last executing test programs:

20.45235528s ago: executing program 0 (id=1255):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r2=>0x0})
sendmsg$can_bcm(r1, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r2, 0x41}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0)

20.39111178s ago: executing program 0 (id=1257):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea60f327c3a510b441d94d32584e55f7c2320d89b2ba3d44d832b8e7c5f45442de9ef37d057e6d0c6664e8d74e23f18336d41a3e38c2cda49050cb32ca7040a388c75741ac07d3befc714df35dc92ff70ad041cf17b70a971c142bb89ecfe25290750e989c8666560a61b62fdc4fadef7f30b6269a669ef99be7e7ba7ddddf99949fedc0c331796988c6eedb5c66cbe2870a2affce0b550c3411a2aaf302481ee93398c0fbc0c815cfe1e78bf8fed7f19f2c2dae17a4533aa85f6b787f8072adda379118d76dbba3cebfc4c8aacbb1f79a28ec3a0ec99816e3c8721ddcde1ce73b0704063474", 0xe24}, {0x0, 0x4000}, {0x0}, {0x0}, {&(0x7f00000020c0), 0x500}], 0x5}, 0x0)

20.329938881s ago: executing program 0 (id=1258):
r0 = io_uring_setup(0x3c95, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

20.187582613s ago: executing program 0 (id=1265):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

20.162428774s ago: executing program 0 (id=1267):
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000480)='./file0\x00', 0x1000010, &(0x7f0000000000), 0xfe, 0x475, &(0x7f0000000940)="$eJzs3M9vFFUcAPDvTLtL+WUr4g8QFEUj8UdLyw85eMFo4kETEz1gPNW2EGShhtZECFH0gEdD4t14NPEPMF7Ei1FPJl71bkyI4QJycc3szpSl3V22ZdsF9vNJhr437y3zvvPmdd+82W0AfWtX9k8SsSki/oiI4Xr25gq76j+uXTk39e+Vc1NJVKtv/ZPU6l29cm6qqFq8bmOeSdoc98K7EZOVyszpPD82f/KDsbkzZ184fnLy2MyxmVMThw7t37ezfHDiwG3FV7Qhi+vq9o9nd2x77Z2Lb0wdufjeL99mZZvy8sY4umVX/ew29XS3D9ZjmxvSyWAPG8KyDEVE1l2l2vgfjoFYv1A2HK9+1vKFrS9t4C5RrabVda2Lz1eBe1g2m1+moVVpCLDGijf67P632NZo6nFHuHw4FtYxruVbvWQw0rxOKb9HWg3ZbdSR89e/yrZYpXUIAIBGlw5HxPPN5n9pPNRQ7778GcpIRNwfEVsi4oGI2BoRD0bU6j4cEY8s8/iLl5GXzn+qwysKrEPZ/O+l/NnWzfO/YvYXIwN5bnMt/lJy9HhlZm9+TvZEaV2WH29zjB9f+f2LVmWN879sy45fzAXzdvw9uGiBbnpyfvJ2Ym50+dOI7YPN4k8W5rzZ/HhbRGxf4TGOP/vNjqV7r9fuPm4dfxtdmJRXv454pt7/52NR/IWk5fPJ8RcPThwYG4rKzN6x4qpY6tffLrzZ6vi3FX8XXL5UjQ1Nr/8i/uS/ZChi7szZE7XntXPL+M/zR0kX/vy8+T1Nqf5jJdd/OXm7li7n+z6anJ8/PR5RTl5fun/ixmuLfFE/u/737G4+/rfEjTPxaERkF/HOiHgsIh7P++6JiHgyIna3OQ0/v/zU+63KWvd/m1X5Lsrin27b/zGSpW70f5aINE8s7GmXGDjx0/cdxV+M5yX9v7+W2pPv6eT3XyftWubVDAAAAHettPYZ+CQdXUin6eho/TP8W2NDWpmdm3/u6OyHp6brn5UfiVJarHQNx7HvIl8PHc/Xhov10YlF+X35uvGXA+tr+dGp2cp0r4OHPrexxfjP/DXQ69YBq873taB/Gf/Qv4x/6F/GP/Qv4x/6V7Px/0kP2gGsvVu8/69fq3YAa8/8H/qX8Q/9y/iHvtTyu/Fp6yKJOzfxQ7lNn946Ue68cqR3SMj3TKIUTYsGO/5jFitMrGta1OvfTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xfwAAAP//eu/fuw==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
semctl$SEM_STAT_ANY(0x0, 0x1, 0x14, &(0x7f00000000c0)=""/88)

19.868002068s ago: executing program 0 (id=1278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)

19.845350408s ago: executing program 32 (id=1278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7fffffffffffffff}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)

2.329329136s ago: executing program 1 (id=1709):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000600)='./file0\x00', 0x2000000, &(0x7f0000000700)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRESHEX=0x0, @ANYBLOB="308af218c507fba195043000030fac571f882167129e3ce9ffb2d4b5e03563b8b8032777302a9b251d128f8ecf8d76d5490ef766de9b3e0ea02211fb", @ANYRES64=0x0, @ANYRES32], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

1.638480865s ago: executing program 4 (id=1721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040), &(0x7f0000001340), 0x2931b90f, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})

1.593176496s ago: executing program 5 (id=1723):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0xfffffffffffffde8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x18)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}})

1.380279039s ago: executing program 4 (id=1725):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000006000000180100006020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000035000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x8c000003, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000440))
r1 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r1, 0x0, 0x400000000000000, 0x7)

1.219379472s ago: executing program 4 (id=1727):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r1)

1.210013082s ago: executing program 5 (id=1729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

1.178173633s ago: executing program 5 (id=1730):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000640)='kmem_cache_free\x00', r0, 0x0, 0x80001}, 0x18)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000280), 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

1.142763323s ago: executing program 4 (id=1731):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1, 0x0, 0x9}, 0x18)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000400)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x8, 0x3a, '{', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x29)

1.141864443s ago: executing program 1 (id=1732):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x1, 0x840, 0x0, {}, {0x77359400}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "ef1d62ee7e923b0ad9cda5b28dd4753620a2f0271768a8284c18a4e2b5e44dc77098b18fd964df81213608ec503db52d42f1a78c97322f4ae4c8dc89cf2b1440"}}, 0x80}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1, 0x1, 0x3, {}, {0x0, 0x2710}, {0x3, 0x1, 0x1, 0x1}, 0x1, @can={{0x4, 0x0, 0x0, 0x1}, 0x7, 0x2, 0x0, 0x0, "d467aef0f23fe738"}}, 0x48}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x2, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x40, 0x1, 0x0, 0x0, "ce2a4fa7a0aa108b"}}, 0x48}}, 0x40884)

1.123477523s ago: executing program 5 (id=1735):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))

1.080315024s ago: executing program 4 (id=1736):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
gettid()
syz_clone3(&(0x7f0000000440)={0x4000080, 0x0, 0x0, 0x0, {0x3b}, 0x0, 0x0, &(0x7f0000000140)=""/204, &(0x7f00000003c0)=[0x0], 0x1}, 0x58)

1.066146064s ago: executing program 1 (id=1738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kmem_cache_free\x00', r1, 0x0, 0xd22}, 0x17)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f00000006c0)={&(0x7f0000000180), 0xc, &(0x7f0000000680)={0x0}, 0x1, 0x0, 0x0, 0x4000010}, 0x4)

1.042761404s ago: executing program 5 (id=1740):
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1003, 0x10122, 0x0)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0xe000)

923.412286ms ago: executing program 1 (id=1742):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x140, 0x0)
r1 = syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090, 0x0, 0xce}, &(0x7f0000000100), &(0x7f0000000080))
r2 = inotify_init1(0x0)
read(r2, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000c00), 0x0, &(0x7f0000000b80)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

922.674086ms ago: executing program 5 (id=1744):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000600)='./file0\x00', 0x2000000, &(0x7f0000000700)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRESHEX=0x0, @ANYBLOB="308af218c507fba195043000030fac571f882167129e3ce9ffb2d4b5e03563b8b8032777302a9b251d128f8ecf8d76d5490ef766de9b3e0ea02211fb", @ANYRES64=0x0, @ANYRES32], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

840.245697ms ago: executing program 4 (id=1745):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f00000007c0)={0x0, 0xea60}, 0x10)
recvfrom(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

376.010894ms ago: executing program 2 (id=1747):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000500)='mmap_lock_acquire_returned\x00', r0, 0x0, 0x1}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x10, 0x0, 0x0)

375.439424ms ago: executing program 3 (id=1748):
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r1 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)

362.704844ms ago: executing program 2 (id=1749):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101c02, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000240)={0x1, &(0x7f0000000180)=[{0x48, 0x0, 0x20, 0x1}]})

344.042825ms ago: executing program 3 (id=1750):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000280)=0x630a, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000400)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c)
recvmmsg(r1, &(0x7f0000000f80)=[{{0x0, 0xfffffffffffffdba, &(0x7f0000000980)=[{&(0x7f0000000300)=""/122}, {&(0x7f0000000780)=""/126}, {&(0x7f00000004c0)=""/68}, {&(0x7f0000000540)=""/195}, {&(0x7f0000000640)=""/182}, {&(0x7f0000000700)=""/102}, {&(0x7f0000000180)=""/56}, {&(0x7f0000001000)=""/193}, {&(0x7f0000000880)=""/242}], 0x0, &(0x7f0000000a40)=""/126}, 0xe4}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000440), 0x14}, {&(0x7f0000000ac0)=""/166}, {&(0x7f0000000b80)=""/173}, {&(0x7f0000000c40)=""/221}, {&(0x7f0000000d40)=""/236}, {&(0x7f0000000e40)=""/60}], 0x24, &(0x7f0000000800)=""/73}, 0x1}], 0x2a, 0x40012020, 0x0)

259.993346ms ago: executing program 3 (id=1751):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="020114008cdc18000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304000000ffffca88faca"], 0xdd12}], 0x1}, 0x0)

259.456786ms ago: executing program 2 (id=1752):
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f00000006c0)={0x2, 0x0, 0x5, 0xff81, 0x0, 0x7c, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0xffffffff, 0x2e9}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)

259.243026ms ago: executing program 3 (id=1753):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})
close(r1)

251.221436ms ago: executing program 2 (id=1754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000306010100000000000000000100000005000100fa"], 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x20000000)

189.587837ms ago: executing program 3 (id=1755):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x3, 0xfffffffc, {{@in=@multicast1=0xe0000002, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x0, 0xffff, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffffffffffb}, {}, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x70bd25, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x8}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x4, 0x1000}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x4000000)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2=0xfe800000, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

189.206447ms ago: executing program 2 (id=1756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b80)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40000)

140.459017ms ago: executing program 2 (id=1757):
r0 = io_uring_setup(0x3c95, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
accept(r1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

87.669108ms ago: executing program 1 (id=1758):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@multicast1, 0xfffe, 0x0, 0x0, 0x100, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x2000000000000000, 0xa00, 0xc, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0xa, @in6=@rand_addr=' \x01\x00', 0x10006, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

87.456758ms ago: executing program 3 (id=1759):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='tlb_flush\x00', r0}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=1760):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029"], 0xb8}}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001002bbd700003000000e0000001000000000000000000000000fe8000000000000000000000000000bb0000fffd000000000a00000000000000", @ANYBLOB], 0xb8}}, 0x4040000)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="b8000000190001004000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000900000000000000000000000000000000000000000000000200000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff0700"/112], 0xb8}}, 0x10)

kernel console output (not intermixed with test programs):

th0_vlan: entered promiscuous mode
[   32.626929][ T3303] veth1_vlan: entered promiscuous mode
[   32.642725][ T3310] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.661838][ T3304] veth0_macvtap: entered promiscuous mode
[   32.673234][ T3303] veth0_macvtap: entered promiscuous mode
[   32.688916][ T3310] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.697876][ T3310] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.706823][ T3310] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.715631][ T3310] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.732256][ T3303] veth1_macvtap: entered promiscuous mode
[   32.740189][ T3304] veth1_macvtap: entered promiscuous mode
[   32.763782][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.776125][ T3305] veth0_vlan: entered promiscuous mode
[   32.798174][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.810080][ T3310] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   32.822460][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.833057][ T3303] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.841964][ T3303] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.850814][ T3303] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.859586][ T3303] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.870878][ T3305] veth1_vlan: entered promiscuous mode
[   32.880635][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.922844][ T3304] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.931737][ T3304] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.940563][ T3304] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.949446][ T3304] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.012192][ T3305] veth0_macvtap: entered promiscuous mode
[   33.020267][ T3305] veth1_macvtap: entered promiscuous mode
[   33.032474][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.051892][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.078181][ T3314] veth0_vlan: entered promiscuous mode
[   33.094567][ T3305] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.103383][ T3305] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.112210][ T3305] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.120965][ T3305] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.140749][ T3485] loop3: detected capacity change from 0 to 512
[   33.157992][ T3485] EXT4-fs: Ignoring removed nomblk_io_submit option
[   33.198449][ T3485] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   33.211633][ T3485] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   33.222895][ T3314] veth1_vlan: entered promiscuous mode
[   33.283112][ T3314] veth0_macvtap: entered promiscuous mode
[   33.301115][ T3485] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[   33.302825][ T3314] veth1_macvtap: entered promiscuous mode
[   33.324872][   T29] kauditd_printk_skb: 36 callbacks suppressed
[   33.324940][   T29] audit: type=1400 audit(1750880415.377:108): avc:  denied  { create } for  pid=3498 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.327705][ T3485] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   33.339004][   T29] audit: type=1400 audit(1750880415.387:109): avc:  denied  { bind } for  pid=3498 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.380338][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.390276][ T3485] EXT4-fs (loop3): 1 truncate cleaned up
[   33.396506][ T3485] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.416213][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.424693][ T3314] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.433526][ T3314] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.442306][ T3314] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.451101][ T3314] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.465435][   T29] audit: type=1400 audit(1750880415.467:110): avc:  denied  { mount } for  pid=3484 comm="syz.3.8" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   33.545470][   T29] audit: type=1400 audit(1750880415.607:111): avc:  denied  { write } for  pid=3506 comm="syz.0.16" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   33.599103][   T29] audit: type=1400 audit(1750880415.657:112): avc:  denied  { create } for  pid=3509 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   33.632727][ T3485] syz.3.8 (3485) used greatest stack depth: 10824 bytes left
[   33.665293][   T29] audit: type=1400 audit(1750880415.657:113): avc:  denied  { write } for  pid=3509 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   33.685667][   T29] audit: type=1400 audit(1750880415.657:114): avc:  denied  { read } for  pid=3509 comm="syz.4.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   33.717377][ T3515] loop4: detected capacity change from 0 to 512
[   33.730463][   T29] audit: type=1400 audit(1750880415.727:115): avc:  denied  { create } for  pid=3512 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.750852][   T29] audit: type=1400 audit(1750880415.727:116): avc:  denied  { write } for  pid=3512 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.771179][   T29] audit: type=1400 audit(1750880415.727:117): avc:  denied  { read } for  pid=3512 comm="syz.0.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.808344][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.818746][ T3520] netlink: 'syz.0.22': attribute type 2 has an invalid length.
[   33.826432][ T3520] netlink: 'syz.0.22': attribute type 1 has an invalid length.
[   33.834172][ T3520] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.22'.
[   33.881281][ T3515] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.905494][ T3515] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   33.952587][ T3515] syz.4.18 (3515) used greatest stack depth: 10096 bytes left
[   33.977275][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.094330][ T3550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.34'.
[   34.103200][ T3550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.34'.
[   34.168228][ T3550] netlink: 8 bytes leftover after parsing attributes in process `syz.1.34'.
[   34.177229][ T3550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.34'.
[   34.204883][ T3550] Zero length message leads to an empty skb
[   34.335865][ T3570] SELinux: failed to load policy
[   34.490604][ T3588] syz.4.52 uses obsolete (PF_INET,SOCK_PACKET)
[   34.561998][ T3593] SELinux: failed to load policy
[   34.679478][ T3599] SELinux:  Context system_u:object_r:wtmp_t:s0 is not valid (left unmapped).
[   35.078948][ T3624] batadv_slave_1: entered promiscuous mode
[   35.106412][ T3623] batadv_slave_1: left promiscuous mode
[   35.477555][ T3658] vhci_hcd: invalid port number 96
[   35.482737][ T3658] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   35.754423][ T3686] netlink: 16 bytes leftover after parsing attributes in process `syz.0.97'.
[   35.799731][ T3690] loop3: detected capacity change from 0 to 1024
[   35.846009][ T3690] =======================================================
[   35.846009][ T3690] WARNING: The mand mount option has been deprecated and
[   35.846009][ T3690]          and is ignored by this kernel. Remove the mand
[   35.846009][ T3690]          option from the mount to silence this warning.
[   35.846009][ T3690] =======================================================
[   35.887858][ T3690] EXT4-fs: Ignoring removed bh option
[   35.893719][ T3690] EXT4-fs: inline encryption not supported
[   35.906349][ T3690] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   35.924842][ T3690] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c842e018, mo2=0000]
[   35.940710][ T3690] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.99: bad orphan inode 11
[   35.956616][ T3690] ext4_test_bit(bit=10, block=4) = 1
[   35.962101][ T3690] is_bad_inode(inode)=0
[   35.966317][ T3690] NEXT_ORPHAN(inode)=3254779904
[   35.971218][ T3690] max_ino=32
[   35.974480][ T3690] i_nlink=0
[   35.980427][ T3702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.105'.
[   35.992785][ T3702] ipvlan2: entered promiscuous mode
[   36.001651][ T3395] kernel write not supported for file /30/attr/exec (pid: 3395 comm: kworker/0:4)
[   36.011864][ T3690] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.99: lblock 2 mapped to illegal pblock 2 (length 1)
[   36.028779][ T3690] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.99: lblock 0 mapped to illegal pblock 48 (length 1)
[   36.053337][ T3690] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.99: Failed to acquire dquot type 0
[   36.082522][ T3690] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   36.094522][ T3690] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.99: mark_inode_dirty error
[   36.124781][ T3690] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   36.143576][ T3690] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.186887][ T3690] SELinux: syz.3.99 (3690) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   36.227250][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.248741][ T3303] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0
[   36.266471][ T3722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.115'.
[   36.267619][ T3303] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   36.285809][ T3303] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[   36.344923][ T3726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.358575][ T3728] netlink: 'syz.3.117': attribute type 1 has an invalid length.
[   36.368883][ T3726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.411210][ T3736] capability: warning: `syz.3.120' uses deprecated v2 capabilities in a way that may be insecure
[   36.612836][ T3766] sctp: [Deprecated]: syz.4.135 (pid 3766) Use of struct sctp_assoc_value in delayed_ack socket option.
[   36.612836][ T3766] Use struct sctp_sack_info instead
[   36.682674][ T3774] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.133'.
[   36.694036][ T3764] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.133'.
[   36.823789][ T3789] netlink: 'syz.4.145': attribute type 30 has an invalid length.
[   36.971403][ T3803] netlink: 'syz.2.152': attribute type 2 has an invalid length.
[   37.139890][ T3827] loop3: detected capacity change from 0 to 256
[   37.159861][ T3827] FAT-fs (loop3): Directory bread(block 64) failed
[   37.180086][ T3827] FAT-fs (loop3): Directory bread(block 65) failed
[   37.189628][ T3827] FAT-fs (loop3): Directory bread(block 66) failed
[   37.198245][ T3827] FAT-fs (loop3): Directory bread(block 67) failed
[   37.205083][ T3827] FAT-fs (loop3): Directory bread(block 68) failed
[   37.222884][ T3827] FAT-fs (loop3): Directory bread(block 69) failed
[   37.238853][ T3827] FAT-fs (loop3): Directory bread(block 70) failed
[   37.256402][ T3827] FAT-fs (loop3): Directory bread(block 71) failed
[   37.263084][ T3827] FAT-fs (loop3): Directory bread(block 72) failed
[   37.280040][ T3827] FAT-fs (loop3): Directory bread(block 73) failed
[   37.357187][ T3827] syz.3.163: attempt to access beyond end of device
[   37.357187][ T3827] loop3: rw=2049, sector=1224, nr_sectors = 8 limit=256
[   37.379136][ T3841] loop4: detected capacity change from 0 to 512
[   37.386761][ T3841] EXT4-fs: Ignoring removed i_version option
[   37.403105][ T3827] syz.3.163: attempt to access beyond end of device
[   37.403105][ T3827] loop3: rw=2049, sector=1224, nr_sectors = 4 limit=256
[   37.416665][ T3827] Buffer I/O error on dev loop3, logical block 306, lost async page write
[   37.435266][ T2995] udevd[2995]: worker [3294] terminated by signal 33 (Unknown signal 33)
[   37.443836][ T3841] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   37.458433][ T3845] loop2: detected capacity change from 0 to 512
[   37.468446][ T3847] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   37.471537][ T2995] udevd[2995]: worker [3294] failed while handling '/devices/virtual/block/loop4'
[   37.486631][ T3841] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[   37.494576][ T3841] System zones: 1-12
[   37.496357][ T3845] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   37.498864][ T3841] EXT4-fs (loop4): orphan cleanup on readonly fs
[   37.515478][ T3847] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   37.523555][ T3841] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.169: invalid indirect mapped block 12 (level 1)
[   37.543038][  T161] kworker/u8:5: attempt to access beyond end of device
[   37.543038][  T161] loop3: rw=1, sector=1232, nr_sectors = 600 limit=256
[   37.561135][ T3841] EXT4-fs (loop4): Remounting filesystem read-only
[   37.569300][  T161] kworker/u8:5: attempt to access beyond end of device
[   37.569300][  T161] loop3: rw=1, sector=1864, nr_sectors = 1444 limit=256
[   37.584491][ T3841] EXT4-fs (loop4): 1 truncate cleaned up
[   37.590984][ T3841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   37.593199][ T3845] EXT4-fs (loop2): 1 truncate cleaned up
[   37.635669][ T3845] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.687269][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   37.701345][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.732732][ T3862] loop3: detected capacity change from 0 to 256
[   37.998938][ T3882] loop3: detected capacity change from 0 to 2048
[   38.074061][ T3882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.121726][ T3882] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.373426][ T3864] Set syz1 is full, maxelem 65536 reached
[   38.379681][ T3894] syz.1.190 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   38.396012][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.481096][   T29] kauditd_printk_skb: 139 callbacks suppressed
[   38.481189][   T29] audit: type=1400 audit(1750880420.537:255): avc:  denied  { write } for  pid=3899 comm="syz.2.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   38.534985][   T29] audit: type=1400 audit(1750880420.587:256): avc:  denied  { read } for  pid=3902 comm="syz.1.196" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   38.558008][   T29] audit: type=1400 audit(1750880420.587:257): avc:  denied  { open } for  pid=3902 comm="syz.1.196" path="/dev/ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   38.581541][   T29] audit: type=1400 audit(1750880420.587:258): avc:  denied  { ioctl } for  pid=3902 comm="syz.1.196" path="/dev/ptp0" dev="devtmpfs" ino=246 ioctlcmd=0x3d05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   38.690453][   T29] audit: type=1400 audit(1750880420.697:259): avc:  denied  { relabelfrom } for  pid=3911 comm="syz.4.198" name="NETLINK" dev="sockfs" ino=5783 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   38.714744][   T29] audit: type=1400 audit(1750880420.697:260): avc:  denied  { relabelto } for  pid=3911 comm="syz.4.198" name="NETLINK" dev="sockfs" ino=5783 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[   38.739749][   T29] audit: type=1400 audit(1750880420.717:261): avc:  denied  { bind } for  pid=3918 comm="syz.4.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.759031][   T29] audit: type=1400 audit(1750880420.717:262): avc:  denied  { name_bind } for  pid=3918 comm="syz.4.202" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   38.780727][   T29] audit: type=1400 audit(1750880420.717:263): avc:  denied  { node_bind } for  pid=3918 comm="syz.4.202" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   38.802283][   T29] audit: type=1400 audit(1750880420.717:264): avc:  denied  { write } for  pid=3918 comm="syz.4.202" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   38.829159][ T3931] loop4: detected capacity change from 0 to 512
[   38.836413][ T3931] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   38.856469][ T3931] EXT4-fs (loop4): 1 truncate cleaned up
[   38.862596][ T3931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.892863][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.934836][ T3934] netlink: 76 bytes leftover after parsing attributes in process `syz.1.208'.
[   39.019412][    C0] hrtimer: interrupt took 48535 ns
[   39.096554][ T3954] process 'syz.2.216' launched '/dev/fd/5' with NULL argv: empty string added
[   39.244113][ T3968] netlink: 'syz.3.223': attribute type 10 has an invalid length.
[   39.310752][ T3974] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3974 comm=syz.3.226
[   39.323484][ T3974] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=3974 comm=syz.3.226
[   39.421568][ T3983] tap0: tun_chr_ioctl cmd 1074025678
[   39.427120][ T3983] tap0: group set to 0
[   39.449297][ T3983] tap0: tun_chr_ioctl cmd 1074025677
[   39.454749][ T3983] tap0: linktype set to 821
[   40.003976][ T4041] loop0: detected capacity change from 0 to 1024
[   40.031461][ T4041] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.055462][ T4041] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.131240][ T4051] loop2: detected capacity change from 0 to 1024
[   40.162091][ T4051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.182646][ T4051] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.211807][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.290851][ T4071] netlink: 16 bytes leftover after parsing attributes in process `syz.4.269'.
[   40.342213][ T4077] loop4: detected capacity change from 0 to 512
[   40.367888][ T4077] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.272: bg 0: block 248: padding at end of block bitmap is not set
[   40.402569][ T4077] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.272: Failed to acquire dquot type 1
[   40.421129][ T4077] EXT4-fs (loop4): 1 truncate cleaned up
[   40.450757][ T4083] loop3: detected capacity change from 0 to 512
[   40.462361][ T4077] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.478932][ T4086] netlink: 14 bytes leftover after parsing attributes in process `syz.1.274'.
[   40.496786][ T4083] EXT4-fs (loop3): blocks per group (71) and clusters per group (20800) inconsistent
[   40.522629][ T4077] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   40.539282][ T4086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   40.575581][ T4077] syz.4.272 (4077) used greatest stack depth: 9304 bytes left
[   40.601662][ T4086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   40.613159][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.623941][ T4086] bond0 (unregistering): Released all slaves
[   40.662546][ T4093] IPVS: Scheduler module ip_vs_ not found
[   40.672496][ T4095] loop4: detected capacity change from 0 to 1024
[   40.698374][ T4095] EXT4-fs: Ignoring removed bh option
[   40.743585][ T4095] EXT4-fs: inline encryption not supported
[   40.762687][ T4104] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'.
[   40.785890][ T4095] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.808538][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.819867][ T4095] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c842e018, mo2=0000]
[   40.848401][ T4095] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.277: bad orphan inode 11
[   40.898424][ T4095] ext4_test_bit(bit=10, block=4) = 1
[   40.904150][ T4095] is_bad_inode(inode)=0
[   40.908451][ T4095] NEXT_ORPHAN(inode)=3254779904
[   40.913325][ T4095] max_ino=32
[   40.916572][ T4095] i_nlink=0
[   40.965062][ T4095] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.277: lblock 2 mapped to illegal pblock 2 (length 1)
[   40.986324][ T4095] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.277: lblock 0 mapped to illegal pblock 48 (length 1)
[   41.006602][ T4095] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.277: Failed to acquire dquot type 0
[   41.018675][ T4095] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   41.028391][ T4095] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.277: mark_inode_dirty error
[   41.045598][ T4095] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   41.057471][ T4095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.099804][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.121337][ T3314] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0
[   41.154119][ T3314] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[   41.163812][ T3314] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[   41.550903][ T4174] random: crng reseeded on system resumption
[   41.630036][ T4185] netlink: 4 bytes leftover after parsing attributes in process `syz.1.318'.
[   41.669018][ T4190] IPv6: Can't replace route, no match found
[   41.703677][ T4197] netlink: 28 bytes leftover after parsing attributes in process `syz.1.322'.
[   41.712765][ T4197] netlink: 'syz.1.322': attribute type 7 has an invalid length.
[   41.720500][ T4197] netlink: 'syz.1.322': attribute type 8 has an invalid length.
[   41.728192][ T4197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.322'.
[   41.747463][ T4197] gretap0: entered promiscuous mode
[   41.761330][ T4197] gretap0: left promiscuous mode
[   41.772826][ T4201] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.852308][ T4211] openvswitch: netlink: Message has 6 unknown bytes.
[   41.951719][ T4223] loop3: detected capacity change from 0 to 1024
[   41.975122][ T4223] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   41.986139][ T4223] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   42.007101][ T4227] loop4: detected capacity change from 0 to 1024
[   42.043512][ T4223] JBD2: no valid journal superblock found
[   42.049333][ T4223] EXT4-fs (loop3): Could not load journal inode
[   42.059019][ T4227] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.103602][ T4223] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[   42.126927][ T4233] capability: warning: `syz.2.336' uses 32-bit capabilities (legacy support in use)
[   42.128079][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.213370][   T36] IPVS: starting estimator thread 0...
[   42.305326][ T4243] IPVS: using max 1920 ests per chain, 96000 per kthread
[   42.536159][ T4279] IPv6: Can't replace route, no match found
[   42.597055][ T4287] netlink: 16 bytes leftover after parsing attributes in process `syz.2.362'.
[   42.688572][ T4295] veth0: entered promiscuous mode
[   42.713567][ T4295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.366'.
[   43.116168][ T4346] loop3: detected capacity change from 0 to 2048
[   43.146945][ T4346] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   43.247992][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   43.378858][ T4362] netlink: 'syz.4.395': attribute type 3 has an invalid length.
[   43.386603][ T4362] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.395'.
[   43.405945][ T4360] IPVS: sh: UDP 224.0.0.2:20004 - no destination available
[   43.518519][   T29] kauditd_printk_skb: 187 callbacks suppressed
[   43.518537][   T29] audit: type=1400 audit(1750880425.577:448): avc:  denied  { create } for  pid=4366 comm="syz.4.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   43.564730][   T29] audit: type=1400 audit(1750880425.577:449): avc:  denied  { write } for  pid=4366 comm="syz.4.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   43.583954][   T29] audit: type=1400 audit(1750880425.607:450): avc:  denied  { create } for  pid=4368 comm="syz.3.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   43.603286][   T29] audit: type=1400 audit(1750880425.617:451): avc:  denied  { bind } for  pid=4368 comm="syz.3.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   43.687978][   T29] audit: type=1400 audit(1750880425.737:452): avc:  denied  { write } for  pid=4376 comm="syz.4.401" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   43.698433][ T4375] hub 9-0:1.0: USB hub found
[   43.757549][   T29] audit: type=1400 audit(1750880425.747:453): avc:  denied  { write } for  pid=4368 comm="syz.3.398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   43.783231][ T4375] hub 9-0:1.0: 8 ports detected
[   43.836311][   T29] audit: type=1400 audit(1750880425.897:454): avc:  denied  { bind } for  pid=4386 comm="syz.3.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   43.869885][   T29] audit: type=1400 audit(1750880425.917:455): avc:  denied  { setopt } for  pid=4386 comm="syz.3.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   43.996183][   T29] audit: type=1400 audit(1750880426.027:456): avc:  denied  { mount } for  pid=4403 comm="syz.3.414" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   44.130564][   T29] audit: type=1400 audit(1750880426.187:457): avc:  denied  { read } for  pid=4415 comm="syz.3.419" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   44.258215][ T4427] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   44.294921][ T4429] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   44.537066][ T4452] mmap: syz.0.434 (4452) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   44.946099][ T4473] netlink: 8 bytes leftover after parsing attributes in process `syz.0.444'.
[   44.954941][ T4473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.444'.
[   44.956844][ T4477] loop3: detected capacity change from 0 to 164
[   45.013890][ T4473] wireguard0: entered promiscuous mode
[   45.014024][ T4477] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   45.039097][ T4477] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   45.058910][ T4484] program syz.4.449 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   45.075026][ T4477] Symlink component flag not implemented
[   45.080751][ T4477] Symlink component flag not implemented
[   45.091682][ T4486] loop2: detected capacity change from 0 to 512
[   45.098764][ T4477] Symlink component flag not implemented (7)
[   45.104770][ T4477] Symlink component flag not implemented (116)
[   45.163648][ T4486] EXT4-fs (loop2): 1 orphan inode deleted
[   45.177254][   T67] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 1
[   45.194475][ T4486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.210319][ T4486] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.284090][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.785546][ T4521] vhci_hcd: invalid port number 255
[   45.790841][ T4521] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[   45.841567][ T4526] netlink: 24 bytes leftover after parsing attributes in process `syz.2.467'.
[   45.901286][ T4532] loop0: detected capacity change from 0 to 1024
[   45.985993][ T4532] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.029649][ T4532] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   46.079603][ T4532] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 1 with error 28
[   46.092067][ T4532] EXT4-fs (loop0): This should not happen!! Data will be lost
[   46.092067][ T4532] 
[   46.101860][ T4532] EXT4-fs (loop0): Total free blocks count 0
[   46.107944][ T4532] EXT4-fs (loop0): Free/Dirty block details
[   46.113954][ T4532] EXT4-fs (loop0): free_blocks=20480
[   46.119438][ T4532] EXT4-fs (loop0): dirty_blocks=32
[   46.124572][ T4532] EXT4-fs (loop0): Block reservation details
[   46.130710][ T4532] EXT4-fs (loop0): i_reserved_data_blocks=2
[   46.168864][  T161] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   46.373866][ T4555] xt_CT: You must specify a L4 protocol and not use inversions on it
[   46.807321][ T4578] program syz.1.488 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   47.193359][ T4621] sctp: [Deprecated]: syz.0.510 (pid 4621) Use of struct sctp_assoc_value in delayed_ack socket option.
[   47.193359][ T4621] Use struct sctp_sack_info instead
[   47.318161][ T4635] netlink: 'syz.1.517': attribute type 27 has an invalid length.
[   47.398825][ T4635] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.406186][ T4635] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.468074][ T4649] sctp: [Deprecated]: syz.3.524 (pid 4649) Use of struct sctp_assoc_value in delayed_ack socket option.
[   47.468074][ T4649] Use struct sctp_sack_info instead
[   47.505850][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.515713][ T4656] netlink: 'syz.0.527': attribute type 1 has an invalid length.
[   47.533271][ T4635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.581520][ T4635] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.590696][ T4635] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.599807][ T4635] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   47.608859][ T4635] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   48.004793][ T4705] netlink: 24 bytes leftover after parsing attributes in process `syz.0.550'.
[   48.074030][ T4703] SELinux: failed to load policy
[   48.138827][ T4726] netlink: 'syz.3.554': attribute type 1 has an invalid length.
[   48.232273][ T4739] netlink: 56 bytes leftover after parsing attributes in process `syz.3.559'.
[   48.309102][ T4748] netlink: 8 bytes leftover after parsing attributes in process `syz.3.561'.
[   48.327007][ T4745] loop4: detected capacity change from 0 to 2048
[   48.356005][ T4743] loop2: detected capacity change from 0 to 2048
[   48.426618][ T3554]  loop4: p1 < > p4
[   48.431191][ T3296]  loop2: p1 < > p4
[   48.435881][ T3296] loop2: p4 size 8388608 extends beyond EOD, truncated
[   48.436798][ T3554] loop4: p4 size 8388608 extends beyond EOD, truncated
[   48.457752][ T4743]  loop2: p1 < > p4
[   48.466934][ T4743] loop2: p4 size 8388608 extends beyond EOD, truncated
[   48.487552][ T4745]  loop4: p1 < > p4
[   48.496578][ T4745] loop4: p4 size 8388608 extends beyond EOD, truncated
[   48.510996][ T2995]  loop2: p1 < > p4
[   48.529253][ T2995] loop2: p4 size 8388608 extends beyond EOD, truncated
[   48.553388][   T29] kauditd_printk_skb: 110 callbacks suppressed
[   48.553414][   T29] audit: type=1400 audit(1750880430.607:567): avc:  denied  { unmount } for  pid=3314 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   48.636737][ T3296] udevd[3296]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   48.638736][ T3553] udevd[3553]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   48.657188][   T29] audit: type=1400 audit(1750880430.617:568): avc:  denied  { read } for  pid=4733 comm="syz.2.557" name="loop2p1" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   48.679841][   T29] audit: type=1400 audit(1750880430.617:569): avc:  denied  { open } for  pid=4733 comm="syz.2.557" path="/dev/loop2p1" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   48.702924][   T29] audit: type=1400 audit(1750880430.617:570): avc:  denied  { ioctl } for  pid=4733 comm="syz.2.557" path="/dev/loop2p1" dev="devtmpfs" ino=622 ioctlcmd=0x1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   48.736416][ T3554] udevd[3554]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   48.749523][ T3849] udevd[3849]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   48.808155][ T3849] udevd[3849]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   48.819688][ T3554] udevd[3554]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[   48.834199][ T4769] udevd[4769]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   48.848551][ T4768] udevd[4768]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   48.896690][ T4769] udevd[4769]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   48.908991][ T3554] udevd[3554]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   48.932797][   T29] audit: type=1400 audit(1750880430.987:571): avc:  denied  { create } for  pid=4786 comm="syz.4.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   48.940548][ T4787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.579'.
[   49.019357][ T4785] loop0: detected capacity change from 0 to 8192
[   49.047077][   T29] audit: type=1400 audit(1750880431.107:572): avc:  denied  { mount } for  pid=4784 comm="syz.0.577" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   49.188049][   T29] audit: type=1400 audit(1750880431.237:573): avc:  denied  { unmount } for  pid=3310 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   49.233271][   T29] audit: type=1326 audit(1750880431.257:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.0.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593fe2e929 code=0x7ffc0000
[   49.256612][   T29] audit: type=1326 audit(1750880431.257:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.0.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593fe2e929 code=0x7ffc0000
[   49.280191][   T29] audit: type=1326 audit(1750880431.257:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4807 comm="syz.0.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f593fe2e929 code=0x7ffc0000
[   49.383667][ T4821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.595'.
[   49.393771][ T4821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.595'.
[   49.442725][ T4825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.596'.
[   49.510632][ T4830] Illegal XDP return value 4294967274 on prog  (id 390) dev N/A, expect packet loss!
[   49.546718][ T4834] netlink: 'syz.3.600': attribute type 1 has an invalid length.
[   49.604584][ T4838] loop0: detected capacity change from 0 to 1024
[   49.615871][ T4838] EXT4-fs: Ignoring removed mblk_io_submit option
[   49.625360][ T4838] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.641820][ T4838] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.656336][ T4838] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.602: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   49.676954][ T4838] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.602: couldn't read orphan inode 11 (err -117)
[   49.690126][ T4838] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.722352][ T4838] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.602: Invalid block bitmap block 0 in block_group 0
[   49.741510][ T4848] netlink: 'syz.3.607': attribute type 1 has an invalid length.
[   49.744693][ T4838] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.602: Failed to acquire dquot type 0
[   49.860405][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.174340][ T4883] loop2: detected capacity change from 0 to 512
[   50.198054][ T4883] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   50.238058][ T4883] EXT4-fs (loop2): 1 truncate cleaned up
[   50.260408][ T4883] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.303102][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.600966][ T4934] loop3: detected capacity change from 0 to 128
[   50.621073][ T4934] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   50.636216][ T4934] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.690446][   T31] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   50.712828][ T4940] __nla_validate_parse: 1 callbacks suppressed
[   50.712843][ T4940] netlink: 28 bytes leftover after parsing attributes in process `syz.2.647'.
[   50.728067][ T4940] netlink: 32 bytes leftover after parsing attributes in process `syz.2.647'.
[   50.737006][ T4940] netlink: 28 bytes leftover after parsing attributes in process `syz.2.647'.
[   50.746710][ T4940] netlink: 32 bytes leftover after parsing attributes in process `syz.2.647'.
[   50.785996][ T4943] vhci_hcd: invalid port number 96
[   50.791231][ T4943] vhci_hcd: default hub control req: 0000 vffff i0060 l0
[   51.087486][ T4983] loop4: detected capacity change from 0 to 512
[   51.105203][ T4983] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[   51.113316][ T4983] System zones: 1-12
[   51.117806][ T4983] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.666: Directory hole found for htree index block 0
[   51.140277][ T4983] EXT4-fs (loop4): Remounting filesystem read-only
[   51.153411][ T4983] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117
[   51.161884][ T4983] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   51.170678][ T4983] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.193407][ T4983] EXT4-fs (loop4): shut down requested (2)
[   51.224031][ T4993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.670'.
[   51.244651][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.338715][ T3554] printk: udevd: 2 output lines suppressed due to ratelimiting
[   51.457395][ T5014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.678'.
[   51.466578][ T5014] netlink: 'syz.2.678': attribute type 7 has an invalid length.
[   51.474250][ T5014] netlink: 'syz.2.678': attribute type 8 has an invalid length.
[   51.481911][ T5014] netlink: 4 bytes leftover after parsing attributes in process `syz.2.678'.
[   51.493976][ T5014] gretap0: entered promiscuous mode
[   51.500742][ T5014] gretap0: left promiscuous mode
[   51.521076][ T5016] netem: change failed
[   51.582767][ T5023] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[   51.604302][ T5024] netlink: 'syz.4.684': attribute type 1 has an invalid length.
[   51.752828][ T5051] rdma_op ffff88811d835d80 conn xmit_rdma 0000000000000000
[   51.786584][   T67] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x5
[   51.798644][ T5055] netlink: 12 bytes leftover after parsing attributes in process `syz.0.697'.
[   51.813441][ T5057] vhci_hcd: invalid port number 96
[   51.818642][ T5057] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   51.901049][ T5075] loop2: detected capacity change from 0 to 512
[   51.909917][ T5075] ext3: Unknown parameter 'fowner'
[   52.019463][ T5097] netlink: 20 bytes leftover after parsing attributes in process `wޣ�'.
[   52.028623][ T5097] netlink: 20 bytes leftover after parsing attributes in process `wޣ�'.
[   52.060216][ T5103] loop4: detected capacity change from 0 to 512
[   52.067774][ T5103] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   52.095846][ T5103] EXT4-fs (loop4): 1 truncate cleaned up
[   52.101916][ T5103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.143921][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.159747][ T5110] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5110 comm=syz.3.716
[   52.532438][ T5144] loop3: detected capacity change from 0 to 2048
[   52.587435][ T5144]  loop3: p1 < > p4
[   52.600062][ T5144] loop3: p4 size 8388608 extends beyond EOD, truncated
[   52.828278][ T5172] loop1: detected capacity change from 0 to 8192
[   52.847004][ T5172] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   53.141859][ T5202] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   53.241141][ T5210] SELinux: failed to load policy
[   53.309951][ T5229] loop1: detected capacity change from 0 to 1024
[   53.330148][ T5229] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.349618][ T5229] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   53.366047][ T5229] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   53.378588][ T5229] EXT4-fs (loop1): This should not happen!! Data will be lost
[   53.378588][ T5229] 
[   53.388316][ T5229] EXT4-fs (loop1): Total free blocks count 0
[   53.394477][ T5229] EXT4-fs (loop1): Free/Dirty block details
[   53.400445][ T5229] EXT4-fs (loop1): free_blocks=68451041280
[   53.406418][ T5229] EXT4-fs (loop1): dirty_blocks=32
[   53.408878][ T5240] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[   53.411567][ T5229] EXT4-fs (loop1): Block reservation details
[   53.411582][ T5229] EXT4-fs (loop1): i_reserved_data_blocks=5
[   53.440166][ T5239] SELinux:  policydb version 0 does not match my version range 15-34
[   53.448406][ T5239] SELinux: failed to load policy
[   53.487190][ T5247] netlink: 'syz.4.773': attribute type 10 has an invalid length.
[   53.495005][ T5247] netlink: 'syz.4.773': attribute type 19 has an invalid length.
[   53.618637][ T5263] SELinux: ebitmap: truncated map
[   53.624391][ T5263] SELinux: failed to load policy
[   53.647594][ T5265] loop0: detected capacity change from 0 to 512
[   53.657678][ T5265] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   53.679094][ T5265] EXT4-fs (loop0): 1 truncate cleaned up
[   53.685526][ T5265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.688197][ T5272] batadv_slave_1: entered promiscuous mode
[   53.708445][ T5271] batadv_slave_1: left promiscuous mode
[   53.751814][   T29] kauditd_printk_skb: 283 callbacks suppressed
[   53.751829][   T29] audit: type=1400 audit(1750880435.807:858): avc:  denied  { create } for  pid=5277 comm="syz.4.788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   53.783285][   T29] audit: type=1400 audit(1750880435.807:859): avc:  denied  { connect } for  pid=5277 comm="syz.4.788" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   53.803659][   T29] audit: type=1400 audit(1750880435.807:860): avc:  denied  { ioctl } for  pid=5277 comm="syz.4.788" path="socket:[10253]" dev="sockfs" ino=10253 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   53.828271][   T29] audit: type=1400 audit(1750880435.807:861): avc:  denied  { write } for  pid=5277 comm="syz.4.788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   53.881158][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.944948][ T5293] loop0: detected capacity change from 0 to 1024
[   53.990267][ T5303] openvswitch: netlink: Message has 6 unknown bytes.
[   53.993921][ T5293] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.058604][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.083452][   T29] audit: type=1326 audit(1750880436.137:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   54.109385][   T29] audit: type=1326 audit(1750880436.137:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   54.132830][   T29] audit: type=1326 audit(1750880436.137:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   54.156034][   T29] audit: type=1326 audit(1750880436.137:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   54.187467][   T29] audit: type=1326 audit(1750880436.167:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5315 comm="syz.4.806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   54.216568][ T5320] bridge: RTM_NEWNEIGH with invalid ether address
[   54.292871][   T29] audit: type=1400 audit(1750880436.347:867): avc:  denied  { name_bind } for  pid=5330 comm="syz.2.813" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   54.534350][ T5358] loop1: detected capacity change from 0 to 128
[   54.580599][ T5363] loop2: detected capacity change from 0 to 512
[   54.603592][ T5364] syz.1.824: attempt to access beyond end of device
[   54.603592][ T5364] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   54.613787][ T5363] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   54.655735][ T5364] syz.1.824: attempt to access beyond end of device
[   54.655735][ T5364] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   54.671648][ T5363] EXT4-fs (loop2): 1 truncate cleaned up
[   54.689512][ T5364] syz.1.824: attempt to access beyond end of device
[   54.689512][ T5364] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   54.703304][ T5363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.713282][ T5364] syz.1.824: attempt to access beyond end of device
[   54.713282][ T5364] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   54.729614][ T5364] syz.1.824: attempt to access beyond end of device
[   54.729614][ T5364] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   54.743335][ T5364] syz.1.824: attempt to access beyond end of device
[   54.743335][ T5364] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   54.758730][ T5364] syz.1.824: attempt to access beyond end of device
[   54.758730][ T5364] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   54.772252][ T5364] syz.1.824: attempt to access beyond end of device
[   54.772252][ T5364] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   54.785774][ T5364] syz.1.824: attempt to access beyond end of device
[   54.785774][ T5364] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   54.799206][ T5364] syz.1.824: attempt to access beyond end of device
[   54.799206][ T5364] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   54.877482][ T5380] unsupported nlmsg_type 40
[   54.889662][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.921541][ T5385] loop0: detected capacity change from 0 to 1024
[   54.957224][ T5385] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.027277][ T5385] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   55.079182][ T5385] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[   55.080904][ T5402] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 64 with error 28
[   55.091830][ T5385] EXT4-fs (loop0): This should not happen!! Data will be lost
[   55.091830][ T5385] 
[   55.104003][ T5402] EXT4-fs (loop0): This should not happen!! Data will be lost
[   55.104003][ T5402] 
[   55.113677][ T5385] EXT4-fs (loop0): Total free blocks count 0
[   55.113726][ T5385] EXT4-fs (loop0): Free/Dirty block details
[   55.113740][ T5385] EXT4-fs (loop0): free_blocks=68451041280
[   55.113757][ T5385] EXT4-fs (loop0): dirty_blocks=80
[   55.113772][ T5385] EXT4-fs (loop0): Block reservation details
[   55.175113][ T5401] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   55.196216][ T5404] loop3: detected capacity change from 0 to 128
[   55.227517][ T5401] xt_HMARK: spi-set and port-set can't be combined
[   55.300395][ T5412] loop2: detected capacity change from 0 to 1024
[   55.331498][ T5412] EXT4-fs (loop2): orphan cleanup on readonly fs
[   55.378507][ T5412] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.846: Failed to acquire dquot type 0
[   55.419554][ T5412] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   55.453704][ T5412] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.846: corrupted inode contents
[   55.456509][ T5422] ------------[ cut here ]------------
[   55.471035][ T5422] WARNING: CPU: 0 PID: 5422 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x218/0x360
[   55.481217][ T5422] Modules linked in:
[   55.485152][ T5422] CPU: 0 UID: 0 PID: 5422 Comm: syz.0.849 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(voluntary) 
[   55.497598][ T5422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.503859][ T5412] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #13: comm syz.2.846: mark_inode_dirty error
[   55.507703][ T5422] RIP: 0010:__alloc_frozen_pages_noprof+0x218/0x360
[   55.525839][ T5422] Code: 83 3d 33 30 50 05 02 72 0e 48 83 b8 e0 fb ff ff 00 0f 84 48 ff ff ff 81 ca 00 01 00 00 e9 3d ff ff ff c6 05 7a 28 4c 05 01 90 <0f> 0b 90 31 c0 eb 84 a9 00 00 08 00 75 52 44 89 f1 81 e1 7f ff ff
[   55.545551][ T5422] RSP: 0018:ffffc90000f43a98 EFLAGS: 00010246
[   55.545594][ T5412] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.846: corrupted inode contents
[   55.545737][ T5412] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.846: mark_inode_dirty error
[   55.551672][ T5422] RAX: 628e5ca00c740500 RBX: 0000000000000016 RCX: 0000000000000000
[   55.551691][ T5422] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0
[   55.590746][ T5422] RBP: 0000000000000dc0 R08: ffff88811c4e6c18 R09: 0000000000000000
[   55.598842][ T5422] R10: ffff88811bd9ec10 R11: 000188811bd9ec10 R12: ffffc90000f43d28
[   55.606892][ T5422] R13: 000000006a626f3a R14: 0000000000040dc0 R15: 0000000000000000
[   55.614897][ T5422] FS:  00007f593e4976c0(0000) GS:ffff8882aee30000(0000) knlGS:0000000000000000
[   55.623931][ T5422] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   55.630600][ T5422] CR2: 0000200000002000 CR3: 0000000120066000 CR4: 00000000003506f0
[   55.638000][ T5412] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.846: corrupted inode contents
[   55.638752][ T5422] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   55.638766][ T5422] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   55.666639][ T5422] Call Trace:
[   55.669961][ T5422]  <TASK>
[   55.672995][ T5422]  ? __rcu_read_unlock+0x4f/0x70
[   55.673614][ T5432] loop4: detected capacity change from 0 to 1024
[   55.677987][ T5422]  __alloc_pages_noprof+0x9/0x20
[   55.689387][ T5422]  ___kmalloc_large_node+0x73/0x140
[   55.694676][ T5422]  __kmalloc_large_node_noprof+0x16/0xa0
[   55.694985][ T5412] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   55.700367][ T5422]  __kmalloc_noprof+0x2ab/0x3e0
[   55.700404][ T5422]  ? hashtab_init+0x9b/0xe0
[   55.700456][ T5422]  hashtab_init+0x9b/0xe0
[   55.700475][ T5422]  symtab_init+0x2c/0x40
[   55.713250][ T5412] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #13: comm syz.2.846: corrupted inode contents
[   55.713891][ T5422]  policydb_read+0x516/0x1330
[   55.726803][ T5412] EXT4-fs error (device loop2): ext4_truncate:4597: inode #13: comm syz.2.846: mark_inode_dirty error
[   55.727026][ T5422]  ? security_load_policy+0x90/0x890
[   55.742770][ T5432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.743411][ T5422]  security_load_policy+0xba/0x890
[   55.764793][ T5432] ext4 filesystem being mounted at /194/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.771763][ T5422]  ? rep_movs_alternative+0x4a/0x90
[   55.785488][ T5412] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   55.787369][ T5422]  sel_write_load+0x1d4/0x380
[   55.793086][ T5412] EXT4-fs (loop2): 1 truncate cleaned up
[   55.801441][ T5422]  ? __pfx_sel_write_load+0x10/0x10
[   55.817271][ T5422]  vfs_write+0x266/0x8e0
[   55.821732][ T5422]  ? __rcu_read_unlock+0x4f/0x70
[   55.823820][ T5412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   55.826741][ T5422]  ? __fget_files+0x184/0x1c0
[   55.826769][ T5422]  ? finish_task_switch+0xad/0x2b0
[   55.826800][ T5422]  ksys_write+0xda/0x1a0
[   55.853409][ T5422]  __x64_sys_write+0x40/0x50
[   55.858086][ T5422]  x64_sys_call+0x2cdd/0x2fb0
[   55.862808][ T5422]  do_syscall_64+0xd2/0x200
[   55.867387][ T5422]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.873504][ T5422]  ? clear_bhb_loop+0x40/0x90
[   55.878408][ T5422]  ? clear_bhb_loop+0x40/0x90
[   55.883127][ T5422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.889268][ T5422] RIP: 0033:0x7f593fe2e929
[   55.893731][ T5422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.913412][ T5422] RSP: 002b:00007f593e497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   55.921898][ T5422] RAX: ffffffffffffffda RBX: 00007f5940055fa0 RCX: 00007f593fe2e929
[   55.929931][ T5422] RDX: 0000000000003000 RSI: 0000200000000000 RDI: 0000000000000003
[   55.938006][ T5422] RBP: 00007f593feb0b39 R08: 0000000000000000 R09: 0000000000000000
[   55.946086][ T5422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   55.954098][ T5422] R13: 0000000000000000 R14: 00007f5940055fa0 R15: 00007ffee49cade8
[   55.962165][ T5422]  </TASK>
[   55.965213][ T5422] ---[ end trace 0000000000000000 ]---
[   55.970732][ T5422] SELinux: failed to load policy
[   56.016326][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.027028][ T3429] Buffer I/O error on dev loop3, logical block 832, lost async page write
[   56.051884][ T5432] 9pnet: Could not find request transport: e
[   56.109164][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.430230][ T5479] loop2: detected capacity change from 0 to 512
[   56.437578][ T5479] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   56.449885][ T5479] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.872: iget: bad i_size value: 360287970189639680
[   56.464164][ T5479] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.872: couldn't read orphan inode 15 (err -117)
[   56.478560][ T5479] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.493878][ T5479] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #12: block 13: comm syz.2.872: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1
[   56.514590][ T5479] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #12: comm syz.2.872: directory missing '.'
[   56.540170][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.676515][ T3392] IPVS: starting estimator thread 0...
[   56.682433][ T5495] loop2: detected capacity change from 0 to 8192
[   56.731360][ T5506] Falling back ldisc for ptm1.
[   56.736951][ T5508] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5508 comm=syz.2.883
[   56.749491][ T5508] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5508 comm=syz.2.883
[   56.764902][ T5510] loop0: detected capacity change from 0 to 512
[   56.771775][ T5502] IPVS: using max 2352 ests per chain, 117600 per kthread
[   56.787850][ T5510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.801193][ T5510] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.831708][ T5510] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   56.854488][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.893320][ T5522] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   56.893320][ T5522]    program syz.2.890 not setting count and/or reply_len properly
[   57.029882][ T5538] SELinux: syz.1.899 (5538) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   57.045466][ T5540] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5540 comm=syz.0.897
[   57.058023][ T5540] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5540 comm=syz.0.897
[   57.079434][ T5543] loop3: detected capacity change from 0 to 512
[   57.086186][ T5545] __nla_validate_parse: 7 callbacks suppressed
[   57.086199][ T5545] netlink: 12 bytes leftover after parsing attributes in process `syz.2.898'.
[   57.105574][ T5545] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   57.112570][ T5547] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   57.114365][ T5545] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   57.130646][ T5547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.902'.
[   57.134730][ T5545] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   57.152417][ T5545] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   57.163727][ T5545] vxlan0: entered promiscuous mode
[   57.173023][ T5543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.187127][ T5543] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.212325][ T5543] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   57.235434][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.359418][ T5568] loop3: detected capacity change from 0 to 512
[   57.380120][ T5568] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   57.400555][ T5568] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.910: iget: bad i_size value: 360287970189639680
[   57.436063][ T5568] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.910: couldn't read orphan inode 15 (err -117)
[   57.477555][ T5568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.547999][ T5575] netlink: 28 bytes leftover after parsing attributes in process `syz.4.912'.
[   57.567046][ T5568] EXT4-fs error (device loop3): ext4_empty_dir:3084: inode #12: block 13: comm syz.3.910: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=1
[   57.641891][ T5568] EXT4-fs warning (device loop3): ext4_empty_dir:3086: inode #12: comm syz.3.910: directory missing '.'
[   57.671266][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.708640][   T51] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x82
[   58.010974][ T5613] loop3: detected capacity change from 0 to 128
[   58.116050][ T5624] Invalid ELF header magic: != ELF
[   58.171631][ T5628] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   58.259436][ T5630] loop0: detected capacity change from 0 to 8192
[   58.653247][ T5667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'.
[   58.684453][ T5667] netlink: 24 bytes leftover after parsing attributes in process `syz.0.951'.
[   58.804166][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.954'.
[   58.813112][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.954'.
[   58.823378][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.954'.
[   58.841613][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.954'.
[   58.850589][ T5673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.954'.
[   58.943049][   T29] kauditd_printk_skb: 192 callbacks suppressed
[   58.943065][   T29] audit: type=1326 audit(1750880440.997:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5681 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   59.021806][   T29] audit: type=1326 audit(1750880441.027:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5681 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   59.045289][   T29] audit: type=1326 audit(1750880441.027:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5681 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   59.069368][   T29] audit: type=1326 audit(1750880441.027:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5681 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   59.092905][   T29] audit: type=1400 audit(1750880441.067:1062): avc:  denied  { write } for  pid=5683 comm="syz.1.957" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   59.113294][   T29] audit: type=1400 audit(1750880441.097:1063): avc:  denied  { bind } for  pid=5689 comm="syz.2.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   59.132518][   T29] audit: type=1400 audit(1750880441.097:1064): avc:  denied  { read } for  pid=5689 comm="syz.2.960" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   59.151881][   T29] audit: type=1400 audit(1750880441.127:1065): avc:  denied  { mount } for  pid=5691 comm="syz.0.961" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   59.174210][   T29] audit: type=1400 audit(1750880441.127:1066): avc:  denied  { unmount } for  pid=5691 comm="syz.0.961" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   59.202984][   T29] audit: type=1400 audit(1750880441.257:1067): avc:  denied  { watch watch_reads } for  pid=5698 comm="syz.2.965" path="/196/bus" dev="tmpfs" ino=1020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   59.328023][ T5717] loop3: detected capacity change from 0 to 512
[   59.347170][ T5717] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   59.366632][ T5717] EXT4-fs (loop3): invalid journal inode
[   59.372418][ T5717] EXT4-fs (loop3): can't get journal size
[   59.389618][ T5717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[   59.405409][ T5717] System zones: 1-12, 13-13
[   59.421736][ T5717] EXT4-fs (loop3): 1 truncate cleaned up
[   59.445727][ T5717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.518129][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.752923][ T5755] loop2: detected capacity change from 0 to 128
[   59.773227][ T5755] bio_check_eod: 215 callbacks suppressed
[   59.773247][ T5755] syz.2.987: attempt to access beyond end of device
[   59.773247][ T5755] loop2: rw=2049, sector=145, nr_sectors = 3 limit=128
[   59.798849][ T5757] loop3: detected capacity change from 0 to 1024
[   59.809140][ T5757] EXT4-fs: Ignoring removed nobh option
[   59.814838][ T5757] EXT4-fs: Ignoring removed bh option
[   59.828120][ T5757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.846794][ T5757] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.988: error while reading EA inode 32 err=-116
[   59.867691][ T5757] EXT4-fs (loop3): Remounting filesystem read-only
[   59.874509][ T5757] EXT4-fs warning (device loop3): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.3.988: cleanup dec ref error -30
[   59.887454][ T5757] EXT4-fs warning (device loop3): ext4_xattr_block_set:2190: inode #18: comm syz.3.988: dec ref error=-30
[   59.913844][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.392697][ T5820] loop4: detected capacity change from 0 to 512
[   60.419120][ T5820] EXT4-fs (loop4): 1 orphan inode deleted
[   60.428455][ T5820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.442491][ T5820] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.454008][   T31] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[   60.508489][ T5825] loop1: detected capacity change from 0 to 8192
[   60.509195][ T5820] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   60.568468][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.586493][ T5832] loop0: detected capacity change from 0 to 128
[   60.612293][ T5832] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   60.626688][ T5832] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   60.714209][ T3310] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   60.807505][ T5854] tipc: Started in network mode
[   60.812634][ T5854] tipc: Node identity a23e45104f3b, cluster identity 4711
[   60.819941][ T5854] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   60.836421][ T5854] tipc: Disabling bearer <eth:syzkaller0>
[   60.928001][ T5869] binfmt_misc: register: failed to install interpreter file ./file0
[   61.020913][ T5880] xt_connbytes: Forcing CT accounting to be enabled
[   61.051923][ T5880] Cannot find add_set index 0 as target
[   61.052524][ T5876] syzkaller0: entered promiscuous mode
[   61.063275][ T5876] syzkaller0: entered allmulticast mode
[   61.075088][ T5882] loop1: detected capacity change from 0 to 512
[   61.103802][ T5882] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   61.135828][ T5882] EXT4-fs (loop1): orphan cleanup on readonly fs
[   61.155461][ T5882] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1044: iget: bad i_size value: 360287970189639680
[   61.178955][ T5882] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1044: couldn't read orphan inode 15 (err -117)
[   61.194830][ T5882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   61.202900][ T5891] loop2: detected capacity change from 0 to 164
[   61.230266][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.240247][ T5893] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   61.247426][ T5891] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   61.249010][ T5893] team0: Device ipvlan2 is already an upper device of the team interface
[   61.282433][ T5891] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   61.303978][ T5891] rock: directory entry would overflow storage
[   61.310296][ T5891] rock: sig=0x4f50, size=4, remaining=3
[   61.315989][ T5891] iso9660: Corrupted directory entry in block 4 of inode 1792
[   61.376895][ T5905] netlink: 'syz.0.1054': attribute type 29 has an invalid length.
[   61.417251][ T5905] netlink: 'syz.0.1054': attribute type 29 has an invalid length.
[   61.437162][ T5912] netlink: 'syz.4.1058': attribute type 4 has an invalid length.
[   61.462140][ T5912] netlink: 'syz.4.1058': attribute type 4 has an invalid length.
[   61.476129][ T5913] vhci_hcd: invalid port number 96
[   61.481372][ T5913] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   61.557399][ T5926] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   61.566345][ T5926] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   61.575221][ T5926] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   61.584098][ T5926] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   61.595407][ T5926] vxlan0: entered promiscuous mode
[   61.738748][ T5944] netem: change failed
[   61.885137][ T5964] ip6gre1: entered allmulticast mode
[   62.440018][ T6011] __nla_validate_parse: 21 callbacks suppressed
[   62.440039][ T6011] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1101'.
[   62.447528][ T6013] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1102'.
[   62.763406][ T6026] netlink: 'syz.2.1108': attribute type 13 has an invalid length.
[   62.860951][ T6026] gretap0: refused to change device tx_queue_len
[   62.867579][ T6026] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   63.140355][ T6052] loop4: detected capacity change from 0 to 1024
[   63.151047][ T6052] EXT4-fs: Ignoring removed orlov option
[   63.156917][ T6052] EXT4-fs: Ignoring removed nomblk_io_submit option
[   63.178965][ T6052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.223050][ T6060] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L
[   63.246057][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.303498][ T6064] loop4: detected capacity change from 0 to 1024
[   63.327213][ T6064] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.395334][ T6064] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.420765][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.904645][ T6082] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1130'.
[   63.970811][   T29] kauditd_printk_skb: 269 callbacks suppressed
[   63.970830][   T29] audit: type=1326 audit(1750880446.027:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.028912][   T29] audit: type=1326 audit(1750880446.027:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.052451][   T29] audit: type=1326 audit(1750880446.057:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.075974][   T29] audit: type=1326 audit(1750880446.057:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.099605][   T29] audit: type=1326 audit(1750880446.057:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.123162][   T29] audit: type=1326 audit(1750880446.067:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.146604][   T29] audit: type=1326 audit(1750880446.067:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.170172][   T29] audit: type=1326 audit(1750880446.067:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.193659][   T29] audit: type=1326 audit(1750880446.077:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   64.217103][   T29] audit: type=1326 audit(1750880446.077:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6091 comm="syz.4.1136" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbdfed158e7 code=0x7ffc0000
[   64.358192][ T6107] loop0: detected capacity change from 0 to 1024
[   64.376588][ T6107] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.390752][ T6107] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.650863][ T6129] loop2: detected capacity change from 0 to 7
[   64.805088][ T6141] loop0: detected capacity change from 0 to 256
[   64.842096][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.865362][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.892642][ T6149] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.912095][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.922424][ T6149] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.950344][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   64.989347][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   65.013802][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   65.040507][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   65.061019][ T6141] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   65.256867][ T6173] loop1: detected capacity change from 0 to 2048
[   65.375864][ T6173]  loop1: p1 < > p4
[   65.655356][ T6173] loop1: p4 size 8388608 extends beyond EOD, truncated
[   65.987924][ T6204] x_tables: duplicate underflow at hook 1
[   66.155626][ T6215] netlink: 'syz.0.1191': attribute type 10 has an invalid length.
[   66.163525][ T6215] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1191'.
[   66.242394][ T6223] loop3: detected capacity change from 0 to 2048
[   66.319574][ T6223]  loop3: p1 < > p4
[   66.348747][ T6237] SELinux: syz.2.1200 (6237) set checkreqprot to 1. This is no longer supported.
[   66.363252][ T6223] loop3: p4 size 8388608 extends beyond EOD, truncated
[   66.592608][ T6261] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1213'.
[   66.625308][ T6267] sg_write: data in/out 124/1 bytes for SCSI command 0x75-- guessing data in;
[   66.625308][ T6267]    program syz.1.1215 not setting count and/or reply_len properly
[   66.682568][ T6272] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   66.763861][ T6279] loop4: detected capacity change from 0 to 512
[   66.779421][ T6283] netlink: 'syz.3.1223': attribute type 1 has an invalid length.
[   66.811911][ T6279] ext4 filesystem being mounted at /274/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.834732][ T6279] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1222: corrupted inode contents
[   66.863468][ T6279] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.1222: mark_inode_dirty error
[   66.925123][ T6279] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1222: corrupted inode contents
[   66.979788][ T6300] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1222: corrupted inode contents
[   67.030734][ T6300] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.1222: mark_inode_dirty error
[   67.063164][ T6300] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1222: corrupted inode contents
[   67.097104][ T6300] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.1222: mark_inode_dirty error
[   67.129370][ T6300] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.1222: corrupted inode contents
[   67.158846][ T6300] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.1222: mark_inode_dirty error
[   67.960255][ T6320] loop0: detected capacity change from 0 to 32768
[   67.995576][ T6320]  loop0: p1 p2 p3 < p5 p6 >
[   68.000530][ T6320] loop0: p1 size 242222080 extends beyond EOD, truncated
[   68.019997][ T6320] loop0: p2 start 4294967295 is beyond EOD, truncated
[   68.396066][ T6372] loop1: detected capacity change from 0 to 128
[   68.412315][ T6372] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   68.499171][ T6380] loop3: detected capacity change from 0 to 1024
[   68.514819][ T6380] EXT4-fs: Ignoring removed oldalloc option
[   68.520891][ T6380] EXT4-fs: Ignoring removed bh option
[   68.709683][ T6399] binfmt_misc: register: failed to install interpreter file ./file0
[   68.778901][   T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.866123][   T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.948837][   T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.973875][ T6420] loop4: detected capacity change from 0 to 1024
[   69.000980][   T29] kauditd_printk_skb: 369 callbacks suppressed
[   69.000996][   T29] audit: type=1400 audit(1750880451.057:1715): avc:  denied  { sys_module } for  pid=6421 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   69.012191][ T6420] EXT4-fs: Ignoring removed nobh option
[   69.034135][ T6420] EXT4-fs: Ignoring removed bh option
[   69.071451][   T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.102710][ T6420] EXT4-fs mount: 6 callbacks suppressed
[   69.102731][ T6420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.105505][   T29] audit: type=1326 audit(1750880451.157:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.144066][   T29] audit: type=1326 audit(1750880451.157:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.167522][   T29] audit: type=1326 audit(1750880451.157:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.191027][   T29] audit: type=1326 audit(1750880451.157:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.204826][ T6420] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1284: Allocating blocks 497-513 which overlap fs metadata
[   69.214462][   T29] audit: type=1326 audit(1750880451.157:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.248663][ T6432] loop2: detected capacity change from 0 to 1024
[   69.251731][   T29] audit: type=1326 audit(1750880451.157:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6430 comm="syz.1.1287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feefe34e929 code=0x7ffc0000
[   69.271208][ T6432] EXT4-fs: Ignoring removed orlov option
[   69.287342][ T6432] EXT4-fs: Ignoring removed nomblk_io_submit option
[   69.322194][ T6419] EXT4-fs (loop4): pa ffff888106ace7e0: logic 16, phys. 321, len 12
[   69.330443][ T6419] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   69.373210][   T51] bridge_slave_1: left allmulticast mode
[   69.374160][ T6432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.379059][   T51] bridge_slave_1: left promiscuous mode
[   69.379274][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.393227][   T29] audit: type=1400 audit(1750880451.427:1722): avc:  denied  { read } for  pid=6443 comm="syz.3.1289" path="socket:[14401]" dev="sockfs" ino=14401 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   69.442281][   T29] audit: type=1400 audit(1750880451.497:1723): avc:  denied  { setattr } for  pid=6429 comm="syz.2.1288" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   69.456796][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.474322][   T51] bridge_slave_0: left allmulticast mode
[   69.480102][   T51] bridge_slave_0: left promiscuous mode
[   69.485947][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.497273][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.518206][ T6451] loop4: detected capacity change from 0 to 1024
[   69.551238][ T6451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.573371][ T6457] xt_connbytes: Forcing CT accounting to be enabled
[   69.585595][ T6451] ext4 filesystem being mounted at /286/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.606428][ T6457] set match dimension is over the limit!
[   69.620025][   T29] audit: type=1400 audit(1750880451.677:1724): avc:  denied  { append } for  pid=6450 comm="syz.4.1290" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   69.645102][ T6451] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   69.700546][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   69.725581][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   69.738386][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.749586][   T51] bond0 (unregistering): Released all slaves
[   69.838202][   T51] hsr_slave_0: left promiscuous mode
[   69.852304][   T51] hsr_slave_1: left promiscuous mode
[   69.866270][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.873788][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   69.907494][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.915030][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.952130][   T51] veth1_macvtap: left promiscuous mode
[   69.966865][   T51] veth0_macvtap: left promiscuous mode
[   69.972612][   T51] veth1_vlan: left promiscuous mode
[   69.978504][   T51] veth0_vlan: left promiscuous mode
[   70.381241][ T6485] loop1: detected capacity change from 0 to 1024
[   70.389366][   T51] team0 (unregistering): Port device team_slave_1 removed
[   70.409559][ T6485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.425352][   T51] team0 (unregistering): Port device team_slave_0 removed
[   70.484827][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.657500][ T6421] chnl_net:caif_netlink_parms(): no params data found
[   70.739445][ T6421] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.746923][ T6421] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.772198][ T6421] bridge_slave_0: entered allmulticast mode
[   70.789589][ T6421] bridge_slave_0: entered promiscuous mode
[   70.808842][ T6421] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.815970][ T6421] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.844483][ T6421] bridge_slave_1: entered allmulticast mode
[   70.853120][ T6421] bridge_slave_1: entered promiscuous mode
[   70.881534][   T51] IPVS: stop unused estimator thread 0...
[   70.920917][ T6421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.933216][ T6421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.963913][ T6421] team0: Port device team_slave_0 added
[   70.979480][ T6421] team0: Port device team_slave_1 added
[   71.017310][ T6421] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.024300][ T6421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.050550][ T6421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.065438][ T6421] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.072630][ T6421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.098768][ T6421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.119390][ T6519] sd 0:0:1:0: device reset
[   71.134103][ T6421] hsr_slave_0: entered promiscuous mode
[   71.141681][ T6421] hsr_slave_1: entered promiscuous mode
[   71.453023][ T6421] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   71.475840][ T6421] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   71.493613][ T6421] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   71.506422][ T6421] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   71.603229][ T6551] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1324'.
[   71.623654][ T6421] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.660975][ T6421] 8021q: adding VLAN 0 to HW filter on device team0
[   71.690548][  T161] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.697719][  T161] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.746785][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.753945][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.946789][ T6421] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.321093][ T6421] veth0_vlan: entered promiscuous mode
[   72.352819][ T6421] veth1_vlan: entered promiscuous mode
[   72.376333][ T6604] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[   72.438617][ T6421] veth0_macvtap: entered promiscuous mode
[   72.460921][ T6421] veth1_macvtap: entered promiscuous mode
[   72.503890][ T6421] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.539315][ T6421] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.551294][ T6626] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1348'.
[   72.561993][ T6421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.570908][ T6421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.579888][ T6421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.588700][ T6421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.707199][ T6634] vlan2: entered allmulticast mode
[   72.730009][ T6634] dummy0: entered allmulticast mode
[   72.931799][ T6662] loop5: detected capacity change from 0 to 512
[   72.989861][ T6662] EXT4-fs (loop5): 1 orphan inode deleted
[   73.005779][ T6662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.018514][   T31] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 1
[   73.029521][ T6661] loop3: detected capacity change from 0 to 8192
[   73.037837][ T6662] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.060188][ T6661] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.078155][ T6662] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   73.103558][ T6679] loop4: detected capacity change from 0 to 1024
[   73.116178][ T6679] EXT4-fs: Ignoring removed nobh option
[   73.116971][ T6680] binfmt_misc: register: failed to install interpreter file ./file0
[   73.128901][ T6679] EXT4-fs: Ignoring removed bh option
[   73.141539][ T6421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.183057][ T6682] Cannot find del_set index 1 as target
[   73.193315][ T6679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.216766][ T6679] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   73.242507][ T6679] EXT4-fs (loop4): Remounting filesystem read-only
[   73.268719][ T6688] loop3: detected capacity change from 0 to 128
[   73.285156][ T6688] syz.3.1375: attempt to access beyond end of device
[   73.285156][ T6688] loop3: rw=2049, sector=145, nr_sectors = 3 limit=128
[   73.303880][ T6687] syzkaller0: entered promiscuous mode
[   73.309612][ T6687] syzkaller0: entered allmulticast mode
[   73.316369][ T6692] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   73.351146][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.381862][ T6698] SELinux: syz.2.1381 (6698) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   73.504695][ T6712] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1386'.
[   73.816924][ T6739] loop1: detected capacity change from 0 to 128
[   73.832907][ T6739] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.845919][ T6739] ext4 filesystem being mounted at /230/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   73.920881][ T6746] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1401'.
[   73.921308][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   74.222942][ T6763] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   74.231358][ T6764] xt_hashlimit: max too large, truncated to 1048576
[   74.241332][ T6763] team0: Device ipvlan2 is already an upper device of the team interface
[   74.399941][   T29] kauditd_printk_skb: 153 callbacks suppressed
[   74.399955][   T29] audit: type=1400 audit(1750880456.457:1877): avc:  denied  { create } for  pid=6772 comm="syz.3.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   74.439910][   T29] audit: type=1400 audit(1750880456.487:1878): avc:  denied  { connect } for  pid=6772 comm="syz.3.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   74.459812][   T29] audit: type=1400 audit(1750880456.487:1879): avc:  denied  { write } for  pid=6772 comm="syz.3.1412" path="socket:[15487]" dev="sockfs" ino=15487 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   74.548593][   T29] audit: type=1326 audit(1750880456.597:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4dc40e929 code=0x7ffc0000
[   74.572192][   T29] audit: type=1326 audit(1750880456.597:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4dc40e929 code=0x7ffc0000
[   74.595882][   T29] audit: type=1326 audit(1750880456.597:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd4dc40e929 code=0x7ffc0000
[   74.619380][   T29] audit: type=1326 audit(1750880456.597:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4dc40e929 code=0x7ffc0000
[   74.643256][   T29] audit: type=1326 audit(1750880456.597:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6774 comm="syz.3.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4dc40e929 code=0x7ffc0000
[   74.666747][   T29] audit: type=1400 audit(1750880456.597:1885): avc:  denied  { map } for  pid=6780 comm="syz.5.1414" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13966 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   74.690955][   T29] audit: type=1400 audit(1750880456.607:1886): avc:  denied  { read write } for  pid=6780 comm="syz.5.1414" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13966 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   74.873477][ T6793] loop2: detected capacity change from 0 to 1024
[   74.889756][ T6793] EXT4-fs: Ignoring removed nobh option
[   74.901793][ T6796] netlink: 'syz.1.1420': attribute type 29 has an invalid length.
[   74.910923][ T6796] netlink: 'syz.1.1420': attribute type 29 has an invalid length.
[   74.925419][ T6793] EXT4-fs: Ignoring removed bh option
[   74.933944][ T6796] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1420'.
[   74.971022][ T6793] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.032452][ T6793] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   75.072541][ T6793] EXT4-fs (loop2): Remounting filesystem read-only
[   75.115982][ T6811] loop4: detected capacity change from 0 to 512
[   75.123383][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.136158][ T6811] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   75.146340][ T6808] syzkaller0: entered promiscuous mode
[   75.151902][ T6808] syzkaller0: entered allmulticast mode
[   75.166013][ T6811] EXT4-fs (loop4): orphan cleanup on readonly fs
[   75.182853][ T6811] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1429: iget: bad i_size value: 360287970189639680
[   75.285304][ T6811] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1429: couldn't read orphan inode 15 (err -117)
[   75.312134][ T6811] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.395492][ T6831] netlink: 'syz.2.1438': attribute type 4 has an invalid length.
[   75.436276][ T6831] netlink: 'syz.2.1438': attribute type 4 has an invalid length.
[   75.445472][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.768200][ T6846] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   75.798170][ T6846] team0: Device ipvlan2 is already an upper device of the team interface
[   76.299420][ T6885] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   76.330533][ T6885] team0: Device ipvlan2 is already an upper device of the team interface
[   76.370761][ T6892] ip6gre1: entered allmulticast mode
[   76.677682][ T6927] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1477'.
[   76.763454][ T6934] ip6gre1: entered allmulticast mode
[   76.810840][ T6936] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   76.836756][ T6936] team0: Device ipvlan2 is already an upper device of the team interface
[   76.923898][ T6946] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1486'.
[   77.076828][ T6961] loop5: detected capacity change from 0 to 1024
[   77.079713][ T6957] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1494'.
[   77.095768][ T6961] EXT4-fs: Ignoring removed orlov option
[   77.101649][ T6961] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.140940][ T6961] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.230424][ T6421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.499145][ T6980] ip6gre1: entered allmulticast mode
[   77.583735][ T6988] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   77.618054][ T6988] team0: Device ipvlan2 is already an upper device of the team interface
[   77.733870][ T6995] loop3: detected capacity change from 0 to 1024
[   77.790247][ T6995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.842283][ T6995] ext4 filesystem being mounted at /285/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.006873][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.486359][ T7041] netem: change failed
[   78.529188][ T7045] SELinux: syz.3.1532 (7045) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   78.547875][ T7046] loop4: detected capacity change from 0 to 128
[   78.605857][ T6966] syz.1.1496 (6966) used greatest stack depth: 7160 bytes left
[   78.663719][ T7054] loop3: detected capacity change from 0 to 1024
[   78.684143][ T7054] EXT4-fs: Ignoring removed nobh option
[   78.707090][ T7054] EXT4-fs: Ignoring removed bh option
[   78.739047][ T7054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.759357][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   78.788163][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   78.825944][ T3412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=3412 comm=kworker/1:4
[   78.843781][ T7054] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[   78.915640][ T7054] EXT4-fs (loop3): Remounting filesystem read-only
[   78.919578][ T7046] syz.4.1530: attempt to access beyond end of device
[   78.919578][ T7046] loop4: rw=2049, sector=137, nr_sectors = 8 limit=128
[   78.940440][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   78.958810][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   78.989164][ T7046] syz.4.1530: attempt to access beyond end of device
[   78.989164][ T7046] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128
[   79.015523][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.040422][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.040422][ T7046] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[   79.060557][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.060557][ T7046] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[   79.074289][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.074289][ T7046] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128
[   79.076626][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   79.088088][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.088088][ T7046] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128
[   79.110338][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.110338][ T7046] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128
[   79.124063][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.124063][ T7046] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128
[   79.137760][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.137760][ T7046] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128
[   79.151910][ T7046] syz.4.1530: attempt to access beyond end of device
[   79.151910][ T7046] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[   79.152237][ T7063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1540'.
[   79.364688][ T7100] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L
[   79.833977][ T7095] netlink: 'syz.2.1550': attribute type 1 has an invalid length.
[   79.922755][   T29] kauditd_printk_skb: 257 callbacks suppressed
[   79.922774][   T29] audit: type=1400 audit(1750880461.977:2144): avc:  denied  { execute } for  pid=7107 comm="syz.4.1554" name="file1" dev="tmpfs" ino=1726 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   79.958803][ T7108] loop4: detected capacity change from 0 to 1024
[   80.017637][ T7108] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.025356][   T29] audit: type=1400 audit(1750880462.007:2145): avc:  denied  { execute_no_trans } for  pid=7107 comm="syz.4.1554" path="/334/file1" dev="tmpfs" ino=1726 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   80.053286][   T29] audit: type=1400 audit(1750880462.047:2146): avc:  denied  { create } for  pid=7113 comm="syz.3.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   80.073395][   T29] audit: type=1400 audit(1750880462.057:2147): avc:  denied  { ioctl } for  pid=7113 comm="syz.3.1559" path="socket:[14272]" dev="sockfs" ino=14272 ioctlcmd=0x48d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   80.095795][ T7108] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.143536][   T29] audit: type=1400 audit(1750880462.187:2148): avc:  denied  { map } for  pid=7118 comm="syz.3.1560" path="socket:[16205]" dev="sockfs" ino=16205 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   80.166931][   T29] audit: type=1400 audit(1750880462.187:2149): avc:  denied  { read } for  pid=7118 comm="syz.3.1560" path="socket:[16205]" dev="sockfs" ino=16205 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   80.247856][ T7123] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7123 comm=syz.3.1561
[   80.260464][ T7123] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7123 comm=syz.3.1561
[   80.295187][ T7125] loop2: detected capacity change from 0 to 128
[   80.318931][   T29] audit: type=1326 audit(1750880462.367:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7126 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbdfed1e929 code=0x7ffc0000
[   80.342464][   T29] audit: type=1326 audit(1750880462.367:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7126 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbdfed1d290 code=0x7ffc0000
[   80.366040][   T29] audit: type=1400 audit(1750880462.377:2152): avc:  denied  { read } for  pid=7126 comm="syz.4.1563" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   80.389215][   T29] audit: type=1400 audit(1750880462.377:2153): avc:  denied  { open } for  pid=7126 comm="syz.4.1563" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   80.813109][ T7153] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=7153 comm=syz.3.1573
[   80.937236][ T7165] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   80.970543][ T7167] loop3: detected capacity change from 0 to 128
[   81.485612][ T7202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1597'.
[   81.965246][ T7255] ieee802154 phy1 wpan1: encryption failed: -22
[   81.988991][ T7257] syzkaller0: entered promiscuous mode
[   81.994543][ T7257] syzkaller0: entered allmulticast mode
[   82.116602][ T7268] x_tables: duplicate underflow at hook 1
[   82.381362][ T7288] netlink: 'syz.1.1636': attribute type 10 has an invalid length.
[   82.389413][ T7288] __nla_validate_parse: 1 callbacks suppressed
[   82.389432][ T7288] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1636'.
[   82.435458][ T7288] dummy0: entered promiscuous mode
[   82.466503][ T7292] loop5: detected capacity change from 0 to 512
[   82.474712][ T7288] bridge0: port 3(dummy0) entered blocking state
[   82.481204][ T7288] bridge0: port 3(dummy0) entered disabled state
[   82.493479][ T7292] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   82.523220][ T7292] EXT4-fs (loop5): 1 truncate cleaned up
[   82.557767][ T7292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.847935][ T7313] loop1: detected capacity change from 0 to 256
[   82.865724][ T6421] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.888675][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   82.917603][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   82.943277][ T7317] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   82.971027][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.007991][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.031122][ T7321] SELinux: syz.3.1648 (7321) set checkreqprot to 1. This is no longer supported.
[   83.078971][ T7317] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.132888][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.195279][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.211534][ T7335] loop2: detected capacity change from 0 to 2048
[   83.238491][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.274028][ T7313] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.289173][ T7335]  loop2: p1 < > p4
[   83.299204][ T7335] loop2: p4 size 8388608 extends beyond EOD, truncated
[   83.704602][ T7367] loop5: detected capacity change from 0 to 2048
[   83.901792][ T7367]  loop5: p1 < > p4
[   83.917582][ T7367] loop5: p4 size 8388608 extends beyond EOD, truncated
[   84.018981][ T7372] sg_write: data in/out 124/1 bytes for SCSI command 0x75-- guessing data in;
[   84.018981][ T7372]    program syz.3.1671 not setting count and/or reply_len properly
[   84.044695][ T7375] loop1: detected capacity change from 0 to 512
[   84.064767][ T7377] netlink: 'syz.2.1673': attribute type 1 has an invalid length.
[   84.087995][ T7375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.159414][ T7375] ext4 filesystem being mounted at /274/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.261792][ T7375] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1682: corrupted inode contents
[   84.280457][ T7375] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1682: mark_inode_dirty error
[   84.293220][ T7375] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1682: corrupted inode contents
[   84.312687][ T7390] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1682: corrupted inode contents
[   84.361449][ T7390] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1682: mark_inode_dirty error
[   84.399691][ T7390] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1682: corrupted inode contents
[   84.444030][ T7399] loop4: detected capacity change from 0 to 2048
[   84.444549][ T7390] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.1682: mark_inode_dirty error
[   84.472938][ T7404] loop2: detected capacity change from 0 to 128
[   84.489983][ T7390] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1682: corrupted inode contents
[   84.512064][ T7399]  loop4: p1 < > p4
[   84.538306][ T7399] loop4: p4 size 8388608 extends beyond EOD, truncated
[   84.555435][ T7390] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1682: mark_inode_dirty error
[   84.642567][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.740512][ T7416] netlink: 'syz.5.1691': attribute type 10 has an invalid length.
[   84.748587][ T7416] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1691'.
[   84.766792][ T7416] dummy0: entered promiscuous mode
[   84.773026][ T7416] bridge0: port 3(dummy0) entered blocking state
[   84.779621][ T7416] bridge0: port 3(dummy0) entered disabled state
[   84.787613][ T7416] dummy0: entered allmulticast mode
[   84.794433][ T7416] bridge0: port 3(dummy0) entered blocking state
[   84.800936][ T7416] bridge0: port 3(dummy0) entered forwarding state
[   84.846605][ T7419] loop4: detected capacity change from 0 to 2048
[   84.881756][ T7425] sg_write: data in/out 124/1 bytes for SCSI command 0x75-- guessing data in;
[   84.881756][ T7425]    program syz.5.1693 not setting count and/or reply_len properly
[   84.926984][ T7419]  loop4: p1 < > p4
[   84.935913][ T7419] loop4: p4 size 8388608 extends beyond EOD, truncated
[   84.983337][   T29] kauditd_printk_skb: 1515 callbacks suppressed
[   84.983352][   T29] audit: type=1400 audit(1750880467.037:3669): avc:  denied  { read write } for  pid=7417 comm="syz.4.1689" name="loop4p1" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   85.014328][   T29] audit: type=1400 audit(1750880467.037:3670): avc:  denied  { open } for  pid=7417 comm="syz.4.1689" path="/354/bus" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   85.566739][   T29] audit: type=1400 audit(1750880467.627:3671): avc:  denied  { write } for  pid=7435 comm="syz.2.1698" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   85.592564][   T29] audit: type=1400 audit(1750880467.647:3672): avc:  denied  { relabelfrom } for  pid=7431 comm="syz.4.1708" name="" dev="pipefs" ino=16997 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   85.630080][ T7436] hub 6-0:1.0: USB hub found
[   85.642723][ T7436] hub 6-0:1.0: 8 ports detected
[   85.676447][   T29] audit: type=1400 audit(1750880467.737:3673): avc:  denied  { connect } for  pid=7442 comm="syz.4.1712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   85.711695][ T7447] loop1: detected capacity change from 0 to 128
[   85.718053][   T29] audit: type=1400 audit(1750880467.757:3674): avc:  denied  { write } for  pid=7442 comm="syz.4.1712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   85.854436][ T7447] bio_check_eod: 332 callbacks suppressed
[   85.854456][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.854456][ T7447] loop1: rw=2049, sector=137, nr_sectors = 8 limit=128
[   85.875556][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.875556][ T7447] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   85.891917][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.891917][ T7447] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   85.906431][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.906431][ T7447] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   85.919945][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.919945][ T7447] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   85.934593][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.934593][ T7447] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   85.949197][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.949197][ T7447] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   85.962677][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.962677][ T7447] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   85.977616][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.977616][ T7447] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   85.991186][ T7447] syz.1.1701: attempt to access beyond end of device
[   85.991186][ T7447] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   86.075294][   T29] audit: type=1400 audit(1750880468.127:3675): avc:  denied  { ioctl } for  pid=7450 comm="syz.3.1715" path="socket:[17032]" dev="sockfs" ino=17032 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   86.173308][   T29] audit: type=1400 audit(1750880468.207:3676): avc:  denied  { name_connect } for  pid=7458 comm="syz.3.1705" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   86.204003][ T7461] loop1: detected capacity change from 0 to 2048
[   86.245753][ T7461]  loop1: p1 < > p4
[   86.250700][ T7461] loop1: p4 size 8388608 extends beyond EOD, truncated
[   86.353080][   T29] audit: type=1400 audit(1750880468.407:3677): avc:  denied  { create } for  pid=7465 comm="syz.2.1710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   86.409798][ T7469] loop1: detected capacity change from 0 to 128
[   86.411653][   T29] audit: type=1400 audit(1750880468.437:3678): avc:  denied  { write } for  pid=7465 comm="syz.2.1710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   86.464806][ T7470] loop5: detected capacity change from 0 to 164
[   86.484936][ T7470] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   86.507891][ T7470] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   86.520147][ T7470] rock: directory entry would overflow storage
[   86.526544][ T7470] rock: sig=0x4f50, size=4, remaining=3
[   86.532131][ T7470] iso9660: Corrupted directory entry in block 4 of inode 1792
[   86.548055][ T7476] vlan2: entered allmulticast mode
[   86.553261][ T7476] dummy0: entered allmulticast mode
[   86.622032][ T7462] loop4: detected capacity change from 0 to 32768
[   86.697074][ T7462]  loop4: p1 p2 p3 < p5 p6 >
[   86.706524][ T7462] loop4: p1 size 242222080 extends beyond EOD, truncated
[   86.725857][ T7462] loop4: p2 start 4294967295 is beyond EOD, truncated
[   86.750486][ T7483] netlink: 'syz.2.1718': attribute type 2 has an invalid length.
[   86.758339][ T7483] netlink: 'syz.2.1718': attribute type 1 has an invalid length.
[   86.766103][ T7483] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.1718'.
[   87.070428][ T7491] netlink: 'syz.3.1722': attribute type 13 has an invalid length.
[   87.089955][ T7485] loop2: detected capacity change from 0 to 8192
[   87.099415][ T7485] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   87.152885][ T7491] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.160264][ T7491] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.216343][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.275548][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   87.342161][ T7491] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.351218][ T7491] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.360218][ T7491] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.369171][ T7491] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   87.557048][ T7510] binfmt_misc: register: failed to install interpreter file ./file0
[   87.587386][ T7518] sd 0:0:1:0: device reset
[   87.660992][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.668510][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.668616][ T7526] raw_sendmsg: syz.5.1740 forgot to set AF_INET. Fix it!
[   87.675938][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.738274][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.742816][ T7536] loop5: detected capacity change from 0 to 128
[   87.745866][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.759681][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.767450][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.774861][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.782319][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.789752][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.797228][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.804644][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.812094][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   87.819606][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.035348][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.042817][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.050367][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.057845][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.065300][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.072760][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.080233][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.087692][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.095143][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.102670][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.110120][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.117629][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.125116][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.132551][ T3412] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   88.155703][ T3412] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   88.520347][ T7562] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1755'.
[   88.641587][ T7541] ==================================================================
[   88.649744][ T7541] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   88.656917][ T7541] 
[   88.659275][ T7541] write to 0xffff888106b7ce14 of 4 bytes by task 7536 on cpu 0:
[   88.666943][ T7541]  xas_set_mark+0x12b/0x140
[   88.671499][ T7541]  __folio_start_writeback+0x1dd/0x440
[   88.677012][ T7541]  __block_write_full_folio+0x53a/0x8f0
[   88.682695][ T7541]  block_write_full_folio+0x2c2/0x2e0
[   88.688108][ T7541]  mpage_writepages+0x6cf/0x1250
[   88.693071][ T7541]  fat_writepages+0x24/0x30
[   88.697686][ T7541]  do_writepages+0x1c3/0x310
[   88.702378][ T7541]  file_write_and_wait_range+0x156/0x2c0
[   88.708037][ T7541]  __generic_file_fsync+0x46/0x140
[   88.713184][ T7541]  fat_file_fsync+0x49/0x100
[   88.717799][ T7541]  vfs_fsync_range+0x10a/0x130
[   88.722591][ T7541]  generic_file_write_iter+0x1b8/0x2f0
[   88.728068][ T7541]  iter_file_splice_write+0x5ef/0x970
[   88.733464][ T7541]  direct_splice_actor+0x153/0x2a0
[   88.738599][ T7541]  splice_direct_to_actor+0x30f/0x680
[   88.743997][ T7541]  do_splice_direct+0xda/0x150
[   88.748794][ T7541]  do_sendfile+0x380/0x650
[   88.753230][ T7541]  __x64_sys_sendfile64+0x105/0x150
[   88.758449][ T7541]  x64_sys_call+0xb39/0x2fb0
[   88.763057][ T7541]  do_syscall_64+0xd2/0x200
[   88.767575][ T7541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.773499][ T7541] 
[   88.775836][ T7541] read to 0xffff888106b7ce14 of 4 bytes by task 7541 on cpu 1:
[   88.783393][ T7541]  xas_find_marked+0x5dc/0x620
[   88.788177][ T7541]  find_get_entry+0x5d/0x380
[   88.792804][ T7541]  filemap_get_folios_tag+0x92/0x210
[   88.798123][ T7541]  filemap_fdatawait_range+0x88/0x1d0
[   88.803521][ T7541]  __writeback_single_inode+0xdb/0x7c0
[   88.809002][ T7541]  writeback_single_inode+0x167/0x3e0
[   88.814400][ T7541]  sync_inode_metadata+0x5b/0x90
[   88.819356][ T7541]  __generic_file_fsync+0xf8/0x140
[   88.824494][ T7541]  fat_file_fsync+0x49/0x100
[   88.829108][ T7541]  vfs_fsync_range+0x10a/0x130
[   88.833903][ T7541]  generic_file_write_iter+0x1b8/0x2f0
[   88.839385][ T7541]  iter_file_splice_write+0x5ef/0x970
[   88.844786][ T7541]  direct_splice_actor+0x153/0x2a0
[   88.849928][ T7541]  splice_direct_to_actor+0x30f/0x680
[   88.855338][ T7541]  do_splice_direct+0xda/0x150
[   88.860154][ T7541]  do_sendfile+0x380/0x650
[   88.864626][ T7541]  __x64_sys_sendfile64+0x105/0x150
[   88.869917][ T7541]  x64_sys_call+0xb39/0x2fb0
[   88.874536][ T7541]  do_syscall_64+0xd2/0x200
[   88.879059][ T7541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.884974][ T7541] 
[   88.887314][ T7541] value changed: 0x0a000021 -> 0x04000021
[   88.893045][ T7541] 
[   88.895382][ T7541] Reported by Kernel Concurrency Sanitizer on:
[   88.901549][ T7541] CPU: 1 UID: 0 PID: 7541 Comm: syz.5.1744 Tainted: G        W           6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(voluntary) 
[   88.915549][ T7541] Tainted: [W]=WARN
[   88.919361][ T7541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.929428][ T7541] ==================================================================