.
[  252.530811][T28478] loop6: detected capacity change from 0 to 512
[  252.547975][T28478] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.9773: casefold flag without casefold feature
[  252.563041][T28478] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.9773: couldn't read orphan inode 15 (err -117)
[  252.575911][T28478] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.665421][T28495] netlink: 'syz.4.9778': attribute type 1 has an invalid length.
[  252.706802][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.814352][T28525] batadv1: entered promiscuous mode
[  252.821342][T28525] batadv1: entered allmulticast mode
[  252.972362][T28557] ip6gretap1: entered promiscuous mode
[  252.977915][T28557] ip6gretap1: entered allmulticast mode
[  253.002798][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  253.002816][   T29] audit: type=1400 audit(1755981804.258:10612): avc:  denied  { listen } for  pid=28567 comm="syz.1.9805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  253.130676][   T29] audit: type=1326 audit(1755981804.384:10613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.154507][   T29] audit: type=1326 audit(1755981804.384:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.186943][   T29] audit: type=1326 audit(1755981804.416:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.210983][   T29] audit: type=1326 audit(1755981804.416:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.234827][   T29] audit: type=1326 audit(1755981804.416:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.258670][   T29] audit: type=1326 audit(1755981804.416:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.282651][   T29] audit: type=1326 audit(1755981804.416:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.306613][   T29] audit: type=1326 audit(1755981804.416:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.330737][   T29] audit: type=1326 audit(1755981804.416:10621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.1.9812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  253.363588][T28592] macvlan1: entered promiscuous mode
[  253.370690][T28592] macvlan1: left promiscuous mode
[  253.544638][T28629] loop6: detected capacity change from 0 to 128
[  253.552945][T28629] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  253.562528][T28629] System zones: 1-3, 19-19, 35-36
[  253.572123][T28629] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  253.588410][T28636] netlink: 'syz.3.9832': attribute type 3 has an invalid length.
[  253.596521][T28636] __nla_validate_parse: 3 callbacks suppressed
[  253.596540][T28636] netlink: 13435 bytes leftover after parsing attributes in process `syz.3.9832'.
[  253.612451][T28629] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  253.648433][T28629] EXT4-fs warning (device loop6): verify_group_input:156: Last group not full
[  253.670339][T25314] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  253.979212][T28687] program syz.6.9851 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  254.049584][T28678] lo speed is unknown, defaulting to 1000
[  254.410219][T28738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  254.424326][T28738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  254.447145][T28742] rtc_cmos 00:00: Alarms can be up to one day in the future
[  254.512191][T28757] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=28757 comm=syz.6.9874
[  254.526145][T28755] SELinux:  Context system_u:object_r:random_device_t:s0 is not valid (left unmapped).
[  254.575837][T28759] loop6: detected capacity change from 0 to 2048
[  254.585293][T28761] netlink: 256 bytes leftover after parsing attributes in process `syz.1.9876'.
[  254.617322][T28759] Alternate GPT is invalid, using primary GPT.
[  254.623771][T28759]  loop6: p2 p3 p7
[  255.009155][T20875] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.018191][T20875] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.025962][T20875] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.033734][T20875] rtc_cmos 00:00: Alarms can be up to one day in the future
[  255.041241][T20875] rtc rtc0: __rtc_set_alarm: err=-22
[  255.198572][T28879] loop5: detected capacity change from 0 to 512
[  255.222546][T28879] EXT4-fs (loop5): orphan cleanup on readonly fs
[  255.254092][T28879] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.9921: bad orphan inode 13
[  255.267207][T28891] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=28891 comm=syz.1.9913
[  255.285175][T28879] ext4_test_bit(bit=12, block=18) = 1
[  255.290835][T28879] is_bad_inode(inode)=0
[  255.295091][T28879] NEXT_ORPHAN(inode)=2130706432
[  255.297773][T28885] SELinux: ebitmap: truncated map
[  255.300047][T28879] max_ino=32
[  255.308237][T28879] i_nlink=1
[  255.310375][T28885] SELinux: failed to load policy
[  255.318948][T28879] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  255.365149][T28879] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  255.404859][T28879] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  255.414010][T28908] wireguard0: entered promiscuous mode
[  255.419632][T28908] wireguard0: entered allmulticast mode
[  255.454331][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.705887][T28962] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9931'.
[  255.869803][T28995] loop5: detected capacity change from 0 to 1024
[  255.884879][T28995] EXT4-fs: Ignoring removed bh option
[  255.899185][T28995] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.917887][T28995] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  255.946945][T28995] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.9934: lblock 2 mapped to illegal pblock 2 (length 1)
[  255.974702][T28995] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.9934: lblock 0 mapped to illegal pblock 48 (length 1)
[  255.991311][T28995] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.9934: Failed to acquire dquot type 0
[  256.007515][T28995] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  256.022470][T28995] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.9934: mark_inode_dirty error
[  256.035105][T28995] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  256.045767][T28995] EXT4-fs (loop5): 1 orphan inode deleted
[  256.052165][T28995] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.064905][ T8199] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:14: lblock 1 mapped to illegal pblock 1 (length 1)
[  256.084640][ T8199] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:14: Failed to release dquot type 0
[  256.098518][T28995] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.9934: lblock 0 mapped to illegal pblock 48 (length 1)
[  256.154952][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.172555][T29027] loop6: detected capacity change from 0 to 1024
[  256.180727][T29027] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  256.193056][T29027] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  256.207070][T29027] JBD2: no valid journal superblock found
[  256.213290][T29027] EXT4-fs (loop6): Could not load journal inode
[  256.331412][T29049] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  256.572862][T29087] can0: slcan on ttyS3.
[  256.610897][T29086] can0 (unregistered): slcan off ttyS3.
[  256.630188][T29106] ALSA: seq fatal error: cannot create timer (-22)
[  256.645503][T29108] loop5: detected capacity change from 0 to 1024
[  256.670078][T29108] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  256.682400][T29108] ext4 filesystem being mounted at /1458/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.701303][T29108] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.9980: lblock 3 mapped to illegal pblock 3 (length 3)
[  256.730375][T29108] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  256.743532][T29108] EXT4-fs (loop5): This should not happen!! Data will be lost
[  256.743532][T29108] 
[  256.780123][ T8199] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:14: lblock 8 mapped to illegal pblock 8 (length 8)
[  256.802315][ T8199] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  256.814779][ T8199] EXT4-fs (loop5): This should not happen!! Data will be lost
[  256.814779][ T8199] 
[  256.820512][T29121] netlink: 256 bytes leftover after parsing attributes in process `syz.6.9986'.
[  256.844952][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  257.064653][T29156] loop6: detected capacity change from 0 to 128
[  257.077285][T29159] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9997'.
[  257.077710][T29156] FAT-fs (loop6): error, invalid access to FAT (entry 0x0fffff00)
[  257.094491][T29156] FAT-fs (loop6): Filesystem has been set read-only
[  257.101307][T29156] FAT-fs (loop6): error, invalid access to FAT (entry 0x0fffff00)
[  257.278164][T29190] loop6: detected capacity change from 0 to 164
[  257.287650][T29190] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  257.310407][T29190] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  257.322159][T29190] Symlink component flag not implemented
[  257.328145][T29190] Symlink component flag not implemented
[  257.344082][T29190] Symlink component flag not implemented (7)
[  257.350217][T29190] Symlink component flag not implemented (116)
[  257.503100][T29215] netlink: 288 bytes leftover after parsing attributes in process `syz.6.10020'.
[  257.518927][T29217] wireguard0: entered promiscuous mode
[  257.524503][T29217] wireguard0: entered allmulticast mode
[  257.746898][T29247] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  257.787253][   T29] kauditd_printk_skb: 215 callbacks suppressed
[  257.787305][   T29] audit: type=1326 audit(1755981809.277:10833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29252 comm="syz.4.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  257.820603][   T29] audit: type=1326 audit(1755981809.308:10834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29252 comm="syz.4.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  257.844484][   T29] audit: type=1326 audit(1755981809.308:10835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29252 comm="syz.4.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  257.868277][   T29] audit: type=1326 audit(1755981809.308:10836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29252 comm="syz.4.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  257.958418][T22021] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  257.967711][T29262] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  258.013763][T29278] netlink: 108 bytes leftover after parsing attributes in process `syz.4.10040'.
[  258.023206][T29278] netlink: 108 bytes leftover after parsing attributes in process `syz.4.10040'.
[  258.032507][T29278] netlink: 108 bytes leftover after parsing attributes in process `syz.4.10040'.
[  258.169356][T29292] tls_set_device_offload_rx: netdev not found
[  258.185797][T29294] SELinux: failed to load policy
[  258.259795][   T29] audit: type=1326 audit(1755981809.760:10837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.283922][   T29] audit: type=1326 audit(1755981809.770:10838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.308149][   T29] audit: type=1326 audit(1755981809.770:10839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.331838][   T29] audit: type=1326 audit(1755981809.770:10840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.355542][   T29] audit: type=1326 audit(1755981809.770:10841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.379375][   T29] audit: type=1326 audit(1755981809.770:10842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29299 comm="syz.1.10060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f174f7febe9 code=0x7ffc0000
[  258.479493][T29308] serio: Serial port ptm0
[  258.563849][T29316] loop5: detected capacity change from 0 to 2048
[  258.611342][T29316] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.630351][T29316] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.990078][T29384] loop5: detected capacity change from 0 to 512
[  259.045600][T29384] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.059126][T29384] ext4 filesystem being mounted at /1478/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  259.087824][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.172011][T29418] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.10094'.
[  259.265374][T29440] loop6: detected capacity change from 0 to 1024
[  259.318546][T29440] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.364368][T29440] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.10097: Allocating blocks 385-513 which overlap fs metadata
[  259.388937][T29440] EXT4-fs (loop6): pa ffff8881072a8b60: logic 16, phys. 129, len 24
[  259.397361][T29440] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  259.470691][T29473] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10109'.
[  259.484237][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.558134][T29483] loop6: detected capacity change from 0 to 512
[  259.574042][T29483] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.593138][T29483] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  259.604604][T29483] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  259.622094][T29483] EXT4-fs (loop6): orphan cleanup on readonly fs
[  259.637909][T29483] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.10114: Invalid block bitmap block 0 in block_group 0
[  259.652526][T29483] EXT4-fs (loop6): Remounting filesystem read-only
[  259.662349][T29483] EXT4-fs (loop6): 1 orphan inode deleted
[  259.679789][T29483] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  259.715253][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.839449][T29513] loop6: detected capacity change from 0 to 512
[  259.849531][T29513] EXT4-fs: Ignoring removed mblk_io_submit option
[  259.856709][T29513] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  259.883978][T29513] EXT4-fs (loop6): 1 truncate cleaned up
[  259.902556][T29513] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.957173][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.042568][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.050265][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.057746][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.065260][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.072718][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.080173][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.087665][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.095204][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.103077][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.110658][ T1035] hid-generic 0401:0002:0007.000B: unknown main item tag 0x0
[  260.122084][T29546] wireguard0: entered promiscuous mode
[  260.123209][ T1035] hid-generic 0401:0002:0007.000B: hidraw0: <UNKNOWN> HID vffffff.f6 Device [syz1] on syz1
[  260.127772][T29546] wireguard0: entered allmulticast mode
[  260.203778][ T2956] hid-generic 0401:0002:0007.000C: hidraw0: <UNKNOWN> HID vffffff.f6 Device [syz1] on syz1
[  260.321466][T29585] syzkaller1: entered promiscuous mode
[  260.327603][T29585] syzkaller1: entered allmulticast mode
[  260.366278][T29591] netlink: 436 bytes leftover after parsing attributes in process `+}[@'.
[  260.669637][T29619] netlink: 132 bytes leftover after parsing attributes in process `syz.4.10160'.
[  260.926633][T29652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10173'.
[  260.938912][T29654] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  260.948691][T29654] FAT-fs (loop11): unable to read boot sector
[  260.965201][T29652] smc: adding net device bond0 with user defined pnetid SYZ2
[  260.973385][T29652] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.987970][T29652] bond0: (slave batadv1): Opening slave failed
[  261.013308][T29695] loop5: detected capacity change from 0 to 512
[  261.032995][T29695] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.048397][T29695] ext4 filesystem being mounted at /1495/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.128436][T29713] smc: net device bond0 applied user defined pnetid SYZ0
[  261.167492][T29713] smc: net device bond0 erased user defined pnetid SYZ0
[  261.175750][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.210603][T29721] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  261.222677][T29721] FAT-fs (loop13): unable to read boot sector
[  261.509453][T29750] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10200'.
[  261.551301][T29759] loop6: detected capacity change from 0 to 512
[  261.576783][T29759] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.589446][T29759] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  261.604918][T29759] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.10203: corrupted inode contents
[  261.632233][T29759] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.10203: mark_inode_dirty error
[  261.649520][T29759] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.10203: corrupted inode contents
[  261.668584][T29759] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.10203: mark_inode_dirty error
[  261.694983][T29759] EXT4-fs warning (device loop6): ext4_empty_dir:3089: inode #18: comm syz.6.10203: directory missing '.'
[  261.698242][T29771] loop5: detected capacity change from 0 to 1024
[  261.713430][T29771] EXT4-fs: Ignoring removed bh option
[  261.733465][T29771] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  261.750746][T25314] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.771979][T29771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.784274][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  261.809418][T29771] EXT4-fs error (device loop5): ext4_check_all_de:659: inode #12: block 7: comm syz.5.10215: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  261.837215][T29771] EXT4-fs (loop5): Remounting filesystem read-only
[  261.870516][T29788] netlink: 'syz.6.10211': attribute type 12 has an invalid length.
[  261.878630][T29788] netlink: 'syz.6.10211': attribute type 29 has an invalid length.
[  261.886683][T29788] netlink: 148 bytes leftover after parsing attributes in process `syz.6.10211'.
[  261.896657][T29788] netlink: 'syz.6.10211': attribute type 12 has an invalid length.
[  261.904768][T29788] netlink: 'syz.6.10211': attribute type 29 has an invalid length.
[  261.912782][T29788] netlink: 148 bytes leftover after parsing attributes in process `syz.6.10211'.
[  261.943800][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.985020][T29802] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[  261.995030][T29801] wireguard1: entered promiscuous mode
[  262.000582][T29801] wireguard1: entered allmulticast mode
[  262.038069][T29813] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=29813 comm=syz.6.10220
[  262.061072][T29817] loop5: detected capacity change from 0 to 512
[  262.068050][T29817] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.075142][T29817] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  262.086550][T29817] EXT4-fs (loop5): 1 truncate cleaned up
[  262.093185][T29817] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.127966][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.399784][T29840] loop1: detected capacity change from 0 to 512
[  262.407416][T29840] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  262.416863][T29840] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  262.457688][T29840] FAT-fs (loop1): FAT read failed (blocknr 128)
[  262.521455][T29850] syzkaller1: entered promiscuous mode
[  262.527205][T29850] syzkaller1: entered allmulticast mode
[  262.570746][T29845] lo speed is unknown, defaulting to 1000
[  263.040653][T29888] wireguard0: entered promiscuous mode
[  263.042081][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  263.042100][   T29] audit: type=1400 audit(1755981814.789:10976): avc:  denied  { bind } for  pid=29898 comm="syz.1.10240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  263.046267][T29888] wireguard0: entered allmulticast mode
[  263.228785][   T29] audit: type=1400 audit(1755981814.988:10977): avc:  denied  { write } for  pid=29921 comm="syz.5.10249" name="file0" dev="tmpfs" ino=7770 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  263.251640][   T29] audit: type=1400 audit(1755981814.988:10978): avc:  denied  { open } for  pid=29921 comm="syz.5.10249" path="/1508/file0" dev="tmpfs" ino=7770 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  263.276238][   T29] audit: type=1400 audit(1755981814.988:10979): avc:  denied  { ioctl } for  pid=29921 comm="syz.5.10249" path="/1508/file0" dev="tmpfs" ino=7770 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  263.322312][T29924] loop6: detected capacity change from 0 to 512
[  263.341021][T29924] FAT-fs (loop6): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[  263.374220][   T29] audit: type=1326 audit(1755981815.125:10980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29932 comm="syz.5.10254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  263.398250][   T29] audit: type=1326 audit(1755981815.125:10981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29932 comm="syz.5.10254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  263.422188][   T29] audit: type=1326 audit(1755981815.125:10982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29932 comm="syz.5.10254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  263.445909][   T29] audit: type=1326 audit(1755981815.125:10983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29932 comm="syz.5.10254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7120cdebe9 code=0x7ffc0000
[  263.446131][T29924] FAT-fs (loop6): FAT read failed (blocknr 52768)
[  263.496652][   T29] audit: type=1400 audit(1755981815.251:10984): avc:  denied  { compute_member } for  pid=29929 comm="syz.4.10253" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  263.598404][   T29] audit: type=1326 audit(1755981815.314:10985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29936 comm="syz.4.10256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4643febe9 code=0x7ffc0000
[  263.707923][T29955] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10263'.
[  263.725806][T29955] x_tables: ip_tables: udp match: only valid for protocol 17
[  263.816464][ T1035] hid-generic 0000:3000000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  264.007995][T29990] netlink: 9 bytes leftover after parsing attributes in process `syz.6.10276'.
[  264.017264][T29990] 0·: renamed from hsr0 (while UP)
[  264.024534][T29990] 0·: entered allmulticast mode
[  264.029540][T29990] hsr_slave_0: entered allmulticast mode
[  264.035547][T29990] hsr_slave_1: entered allmulticast mode
[  264.042196][T29990] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  264.064333][T29994] loop5: detected capacity change from 0 to 164
[  264.093775][T29996] loop6: detected capacity change from 0 to 2048
[  264.128801][T29996] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.161806][T29996] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.283583][T30023] loop5: detected capacity change from 0 to 512
[  264.357541][T30023] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.391704][T30023] ext4 filesystem being mounted at /1520/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  264.447365][T30023] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.10286: corrupted inode contents
[  264.482405][T30023] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.10286: mark_inode_dirty error
[  264.506361][T30023] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.10286: corrupted inode contents
[  264.523247][T30023] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.10286: mark_inode_dirty error
[  264.541592][T30023] EXT4-fs warning (device loop5): ext4_empty_dir:3089: inode #18: comm syz.5.10286: directory missing '.'
[  264.578837][T30043] 9pnet_fd: Insufficient options for proto=fd
[  264.587526][ T9929] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.781874][T30068] netlink: 268 bytes leftover after parsing attributes in process `syz.1.10303'.
[  265.069304][T30091] netlink: 'syz.4.10309': attribute type 16 has an invalid length.
[  265.078260][T30091] netlink: 'syz.4.10309': attribute type 17 has an invalid length.
[  265.089935][T30088] loop6: detected capacity change from 0 to 512
[  265.102367][T30080] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.114862][T30080] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.127571][T30088] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1)
[  265.137595][T30088] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  265.219691][T30088] FAT-fs (loop6): FAT read failed (blocknr 128)
[  265.227364][T30105] netlink: 'syz.3.10318': attribute type 1 has an invalid length.
[  265.314510][T30091] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.321701][T30091] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.334150][T30091] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.341406][T30091] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.436032][T30095] netlink: 830 bytes leftover after parsing attributes in process `syz.5.10311'.
[  265.558494][T30135] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10328'.
[  265.575402][T30129] tipc: Started in network mode
[  265.580432][T30129] tipc: Node identity ac14140f, cluster identity 4711
[  265.598500][T30129] tipc: New replicast peer: 255.255.255.255
[  265.604852][T30129] tipc: Enabled bearer <udp:syz2>, priority 10
[  265.634398][T30135] 8021q: adding VLAN 0 to HW filter on device bond1
[  265.685242][T30135] bond1: (slave batadv1): Opening slave failed
[  265.808149][T30197] loop5: detected capacity change from 0 to 1024
[  265.828431][T30197] EXT4-fs: inline encryption not supported
[  265.877952][T30197] EXT4-fs (loop5): can't mount with commit=, fs mounted w/o journal
[  265.948366][T30221] rdma_op ffff88811cbc5180 conn xmit_rdma 0000000000000000
[  266.108205][T30241] ALSA: seq fatal error: cannot create timer (-19)
[  266.160754][T30252] loop5: detected capacity change from 0 to 512
[  266.172428][T30246] vhci_hcd: invalid port number 96
[  266.178070][T30246] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  266.189380][T30252] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  266.220374][T30252] EXT4-fs (loop5): mount failed
[  266.269085][T30265] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  266.291921][T30265] SELinux: failed to load policy
[  266.570004][T30308] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10384'.
[  266.579321][T30308] netlink: 108 bytes leftover after parsing attributes in process `syz.5.10384'.
[  266.589178][T30308] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10384'.
[  266.599508][T30308] netlink: 108 bytes leftover after parsing attributes in process `syz.5.10384'.
[  266.609153][T30308] netlink: 84 bytes leftover after parsing attributes in process `syz.5.10384'.
[  266.668555][ T2956] tipc: Node number set to 2886997007
[  266.689472][T30294] lo speed is unknown, defaulting to 1000
[  266.703253][T30305] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  266.938814][T30355] SELinux: failed to load policy
[  267.109433][T30378] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10404'.
[  267.279511][T30370] lo speed is unknown, defaulting to 1000
[  267.379272][T30423] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  267.481240][T30434] vhci_hcd: invalid port number 224
[  267.499348][T30436] netlink: 'syz.1.10423': attribute type 16 has an invalid length.
[  267.507584][T30436] netlink: 'syz.1.10423': attribute type 17 has an invalid length.
[  267.621317][T30455] netlink: 'syz.6.10432': attribute type 10 has an invalid length.
[  267.652283][T30455] team0: Device hsr_slave_0 failed to register rx_handler
[  267.743069][T30476] IPv6: Can't replace route, no match found
[  267.847027][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  267.847045][   T29] audit: type=1400 audit(1755981819.839:11117): avc:  denied  { bind } for  pid=30491 comm="syz.6.10443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  267.988582][T30499] SELinux: failed to load policy
[  268.103298][T30521] binfmt_misc: register: failed to install interpreter file ./file0
[  268.157871][T30530] loop6: detected capacity change from 0 to 128
[  268.193267][   T29] audit: type=1400 audit(1755981820.196:11118): avc:  denied  { remount } for  pid=30532 comm="syz.3.10460" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  268.222557][T30536] netlink: 'syz.5.10463': attribute type 1 has an invalid length.
[  268.237905][T30536] 8021q: adding VLAN 0 to HW filter on device bond1
[  268.254391][T30536] 8021q: adding VLAN 0 to HW filter on device batadv1
[  268.263927][T30536] bond1: (slave batadv1): making interface the new active one
[  268.273050][T30536] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  268.438433][T30588] loop1: detected capacity change from 0 to 512
[  268.448030][T30590] pim6reg: entered allmulticast mode
[  268.459235][T30590] pim6reg: left allmulticast mode
[  268.489070][T30530] syz.6.10458: attempt to access beyond end of device
[  268.489070][T30530] loop6: rw=2049, sector=128, nr_sectors = 1 limit=128
[  268.502680][T30530] Buffer I/O error on dev loop6, logical block 128, lost async page write
[  268.513343][T30588] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  268.533534][T30588] EXT4-fs warning (device loop1): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  268.558550][T30603] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  268.564650][T30588] EXT4-fs (loop1): mount failed
[  268.590954][T30576] syz.6.10458: attempt to access beyond end of device
[  268.590954][T30576] loop6: rw=2049, sector=128, nr_sectors = 1 limit=128
[  268.604680][T30576] Buffer I/O error on dev loop6, logical block 128, lost async page write
[  268.628782][T30576] syz.6.10458: attempt to access beyond end of device
[  268.628782][T30576] loop6: rw=2049, sector=128, nr_sectors = 1 limit=128
[  268.642394][T30576] Buffer I/O error on dev loop6, logical block 128, lost async page write
[  268.659764][   T29] audit: type=1400 audit(1755981820.690:11119): avc:  denied  { ioctl } for  pid=30615 comm="syz.1.10476" path="socket:[80391]" dev="sockfs" ino=80391 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  268.756282][T19532] syz_tun (unregistering): left allmulticast mode
[  269.088727][ T3432] bridge_slave_1: left allmulticast mode
[  269.094505][ T3432] bridge_slave_1: left promiscuous mode
[  269.100346][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.110928][ T3432] bridge_slave_0: left allmulticast mode
[  269.116853][ T3432] bridge_slave_0: left promiscuous mode
[  269.122811][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.251606][ T3432] bond1 (unregistering): Released all slaves
[  269.260593][ T3432] bond2 (unregistering): (slave bond3): Releasing backup interface
[  269.268690][ T3432] bond3 (unregistering): left promiscuous mode
[  269.275205][ T3432] bond2 (unregistering): Released all slaves
[  269.283630][ T3432] bond3 (unregistering): Released all slaves
[  269.291970][ T3432] smc: removing net device bond0 with user defined pnetid SYZ2
[  269.299912][ T3432] bond0 (unregistering): Released all slaves
[  269.347665][ T3432] tipc: Disabling bearer <udp:syz2>
[  269.352923][ T3432] tipc: Left network mode
[  269.391229][ T3432] hsr_slave_0: left promiscuous mode
[  269.397218][ T3432] hsr_slave_1: left promiscuous mode
[  269.403066][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  269.410845][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.479525][ T3432] team0 (unregistering): Port device team_slave_1 removed
[  269.489431][ T3432] team0 (unregistering): Port device team_slave_0 removed
[  269.499791][   T29] audit: type=1400 audit(1755981821.571:11120): avc:  denied  { mounton } for  pid=30673 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  269.650615][T30673] lo speed is unknown, defaulting to 1000
[  269.713802][T30673] chnl_net:caif_netlink_parms(): no params data found
[  269.755016][T30673] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.762168][T30673] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.769523][T30673] bridge_slave_0: entered allmulticast mode
[  269.776072][T30673] bridge_slave_0: entered promiscuous mode
[  269.783046][T30673] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.790349][T30673] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.798275][T30673] bridge_slave_1: entered allmulticast mode
[  269.804740][T30673] bridge_slave_1: entered promiscuous mode
[  269.828033][T30673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  269.838295][ T3432] IPVS: stop unused estimator thread 0...
[  269.839665][T30673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.873460][T30673] team0: Port device team_slave_0 added
[  269.880096][T30673] team0: Port device team_slave_1 added
[  269.897233][T30673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.904442][T30673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.930970][T30673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.943153][T30673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.950251][T30673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.976438][T30673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.995244][ T3432] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.005633][ T3432] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.031355][T30673] hsr_slave_0: entered promiscuous mode
[  270.037447][T30673] hsr_slave_1: entered promiscuous mode
[  270.046525][ T3432] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.056979][ T3432] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.100886][ T3432] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.111697][ T3432] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.160157][ T3432] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.170816][ T3432] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.182757][T30673] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  270.192188][T30673] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  270.201715][T30673] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  270.211217][T30673] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  270.253337][ T3432] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.263881][ T3432] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.287733][T30673] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.303056][T30673] 8021q: adding VLAN 0 to HW filter on device team0
[  270.312639][ T3432] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.325109][ T3432] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.341009][T22021] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.349227][T22021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.360575][T22035] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.368142][T22035] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.406550][ T3432] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.417144][ T3432] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.452552][T30673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  270.463028][ T3432] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  270.474499][ T3432] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.540199][ T3432] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.577716][ T3432] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.598984][T30673] veth0_vlan: entered promiscuous mode
[  270.606810][T30673] veth1_vlan: entered promiscuous mode
[  270.622217][T30673] veth0_macvtap: entered promiscuous mode
[  270.630669][ T3432] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.644120][T30673] veth1_macvtap: entered promiscuous mode
[  270.655569][T30673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  270.668569][T30673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  270.680126][T22035] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.693195][T22035] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.702670][T22035] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.719481][T22035] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  270.734138][ T3432] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.753434][   T29] audit: type=1400 audit(1755981822.884:11121): avc:  denied  { mounton } for  pid=30673 comm="syz-executor" path="/root/syzkaller.jUNXjw/syz-tmp" dev="sda1" ino=2055 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  270.783405][   T29] audit: type=1400 audit(1755981822.884:11122): avc:  denied  { mounton } for  pid=30673 comm="syz-executor" path="/root/syzkaller.jUNXjw/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  270.810738][   T29] audit: type=1400 audit(1755981822.884:11123): avc:  denied  { mounton } for  pid=30673 comm="syz-executor" path="/root/syzkaller.jUNXjw/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=81852 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  270.840064][   T29] audit: type=1400 audit(1755981822.926:11124): avc:  denied  { mounton } for  pid=30673 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  270.863386][   T29] audit: type=1400 audit(1755981822.926:11125): avc:  denied  { mount } for  pid=30673 comm="syz-executor" name="/" dev="gadgetfs" ino=81866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  270.906662][ T3432] vlan2: left promiscuous mode
[  270.911795][ T3432] bridge0: port 3(vlan2) entered disabled state
[  270.918936][ T3432] bridge_slave_1: left allmulticast mode
[  270.924693][ T3432] bridge_slave_1: left promiscuous mode
[  270.930672][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.939117][ T3432] bridge_slave_0: left promiscuous mode
[  270.944865][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.953568][ T3432] bridge_slave_1: left allmulticast mode
[  270.959571][ T3432] bridge_slave_1: left promiscuous mode
[  270.965330][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.973189][ T3432] bridge_slave_0: left allmulticast mode
[  270.978954][ T3432] bridge_slave_0: left promiscuous mode
[  270.984690][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.993133][ T3432] bridge_slave_1: left allmulticast mode
[  270.998820][ T3432] bridge_slave_1: left promiscuous mode
[  271.004581][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.012790][ T3432] bridge_slave_0: left allmulticast mode
[  271.018513][ T3432] bridge_slave_0: left promiscuous mode
[  271.024536][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.131307][ T3432] erspan0 (unregistering): left promiscuous mode
[  271.139996][ T3432] gretap0 (unregistering): left promiscuous mode
[  271.153060][ T3432] team0: Port device geneve1 removed
[  271.252449][  T314] smc: removing ib device syz2
[  271.257626][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.268414][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.278172][ T3432] bond0 (unregistering): Released all slaves
[  271.287550][ T3432] bond1 (unregistering): (slave batadv1): Releasing active interface
[  271.296702][ T3432] bond1 (unregistering): Released all slaves
[  271.381940][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.415324][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.447549][ T3432] bond0 (unregistering): Released all slaves
[  271.470317][ T3432] bond1 (unregistering): Released all slaves
[  271.511304][T31089] loop9: detected capacity change from 0 to 128
[  271.558933][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.568966][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.578817][ T3432] bond0 (unregistering): Released all slaves
[  271.589254][T31089] ==================================================================
[  271.597385][T31089] BUG: KCSAN: data-race in __mark_inode_dirty / __mark_inode_dirty
[  271.605408][T31089] 
[  271.607759][T31089] write to 0xffff88810b7dcd28 of 4 bytes by task 31093 on cpu 1:
[  271.615590][T31089]  __mark_inode_dirty+0x248/0x750
[  271.620677][T31089]  fat_update_time+0x1ec/0x200
[  271.625770][T31089]  touch_atime+0x145/0x340
[  271.630432][T31089]  filemap_splice_read+0x6ba/0x740
[  271.635589][T31089]  splice_direct_to_actor+0x26f/0x680
[  271.639328][T31093] syz.9.10490: attempt to access beyond end of device
[  271.639328][T31093] loop9: rw=2049, sector=128, nr_sectors = 1 limit=128
[  271.641032][T31089]  do_splice_direct+0xda/0x150
[  271.641060][T31089]  do_sendfile+0x380/0x650
[  271.654783][T31093] Buffer I/O error on dev loop9, logical block 128, lost async page write
[  271.659390][T31089]  __x64_sys_sendfile64+0x105/0x150
[  271.677824][T31089]  x64_sys_call+0x2bb0/0x2ff0
[  271.682891][T31089]  do_syscall_64+0xd2/0x200
[  271.687531][T31089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.693738][T31089] 
[  271.696163][T31089] read to 0xffff88810b7dcd28 of 4 bytes by task 31089 on cpu 0:
[  271.703813][T31089]  __mark_inode_dirty+0x55/0x750
[  271.708778][T31089]  fat_update_time+0x1ec/0x200
[  271.713558][T31089]  touch_atime+0x145/0x340
[  271.718014][T31089]  filemap_splice_read+0x6ba/0x740
[  271.723146][T31089]  splice_direct_to_actor+0x26f/0x680
[  271.728542][T31089]  do_splice_direct+0xda/0x150
[  271.733328][T31089]  do_sendfile+0x380/0x650
[  271.737771][T31089]  __x64_sys_sendfile64+0x105/0x150
[  271.743086][T31089]  x64_sys_call+0x2bb0/0x2ff0
[  271.747781][T31089]  do_syscall_64+0xd2/0x200
[  271.752310][T31089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  271.758217][T31089] 
[  271.760554][T31089] value changed: 0x00000000 -> 0x00000038
[  271.766286][T31089] 
[  271.768637][T31089] Reported by Kernel Concurrency Sanitizer on:
[  271.774817][T31089] CPU: 0 UID: 0 PID: 31089 Comm: syz.9.10490 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  271.784813][T31089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  271.794908][T31089] ==================================================================
[  271.807009][T31089] syz.9.10490: attempt to access beyond end of device
[  271.807009][T31089] loop9: rw=2049, sector=128, nr_sectors = 1 limit=128
[  271.820598][T31089] Buffer I/O error on dev loop9, logical block 128, lost async page write
[  272.031734][T31049] lo speed is unknown, defaulting to 1000
[  272.167220][ T3432] tipc: Disabling bearer <udp:syz2>
[  272.172691][ T3432] tipc: Left network mode
[  272.249243][ T3432] batadv_slave_1: left promiscuous mode
[  272.256617][ T3432] hsr_slave_0: left promiscuous mode
[  272.262459][ T3432] hsr_slave_1: left promiscuous mode
[  272.268132][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.275662][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.283304][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.290835][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.300606][ T3432] hsr_slave_0: left promiscuous mode
[  272.306322][ T3432] hsr_slave_1: left promiscuous mode
[  272.312250][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.319681][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.329473][ T3432] hsr_slave_0: left promiscuous mode
[  272.335334][ T3432] hsr_slave_1: left promiscuous mode
[  272.341248][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.348801][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.356623][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.364004][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.378635][ T3432] veth1_vlan: left promiscuous mode
[  272.384397][ T3432] veth0_vlan: left promiscuous mode
[  272.390697][ T3432] veth1_macvtap: left promiscuous mode
[  272.396227][ T3432] veth0_macvtap: left promiscuous mode
[  272.401798][ T3432] veth1_vlan: left promiscuous mode
[  272.407894][ T3432] veth0_vlan: left promiscuous mode
[  272.413749][ T3432] veth1_macvtap: left promiscuous mode
[  272.419396][ T3432] veth0_macvtap: left promiscuous mode
[  272.424983][ T3432] veth1_vlan: left promiscuous mode
[  272.430249][ T3432] veth0_vlan: left promiscuous mode
[  272.547551][ T3432] team0 (unregistering): Port device team_slave_1 removed
[  272.558819][ T3432] team0 (unregistering): Port device team_slave_0 removed
[  272.659112][ T3432] team0 (unregistering): Port device team_slave_1 removed
[  272.668564][ T3432] team0 (unregistering): Port device team_slave_0 removed
[  272.704217][ T1035] lo speed is unknown, defaulting to 1000
[  272.710214][ T1035] infiniband syz0: ib_query_port failed (-19)
[  273.397643][ T3432] IPVS: stop unused estimator thread 0...
[  273.403936][ T3432] IPVS: stop unused estimator thread 0...
[  273.454561][ T3432] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.005594][ T3432] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.062341][ T3432] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.110539][ T3432] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.172865][ T3432] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.183451][ T3432] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.224917][ T3432] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.235307][ T3432] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.281640][ T3432] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.292065][ T3432] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.339196][ T3432] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.349627][ T3432] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.408555][ T3432] bridge_slave_1: left allmulticast mode
[  274.414568][ T3432] bridge_slave_1: left promiscuous mode
[  274.420342][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.428151][ T3432] bridge_slave_0: left allmulticast mode
[  274.433966][ T3432] bridge_slave_0: left promiscuous mode
[  274.439749][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.448839][ T3432] bridge_slave_1: left allmulticast mode
[  274.454604][ T3432] bridge_slave_1: left promiscuous mode
[  274.460424][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.468213][ T3432] bridge_slave_0: left allmulticast mode
[  274.475388][ T3432] bridge_slave_0: left promiscuous mode
[  274.483546][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.586210][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  274.596442][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  274.606706][ T3432] bond0 (unregistering): Released all slaves
[  274.630247][ T3432] dvmrp8 (unregistering): left allmulticast mode
[  274.670891][ T3432] smc: removing net device bond0 with user defined pnetid SYZ2
[  274.679177][ T3432] bond0 (unregistering): Released all slaves
[  274.687955][ T3432] bond1 (unregistering): Released all slaves
[  274.745235][ T3432] IPVS: stopping backup sync thread 12134 ...
[  274.799887][ T3432] hsr_slave_0: left promiscuous mode
[  274.805831][ T3432] hsr_slave_1: left promiscuous mode
[  274.811496][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.819106][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.826723][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.834190][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.843089][ T3432] hsr_slave_0: left promiscuous mode
[  274.848752][ T3432] hsr_slave_1: left promiscuous mode
[  274.854446][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.862066][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.870482][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.878330][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1
[  274.891201][ T3432] veth1_macvtap: left promiscuous mode
[  274.897065][ T3432] veth0_macvtap: left promiscuous mode
[  274.902938][ T3432] veth1_vlan: left promiscuous mode
[  274.908608][ T3432] veth0_vlan: left promiscuous mode
[  274.914605][ T3432] veth1_macvtap: left promiscuous mode
[  274.920782][ T3432] veth0_macvtap: left promiscuous mode
[  274.927047][ T3432] veth1_vlan: left promiscuous mode
[  274.932390][ T3432] veth0_vlan: left promiscuous mode
[  275.028984][ T3432] team0 (unregistering): Port device team_slave_1 removed
[  275.039308][ T3432] team0 (unregistering): Port device team_slave_0 removed
[  275.096056][ T3432] team0 (unregistering): Port device team_slave_1 removed
[  275.106477][ T3432] team0 (unregistering): Port device C removed
[  275.113300][T22023] smc: removing ib device syz!
[  275.597879][ T3432] IPVS: stop unused estimator thread 0...