last executing test programs:

1.087001596s ago: executing program 1 (id=5974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000110000000000000000000000030005000000000002000000ac1e00010000000000000000030006000000000002000000000000000000000000000000010018000000000008001200000002"], 0x88}}, 0x0)

872.480911ms ago: executing program 1 (id=5984):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x8000000002, &(0x7f0000045000/0x3000)=nil, 0x3)

824.049485ms ago: executing program 1 (id=5987):
r0 = socket$key(0xf, 0x3, 0x2)
ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x5fa)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000600)=ANY=[@ANYBLOB="020b000007000000000000000000e1ff0400090000e0"], 0x38}}, 0x0)

772.110018ms ago: executing program 3 (id=5991):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

771.614148ms ago: executing program 1 (id=5993):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000800), 0xc, &(0x7f00000005c0)={&(0x7f0000001580)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0)

732.47711ms ago: executing program 3 (id=5995):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8fcffffb702000005000000b703000000000000850000007500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x6e20, 0x0, @empty}, 0x1c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

675.699274ms ago: executing program 1 (id=5999):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x52, &(0x7f0000000640)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

669.680084ms ago: executing program 1 (id=6001):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000140)=0x3ff, 0x4)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0)

560.245052ms ago: executing program 2 (id=6003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
finit_module(0xffffffffffffffff, 0x0, 0x6)

559.602952ms ago: executing program 2 (id=6005):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000100)={&(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e25, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4008000)

496.681677ms ago: executing program 2 (id=6006):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./bus\x00', 0x0, &(0x7f0000000400)={[{@data_err_abort}, {@noblock_validity}]}, 0x9, 0x5f2, &(0x7f0000002540)="$eJzs3c9vVNUeAPDvmf6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0kKQAg2t0aIJJcGNiXFjjIkrF+J/oUS2rHTlwo0rQ0LUsDRxzJ3eKZ32Tkt/TKf2fj7J0HvPmTvn3JbvnHPPnHMngNIazP6pRByMiOkU0Z/mF/M6I88cXHjeoz8+PJ89UlSrr/2WIuVp9een/GdffnBPRPzwfYoDHSvLnZm7cXl8amryer4/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aObah87pZkHb29jvv9X889ubXX/6ZRr75eSzF6Xg5f+LS89gqgzFY+52klVl9p7a6sDbqXLafliewY3Xkf7+uiPhf9EfHkr9mf3z0SlsrB7RUNUVUgZJK64j/rLfQyroA26neD6hf2y+/Dq60pVcCbIeHZxYGAFbGf+fC2GD01MYG9j5KDeM8KSI2NjLXaF9E3L83dvvCvbHb0aJxOKDY/K2I+H9R/Kda/A9ETwzU4r/SEP9Zv+Bc/jNLf3WDPYXlQ8XiH7bPQvz3rBr/0ST+31oS/29vog75pcjN3ob4793EKwIAAAAAAEA53T0TEc8Xff5fWZz/EwXzf/oi4vQWlD+4bH/l5/+VB1tQDFDg4ZmIlwrn/1bqs38HOvKtf9XmA3SlC5emJo9FxL8j4kh07cn2R1Yp4+gnB75oljeYz/+rP7Ly7+dzAfN6POjc03jMxPjg+GbPG4h4eCviqcL5v2mx/U8F7X/2fjD9hGUcePbOuWZ5a8c/0CrVryIOF7b/j+9akVa/P8dwrT8wXO8VrPT0B59+26z8jca/W0zA5mXt/97V438gLb1fz8z6yzg+11ltlrex/v/seHd6vXZXoe487f3x2dnrIxHd6WxHltqQPrr+OsNuVI+Herxk8X/kmdXH/4r6/70RMb/stdPvjWuK6/77V98vzeqj/w/tk8X/xLra//VvjN4Z+K5Z+U/W/p+otfVH8pSs/W/dbwT+OT6vh2l3Y3pBOHYWZW13fQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgN6hExL5IlaHF7UplaCiiLyL+E3srU9dmZp+7cO3dqxNZXu37/yv1b/rtX9hPte//r2Tbj/dHo3H/eETsj4jPOnpr+0Pnr01NtPvkAQAAAAAAAAAAAAAAAAAAYIfoa7L+P/NrR7trB7RcZ7srALRNQfz/2I56ANtP+w/ltaH4T/NbXxFg22n/obzEP5SX+IfyEv9QXuIfyso4PgAAAAAA7DL7D939KUXE/Iu9tUemO8/ramvNgFartLsCQNu4xQ+Ul6l/UF6u8YG0Rn5P04PWOnI10+c3cTAAAAAAAAAAAAAAlM7hg9b/Q1lZ/w/lZf0/lFd9/f+hNtcD2H6u8YFYYyV/4fr/NY8CAAAAAAAAAAAAALbSzNyNy+NTU5PXbbyxM6pRtNHboleuVqs3s/8FbT/B3bFRnwq/U+qzbKO+1u/JjmrfexIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANDo7wAAAP//sg0n+g==")
r0 = open(&(0x7f0000002000)='./bus\x00', 0x14f942, 0x0)
fallocate(r0, 0x0, 0x0, 0x1f)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

423.407871ms ago: executing program 4 (id=6007):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)=ANY=[@ANYBLOB="54010000100013070000000000000000fe880000000000000000000000000001ac1414bb000000001600"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400210000000000000048000200656362286369706865725f6e756c6c29"], 0x154}}, 0x4)

365.232115ms ago: executing program 3 (id=6008):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000640)=ANY=[@ANYBLOB="034886dd05000a000000000000006000000001002100fe880001000000000000060000007d01ff0200000000000000000000000000010000eca140", @ANYRES16, @ANYBLOB='yO'], 0xfdef)

364.808835ms ago: executing program 0 (id=6009):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10400, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000840)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000380), 0x208e24b)

323.965098ms ago: executing program 2 (id=6010):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

317.717188ms ago: executing program 4 (id=6011):
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffff]}, 0x0, 0x0, 0x8)
timer_create(0x2, &(0x7f0000000180)={0x0, 0x4, 0x4, @tid=r0}, &(0x7f0000000140))
timer_settime(0x0, 0xe54aef35e9c2845d, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)

200.564406ms ago: executing program 3 (id=6012):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)

200.135746ms ago: executing program 4 (id=6013):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={&(0x7f0000000200)=@name, 0x10, 0x0}, 0x41)

199.918206ms ago: executing program 2 (id=6014):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000040)='GPL\x00', 0x2, 0x1000, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x14, &(0x7f00000000c0)={0x0, 0x11}, 0x1, 0x10, &(0x7f0000000000), 0xa, 0x0, 0xffffffffffffffff, 0x4c, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

199.720726ms ago: executing program 0 (id=6015):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0}], 0x1, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0)={r2, 0x4, 0x0, 0x81}, &(0x7f0000000100)=0x10)

184.334437ms ago: executing program 4 (id=6016):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./bus\x00', 0x400000, &(0x7f0000000500)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098ee0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4e5531c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r1 = socket(0x15, 0x5, 0x0)
getsockopt$nfc_llcp(r1, 0x114, 0x2720, 0x0, 0x20000000)

156.037189ms ago: executing program 2 (id=6017):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000d7007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
syz_read_part_table(0x1053, &(0x7f0000003100)="$eJzsz7GRwjAUBNC1zzceZ9fEZcTENOF6gE6IKY6UjM/I9lACELyXaPRXK43CR+0yJONv8pO/TMlxmZ639F5VQ5Iu6fp1dNiiGte1xdUk/dZ5Xb4cue3n1h+qa7vLlJzyqP9qT87Xt30UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7YMwAA///L3RVj")

104.576523ms ago: executing program 0 (id=6018):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)

104.104742ms ago: executing program 4 (id=6019):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11}}}}}, 0x0)

103.867472ms ago: executing program 0 (id=6020):
pipe2(&(0x7f0000000c40)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x400}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

82.917584ms ago: executing program 3 (id=6021):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r1, 0x2285, 0x0)
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)

79.453774ms ago: executing program 4 (id=6022):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x1d, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000008500000073000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0xe, 0x0, &(0x7f00000008c0)="000091dda7d146d75b5974000000", 0x0, 0x200002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

24.567918ms ago: executing program 0 (id=6023):
open(0x0, 0x147a42, 0x40)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000006680)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a2d29730e5519c08cc79a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c0500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

17.893828ms ago: executing program 0 (id=6024):
socket(0x10, 0x3, 0x7)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000180)=[{}, {r0}], 0x2, 0x0, 0x0, 0x0)

0s ago: executing program 3 (id=6025):
set_mempolicy(0x4003, &(0x7f0000000080)=0x7, 0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400)

kernel console output (not intermixed with test programs):

gacy support in use)
[  140.147135][T13750] loop4: detected capacity change from 0 to 256
[  140.162775][T13750] FAT-fs (loop4): Directory bread(block 64) failed
[  140.171269][T13750] FAT-fs (loop4): Directory bread(block 65) failed
[  140.178116][T13750] FAT-fs (loop4): Directory bread(block 66) failed
[  140.184741][T13750] FAT-fs (loop4): Directory bread(block 67) failed
[  140.193074][T13750] FAT-fs (loop4): Directory bread(block 68) failed
[  140.200052][T13750] FAT-fs (loop4): Directory bread(block 69) failed
[  140.208157][T13750] FAT-fs (loop4): Directory bread(block 70) failed
[  140.214782][T13750] FAT-fs (loop4): Directory bread(block 71) failed
[  140.221441][T13750] FAT-fs (loop4): Directory bread(block 72) failed
[  140.229483][T13750] FAT-fs (loop4): Directory bread(block 73) failed
[  140.256156][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.263827][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.271489][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.279856][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.288398][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.296104][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.303775][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.312148][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.313114][T13750] syz.4.4438: attempt to access beyond end of device
[  140.313114][T13750] loop4: rw=2049, sector=1224, nr_sectors = 68 limit=256
[  140.319800][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.319825][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.319863][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.357089][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.364806][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.373074][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.380796][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.388453][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.396695][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.404327][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.412018][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.419667][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.428065][   T35] hid-generic 0000:1000003:0000.0005: unknown main item tag 0x0
[  140.438576][T13757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  140.447201][T13757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  140.447485][   T35] hid-generic 0000:1000003:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  140.492059][T13761] syz.4.4442[13761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.492117][T13761] syz.4.4442[13761] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.554213][T13767] loop0: detected capacity change from 0 to 512
[  140.577009][T13767] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.4445: iget: bad extended attribute block 1
[  140.591486][T13767] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4445: couldn't read orphan inode 15 (err -117)
[  140.608210][T13767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.637973][   T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[  140.646327][   T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[  140.655654][   T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x3
[  140.663860][   T35] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  140.710628][T10564] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.857581][T13792] loop3: detected capacity change from 0 to 2048
[  140.875142][T13799] random: crng reseeded on system resumption
[  140.882176][   T29] kauditd_printk_skb: 185 callbacks suppressed
[  140.882188][   T29] audit: type=1400 audit(2000000074.809:3129): avc:  denied  { create } for  pid=13798 comm="syz.4.4459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  140.915986][T13792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.991039][T13804] vhci_hcd: invalid port number 157
[  140.996340][T13804] vhci_hcd: default hub control req: c1ef v21ba i009d l29779
[  141.012480][T13792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.022849][   T29] audit: type=1400 audit(2000000074.839:3130): avc:  denied  { write } for  pid=13798 comm="syz.4.4459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  141.161700][T13825] syz.0.4469[13825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.161792][T13825] syz.0.4469[13825] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.176360][T13823] syz.1.4468[13823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.192416][T13827] loop3: detected capacity change from 0 to 256
[  141.227718][T13823] syz.1.4468[13823] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  141.299802][T13831] loop2: detected capacity change from 0 to 2048
[  141.389946][T13851] loop4: detected capacity change from 0 to 128
[  141.400540][T13851] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  141.431606][T13851] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  141.491269][   T40] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  141.580445][T13869] bond0: entered promiscuous mode
[  141.585605][T13869] bond_slave_0: entered promiscuous mode
[  141.591501][T13869] bond_slave_1: entered promiscuous mode
[  141.606103][T13871] netlink: 'syz.3.4493': attribute type 2 has an invalid length.
[  141.613993][T13873] vhci_hcd: invalid port number 157
[  141.619227][T13873] vhci_hcd: default hub control req: c1ef v21ba i009d l29779
[  141.807672][T13899] vhci_hcd: invalid port number 157
[  141.812946][T13899] vhci_hcd: default hub control req: c1ef v21ba i009d l29779
[  142.224686][   T29] audit: type=1326 audit(2000000076.149:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13906 comm="syz.1.4509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x0
[  142.329006][T13918] rdma_op ffff88810f5c7980 conn xmit_rdma 0000000000000000
[  142.434640][   T29] audit: type=1326 audit(2000000076.359:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13925 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  142.477102][   T29] audit: type=1326 audit(2000000076.389:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13925 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  142.500595][   T29] audit: type=1326 audit(2000000076.389:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13925 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  142.523608][   T29] audit: type=1326 audit(2000000076.389:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13925 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  142.598114][   T29] audit: type=1400 audit(2000000076.499:3136): avc:  denied  { setopt } for  pid=13933 comm="syz.3.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  142.618377][   T29] audit: type=1400 audit(2000000076.499:3137): avc:  denied  { bind } for  pid=13933 comm="syz.3.4523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  142.637889][   T29] audit: type=1400 audit(2000000076.509:3138): avc:  denied  { create } for  pid=13937 comm="syz.3.4524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  142.687198][T13947] netlink: 'syz.3.4528': attribute type 3 has an invalid length.
[  142.695049][T13947] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4528'.
[  142.847452][T13969] loop0: detected capacity change from 0 to 256
[  142.893037][T13971] loop3: detected capacity change from 0 to 1024
[  142.914996][T13975] netlink: 'syz.0.4542': attribute type 3 has an invalid length.
[  142.922946][T13975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4542'.
[  142.932386][T13971] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  142.967265][T13971] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.4540: Invalid block bitmap block 0 in block_group 0
[  142.985994][T13971] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.4540: Failed to acquire dquot type 0
[  143.012807][T13971] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.4540: Freeing blocks not in datazone - block = 0, count = 4096
[  143.035433][T13971] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.4540: Invalid inode bitmap blk 0 in block_group 0
[  143.044010][T13988] netlink: 'syz.2.4547': attribute type 2 has an invalid length.
[  143.056070][   T40] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:2: Failed to release dquot type 0
[  143.058219][T13971] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  143.081653][T13971] EXT4-fs (loop3): 1 orphan inode deleted
[  143.088503][T13971] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.094851][T13991] loop0: detected capacity change from 0 to 256
[  143.121578][T13995] loop1: detected capacity change from 0 to 128
[  143.128254][T13995] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  143.160381][T13995] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  143.172455][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.232108][   T40] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  143.239030][T14006] loop3: detected capacity change from 0 to 512
[  143.257981][T14008] dvmrp0: entered allmulticast mode
[  143.266218][T14008] dvmrp0: left allmulticast mode
[  143.273467][T14006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.293433][T14006] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  143.374403][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.438955][T14027] loop3: detected capacity change from 0 to 256
[  143.609865][T14061] loop4: detected capacity change from 0 to 256
[  143.727458][T14081] netlink: 'syz.0.4590': attribute type 3 has an invalid length.
[  143.831773][T14091] loop1: detected capacity change from 0 to 512
[  143.843390][T14091] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.862891][T14094] loop4: detected capacity change from 0 to 128
[  143.870970][T14091] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4594: bg 0: block 248: padding at end of block bitmap is not set
[  143.886673][T14094] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.903233][T14091] EXT4-fs (loop1): Remounting filesystem read-only
[  143.905485][T14094] ext4 filesystem being mounted at /147/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  143.918634][T14091] EXT4-fs (loop1): 1 truncate cleaned up
[  143.948588][T14091] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.961694][T14091] SELinux: (dev loop1, type ext4) getxattr errno 5
[  143.970262][T14091] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.023079][T14103] loop1: detected capacity change from 0 to 1024
[  144.030608][T14103] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  144.044177][T14103] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.4599: Invalid block bitmap block 0 in block_group 0
[  144.061935][T14103] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.4599: Failed to acquire dquot type 0
[  144.078206][T12553] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  144.112925][T14103] EXT4-fs error (device loop1): ext4_free_blocks:6590: comm syz.1.4599: Freeing blocks not in datazone - block = 0, count = 4096
[  144.139062][T14103] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.4599: Invalid inode bitmap blk 0 in block_group 0
[  144.154715][T14103] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[  144.163939][T14117] dvmrp0: entered allmulticast mode
[  144.170051][   T50] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u8:3: Failed to release dquot type 0
[  144.182774][T14103] EXT4-fs (loop1): 1 orphan inode deleted
[  144.192414][T14117] dvmrp0: left allmulticast mode
[  144.195753][T14103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.229098][T14118] bridge1: entered promiscuous mode
[  144.234319][T14118] bridge1: entered allmulticast mode
[  144.254364][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.613872][T14175] loop2: detected capacity change from 0 to 128
[  144.689126][T14190] loop3: detected capacity change from 0 to 164
[  144.704977][T14190] +}[@: attempt to access beyond end of device
[  144.704977][T14190] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  144.719078][T14193] ALSA: seq fatal error: cannot create timer (-22)
[  144.720229][T14190] +}[@: attempt to access beyond end of device
[  144.720229][T14190] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  144.772670][T14198] loop4: detected capacity change from 0 to 512
[  144.790818][T14198] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.805165][T14198] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.819535][T14198] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.4644: Failed to acquire dquot type 0
[  144.850430][T12553] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.889206][T14213] loop0: detected capacity change from 0 to 512
[  144.929486][T14213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.952858][T14213] ext4 filesystem being mounted at /341/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.036608][T10564] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.409099][T14231] loop1: detected capacity change from 0 to 164
[  145.426394][T14231] +}[@: attempt to access beyond end of device
[  145.426394][T14231] loop1: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  145.434088][T14229] loop3: detected capacity change from 0 to 8192
[  145.447457][T14231] +}[@: attempt to access beyond end of device
[  145.447457][T14231] loop1: rw=0, sector=263328, nr_sectors = 4 limit=164
[  145.488691][T14235] loop1: detected capacity change from 0 to 128
[  145.495793][T14229]  loop3: p1 p2 p4 < >
[  145.498487][T14235] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  145.499865][T14229] loop3: partition table partially beyond EOD, truncated
[  145.511992][T14235] ext4 filesystem being mounted at /262/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  145.529179][T14229] loop3: p1 size 8388608 extends beyond EOD, truncated
[  145.564082][T14229] loop3: p2 size 67174400 extends beyond EOD, truncated
[  145.581672][T14229] loop3: p4 start 131073 is beyond EOD, truncated
[  145.643651][T14240] netlink: 'syz.2.4663': attribute type 1 has an invalid length.
[  145.651519][T14240] netlink: 188824 bytes leftover after parsing attributes in process `syz.2.4663'.
[  145.669634][T10566] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  145.893543][   T29] kauditd_printk_skb: 49 callbacks suppressed
[  145.893558][   T29] audit: type=1400 audit(2000000079.819:3178): avc:  denied  { write } for  pid=14261 comm="syz.3.4672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  145.989343][T14266] loop1: detected capacity change from 0 to 8192
[  146.055496][T14266]  loop1: p1 p2 p4 < >
[  146.059595][T14266] loop1: partition table partially beyond EOD, truncated
[  146.068847][T14266] loop1: p1 size 8388608 extends beyond EOD, truncated
[  146.076238][T14266] loop1: p2 size 67174400 extends beyond EOD, truncated
[  146.083741][T14266] loop1: p4 start 131073 is beyond EOD, truncated
[  146.135267][T14271] bridge1: entered promiscuous mode
[  146.140610][T14271] bridge1: entered allmulticast mode
[  146.266136][T14273] syz.1.4676[14273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.266275][T14273] syz.1.4676[14273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.293728][   T29] audit: type=1400 audit(2000000080.219:3179): avc:  denied  { setopt } for  pid=14274 comm="syz.1.4677" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  146.340527][T14277] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4678'.
[  146.349475][T14277] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4678'.
[  146.467047][T14281] loop1: detected capacity change from 0 to 512
[  146.479647][T14281] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.492183][T14281] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.507591][T14281] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  146.518033][T14281] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  146.527422][T14281] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.4680: Failed to acquire dquot type 0
[  146.547929][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.709359][T14297] syz.2.4685[14297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.709423][T14297] syz.2.4685[14297] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.723814][T14262] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  146.749409][T14262] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  146.802462][T14301] loop3: detected capacity change from 0 to 512
[  146.827959][T14301] Quota error (device loop3): v2_read_file_info: Block with free entry 5 out of range (1, 0).
[  146.847352][T14301] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  146.876409][T14301] EXT4-fs (loop3): mount failed
[  146.912430][   T29] audit: type=1326 audit(2000000080.839:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.3.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926532def9 code=0x7ffc0000
[  146.939196][   T29] audit: type=1326 audit(2000000080.839:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.3.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926532def9 code=0x7ffc0000
[  146.962802][   T29] audit: type=1326 audit(2000000080.869:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.3.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f926532def9 code=0x7ffc0000
[  146.987157][   T29] audit: type=1326 audit(2000000080.869:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.3.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926532def9 code=0x7ffc0000
[  147.010639][   T29] audit: type=1326 audit(2000000080.869:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14308 comm="syz.3.4691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f926532def9 code=0x7ffc0000
[  147.100780][T14323] Invalid ELF header magic: != ELF
[  147.157340][T14327] 9pnet_fd: Insufficient options for proto=fd
[  147.193813][T14331] bridge0: entered allmulticast mode
[  147.204820][T14331] bridge0: left allmulticast mode
[  147.272909][T14341] batman_adv: batadv0: Adding interface: gretap1
[  147.280898][T14341] batman_adv: batadv0: Interface activated: gretap1
[  147.297633][T14343] loop1: detected capacity change from 0 to 512
[  147.304374][T14343] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  147.313282][T14343] EXT4-fs (loop1): invalid journal inode
[  147.320350][T14343] EXT4-fs (loop1): can't get journal size
[  147.327867][T14343] EXT4-fs (loop1): 1 truncate cleaned up
[  147.335018][T14343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.376045][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.529282][T14371] rdma_op ffff88811394e180 conn xmit_rdma 0000000000000000
[  147.557704][T14375] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4722'.
[  147.780735][T14409] syz.3.4738[14409] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.780792][T14409] syz.3.4738[14409] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.864085][T14421] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4744'.
[  148.040097][T14431] rdma_op ffff88811394f580 conn xmit_rdma 0000000000000000
[  148.070466][T14435] loop2: detected capacity change from 0 to 1764
[  148.142193][T14448] syz.1.4753[14448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.142249][T14448] syz.1.4753[14448] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.162480][T14445] loop2: detected capacity change from 0 to 512
[  148.192396][T14445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  148.244587][T14445] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4754: bg 0: block 248: padding at end of block bitmap is not set
[  148.270708][T14445] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.4754: Failed to acquire dquot type 1
[  148.292475][T14445] EXT4-fs (loop2): 1 truncate cleaned up
[  148.306150][T14466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4762'.
[  148.318172][T14445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.349242][T14472] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4764'.
[  148.359254][T14445] ext4 filesystem being mounted at /332/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  148.405560][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.415022][   T11] EXT4-fs error (device loop2): ext4_release_dquot:6871: comm kworker/u8:0: Failed to release dquot type 1
[  148.548005][T14496] xt_hashlimit: max too large, truncated to 1048576
[  148.566204][T14498] loop2: detected capacity change from 0 to 512
[  148.587878][T14498] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  148.615575][T14498] EXT4-fs (loop2): invalid journal inode
[  148.616390][T14505] syz.1.4780[14505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.621210][T14498] EXT4-fs (loop2): can't get journal size
[  148.641128][T14498] EXT4-fs (loop2): 1 truncate cleaned up
[  148.655805][T14498] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.665983][T14505] syz.1.4780[14505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.670718][T14505] rdma_op ffff88810b1b8980 conn xmit_rdma 0000000000000000
[  148.720725][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.734518][T14510] loop3: detected capacity change from 0 to 764
[  148.927995][T14537] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4794'.
[  148.956763][T14537] macsec1: entered allmulticast mode
[  148.962141][T14537] veth1_macvtap: entered allmulticast mode
[  148.993124][T14538] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4794'.
[  149.060422][T14538] veth1_macvtap (unregistering): left allmulticast mode
[  149.229833][T14550] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4801'.
[  149.868209][T14631] macsec1: entered allmulticast mode
[  149.873617][T14631] veth1_macvtap: entered allmulticast mode
[  149.900327][T14631] veth1_macvtap (unregistering): left allmulticast mode
[  150.237664][T14577] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  150.245938][T14577] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  150.551613][T14641] loop1: detected capacity change from 0 to 512
[  150.578131][T14641] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  150.600385][T14650] loop3: detected capacity change from 0 to 512
[  150.607830][T14641] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4850: bg 0: block 248: padding at end of block bitmap is not set
[  150.635509][T14650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  150.636578][T14641] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.4850: Failed to acquire dquot type 1
[  150.689494][T14650] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4856: bg 0: block 248: padding at end of block bitmap is not set
[  150.713082][T14641] EXT4-fs (loop1): 1 truncate cleaned up
[  150.722335][T14650] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.4856: Failed to acquire dquot type 1
[  150.736417][T14641] ext4 filesystem being mounted at /315/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.755923][T14650] EXT4-fs (loop3): 1 truncate cleaned up
[  150.756194][T14650] ext4 filesystem being mounted at /384/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.771548][ T2836] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:5: Failed to release dquot type 1
[  150.912879][   T29] kauditd_printk_skb: 133 callbacks suppressed
[  150.912961][   T29] audit: type=1107 audit(2000000084.839:3310): pid=14690 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='§'
[  150.954631][   T29] audit: type=1400 audit(2000000084.839:3311): avc:  denied  { mount } for  pid=14682 comm="syz.1.4862" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  150.956853][T14699] loop3: detected capacity change from 0 to 128
[  150.976863][   T29] audit: type=1400 audit(2000000084.859:3312): avc:  denied  { unmount } for  pid=10566 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  151.014849][T14699] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  151.015120][   T29] audit: type=1326 audit(2000000084.939:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.029399][T14699] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  151.050073][   T29] audit: type=1326 audit(2000000084.939:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.098413][   T29] audit: type=1326 audit(2000000084.959:3315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.122574][   T29] audit: type=1326 audit(2000000084.959:3316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.146684][   T29] audit: type=1326 audit(2000000084.959:3317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.170203][   T29] audit: type=1326 audit(2000000085.019:3318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.194477][   T29] audit: type=1326 audit(2000000085.019:3319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14700 comm="syz.4.4871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cc51bdef9 code=0x7ffc0000
[  151.240594][T14715] loop1: detected capacity change from 0 to 512
[  151.302168][T14715] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.340789][T14715] EXT4-fs error (device loop1): ext4_get_first_dir_block:3538: inode #12: block 32: comm syz.1.4878: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  151.368444][T14715] EXT4-fs error (device loop1): ext4_get_first_dir_block:3541: inode #12: comm syz.1.4878: directory missing '.'
[  151.499157][T14748] __nla_validate_parse: 3 callbacks suppressed
[  151.499171][T14748] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4890'.
[  152.031021][T14797] loop1: detected capacity change from 0 to 2048
[  152.319039][T14808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  152.327698][T14808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  152.678109][T14827] loop2: detected capacity change from 0 to 512
[  152.696596][T14827] EXT4-fs (loop2): 1 truncate cleaned up
[  152.703960][T14830] loop3: detected capacity change from 0 to 256
[  152.713511][T14830] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001)
[  152.937997][T14846] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4927'.
[  153.018140][T14858] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4933'.
[  153.031949][T14858] macsec1: entered allmulticast mode
[  153.037319][T14858] veth1_macvtap: entered allmulticast mode
[  153.055107][T14858] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4933'.
[  153.083226][T14858] veth1_macvtap (unregistering): left allmulticast mode
[  153.170379][T14871] loop1: detected capacity change from 0 to 512
[  153.178313][T14873] bpf_get_probe_write_proto: 2 callbacks suppressed
[  153.178327][T14873] syz.4.4940[14873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  153.185819][T14873] syz.4.4940[14873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  153.198996][T14871] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  153.252211][T14871] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  153.287169][T14871] EXT4-fs (loop1): 1 truncate cleaned up
[  153.339857][T14889] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4948'.
[  153.380760][T14898] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4952'.
[  153.392682][T14898] macsec1: entered allmulticast mode
[  153.398077][T14898] veth1_macvtap: entered allmulticast mode
[  153.407945][T14898] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4952'.
[  153.432596][T14898] veth1_macvtap (unregistering): left allmulticast mode
[  153.627844][T14933] loop1: detected capacity change from 0 to 512
[  153.666056][T14933] ext4 filesystem being mounted at /346/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.685303][T14933] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz.1.4969: corrupted xattr block 33: invalid header
[  153.699428][T14933] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  153.708407][T14933] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #15: comm syz.1.4969: corrupted xattr block 33: invalid header
[  153.723825][T14933] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=15
[  153.733037][T14933] EXT4-fs error (device loop1): ext4_xattr_block_list:768: inode #15: comm syz.1.4969: corrupted xattr block 33: invalid header
[  155.514368][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  155.536638][T14951] sg_write: process 872 (syz.3.4977) changed security contexts after opening file descriptor, this is not allowed.
[  155.562467][T14955] netlink: 240 bytes leftover after parsing attributes in process `syz.1.4975'.
[  155.601048][T14955] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.648147][T14967] usb usb7: usbfs: process 14967 (syz.3.4983) did not claim interface 0 before use
[  155.677444][T14955] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.743281][   T40] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.777818][T14955] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.805024][T14953] lo speed is unknown, defaulting to 1000
[  155.814158][   T40] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.868307][T14955] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.905693][   T40] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.965234][T14955] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.990675][   T40] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.005778][T14955] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  156.030934][T14955] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  156.043301][T14986] syz.4.4989[14986] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.043360][T14986] syz.4.4989[14986] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.068526][T14986] loop4: detected capacity change from 0 to 128
[  156.089232][T14955] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  156.098055][T14986] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  156.124195][T14986] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  156.162731][   T40] bridge_slave_1: left allmulticast mode
[  156.168458][   T40] bridge_slave_1: left promiscuous mode
[  156.174073][   T40] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.210554][   T40] bridge_slave_0: left allmulticast mode
[  156.216252][   T40] bridge_slave_0: left promiscuous mode
[  156.221894][   T40] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.325011][T15004] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4996'.
[  156.375412][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  156.375444][   T29] audit: type=1400 audit(2000000090.299:3466): avc:  denied  { prog_load } for  pid=15008 comm="syz.2.4999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  156.403881][   T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.414698][   T29] audit: type=1400 audit(2000000090.309:3467): avc:  denied  { bpf } for  pid=15008 comm="syz.2.4999" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  156.435367][   T29] audit: type=1400 audit(2000000090.309:3468): avc:  denied  { perfmon } for  pid=15008 comm="syz.2.4999" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  156.457180][   T29] audit: type=1400 audit(2000000090.309:3469): avc:  denied  { prog_run } for  pid=15008 comm="syz.2.4999" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  156.476466][   T29] audit: type=1400 audit(2000000090.329:3470): avc:  denied  { read write } for  pid=10566 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  156.500901][   T29] audit: type=1400 audit(2000000090.329:3471): avc:  denied  { open } for  pid=10566 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  156.525245][   T29] audit: type=1400 audit(2000000090.329:3472): avc:  denied  { ioctl } for  pid=10566 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  156.552625][   T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.553414][   T29] audit: type=1400 audit(2000000090.389:3473): avc:  denied  { map_create } for  pid=15010 comm="syz.1.5000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  156.580505][   T29] audit: type=1400 audit(2000000090.389:3474): avc:  denied  { map_read map_write } for  pid=15010 comm="syz.1.5000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  156.600412][   T29] audit: type=1400 audit(2000000090.459:3475): avc:  denied  { create } for  pid=15012 comm="syz.2.5001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  156.613004][T15016] xt_CT: You must specify a L4 protocol and not use inversions on it
[  156.624010][   T40] bond0 (unregistering): Released all slaves
[  156.697044][T14953] chnl_net:caif_netlink_parms(): no params data found
[  156.764509][T15029] syz.3.5007[15029] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.764571][T15029] syz.3.5007[15029] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.778849][   T40] hsr_slave_0: left promiscuous mode
[  156.804452][   T40] hsr_slave_1: left promiscuous mode
[  156.810464][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.817906][   T40] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.827878][   T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.828700][T15035] syz.1.5009[15035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.835294][   T40] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.854172][T15035] syz.1.5009[15035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  156.858578][   T40] veth1_macvtap: left promiscuous mode
[  156.875491][   T40] veth0_macvtap: left promiscuous mode
[  156.880981][   T40] veth1_vlan: left promiscuous mode
[  156.886278][   T40] veth0_vlan: left promiscuous mode
[  156.919018][T15039] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5011'.
[  157.023074][   T40] team0 (unregistering): Port device team_slave_1 removed
[  157.045024][   T40] team0 (unregistering): Port device team_slave_0 removed
[  157.181793][T14953] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.188980][T14953] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.200520][T15062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  157.226006][T15062] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  157.233848][T14953] bridge_slave_0: entered allmulticast mode
[  157.251209][T14953] bridge_slave_0: entered promiscuous mode
[  157.273155][T14953] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.280280][T14953] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.306985][T14953] bridge_slave_1: entered allmulticast mode
[  157.313565][T14953] bridge_slave_1: entered promiscuous mode
[  157.336027][T14953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.346507][T14953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.376186][T14953] team0: Port device team_slave_0 added
[  157.384762][T14953] team0: Port device team_slave_1 added
[  157.420655][T14953] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.427643][T14953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.453534][T14953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.464840][T14953] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.471870][T14953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.497899][T14953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.533467][T14953] hsr_slave_0: entered promiscuous mode
[  157.552553][T14953] hsr_slave_1: entered promiscuous mode
[  157.744015][T15113] loop1: detected capacity change from 0 to 2048
[  157.822491][T15125] tipc: Enabling <eth:lo> not permitted
[  157.828110][T15125] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  157.859716][T14953] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  157.883458][T14953] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  157.901742][T14953] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  157.921875][T14953] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  158.002359][T14953] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.025044][T14953] 8021q: adding VLAN 0 to HW filter on device team0
[  158.051071][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.058144][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.084189][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.091325][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.187632][T14953] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.206359][T15166] loop1: detected capacity change from 0 to 512
[  158.221886][T15166] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  158.235667][T15166] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  158.313238][T14953] veth0_vlan: entered promiscuous mode
[  158.327047][T14953] veth1_vlan: entered promiscuous mode
[  158.351090][T14953] veth0_macvtap: entered promiscuous mode
[  158.361908][T14953] veth1_macvtap: entered promiscuous mode
[  158.373640][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.384103][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.393973][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.404478][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.414278][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.424851][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.434654][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.445149][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.454983][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.465423][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.475320][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.485861][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.498127][T14953] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.508695][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.519316][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.529218][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.539700][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.549559][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.560058][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.570032][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.580594][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.590413][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.600876][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.610699][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.621124][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.630994][T14953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.641480][T14953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.653494][T14953] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.676272][T14953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.684984][T14953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.693721][T14953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.702492][T14953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.789327][T15205] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4974'.
[  158.819933][T15205] macsec1: entered allmulticast mode
[  158.825303][T15205] veth1_macvtap: entered allmulticast mode
[  158.842532][T15205] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4974'.
[  158.881805][T15205] veth1_macvtap (unregistering): left allmulticast mode
[  158.890572][T15219] loop3: detected capacity change from 0 to 512
[  158.903827][T15219] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  158.921713][T15219] EXT4-fs (loop3): invalid journal inode
[  158.932025][T15219] EXT4-fs (loop3): can't get journal size
[  158.942498][T15219] EXT4-fs (loop3): 1 truncate cleaned up
[  158.951841][T15219] EXT4-fs mount: 14 callbacks suppressed
[  158.951899][T15219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.972282][T15219] EXT4-fs warning (device loop3): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  158.991022][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.125962][T15241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5102'.
[  159.158960][T15249] loop3: detected capacity change from 0 to 164
[  159.168509][T15244] loop2: detected capacity change from 0 to 512
[  159.197017][T15244] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.216063][T15244] ext4 filesystem being mounted at /408/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.275988][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.476284][T15278] loop3: detected capacity change from 0 to 128
[  159.554468][T15291] loop1: detected capacity change from 0 to 1024
[  159.561835][T15288] SELinux: failed to load policy
[  159.564271][T15291] EXT4-fs: Ignoring removed orlov option
[  159.572484][T15291] EXT4-fs: Ignoring removed nomblk_io_submit option
[  159.588118][T15293] ref_ctr_offset mismatch. inode: 0x864 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x6c
[  159.592359][T15295] loop4: detected capacity change from 0 to 2048
[  159.614187][T15291] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  159.622968][T15291] System zones: 0-1, 3-36
[  159.629790][T15291] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.647629][T15295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.673240][T15295] EXT4-fs (loop4): shut down requested (0)
[  159.712352][T15297] loop3: detected capacity change from 0 to 8192
[  159.728382][T12553] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.739201][T15291] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  159.752045][T15306] netlink: 272 bytes leftover after parsing attributes in process `syz.2.5132'.
[  159.787417][T15310] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  159.837754][T15310] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  159.873926][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.991417][T15334] syz.2.5143[15334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.991470][T15334] syz.2.5143[15334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  160.014200][T15328] loop1: detected capacity change from 0 to 512
[  160.067897][T15328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.095460][T15328] ext4 filesystem being mounted at /390/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.142130][T15328] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 18: comm syz.1.5141: lblock 23 mapped to illegal pblock 18 (length 1)
[  160.180842][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 12: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  160.249427][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 13: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  160.308382][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 14: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  160.347061][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 15: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  160.377980][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  160.386684][T15358] sg_write: data in/out 2937/14 bytes for SCSI command 0x0-- guessing data in;
[  160.386684][T15358]    program syz.0.5154 not setting count and/or reply_len properly
[  160.420406][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 17: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  160.455808][T15328] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 18: comm syz.1.5141: lblock 23 mapped to illegal pblock 18 (length 1)
[  160.492109][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 19: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  160.517710][T15328] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 20: comm syz.1.5141: path /390/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  160.661743][T15373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5161'.
[  160.682359][T15373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5161'.
[  160.726980][T15377] loop4: detected capacity change from 0 to 512
[  160.748842][T15377] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.770841][T15377] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  160.809973][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.820473][T12553] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.890879][T15386] lo speed is unknown, defaulting to 1000
[  161.049137][T15402] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5172'.
[  161.058107][T15402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5172'.
[  161.077712][T15404] No such timeout policy "syz0"
[  161.182168][T15420] rdma_op ffff888117f2ed80 conn xmit_rdma 0000000000000000
[  161.216019][T15423] ebtables: ebtables: counters copy to user failed while replacing table
[  161.285120][T15437] loop1: detected capacity change from 0 to 256
[  161.326629][T15450] loop4: detected capacity change from 0 to 512
[  161.369447][T15450] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.396210][T15455] SELinux: security_context_str_to_sid (BA\) failed with errno=-22
[  161.423115][T15450] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.452559][T15463] syzkaller1: entered promiscuous mode
[  161.458244][T15463] syzkaller1: entered allmulticast mode
[  161.479481][   T29] kauditd_printk_skb: 263 callbacks suppressed
[  161.479571][   T29] audit: type=1400 audit(2000000095.409:3739): avc:  denied  { relabelto } for  pid=15446 comm="syz.4.5192" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:apt_var_lib_t:s0"
[  161.563734][T12553] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.596700][   T29] audit: type=1400 audit(2000000095.529:3740): avc:  denied  { read } for  pid=15467 comm="syz.3.5203" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.620005][   T29] audit: type=1400 audit(2000000095.529:3741): avc:  denied  { open } for  pid=15467 comm="syz.3.5203" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.687241][T15470] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.703863][T15470] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  161.721913][   T29] audit: type=1400 audit(2000000095.569:3742): avc:  denied  { ioctl } for  pid=15467 comm="syz.3.5203" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  161.761914][T15482] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  161.841394][T15491] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=15491 comm=syz.1.5211
[  161.876694][T15494] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5213'.
[  161.942083][T15505] loop1: detected capacity change from 0 to 128
[  161.960589][   T29] audit: type=1400 audit(2000000095.889:3743): avc:  denied  { create } for  pid=15506 comm="syz.2.5219" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  161.989572][   T29] audit: type=1400 audit(2000000095.919:3744): avc:  denied  { unlink } for  pid=10593 comm="syz-executor" name="file0" dev="tmpfs" ino=2253 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  162.156545][   T29] audit: type=1400 audit(2000000096.089:3745): avc:  denied  { write } for  pid=15520 comm="syz.0.5226" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  162.208561][   T29] audit: type=1326 audit(2000000096.139:3746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15525 comm="syz.1.5228" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x0
[  162.260153][   T29] audit: type=1400 audit(2000000096.189:3747): avc:  denied  { create } for  pid=15531 comm="syz.4.5231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  162.299796][   T29] audit: type=1400 audit(2000000096.209:3748): avc:  denied  { write } for  pid=15531 comm="syz.4.5231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  162.501431][T15566] can0: slcan on ttyS3.
[  162.566380][T15566] can0 (unregistered): slcan off ttyS3.
[  162.597086][T15579] loop0: detected capacity change from 0 to 512
[  162.624181][T15579] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002]
[  162.643887][T15579] System zones: 0-2, 18-18, 34-34
[  162.657705][T15579] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5239: bg 0: block 248: padding at end of block bitmap is not set
[  162.693874][T15579] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.5239: Failed to acquire dquot type 1
[  162.720354][T15579] EXT4-fs (loop0): 1 truncate cleaned up
[  162.735143][T15579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.758023][T15579] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.795176][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.932754][T15611] loop0: detected capacity change from 0 to 2048
[  163.016847][T15626] loop2: detected capacity change from 0 to 512
[  163.023869][T15626] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  163.048550][T15626] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e128, mo2=0002]
[  163.059211][T15626] System zones: 1-12
[  163.066586][T15626] EXT4-fs (loop2): orphan cleanup on readonly fs
[  163.079664][T15626] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm +}[@: invalid indirect mapped block 12 (level 1)
[  163.195433][T15626] EXT4-fs (loop2): Remounting filesystem read-only
[  163.201996][T15626] EXT4-fs (loop2): 1 truncate cleaned up
[  163.236590][T15626] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  163.261242][T15626] SELinux: (dev loop2, type ext4) getxattr errno 5
[  163.275784][T15626] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  163.283557][T15695] loop0: detected capacity change from 0 to 2048
[  163.298796][T15695] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.318374][T15695] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.397206][T15695] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5253: bg 0: block 234: padding at end of block bitmap is not set
[  163.421615][T15695] EXT4-fs (loop0): Remounting filesystem read-only
[  163.542353][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.575997][T15729] loop3: detected capacity change from 0 to 2048
[  163.592848][T15733] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  163.600451][T15733] vhci_hcd: invalid port number 23
[  163.610430][T15729] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.655095][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.677092][T15740] syzkaller1: entered promiscuous mode
[  163.682573][T15740] syzkaller1: entered allmulticast mode
[  163.711389][T15745] rtc_cmos 00:00: Alarms can be up to one day in the future
[  163.913884][T15769] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5282'.
[  163.992558][ T3339] kernel read not supported for file /newroot/283/file0 (pid: 3339 comm: kworker/0:3)
[  164.053657][T15789] netlink: 'syz.4.5292': attribute type 10 has an invalid length.
[  164.070900][T15789] team0: Device hsr_slave_0 failed to register rx_handler
[  164.080470][T15793] netlink: 'syz.0.5294': attribute type 2 has an invalid length.
[  164.117232][T15795] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.5295'.
[  164.255993][T15818] loop4: detected capacity change from 0 to 512
[  164.287423][T15818] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.5306: corrupted in-inode xattr: invalid ea_ino
[  164.373446][T15818] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5306: couldn't read orphan inode 15 (err -117)
[  164.468344][ T3339] kernel write not supported for file /uhid (pid: 3339 comm: kworker/0:3)
[  164.469272][T15818] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.495231][T15818] EXT4-fs (loop4): shut down requested (2)
[  164.501639][T15818] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=14
[  164.511830][T15818] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=14
[  164.530053][T12553] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.683724][T15833] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  164.683724][T15833]    program syz.4.5310 not setting count and/or reply_len properly
[  165.009537][T15856] lo speed is unknown, defaulting to 1000
[  165.254835][    C0] vxcan0: j1939_tp_rxtimer: 0xffff888109fd4e00: rx timeout, send abort
[  165.263200][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888109fd4e00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  165.309754][T15875] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5330'.
[  165.427925][T15887] rdma_op ffff888113b1b580 conn xmit_rdma 0000000000000000
[  165.856421][T15897] loop3: detected capacity change from 0 to 512
[  165.873730][T15897] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.5340: corrupted in-inode xattr: invalid ea_ino
[  165.904083][T15897] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5340: couldn't read orphan inode 15 (err -117)
[  165.927718][T15897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.947481][T15897] EXT4-fs (loop3): shut down requested (2)
[  165.965324][T15897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=14
[  165.976321][T15897] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=14
[  166.008389][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.116740][T15914] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  166.116740][T15914]    program syz.1.5348 not setting count and/or reply_len properly
[  166.124382][T15920] loop3: detected capacity change from 0 to 512
[  166.146874][T15920] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002]
[  166.160420][T15920] System zones: 0-2, 18-18, 34-34
[  166.166979][T15920] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5351: bg 0: block 248: padding at end of block bitmap is not set
[  166.194413][T15920] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.5351: Failed to acquire dquot type 1
[  166.211152][T15924] syzkaller1: entered promiscuous mode
[  166.216663][T15924] syzkaller1: entered allmulticast mode
[  166.222680][T15920] EXT4-fs (loop3): 1 truncate cleaned up
[  166.229915][T15920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.248843][T15920] ext4 filesystem being mounted at /503/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.273138][T10596] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.402656][T15943] loop1: detected capacity change from 0 to 512
[  166.410881][T15943] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.5359: corrupted in-inode xattr: invalid ea_ino
[  166.426730][T15943] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5359: couldn't read orphan inode 15 (err -117)
[  166.439394][T15943] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.457306][T15943] EXT4-fs (loop1): shut down requested (2)
[  166.463589][T15943] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=14
[  166.472466][T15943] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=14
[  166.496700][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.519403][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  166.519417][   T29] audit: type=1400 audit(2000000100.449:3811): avc:  denied  { read } for  pid=15946 comm="syz.3.5361" name="file0" dev="tmpfs" ino=2636 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  166.548017][   T29] audit: type=1400 audit(2000000100.449:3812): avc:  denied  { open } for  pid=15946 comm="syz.3.5361" path="/507/file0" dev="tmpfs" ino=2636 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  166.709194][T15956] loop1: detected capacity change from 0 to 512
[  166.751926][T15956] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002]
[  166.808977][T15956] System zones: 0-2, 18-18, 34-34
[  166.816343][T15956] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5364: bg 0: block 248: padding at end of block bitmap is not set
[  166.893187][T15956] Quota error (device loop1): write_blk: dquota write failed
[  166.900666][T15956] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  166.936118][T15956] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.5364: Failed to acquire dquot type 1
[  166.967721][T15956] EXT4-fs (loop1): 1 truncate cleaned up
[  166.979069][T15956] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.006240][T15956] ext4 filesystem being mounted at /429/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.064277][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.084732][T15961] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  167.084732][T15961]    program syz.0.5365 not setting count and/or reply_len properly
[  167.162971][T15973] loop2: detected capacity change from 0 to 512
[  167.172267][T15973] EXT4-fs: Ignoring removed i_version option
[  167.178316][T15973] EXT4-fs: Ignoring removed nobh option
[  167.184511][T15973] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  167.198391][T15973] EXT4-fs (loop2): 1 truncate cleaned up
[  167.204407][T15973] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.234462][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.256653][   T29] audit: type=1400 audit(2000000101.179:3813): avc:  denied  { watch watch_reads } for  pid=15977 comm="syz.2.5373" path="/457" dev="tmpfs" ino=2378 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  167.290654][T15980] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5374'.
[  168.004395][T15988] loop2: detected capacity change from 0 to 512
[  168.006333][T15992] syz.1.5390[15992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.010916][T15992] syz.1.5390[15992] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.033174][T15988] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002]
[  168.071855][T15988] System zones: 0-2, 18-18, 34-34
[  168.078727][T15988] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5379: bg 0: block 248: padding at end of block bitmap is not set
[  168.107526][T15988] Quota error (device loop2): write_blk: dquota write failed
[  168.114985][T15988] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  168.165407][T15988] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.5379: Failed to acquire dquot type 1
[  168.185800][T15988] EXT4-fs (loop2): 1 truncate cleaned up
[  168.200070][T15988] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.232062][T15988] ext4 filesystem being mounted at /460/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.329234][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.584596][   T29] audit: type=1400 audit(2000000110.509:3814): avc:  denied  { mounton } for  pid=16004 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  176.736087][T16006] lo speed is unknown, defaulting to 1000
[  176.758358][T16004] lo speed is unknown, defaulting to 1000
[  176.791831][T15677] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.848901][T15677] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.900434][T15677] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.918402][T16006] chnl_net:caif_netlink_parms(): no params data found
[  176.964046][T15677] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.997721][T16004] chnl_net:caif_netlink_parms(): no params data found
[  177.008917][T16006] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.016637][T16006] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.027182][T16006] bridge_slave_0: entered allmulticast mode
[  177.044667][T16006] bridge_slave_0: entered promiscuous mode
[  177.071162][T16006] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.078915][T16006] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.095609][T16006] bridge_slave_1: entered allmulticast mode
[  177.102530][T16006] bridge_slave_1: entered promiscuous mode
[  177.108942][T16039] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5392'.
[  177.131771][T16036] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5389'.
[  177.186092][T16050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5404'.
[  177.202461][T16006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.239641][T16006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.251526][T16004] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.259305][T16004] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.266625][T16004] bridge_slave_0: entered allmulticast mode
[  177.273002][T16004] bridge_slave_0: entered promiscuous mode
[  177.282973][T16004] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.290697][T16004] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.298008][T16004] bridge_slave_1: entered allmulticast mode
[  177.304404][T16004] bridge_slave_1: entered promiscuous mode
[  177.350021][T15677] bridge_slave_1: left allmulticast mode
[  177.355726][T15677] bridge_slave_1: left promiscuous mode
[  177.361318][T15677] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.382351][T15677] bridge_slave_0: left allmulticast mode
[  177.388043][T15677] bridge_slave_0: left promiscuous mode
[  177.393726][T15677] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.400988][   T29] audit: type=1326 audit(2000000111.309:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  177.425621][   T29] audit: type=1326 audit(2000000111.309:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  177.467258][   T29] audit: type=1326 audit(2000000111.379:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  177.491516][   T29] audit: type=1326 audit(2000000111.379:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90ed774ea7 code=0x7ffc0000
[  177.514890][   T29] audit: type=1326 audit(2000000111.379:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f90ed719869 code=0x7ffc0000
[  177.538909][   T29] audit: type=1326 audit(2000000111.379:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90ed774ea7 code=0x7ffc0000
[  177.562470][   T29] audit: type=1326 audit(2000000111.379:3821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f90ed719869 code=0x7ffc0000
[  177.586549][   T29] audit: type=1326 audit(2000000111.379:3822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  177.610033][   T29] audit: type=1326 audit(2000000111.379:3823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16068 comm="syz.1.5406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  177.748322][T15677] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.758641][T15677] bond_slave_0: left promiscuous mode
[  177.766096][T15677] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.775267][T15677] bond_slave_1: left promiscuous mode
[  177.783904][T15677] bond0 (unregistering): Released all slaves
[  177.806187][T16006] team0: Port device team_slave_0 added
[  177.823077][T16006] team0: Port device team_slave_1 added
[  177.830423][T16004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.853806][T16004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.864453][T16006] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.872032][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.898645][T16006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.919970][T16006] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.927576][T16006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.953697][T16006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.977620][T16004] team0: Port device team_slave_0 added
[  177.989282][T15677] hsr_slave_0: left promiscuous mode
[  177.994924][T15677] hsr_slave_1: left promiscuous mode
[  178.002436][T15677] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.009862][T15677] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.019078][T15677] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.026567][T15677] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.037984][T15677] veth1_vlan: left promiscuous mode
[  178.043352][T15677] veth0_vlan: left promiscuous mode
[  178.136465][T15677] team0 (unregistering): Port device team_slave_1 removed
[  178.148128][T15677] team0 (unregistering): Port device team_slave_0 removed
[  178.205488][T16004] team0: Port device team_slave_1 added
[  178.232296][T16006] hsr_slave_0: entered promiscuous mode
[  178.240411][T16006] hsr_slave_1: entered promiscuous mode
[  178.246386][T16006] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.253917][T16006] Cannot create hsr debugfs directory
[  178.260285][T16004] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.267222][T16004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.293764][T16004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.308506][T16004] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.316076][T16004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.341978][T16004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.375204][T16004] hsr_slave_0: entered promiscuous mode
[  178.383513][T16004] hsr_slave_1: entered promiscuous mode
[  178.391019][T16004] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.398670][T16004] Cannot create hsr debugfs directory
[  178.474846][T16006] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.539008][T16006] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.619080][T16006] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.670193][T16006] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.730647][T15677] bridge_slave_1: left allmulticast mode
[  178.736984][T15677] bridge_slave_1: left promiscuous mode
[  178.742571][T15677] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.752593][T15677] bridge_slave_0: left allmulticast mode
[  178.758260][T15677] bridge_slave_0: left promiscuous mode
[  178.763893][T15677] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.774249][T15677] batman_adv: batadv0: Interface deactivated: gretap1
[  178.843668][T15677] batman_adv: batadv0: Removing interface: gretap1
[  178.888329][T15677] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.900245][T15677] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.910840][T15677] bond0 (unregistering): Released all slaves
[  178.984826][T15677] hsr_slave_0: left promiscuous mode
[  178.990453][T15677] hsr_slave_1: left promiscuous mode
[  178.997853][T15677] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.005237][T15677] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.014581][T15677] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.022020][T15677] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.031762][T15677] veth1_vlan: left promiscuous mode
[  179.037640][T15677] veth0_vlan: left promiscuous mode
[  179.069722][T15677] infiniband syz1: set down
[  179.129484][T15677] team0 (unregistering): Port device team_slave_1 removed
[  179.140603][T15677] team0 (unregistering): Port device team_slave_0 removed
[  179.151090][ T3280] smc: removing ib device syz1
[  179.372304][T16006] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  179.386248][T16006] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  179.401626][T16004] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  179.411187][T16006] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  179.419840][T16004] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  179.429273][T16006] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  179.438095][T16004] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  179.451036][T16004] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  179.506093][T16006] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.521572][T16004] 8021q: adding VLAN 0 to HW filter on device bond0
[  179.532260][T16006] 8021q: adding VLAN 0 to HW filter on device team0
[  179.544348][T16004] 8021q: adding VLAN 0 to HW filter on device team0
[  179.555686][ T3280] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.562734][ T3280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.594030][T16004] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  179.604434][T16004] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  179.619314][ T3280] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.626378][ T3280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.638351][ T3280] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.645451][ T3280] bridge0: port 1(bridge_slave_0) entered forwarding state
[  179.654876][ T3280] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.661972][ T3280] bridge0: port 2(bridge_slave_1) entered forwarding state
[  179.689610][T16006] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  179.752454][T16006] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.777946][T16004] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.874030][T16006] veth0_vlan: entered promiscuous mode
[  179.890154][T16006] veth1_vlan: entered promiscuous mode
[  179.920019][T16006] veth0_macvtap: entered promiscuous mode
[  179.934149][T16006] veth1_macvtap: entered promiscuous mode
[  179.949867][T16004] veth0_vlan: entered promiscuous mode
[  179.958513][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.969017][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.978858][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  179.989285][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.999267][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.009709][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.019578][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.030228][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.040118][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.050551][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.063268][T16006] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.073120][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.083723][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.093613][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.104048][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.114016][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.124505][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.134318][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.144802][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.154610][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.165031][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.175190][T16006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.185666][T16006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.197009][T16006] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.210584][T16006] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.219389][T16006] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.228170][T16006] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.237499][T16006] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.251263][T16004] veth1_vlan: entered promiscuous mode
[  180.267623][T16004] veth0_macvtap: entered promiscuous mode
[  180.278381][T16004] veth1_macvtap: entered promiscuous mode
[  180.297419][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.308019][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.317867][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.329033][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.338881][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.349383][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.359902][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.370489][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.380396][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.390884][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.401562][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.412132][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.424644][T16004] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.433524][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.444140][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.454051][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.465324][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.475139][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.486221][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.496118][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.506528][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.517126][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.527555][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.537372][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.548402][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.558244][T16004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.568822][T16004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.582222][T16004] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.592622][T16004] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.601622][T16004] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.610377][T16004] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.619626][T16004] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  180.751506][T16127] loop2: detected capacity change from 0 to 512
[  180.791924][T16127] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.837473][T16127] ext4 filesystem being mounted at /471/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  180.882476][T16127] EXT4-fs error (device loop2): ext4_get_first_dir_block:3538: inode #12: block 32: comm syz.2.5428: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  180.927021][T16145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5435'.
[  180.949411][T16127] EXT4-fs error (device loop2): ext4_get_first_dir_block:3541: inode #12: comm syz.2.5428: directory missing '.'
[  181.018615][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.119265][T16169] loop4: detected capacity change from 0 to 2048
[  181.148147][T16169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.221254][T16004] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.283253][T16191] loop0: detected capacity change from 0 to 512
[  181.325426][T16191] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  181.388370][T16191] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5444: bg 0: block 248: padding at end of block bitmap is not set
[  181.416973][T16191] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.5444: Failed to acquire dquot type 1
[  181.457265][T16191] EXT4-fs (loop0): 1 truncate cleaned up
[  181.466757][T16191] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.488130][T16191] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  181.562414][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.632494][T16229] loop3: detected capacity change from 0 to 512
[  181.654497][T16229] EXT4-fs (loop3): 1 truncate cleaned up
[  181.656803][T16231] loop4: detected capacity change from 0 to 256
[  181.660612][T16229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.706014][T16006] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.715566][T16231] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001)
[  181.978207][   T29] kauditd_printk_skb: 78 callbacks suppressed
[  181.978280][   T29] audit: type=1107 audit(2000000115.909:3900): pid=16271 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='§'
[  182.055026][T16279] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5478'.
[  182.175267][   T29] audit: type=1326 audit(2000000116.099:3901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.198899][   T29] audit: type=1326 audit(2000000116.099:3902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.227012][   T29] audit: type=1326 audit(2000000116.159:3903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.250590][   T29] audit: type=1326 audit(2000000116.159:3904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.274556][   T29] audit: type=1326 audit(2000000116.159:3905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.298039][   T29] audit: type=1326 audit(2000000116.159:3906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.321557][   T29] audit: type=1326 audit(2000000116.159:3907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.345242][   T29] audit: type=1326 audit(2000000116.159:3908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.373811][   T29] audit: type=1326 audit(2000000116.229:3909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16290 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1832a2def9 code=0x7ffc0000
[  182.879632][T16377] loop0: detected capacity change from 0 to 512
[  182.912525][T16377] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.935026][T16377] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.979296][T16377] EXT4-fs error (device loop0): ext4_get_first_dir_block:3538: inode #12: block 32: comm syz.0.5523: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  183.031561][T16377] EXT4-fs error (device loop0): ext4_get_first_dir_block:3541: inode #12: comm syz.0.5523: directory missing '.'
[  183.072124][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.220481][T16405] syz.0.5546[16405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  183.220567][T16405] syz.0.5546[16405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  183.310811][T16420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5541'.
[  183.433008][T16435] loop0: detected capacity change from 0 to 512
[  183.441444][T16435] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  183.454575][T16435] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  183.470613][T16435] EXT4-fs (loop0): 1 truncate cleaned up
[  183.477454][T16435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.504360][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.555723][T16424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.568509][T16424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.833002][T16461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5563'.
[  183.983918][T16480] loop3: detected capacity change from 0 to 512
[  184.007038][T16480] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.020827][T16480] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.034515][T16480] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.5572: corrupted xattr block 33: invalid header
[  184.055720][T16480] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  184.066837][T16480] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.5572: corrupted xattr block 33: invalid header
[  184.089069][T16480] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[  184.114935][T16480] EXT4-fs error (device loop3): ext4_xattr_block_list:768: inode #15: comm syz.3.5572: corrupted xattr block 33: invalid header
[  184.175832][T16006] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.225059][T16502] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5583'.
[  184.309722][T16513] loop4: detected capacity change from 0 to 512
[  184.348914][T16513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.362316][T16513] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.389437][T16004] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.506182][T16530] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  184.521175][    T8] kernel read not supported for file /newroot/475/file0 (pid: 8 comm: kworker/0:0)
[  184.584341][T16545] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  184.592317][T16545] vlan2: entered promiscuous mode
[  184.602511][T16545] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  184.877361][T16578] loop0: detected capacity change from 0 to 164
[  184.886767][T16578] syz.0.5617: attempt to access beyond end of device
[  184.886767][T16578] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  184.923136][T16578] syz.0.5617: attempt to access beyond end of device
[  184.923136][T16578] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  185.070061][T16601] IPv6: NLM_F_CREATE should be specified when creating new route
[  185.181855][T16624] netlink: 56 bytes leftover after parsing attributes in process `+}[@'.
[  185.222900][T16627] loop7: detected capacity change from 0 to 16384
[  185.259283][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  185.644597][T16673] syz.0.5663[16673] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.644702][T16673] syz.0.5663[16673] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  185.678777][T16679] loop0: detected capacity change from 0 to 128
[  185.780280][T16679] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  185.851905][T16680] loop4: detected capacity change from 0 to 8192
[  185.869640][T16679] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  185.906321][T16680]  loop4: p1 p2[DM] p4
[  185.910556][T16680] loop4: p1 size 196608 extends beyond EOD, truncated
[  185.922476][T16680] loop4: p2 start 4292936063 is beyond EOD, truncated
[  185.929291][T16680] loop4: p4 size 50331648 extends beyond EOD, truncated
[  186.256275][T16706] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5676'.
[  186.267946][T16707] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5677'.
[  186.269615][T16684] syz_tun: entered promiscuous mode
[  186.302903][T16684] batadv_slave_0: entered promiscuous mode
[  186.362642][T16716] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  186.442136][T16721] loop1: detected capacity change from 0 to 2048
[  186.479893][T16721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.517384][T16736] syz.2.5689[16736] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.517444][T16736] syz.2.5689[16736] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.632331][T16744] syz.4.5693[16744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.667813][T10566] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.688437][T16744] syz.4.5693[16744] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  186.738261][T16753] xt_CT: You must specify a L4 protocol and not use inversions on it
[  186.795455][T16761] netlink: 240 bytes leftover after parsing attributes in process `syz.4.5700'.
[  186.842997][T16761] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.844922][T16764] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5701'.
[  186.939490][T16761] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.001814][   T29] kauditd_printk_skb: 252 callbacks suppressed
[  187.001828][   T29] audit: type=1400 audit(2000000120.929:4162): avc:  denied  { execute } for  pid=16769 comm="syz.2.5705" path="/519/cpu.stat" dev="tmpfs" ino=2697 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  187.067986][T16761] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.080967][   T29] audit: type=1400 audit(2000000120.999:4163): avc:  denied  { name_bind } for  pid=16775 comm="syz.0.5707" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=tcp_socket permissive=1
[  187.091490][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.110305][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.111275][T16784] syz.1.5711[16784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.117713][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.117841][   T29] audit: type=1400 audit(2000000121.009:4164): avc:  denied  { read write } for  pid=16780 comm="syz.0.5710" name="uhid" dev="devtmpfs" ino=227 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  187.129307][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129333][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129362][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129386][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129410][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129436][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129528][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129551][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129572][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129596][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129621][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129642][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129664][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129769][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.129791][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.137151][   T29] audit: type=1400 audit(2000000121.009:4165): avc:  denied  { open } for  pid=16780 comm="syz.0.5710" path="/dev/uhid" dev="devtmpfs" ino=227 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  187.160771][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160798][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160820][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160844][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160867][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160921][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.160988][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161008][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161032][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161056][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161078][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161101][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161124][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.161221][ T3339] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  187.162592][T16781] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.168773][   T29] audit: type=1326 audit(2000000121.039:4166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.1.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  187.267317][ T3339] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  187.273651][   T29] audit: type=1326 audit(2000000121.039:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.1.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  187.370420][T16784] syz.1.5711[16784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  187.372446][   T29] audit: type=1326 audit(2000000121.039:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.1.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  187.504644][T16781] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.505228][   T29] audit: type=1400 audit(2000000121.089:4169): avc:  denied  { ioctl } for  pid=16780 comm="syz.0.5710" path="/dev/raw-gadget" dev="devtmpfs" ino=118 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  187.538145][   T29] audit: type=1326 audit(2000000121.399:4170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.1.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  187.561647][   T29] audit: type=1326 audit(2000000121.399:4171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16783 comm="syz.1.5711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  187.606098][T16790] loop1: detected capacity change from 0 to 164
[  187.636772][T16790] Unable to read rock-ridge attributes
[  187.650404][T16761] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.703626][T16761] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.724714][T16761] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.747227][T16761] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.764181][T16761] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.887421][T16832] lo: MTU too low for tipc bearer
[  187.892480][T16832] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  187.972299][T16846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.990163][T16846] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.205126][T16875] loop3: detected capacity change from 0 to 2048
[  188.313427][T16894] usb usb7: usbfs: process 16894 (syz.0.5764) did not claim interface 0 before use
[  188.373213][T16902] syz.2.5779[16902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.373270][T16902] syz.2.5779[16902] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  188.462766][T16908] loop2: detected capacity change from 0 to 512
[  188.512701][T16908] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  188.530117][T16908] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  188.689893][T16928] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5782'.
[  189.116556][T16975] loop2: detected capacity change from 0 to 512
[  189.136021][T16975] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  189.158475][T16975] EXT4-fs (loop2): invalid journal inode
[  189.175070][T16975] EXT4-fs (loop2): can't get journal size
[  189.212574][T16975] EXT4-fs (loop2): 1 truncate cleaned up
[  189.218555][T16975] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.235309][T16975] EXT4-fs warning (device loop2): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  189.288481][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.298946][T16989] loop0: detected capacity change from 0 to 128
[  189.358418][T16993] SELinux: failed to load policy
[  189.568558][T17018] loop0: detected capacity change from 0 to 164
[  189.581458][T17017] loop3: detected capacity change from 0 to 512
[  189.619643][T17017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.637028][T17017] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.673344][T16006] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.705968][T17032] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5829'.
[  189.748367][T17043] syz.3.5836[17043] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.748418][T17043] syz.3.5836[17043] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  189.792812][T17044] loop2: detected capacity change from 0 to 2048
[  189.797237][T17048] loop0: detected capacity change from 0 to 1024
[  189.827069][T17044] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.829534][T17048] EXT4-fs: Ignoring removed orlov option
[  189.845103][T17048] EXT4-fs: Ignoring removed nomblk_io_submit option
[  189.870423][T17044] EXT4-fs (loop2): shut down requested (0)
[  189.896119][T17048] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  189.908263][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.919677][T17048] System zones: 0-1, 3-36
[  189.924956][T17048] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.947987][T17048] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  189.967438][T17048] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002]
[  189.991710][T17048] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  190.042979][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.075995][T17070] sg_write: data in/out 2937/14 bytes for SCSI command 0x0-- guessing data in;
[  190.075995][T17070]    program syz.2.5845 not setting count and/or reply_len properly
[  190.122304][T17080] loop2: detected capacity change from 0 to 512
[  190.139577][T17078] netlink: 272 bytes leftover after parsing attributes in process `syz.3.5847'.
[  190.158796][T17080] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.172930][T17080] ext4 filesystem being mounted at /561/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  190.198105][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.290815][T17101] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  190.336136][T17105] rdma_op ffff8881151a7d80 conn xmit_rdma 0000000000000000
[  190.375475][T17109] ebtables: ebtables: counters copy to user failed while replacing table
[  190.480980][T17122] SELinux: security_context_str_to_sid (BA\) failed with errno=-22
[  190.495185][T17127] lo speed is unknown, defaulting to 1000
[  190.626922][T17140] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5875'.
[  190.627821][T17142] No such timeout policy "syz0"
[  190.635786][T17140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5875'.
[  190.803479][T17171] loop0: detected capacity change from 0 to 512
[  190.836910][T17171] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.850084][T17175] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5891'.
[  190.859779][T17171] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.881939][T17171] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 18: comm syz.0.5888: lblock 23 mapped to illegal pblock 18 (length 1)
[  190.911464][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 12: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  190.954864][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 13: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  190.989904][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 14: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  191.026892][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 15: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  191.050825][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  191.073653][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 17: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  191.097866][T17171] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 18: comm syz.0.5888: lblock 23 mapped to illegal pblock 18 (length 1)
[  191.116553][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 19: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  191.141089][T17171] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 20: comm syz.0.5888: path /196/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  191.342737][T17204] loop2: detected capacity change from 0 to 512
[  191.378402][T17204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.427081][T17204] ext4 filesystem being mounted at /565/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  191.490569][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.527105][T17217] loop2: detected capacity change from 0 to 512
[  191.540221][T17217] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  191.549345][T17217] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  191.585615][T17217] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  191.605587][T17217] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  191.613626][T17217] System zones: 0-2, 18-18, 34-34
[  191.621614][T17217] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  191.651596][T17217] EXT4-fs (loop2): 1 truncate cleaned up
[  191.660930][T17217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.697454][T17222] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  191.750173][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.776579][T14953] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.828808][T17238] loop4: detected capacity change from 0 to 128
[  192.027814][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  192.027826][   T29] audit: type=1400 audit(2000000125.959:4413): avc:  denied  { bind } for  pid=17263 comm="syz.1.5929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  192.057543][   T29] audit: type=1400 audit(2000000125.989:4414): avc:  denied  { cpu } for  pid=17270 comm="syz.3.5933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  192.123393][   T29] audit: type=1400 audit(2000000126.049:4415): avc:  denied  { ioctl } for  pid=17277 comm="syz.3.5938" path="socket:[53827]" dev="sockfs" ino=53827 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  192.190108][   T29] audit: type=1326 audit(2000000126.119:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.256571][   T29] audit: type=1326 audit(2000000126.159:4417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.280560][   T29] audit: type=1326 audit(2000000126.159:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.304447][   T29] audit: type=1326 audit(2000000126.159:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.327928][   T29] audit: type=1326 audit(2000000126.159:4420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.351555][   T29] audit: type=1326 audit(2000000126.159:4421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.375256][   T29] audit: type=1326 audit(2000000126.159:4422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17284 comm="syz.1.5941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90ed77def9 code=0x7ffc0000
[  192.400166][T17287] loop2: detected capacity change from 0 to 8192
[  192.458274][T17298] FAT-fs (loop7): bogus number of reserved sectors
[  192.464802][T17298] FAT-fs (loop7): Can't find a valid FAT filesystem
[  192.564895][T17315] macvlan0: entered allmulticast mode
[  192.570941][T17315] veth1_vlan: entered allmulticast mode
[  192.609874][T17319] loop2: detected capacity change from 0 to 2048
[  192.611777][T17315] pim6reg: entered allmulticast mode
[  192.695920][T17334] syz.4.5960[17334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.695999][T17334] syz.4.5960[17334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  192.756117][T17334] loop4: detected capacity change from 0 to 1024
[  192.794726][T17334] EXT4-fs: Ignoring removed oldalloc option
[  192.826456][T17334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.867075][T16004] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.944182][T17367] loop4: detected capacity change from 0 to 512
[  192.967159][T17367] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  192.994955][T17367] EXT4-fs (loop4): 1 truncate cleaned up
[  193.007474][T17367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.191902][T17395] netlink: 140 bytes leftover after parsing attributes in process `syz.1.5969'.
[  193.393745][T16004] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.445193][T17433] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5979'.
[  193.620611][T17483] xt_CT: You must specify a L4 protocol and not use inversions on it
[  193.697296][T17502] syz.4.5994[17502] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.706343][T17502] syz.4.5994[17502] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  193.800609][T17516] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6000'.
[  193.834220][T17511] loop4: detected capacity change from 0 to 2048
[  193.876382][T17511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.938817][T17511] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5998: bg 0: block 274: padding at end of block bitmap is not set
[  193.967077][T17511] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117
[  193.980165][T17511] EXT4-fs (loop4): This should not happen!! Data will be lost
[  193.980165][T17511] 
[  193.997177][T17532] loop2: detected capacity change from 0 to 1024
[  194.034527][T17532] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.056192][T16004] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.076957][T17538] loop0: detected capacity change from 0 to 128
[  194.080987][T17535] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256
[  194.098825][T17541] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6007'.
[  194.119719][T17538] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  194.141008][T10593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.151691][T17538] ext4 filesystem being mounted at /210/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  194.229905][T17549] wireguard0: entered promiscuous mode
[  194.235464][T17549] wireguard0: entered allmulticast mode
[  194.254834][T14953] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  194.302560][T17558] loop4: detected capacity change from 0 to 128
[  194.391551][T17569] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  194.391551][T17569]    program syz.3.6021 not setting count and/or reply_len properly
[  194.429720][T17562] loop2: detected capacity change from 0 to 8192
[  194.531441][    C0] ==================================================================
[  194.539622][    C0] BUG: KCSAN: data-race in do_sys_poll / pollwake
[  194.546037][    C0] 
[  194.548351][    C0] read to 0xffffc90000eabbd0 of 4 bytes by task 17574 on cpu 1:
[  194.555968][    C0]  do_sys_poll+0x986/0xc10
[  194.560370][    C0]  __se_sys_ppoll+0x1af/0x1f0
[  194.565019][    C0]  __x64_sys_ppoll+0x67/0x80
[  194.569580][    C0]  x64_sys_call+0xe71/0x2d60
[  194.574145][    C0]  do_syscall_64+0xc9/0x1c0
[  194.578624][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.584494][    C0] 
[  194.586789][    C0] write to 0xffffc90000eabbd0 of 4 bytes by interrupt on cpu 0:
[  194.594399][    C0]  pollwake+0xbe/0x110
[  194.598449][    C0]  __wake_up+0x65/0xb0
[  194.602502][    C0]  bpf_ringbuf_notify+0x22/0x30
[  194.607330][    C0]  irq_work_run+0xdf/0x2c0
[  194.611722][    C0]  __sysvec_irq_work+0x23/0x1a0
[  194.616547][    C0]  sysvec_irq_work+0x66/0x80
[  194.621118][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  194.626034][    C0]  default_send_IPI_self+0x38/0x80
[  194.631118][    C0]  arch_irq_work_raise+0x48/0x50
[  194.636031][    C0]  __irq_work_queue_local+0x82/0x1d0
[  194.641293][    C0]  irq_work_queue+0x85/0x120
[  194.645856][    C0]  bpf_ringbuf_discard+0xcd/0xf0
[  194.650770][    C0]  bpf_prog_fe0ed97373b08409+0x46/0x4a
[  194.656201][    C0]  bpf_trace_run3+0x10c/0x1d0
[  194.660853][    C0]  kmem_cache_free+0x1fe/0x280
[  194.665596][    C0]  __dentry_kill+0x3d0/0x4c0
[  194.670160][    C0]  dput+0x5c/0xd0
[  194.673768][    C0]  __fput+0x3fb/0x6d0
[  194.677726][    C0]  __fput_sync+0x43/0x60
[  194.681941][    C0]  __se_sys_close+0xf9/0x1a0
[  194.686504][    C0]  __x64_sys_close+0x1f/0x30
[  194.691068][    C0]  x64_sys_call+0x25cb/0x2d60
[  194.695718][    C0]  do_syscall_64+0xc9/0x1c0
[  194.700193][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.706064][    C0] 
[  194.708371][    C0] value changed: 0x00000001 -> 0x00000000
[  194.714058][    C0] 
[  194.716353][    C0] Reported by Kernel Concurrency Sanitizer on:
[  194.722473][    C0] CPU: 0 UID: 0 PID: 16006 Comm: syz-executor Tainted: G        W          6.11.0-syzkaller-04557-g2f27fce67173 #0
[  194.734510][    C0] Tainted: [W]=WARN
[  194.738282][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  194.748311][    C0] ==================================================================