last executing test programs:

1m0.761369771s ago: executing program 2 (id=777):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1)

1m0.710423102s ago: executing program 2 (id=781):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x4, 0xd6e, 0x2}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x603f)

1m0.636223113s ago: executing program 2 (id=787):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
syz_usb_connect$uac1(0x6, 0x82, &(0x7f0000000000)=ANY=[], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m0.04417332s ago: executing program 2 (id=799):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m0.02381927s ago: executing program 2 (id=801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x7fff, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x3a366d1c952a243b, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2003, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)

59.774191833s ago: executing program 2 (id=809):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
syz_io_uring_setup(0x3dd6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setreuid(0x0, 0xee00)
request_key(&(0x7f0000000440)='logon\x00', &(0x7f0000000480)={'syz', 0x3}, &(0x7f0000000600)='/dev/vcsu#\x00\xfc\xbf9\xf6\vJ\x10RBJ\x06\xcd\xd0\x99\x81\x13\xc0\xa1\xed\xdd\x9ei\x1a\xd40\x93\x1e\x10\xcc\"\xca\xda\xedw\xcd!&((\xd4\xa4\x80\xe9O\xc64hO\xc8*\xfb\xf7\x1d\xbeg\xd6\xeeM\xa5Y\xd5\xd4[\x18\"+\xc3\xc0\x94\xb4;\xf8\xee\x91\xd2B\x85\x14u6', 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

59.732360634s ago: executing program 32 (id=809):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
syz_io_uring_setup(0x3dd6, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setreuid(0x0, 0xee00)
request_key(&(0x7f0000000440)='logon\x00', &(0x7f0000000480)={'syz', 0x3}, &(0x7f0000000600)='/dev/vcsu#\x00\xfc\xbf9\xf6\vJ\x10RBJ\x06\xcd\xd0\x99\x81\x13\xc0\xa1\xed\xdd\x9ei\x1a\xd40\x93\x1e\x10\xcc\"\xca\xda\xedw\xcd!&((\xd4\xa4\x80\xe9O\xc64hO\xc8*\xfb\xf7\x1d\xbeg\xd6\xeeM\xa5Y\xd5\xd4[\x18\"+\xc3\xc0\x94\xb4;\xf8\xee\x91\xd2B\x85\x14u6', 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

57.127297457s ago: executing program 3 (id=857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x1725, &(0x7f0000000080)={0x0, 0x0, 0x80, 0x400002, 0x9c}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x84, 0x0, 0x1})
io_uring_enter(r2, 0x264b, 0x4, 0x1, 0x0, 0x0)

56.940968369s ago: executing program 3 (id=861):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffb, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x13)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x2)
dup3(r2, r1, 0x0)

56.795864641s ago: executing program 3 (id=862):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r0, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3}, 0x3}, 0x1c)
shutdown(r0, 0x1)

56.746949532s ago: executing program 3 (id=864):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53a2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613b759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072560de9adcc5507f763e5804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dae62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e3ab9b94ff9266b3bc33eaecec233179e5348f11e7739033e9081bfc598746cf032fa55d958147a2e9226819ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b72"], 0x1, 0x11dd, &(0x7f00000012c0)="$eJzs3MGLG1UcB/Bf29XW1N2sWqstiA+96GVs9uDJS5AtSANK2xRaQZi6Ew3JJiETFiJivXn17xCP3gTxH9iLF8+Ct7147EEcMZF2d4mHRdiB5fO5zA/e+8J7DAy8YX5z8N63u4NemfXyWZw/dy7WJhHpcYoU5+NCLH0db9/79bfX7tx/cKvd6WzfTulm+27r3ZTSxus/ffzl92/8PLt874eNHy/G/uYnB39s/b5/df/awV93P++XqV+m0XiW8vRwPJ7lD4dF2umXgyylj4ZFXhapPyqL6ZHx3nA8mcxTPtpZb0ymRVmmfDRPg2KeZuM0m85T/lneH6Usy9J6I/g/ut89rqoqoqqeiWejqqrquWjE5Xg+1mMjmrEZL8SL8VJciZfjarwSr8a1xay61w0AAAAAAAAAAAAAAAAAAABni/5/AAAAAAAAAAAAAAAAAAAAqJ/+fwAAAAAAAAAAAAAAAAAAAKif/n8AAAAAAAAAAAAAAAAAAACo3537D261O53t2ylditj9Zq+7111el+PtXvRjGEXciGb8GYvu/6VlffODzvaNtLAZ7+w++jf/aK974Wi+tfidwMp8a5lPR/MXo3E4vxXNuLI6v7UyfyneevNQPotm/PJpjGMYO/FP9mn+q1ZK73/YOZa/vpgHAAAAZ0GWnlh5fs+y/xpf5k/wfuDY+Xotrq/Vu3ciyvkXg3w4LKYKhULxpKj7ycRpeHrT614JAAAAAAAAAAAAJ3EanxPWvUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv9mBYwEAAAAAYf7WaXRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwVQAAAP///83x1w==")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x500, 0x97)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

56.568814794s ago: executing program 3 (id=865):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
sched_rr_get_interval(0x0, &(0x7f0000000200))
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000380)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0x0, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')

56.335786817s ago: executing program 3 (id=870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)

56.320283087s ago: executing program 33 (id=870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)

55.173327082s ago: executing program 1 (id=890):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x7000, 0x0, 0x3)

54.984177514s ago: executing program 1 (id=891):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

54.877297006s ago: executing program 1 (id=892):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
sendmmsg(r0, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

54.723636177s ago: executing program 1 (id=893):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000140)={[{@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noblock_validity}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x8d)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x8]})
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfe}], 0x1, 0x5405, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7a680000)

53.73227328s ago: executing program 1 (id=907):
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x52c, &(0x7f0000000640)="$eJzs3d9rY1kdAPBvMv2Rdjrbru7DKuqO6+oowyRtZrcs+6DriyDLssK6TyKzpc2U0qQpTbpua8EO+Oar4IBP+if4IPggzJPvvumbLyMojDo4TAWRyE1uOm2adMq0aWaazwcuOefc2/s9J3DP6T1J7glgaF2NiN2IGIuIjyNiOi3PpFu829qS4x4/3Fnce7izmIlG48N/jqRH7iy2j2+7nJ4zF/FBkh/vEre2tb26UC6XNtJ8oV5ZL9S2tm+sVBaWS8ultWJxfm5+9u2bbxXPrK2vVX7z4Dsr7330+9998f4fd7/x46TO32rtGkvadmaBDmi9L6MxdaAseefe60ewAbiUtmds0BXhmWQj4jMR8Xqa3pcbXJ0AgP5qNKajMX0w31vmBMcAAM+/5J5/KjLZfHr/PxXZbD7fnMPLvRKT2XK1Vr9+u7q5thTNOayZGM3eXimXZtO5wpkYzST5uWb6Sb7Ykb8ZES9HxM/HJ5r5/GK1vDSof3oAYMhd7hj/H423xv8T8AkBALzIjOQAMHyOjv+jA6kHAHB+3P8DwPA5MP53+60uAHAB5Tp++w8AXHwH7v9Huh7wavzkh+dXHQDgHPj8HwCGyvfefz/ZGnvp86+XPtnaXK1+cmOpVFvNVzYX84vVjfX8crW63HxmT+Vp5ytXq+tzb8bmp4V6qVYv1La2b1Wqm2v1W83net8q+WEBAAzey6/d+3MmInbfmWhu0V7LwRcC4MJzmcPwujToCgAD0/37PsAwMB8PZJ6yv+dXhO72/puJU9QH6L9rn+sx/9/tf4M7+6n/Nc6vikCfmP+H4XW6+X+zB/AiM/8Pw6vRyFjPHwCGzAnu4H1FEC64Z/78HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYVHPLZPPpWuBTkc3m8xFXImJmYjRze6Vcmo2IlyLiT+Oj40l+btCVBgBOKfv3TLr+17XpN6Y6945l/jPefI2IH/3yw198ulCvb8wl5f/aL6/fTcuLXQOM978NAMABI50F7XG6PY631/d9/HBnsb2dZwUffLu1uGgSdy/d2lVvVT4XoxEx+e/MocZkzmhh4t07EfFqZ/uz+/tn0pVPO+Mnsa/0LX40Wzh1KH72UPxsc1/rNXkvPnsGdYFhcy/pf97tdv1l42rzNb3+Moc701z87Gjn+gza/d9eo7P/a13vH1zJNfuabv3f1ZPGePMP3+25786lxudHIvaO9L/tFaFzzdSR+CMRb3Q74U+/+Wizo+gvX/jS673iN34VcS2Oi99KFeqV9UJta/vGSmVhubRcWisW5+fmZ9+++Vax0JyjLrRnqo/6xzvXX+rd/ojJHvFzx7U/Ir7a66Qdfv3fj3/w5WPif/0r3eJn45Vj4idj4tdOGH9h8rc9l+9O4i/1aP/Iofhjh/4uKbt+wvj3/7q9dMJDAYBzUNvaXl0ol0sbEqdN5Pp15svPSQMleiT+9tGha2rg9TmTxMC6JOCcPLnoB10TAAAAAAAAAAAAAACgl9r300f+9fHHcINuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfX/wMAAP//OkHLZw==")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002680)=ANY=[@ANYBLOB="140000001000010000000000000007000000000a60000000060a0b0400000000000000000200000034000480200001800e000100636f6e6e6c696d69740000000c000280080001400000000010000180090001006c617374000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0)
close(r1)

53.550717242s ago: executing program 1 (id=910):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = epoll_create1(0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000))

53.550568382s ago: executing program 34 (id=910):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = epoll_create1(0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000))

2.471450509s ago: executing program 6 (id=2527):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x7, 0x9)
write$P9_RWRITE(r3, &(0x7f0000000040)={0xb, 0x77, 0x87}, 0x10c00)
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)

1.768019688s ago: executing program 0 (id=2548):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

1.62078654s ago: executing program 0 (id=2555):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'erspan0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000040)=0xf3f, 0xa)
sendto$packet(r2, &(0x7f0000000080)="3f031c000300140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b6880610cc9", 0x26, 0x24000094, &(0x7f0000000540)={0xc9, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14)

1.61697467s ago: executing program 6 (id=2556):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)=ANY=[], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r3=>0x0)
io_submit(r3, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r2, &(0x7f0000000000), 0x4000}])

1.568236701s ago: executing program 0 (id=2557):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000000)={0xc, 0x3, 0x1})

1.521730781s ago: executing program 0 (id=2559):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004000000baed000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x40)
dup2(0xffffffffffffffff, 0xffffffffffffffff)

1.521260581s ago: executing program 0 (id=2560):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x5)
setsockopt(r1, 0x800000000010d, 0x8000000011, &(0x7f00001c9fff), 0xc5)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r1, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.456373782s ago: executing program 6 (id=2564):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
epoll_pwait2(r0, &(0x7f0000000240)=[{}], 0x1, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x12001}, 0x18)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})

669.691182ms ago: executing program 0 (id=2590):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
accept4$unix(r1, 0x0, 0x0, 0x800)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

669.513522ms ago: executing program 4 (id=2591):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x60f7, &(0x7f0000000400)={0x0, 0x0, 0x2, 0xfffffffe, 0x3bd})
r2 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r2, 0x4)
close_range(r1, r2, 0x0)

644.520292ms ago: executing program 4 (id=2592):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x10000}, 0x18)
perf_event_open(&(0x7f00000004c0)={0x8, 0x80, 0x0, 0xc, 0x0, 0x0, 0x82, 0x200000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000080), 0x9}, 0x18204, 0x0, 0x3, 0x0, 0x0, 0x5338c7af, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

626.870852ms ago: executing program 4 (id=2593):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r1=>0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x7c00)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

579.752173ms ago: executing program 6 (id=2595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x20}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x28040000}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

555.873463ms ago: executing program 6 (id=2596):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
sendto$inet6(r1, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)
sendto$inet6(r1, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
sendmsg$inet6(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)="2f6c62fdf406a1a0175bd356c35c10e4d1be87033978d275293527325d1cd47e250c", 0x22}], 0x1}, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f00000000c0), 0x4)

548.834023ms ago: executing program 5 (id=2597):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000280)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

529.939093ms ago: executing program 4 (id=2598):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69)
close(r0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

528.490633ms ago: executing program 6 (id=2608):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
pipe(&(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x7, 0x9)
write$P9_RWRITE(r3, &(0x7f0000000040)={0xb, 0x77, 0x87}, 0x10c00)
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)

495.357484ms ago: executing program 4 (id=2600):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x1)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a000000", 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x1}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

468.707784ms ago: executing program 5 (id=2602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x17)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x1c)

460.265284ms ago: executing program 4 (id=2604):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
creat(&(0x7f0000000000)='./bus\x00', 0xd931d3864d39ddd8)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f0000000080)={r1})
sendfile(r1, r0, 0x0, 0x7ffff000)

361.845036ms ago: executing program 5 (id=2606):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000600)='kfree\x00', r0}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)

333.523406ms ago: executing program 5 (id=2609):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x11)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x2}, 0x18)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r4, 0x28543634fae43ad, 0x0, 0x0, {0xd}}, 0x14}}, 0x0)

293.486317ms ago: executing program 7 (id=2611):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800001f1a0068099b3c0000000000001860000000000000824d086bb227733218120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0x1, 0x0)
fcntl$setstatus(r1, 0x407, 0xa0018ce0)
close_range(r1, 0xffffffffffffffff, 0x0)

169.398688ms ago: executing program 7 (id=2612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0xa54a9d76e5e2e84, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
sendfile(r2, r2, 0x0, 0xb)

169.237358ms ago: executing program 5 (id=2613):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

151.025438ms ago: executing program 5 (id=2614):
close(0x3)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
io_setup(0x8, &(0x7f0000004200)=<r1=>0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
r3 = dup(r0)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffff}, 0x10007, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

116.278678ms ago: executing program 7 (id=2615):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521)

3.72103ms ago: executing program 7 (id=2616):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r2, &(0x7f0000000080)="3f031c000302140006001e00890000004a1b7880000088a800"/38, 0x26, 0x1, &(0x7f0000000540)={0xc9, 0x8100, r3, 0x1, 0x1, 0x6, @random="5b5222d6f14a"}, 0x14)

3.3758ms ago: executing program 7 (id=2617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x32, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0x100}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

0s ago: executing program 7 (id=2618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0xa9ee, 0x400, 0x3, 0x8002ae}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x19, 0x109880})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

kernel console output (not intermixed with test programs):

slave_0) is not up; please bring it up to get a fully working HSR network
[   57.822882][ T5783] syz.1.893: attempt to access beyond end of device
[   57.822882][ T5783] loop1: rw=524288, sector=24, nr_sectors = 4 limit=0
[   57.833129][ T5618] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.846521][ T5783] syz.1.893: attempt to access beyond end of device
[   57.846521][ T5783] loop1: rw=524288, sector=28, nr_sectors = 4 limit=0
[   57.870180][ T5783] syz.1.893: attempt to access beyond end of device
[   57.870180][ T5783] loop1: rw=524288, sector=32, nr_sectors = 4 limit=0
[   57.886621][ T5783] syz.1.893: attempt to access beyond end of device
[   57.886621][ T5783] loop1: rw=12288, sector=20, nr_sectors = 4 limit=0
[   57.925310][ T5713] hsr_slave_0: entered promiscuous mode
[   57.931299][ T5713] hsr_slave_1: entered promiscuous mode
[   57.936097][ T5801] syz.1.893: attempt to access beyond end of device
[   57.936097][ T5801] loop1: rw=524288, sector=384, nr_sectors = 20 limit=0
[   57.937572][ T5713] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   57.951938][ T5801] syz.1.893: attempt to access beyond end of device
[   57.951938][ T5801] loop1: rw=0, sector=384, nr_sectors = 8 limit=0
[   57.962246][ T5713] Cannot create hsr debugfs directory
[   57.989313][ T5783] EXT4-fs error (device loop1): ext4_get_inode_loc:4588: inode #16: block 5: comm syz.1.893: unable to read itable block
[   58.029933][ T5783] syz.1.893: attempt to access beyond end of device
[   58.029933][ T5783] loop1: rw=145409, sector=0, nr_sectors = 4 limit=0
[   58.043149][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.051596][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.058596][ T5783] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: IO failure
[   58.073041][ T5618] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.098036][ T5783] syz.1.893: attempt to access beyond end of device
[   58.098036][ T5783] loop1: rw=145409, sector=0, nr_sectors = 4 limit=0
[   58.111427][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.121058][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.127870][ T5783] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #16: comm syz.1.893: mark_inode_dirty error
[   58.139433][ T5783] syz.1.893: attempt to access beyond end of device
[   58.139433][ T5783] loop1: rw=145409, sector=0, nr_sectors = 4 limit=0
[   58.152591][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.162915][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.169819][ T5783] EXT4-fs error (device loop1): ext4_get_inode_loc:4588: inode #16: block 5: comm syz.1.893: unable to read itable block
[   58.208501][ T5713] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   58.215868][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.227316][ T5713] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   58.235075][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.241870][ T5783] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: IO failure
[   58.250967][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.252683][ T5713] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   58.259375][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.272736][ T5783] EXT4-fs error (device loop1): ext4_da_do_write_end:3064: inode #16: comm syz.1.893: mark_inode_dirty error
[   58.284409][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.289609][ T5713] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   58.299415][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.307161][ T5783] EXT4-fs error (device loop1): ext4_get_inode_loc:4588: inode #16: block 5: comm syz.1.893: unable to read itable block
[   58.354367][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.372679][ T5713] 8021q: adding VLAN 0 to HW filter on device bond0
[   58.379690][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.386237][ T5618] veth0_vlan: entered promiscuous mode
[   58.386569][ T5783] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: IO failure
[   58.407484][ T5713] 8021q: adding VLAN 0 to HW filter on device team0
[   58.418778][ T5830] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5830 comm=syz.0.905
[   58.436075][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.443125][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.450522][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.452140][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.465899][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.466290][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.479971][ T5783] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #16: comm syz.1.893: mark_inode_dirty error
[   58.495960][ T5783] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.504465][ T5783] EXT4-fs (loop1): I/O error while writing superblock
[   58.507284][ T5618] veth1_vlan: entered promiscuous mode
[   58.519482][ T5713] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   58.529908][ T5713] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.532549][ T3306] EXT4-fs error (device loop1): ext4_get_inode_loc:4588: inode #2: block 4: comm syz-executor: unable to read itable block
[   58.572413][ T5618] veth0_macvtap: entered promiscuous mode
[   58.581703][ T3306] Buffer I/O error on dev loop1, logical block 0, lost sync page write
[   58.595042][ T5618] veth1_macvtap: entered promiscuous mode
[   58.605617][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.616143][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.626049][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.636580][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.646450][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.657024][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.668873][ T5618] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.681038][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.691552][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.701439][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.711922][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.721751][ T5618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.732316][ T5618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.745377][ T5618] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.755992][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.766295][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   58.784347][ T5713] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.795491][ T5843] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[   58.797426][ T5618] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.811772][ T5618] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.820541][ T5618] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.829342][ T5618] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.870770][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.881266][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   58.895923][ T5852] SET target dimension over the limit!
[   58.936266][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.946590][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   59.075365][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.085772][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[   59.111955][ T5881] syzkaller1: entered promiscuous mode
[   59.117562][ T5881] syzkaller1: entered allmulticast mode
[   59.162145][ T5713] veth0_vlan: entered promiscuous mode
[   59.177181][ T5713] veth1_vlan: entered promiscuous mode
[   59.198996][ T5713] veth0_macvtap: entered promiscuous mode
[   59.228819][ T5844] chnl_net:caif_netlink_parms(): no params data found
[   59.254738][ T5713] veth1_macvtap: entered promiscuous mode
[   59.273584][   T51] dummy0: left allmulticast mode
[   59.278658][   T51] bridge0: port 3(dummy0) entered disabled state
[   59.286644][ T5902] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   59.297851][   T51] bridge_slave_1: left allmulticast mode
[   59.303636][   T51] bridge_slave_1: left promiscuous mode
[   59.309378][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.341706][   T51] bridge_slave_0: left promiscuous mode
[   59.347609][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.405359][   T51] bond1 (unregistering): (slave geneve2): Releasing active interface
[   59.544858][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   59.555581][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   59.565184][   T51] bond0 (unregistering): Released all slaves
[   59.574579][   T51] bond1 (unregistering): Released all slaves
[   59.588276][ T5941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.601429][ T5908] IPv6: Can't replace route, no match found
[   59.614562][ T5941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.648990][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.659546][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.669430][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.679923][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.690018][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.700505][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.710315][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.720726][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.732274][ T5713] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.741205][   T51] hsr_slave_0: left promiscuous mode
[   59.746971][   T51] hsr_slave_1: left promiscuous mode
[   59.752466][ T5948] loop4: detected capacity change from 0 to 764
[   59.752667][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.766344][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   59.774388][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   59.781803][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   59.791875][   T51] veth1_macvtap: left promiscuous mode
[   59.797470][   T51] veth0_macvtap: left promiscuous mode
[   59.803074][   T51] veth1_vlan: left promiscuous mode
[   59.808344][   T51] veth0_vlan: left promiscuous mode
[   59.846836][   T51] team0 (unregistering): Port device batadv1 removed
[   59.876833][   T51] team0 (unregistering): Port device team_slave_1 removed
[   59.886611][   T51] team0 (unregistering): Port device team_slave_0 removed
[   59.903340][ T5950] xt_CT: No such helper "snmp_trap"
[   59.918071][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.925239][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.932468][ T5844] bridge_slave_0: entered allmulticast mode
[   59.939228][ T5844] bridge_slave_0: entered promiscuous mode
[   59.948450][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.955622][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.962863][ T5844] bridge_slave_1: entered allmulticast mode
[   59.969249][ T5844] bridge_slave_1: entered promiscuous mode
[   59.992519][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   60.003151][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   60.013003][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   60.023481][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   60.033384][ T5713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   60.043807][ T5713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   60.054183][ T5713] batman_adv: batadv0: Interface activated: batadv_slave_1
[   60.062672][ T5713] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.071404][ T5713] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.080102][ T5713] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   60.088887][ T5713] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.099861][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   60.111878][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   60.138471][ T5844] team0: Port device team_slave_0 added
[   60.147289][ T5844] team0: Port device team_slave_1 added
[   60.169464][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.176491][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.202403][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.218017][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.225080][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.251131][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.303896][ T5844] hsr_slave_0: entered promiscuous mode
[   60.316805][ T5844] hsr_slave_1: entered promiscuous mode
[   60.326385][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.334459][ T5844] Cannot create hsr debugfs directory
[   60.350966][ T5960] netlink: 8 bytes leftover after parsing attributes in process `syz.5.950'.
[   60.523693][ T5844] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   60.538520][ T5844] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   60.556590][ T5844] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   60.569058][ T5844] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   60.614421][ T5978] usb usb1: usbfs: process 5978 (syz.5.958) did not claim interface 63 before use
[   60.660813][ T5981] netlink: 8 bytes leftover after parsing attributes in process `syz.6.959'.
[   60.678424][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.699791][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   60.716892][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.724056][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.733178][ T5985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.961'.
[   60.758522][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.765594][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.766504][ T5985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.961'.
[   60.903954][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.074798][ T5844] veth0_vlan: entered promiscuous mode
[   61.091597][ T6029] SELinux: security_context_str_to_sid (����) failed with errno=-22
[   61.092208][ T5844] veth1_vlan: entered promiscuous mode
[   61.138601][ T6033] loop5: detected capacity change from 0 to 1024
[   61.152070][ T5844] veth0_macvtap: entered promiscuous mode
[   61.164145][ T5844] veth1_macvtap: entered promiscuous mode
[   61.186424][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.196932][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.202412][ T6040] netlink: 24 bytes leftover after parsing attributes in process `syz.4.978'.
[   61.206994][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.226261][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.226736][ T6033] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.236067][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.236083][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.236140][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.278856][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.285869][ T6033] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.976: bg 0: block 88: padding at end of block bitmap is not set
[   61.291169][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.310990][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.321465][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.331422][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.341957][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.351846][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.362350][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.372283][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.382892][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.393339][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.407344][ T5844] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.416058][ T5844] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.424774][ T5844] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.433555][ T5844] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.502270][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.651635][ T6031] Set syz1 is full, maxelem 65536 reached
[   61.816136][ T6070] loop6: detected capacity change from 0 to 512
[   61.850823][ T6070] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.989: Invalid inode bitmap blk 4 in block_group 0
[   61.886920][ T6077] loop7: detected capacity change from 0 to 128
[   61.911322][ T6070] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.964335][ T6079] xt_hashlimit: overflow, rate too high: 1125899906842624
[   62.007449][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.166932][ T6102] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1004'.
[   62.200936][   T29] kauditd_printk_skb: 146 callbacks suppressed
[   62.200993][   T29] audit: type=1326 audit(1745656743.418:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.248940][   T29] audit: type=1326 audit(1745656743.458:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.252930][ T6109] loop6: detected capacity change from 0 to 512
[   62.272407][   T29] audit: type=1326 audit(1745656743.458:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.302057][   T29] audit: type=1326 audit(1745656743.458:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.325482][   T29] audit: type=1326 audit(1745656743.458:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.348926][   T29] audit: type=1326 audit(1745656743.458:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.372326][   T29] audit: type=1326 audit(1745656743.458:1366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.395745][   T29] audit: type=1326 audit(1745656743.458:1367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.419182][   T29] audit: type=1326 audit(1745656743.458:1368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.442582][   T29] audit: type=1326 audit(1745656743.458:1369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6105 comm="syz.6.1006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   62.470901][ T6109] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.483917][ T6109] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   62.538389][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.614094][ T6125] loop4: detected capacity change from 0 to 256
[   62.639585][ T6125] FAT-fs (loop4): codepage cp950 not found
[   62.645886][ T6130] netlink: 'syz.6.1016': attribute type 4 has an invalid length.
[   62.671590][ T6130] netlink: 'syz.6.1016': attribute type 4 has an invalid length.
[   62.800901][ T6143] loop6: detected capacity change from 0 to 512
[   62.855677][ T6152] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1025'.
[   62.867319][ T6154] IPv4: Oversized IP packet from 127.202.26.0
[   62.874505][ T6143] EXT4-fs (loop6): 1 orphan inode deleted
[   62.880667][ T6143] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.894476][ T3960] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 1
[   62.913593][ T6143] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.948730][ T6163] loop4: detected capacity change from 0 to 512
[   62.970457][ T6163] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1028: Parent and EA inode have the same ino 15
[   62.987092][ T6163] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.1028: Parent and EA inode have the same ino 15
[   62.999679][ T6163] EXT4-fs (loop4): 1 orphan inode deleted
[   63.006775][ T6163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.061495][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.153488][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.193339][ T6195] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1045'.
[   63.392860][ T6237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1059'.
[   63.405102][ T6237] ip6gre1: entered allmulticast mode
[   63.493551][ T6254] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1061'.
[   63.833864][ T6297] loop5: detected capacity change from 0 to 128
[   63.858112][ T6294] loop6: detected capacity change from 0 to 128
[   63.981884][ T6323] netlink: 'syz.0.1075': attribute type 4 has an invalid length.
[   63.982025][ T6322] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   64.043506][ T6328] netlink: 'syz.0.1075': attribute type 4 has an invalid length.
[   64.110965][ T6334] loop6: detected capacity change from 0 to 1024
[   64.117651][ T6334] EXT4-fs: Ignoring removed nobh option
[   64.138755][ T6297] bio_check_eod: 40 callbacks suppressed
[   64.138824][ T6297] syz.5.1071: attempt to access beyond end of device
[   64.138824][ T6297] loop5: rw=2049, sector=128, nr_sectors = 1 limit=128
[   64.157966][ T6297] buffer_io_error: 6 callbacks suppressed
[   64.157994][ T6297] Buffer I/O error on dev loop5, logical block 128, lost async page write
[   64.181904][ T6334] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.195897][ T6334] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.317811][ T6354] netem: incorrect ge model size
[   64.322845][ T6354] netem: change failed
[   64.330398][ T6356] loop5: detected capacity change from 0 to 512
[   64.361922][ T6361] loop7: detected capacity change from 0 to 128
[   64.372084][ T6356] EXT4-fs (loop5): 1 orphan inode deleted
[   64.378818][ T6365] syz_tun: entered allmulticast mode
[   64.384385][   T12] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 1
[   64.396620][ T6361] FAT-fs (loop7): Directory bread(block 162) failed
[   64.397465][ T6356] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.409576][ T6365] dvmrp1: entered allmulticast mode
[   64.417297][ T6356] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.423884][ T6361] FAT-fs (loop7): Directory bread(block 163) failed
[   64.440742][ T6361] FAT-fs (loop7): Directory bread(block 164) failed
[   64.447560][ T6361] FAT-fs (loop7): Directory bread(block 165) failed
[   64.454239][ T6361] FAT-fs (loop7): Directory bread(block 166) failed
[   64.460835][ T6361] FAT-fs (loop7): Directory bread(block 167) failed
[   64.467496][ T6361] FAT-fs (loop7): Directory bread(block 168) failed
[   64.474117][ T6361] FAT-fs (loop7): Directory bread(block 169) failed
[   64.502976][ T6363] syz_tun: left allmulticast mode
[   64.508125][ T6363] dvmrp1: left allmulticast mode
[   64.535889][ T6369] loop6: detected capacity change from 0 to 512
[   64.544523][ T6369] EXT4-fs: Ignoring removed orlov option
[   64.559385][ T6371] loop7: detected capacity change from 0 to 1024
[   64.570832][ T6371] EXT4-fs: Ignoring removed nobh option
[   64.578022][ T6369] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.591687][ T6369] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.616326][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.626057][ T6371] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.641034][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.650942][ T6371] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.878695][ T6411] loop5: detected capacity change from 0 to 1024
[   64.895778][ T6411] EXT4-fs: Ignoring removed nobh option
[   64.916049][ T6418] netlink: 'syz.6.1116': attribute type 1 has an invalid length.
[   64.923816][ T6418] netlink: 'syz.6.1116': attribute type 3 has an invalid length.
[   64.984366][ T6423] ALSA: seq fatal error: cannot create timer (-19)
[   65.241646][ T6464] vlan2: entered allmulticast mode
[   65.387623][ T6480] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.394824][ T6480] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.402203][ T6480] bridge0: entered allmulticast mode
[   65.411938][ T6480] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.419079][ T6480] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.426447][ T6480] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.433565][ T6480] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.443223][ T6480] bridge0: entered promiscuous mode
[   65.468476][ T6487] SELinux: failed to load policy
[   65.883296][ T6503] loop4: detected capacity change from 0 to 1024
[   65.890069][ T6503] EXT4-fs: Ignoring removed nobh option
[   65.931827][ T6508] __nla_validate_parse: 5 callbacks suppressed
[   65.931840][ T6508] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1153'.
[   65.932398][ T6511] loop4: detected capacity change from 0 to 128
[   66.118501][ T6522] loop5: detected capacity change from 0 to 4096
[   66.136928][ T6522] EXT4-fs mount: 4 callbacks suppressed
[   66.136938][ T6522] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.194220][ T6511] syz.4.1154: attempt to access beyond end of device
[   66.194220][ T6511] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128
[   66.207775][ T6511] Buffer I/O error on dev loop4, logical block 128, lost async page write
[   66.266487][ T6522] EXT4-fs (loop5): shut down requested (1)
[   66.290560][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.301619][ T3960] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   66.531856][ T6565] loop6: detected capacity change from 0 to 128
[   66.539969][ T6562] sd 0:0:1:0: device reset
[   66.670242][ T6565] syz.6.1180: attempt to access beyond end of device
[   66.670242][ T6565] loop6: rw=2049, sector=128, nr_sectors = 1 limit=128
[   66.683713][ T6565] Buffer I/O error on dev loop6, logical block 128, lost async page write
[   67.247843][ T6603] loop7: detected capacity change from 0 to 128
[   67.534209][ T6603] syz.7.1197: attempt to access beyond end of device
[   67.534209][ T6603] loop7: rw=2049, sector=128, nr_sectors = 1 limit=128
[   67.547658][ T6603] Buffer I/O error on dev loop7, logical block 128, lost async page write
[   67.688972][   T29] kauditd_printk_skb: 175 callbacks suppressed
[   67.688985][   T29] audit: type=1326 audit(1745656748.908:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.718995][   T29] audit: type=1326 audit(1745656748.908:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.742426][   T29] audit: type=1326 audit(1745656748.908:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.766080][   T29] audit: type=1326 audit(1745656748.908:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.789528][   T29] audit: type=1326 audit(1745656748.908:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.812933][   T29] audit: type=1326 audit(1745656748.908:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6621 comm="syz.7.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.868562][   T29] audit: type=1326 audit(1745656749.088:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6627 comm="syz.7.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.892059][   T29] audit: type=1326 audit(1745656749.088:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6627 comm="syz.7.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.916393][   T29] audit: type=1326 audit(1745656749.088:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6627 comm="syz.7.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.939850][   T29] audit: type=1326 audit(1745656749.088:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6627 comm="syz.7.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[   67.963674][ T6630] netlink: 'syz.4.1212': attribute type 12 has an invalid length.
[   68.147813][ T6647] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.155035][ T6647] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.170261][ T6647] bridge0: entered allmulticast mode
[   68.179664][ T6646] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1219'.
[   68.188656][ T6646] netem: unknown loss type 13
[   68.193444][ T6646] netem: change failed
[   68.197741][ T6647] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.204825][ T6647] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.212191][ T6647] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.219306][ T6647] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.236699][ T6647] bridge0: entered promiscuous mode
[   68.260241][ T6650] loop5: detected capacity change from 0 to 512
[   68.268541][ T6650] EXT4-fs: Ignoring removed nobh option
[   68.295847][ T3379] kernel write not supported for file /118/attr/exec (pid: 3379 comm: kworker/1:3)
[   68.306908][ T6650] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.1220: corrupted inode contents
[   68.335905][ T6650] EXT4-fs (loop5): Remounting filesystem read-only
[   68.351501][ T6650] EXT4-fs (loop5): 1 truncate cleaned up
[   68.362983][ T3960] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.373684][ T3960] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.405306][ T6650] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.428642][ T6662] loop6: detected capacity change from 0 to 128
[   68.437437][ T3960] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   68.449557][ T6650] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.498565][ T6650] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.684142][ T6679] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1231'.
[   68.693169][ T6677] loop4: detected capacity change from 0 to 4096
[   68.715748][ T6677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.732871][ T6684] netlink: zone id is out of range
[   68.738006][ T6684] netlink: zone id is out of range
[   68.743173][ T6684] netlink: zone id is out of range
[   68.748417][ T6684] netlink: zone id is out of range
[   68.753556][ T6684] netlink: zone id is out of range
[   68.758737][ T6684] netlink: zone id is out of range
[   68.763877][ T6684] netlink: zone id is out of range
[   68.766054][ T6677] EXT4-fs (loop4): shut down requested (1)
[   68.768979][ T6684] netlink: zone id is out of range
[   68.768987][ T6684] netlink: zone id is out of range
[   68.768993][ T6684] netlink: zone id is out of range
[   68.839462][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.848886][ T3960] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   68.869087][ T6691] loop5: detected capacity change from 0 to 1024
[   68.908064][ T6691] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.936874][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.106066][ T6710] loop5: detected capacity change from 0 to 128
[   69.319801][ T6735] netlink: 'syz.4.1255': attribute type 3 has an invalid length.
[   69.380160][ T6745] loop4: detected capacity change from 0 to 1024
[   69.396969][ T6745] EXT4-fs: Ignoring removed nobh option
[   69.409516][ T6749] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1262'.
[   69.450190][ T6745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.469126][ T6745] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.519906][ T6762] loop4: detected capacity change from 0 to 512
[   69.541608][ T6762] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   69.558116][ T6762] EXT4-fs (loop4): 1 truncate cleaned up
[   69.590771][ T6762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.645314][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.679626][ T6772] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1272'.
[   69.762560][ T6786] loop6: detected capacity change from 0 to 1024
[   69.769652][ T6786] EXT4-fs: Ignoring removed nobh option
[   69.786373][ T6786] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.803451][ T6786] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.359279][ T6828] loop5: detected capacity change from 0 to 1024
[   70.366189][ T6828] EXT4-fs: Ignoring removed nobh option
[   70.375433][ T6828] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.388540][ T6828] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.428696][ T6835] netlink: 'syz.6.1297': attribute type 3 has an invalid length.
[   70.446953][ T6838] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   70.454198][ T6838] IPv6: NLM_F_CREATE should be set when creating new route
[   70.544131][ T6858] capability: warning: `syz.0.1307' uses deprecated v2 capabilities in a way that may be insecure
[   70.601530][ T6866] loop7: detected capacity change from 0 to 512
[   70.617627][ T6866] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   70.631430][ T6866] EXT4-fs (loop7): orphan cleanup on readonly fs
[   70.654151][ T6866] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.1311: Block bitmap for bg 0 marked uninitialized
[   70.681520][ T6873] bond0: entered promiscuous mode
[   70.686793][ T6873] bond_slave_0: entered promiscuous mode
[   70.692544][ T6873] bond_slave_1: entered promiscuous mode
[   70.708588][ T6866] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   70.711895][ T6873] batadv0: entered promiscuous mode
[   70.724409][ T6873] 8021q: adding VLAN 0 to HW filter on device hsr1
[   70.736185][ T6866] EXT4-fs (loop7): 1 orphan inode deleted
[   70.746249][ T6873] bond0: left promiscuous mode
[   70.749819][ T6866] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   70.751034][ T6873] bond_slave_0: left promiscuous mode
[   70.768524][ T6873] bond_slave_1: left promiscuous mode
[   70.796833][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.814078][ T6873] batadv0: left promiscuous mode
[   70.875867][ T6884] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1319'.
[   71.219593][ T6924] geneve0: entered allmulticast mode
[   71.254187][ T6928] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1337'.
[   71.328517][ T6931] sd 0:0:1:0: device reset
[   71.724758][ T6935] tipc: Started in network mode
[   71.729674][ T6935] tipc: Node identity 7f000001, cluster identity 4711
[   71.739198][ T6935] tipc: Enabled bearer <udp:syz2>, priority 10
[   71.968378][ T6952] serio: Serial port ptm0
[   72.852740][ T3382] tipc: Node number set to 2130706433
[   76.096677][   T29] kauditd_printk_skb: 387 callbacks suppressed
[   76.096692][   T29] audit: type=1400 audit(1745656757.321:1930): avc:  denied  { bind } for  pid=6967 comm="syz.0.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   76.103434][ T6970] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1357'.
[   76.155034][   T29] audit: type=1400 audit(1745656757.351:1931): avc:  denied  { setopt } for  pid=6967 comm="syz.0.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   76.190251][ T6977] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1359'.
[   76.201335][ T6979] netlink: 332 bytes leftover after parsing attributes in process `syz.0.1358'.
[   76.454237][   T29] audit: type=1400 audit(1745656757.681:1932): avc:  denied  { map } for  pid=7000 comm="syz.0.1370" path="socket:[17766]" dev="sockfs" ino=17766 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   76.477679][   T29] audit: type=1400 audit(1745656757.681:1933): avc:  denied  { read } for  pid=7000 comm="syz.0.1370" path="socket:[17766]" dev="sockfs" ino=17766 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   76.680084][   T29] audit: type=1326 audit(1745656757.901:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   76.703718][   T29] audit: type=1326 audit(1745656757.901:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   76.749847][   T29] audit: type=1326 audit(1745656757.951:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   76.773310][   T29] audit: type=1326 audit(1745656757.951:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   76.796735][   T29] audit: type=1326 audit(1745656757.951:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   76.820179][   T29] audit: type=1326 audit(1745656757.951:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7021 comm="syz.0.1380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f97d0d6e969 code=0x7ffc0000
[   77.470429][ T7074] syzkaller0: entered promiscuous mode
[   77.476068][ T7074] syzkaller0: entered allmulticast mode
[   78.529631][ T7154] netlink: 'syz.4.1438': attribute type 21 has an invalid length.
[   78.550704][ T7156] hub 9-0:1.0: USB hub found
[   78.555531][ T7156] hub 9-0:1.0: 8 ports detected
[   78.594102][ T7162] netlink: 165 bytes leftover after parsing attributes in process `syz.4.1442'.
[   78.637103][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1445'.
[   78.893938][ T7201] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1459'.
[   78.959939][ T7210] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1463'.
[   78.969612][ T7210] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1463'.
[   79.096782][ T7219] netlink: 'syz.4.1468': attribute type 13 has an invalid length.
[   79.155472][ T7219] net_ratelimit: 290 callbacks suppressed
[   79.155481][ T7219] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   79.211497][ T7228] loop7: detected capacity change from 0 to 512
[   79.234730][ T7228] EXT4-fs (loop7): orphan cleanup on readonly fs
[   79.252164][ T7231] gretap1: entered allmulticast mode
[   79.258864][ T7228] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.1471: bg 0: block 248: padding at end of block bitmap is not set
[   79.269753][ T7231] bond0: (slave gretap1): Enslaving as an active interface with an up link
[   79.274183][ T7228] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.1471: Failed to acquire dquot type 1
[   79.294187][ T7228] EXT4-fs (loop7): 1 truncate cleaned up
[   79.300854][ T7228] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.333127][ T7228] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[   79.353116][ T7228] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.1471: Failed to acquire dquot type 1
[   79.365585][ T7228] EXT4-fs warning (device loop7): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[   79.411237][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.469206][ T7250] loop7: detected capacity change from 0 to 527
[   79.479353][ T7252] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1481'.
[   79.483262][ T7250] EXT4-fs (loop7): failed to parse options in superblock: 
[   79.501080][ T7250] EXT4-fs (loop7): Unsupported encryption level 4
[   79.540350][ T7254] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1482'.
[   79.604797][ T7270] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1489'.
[   79.666795][ T7283] loop4: detected capacity change from 0 to 1024
[   79.673756][ T7283] EXT4-fs: Ignoring removed oldalloc option
[   79.680030][ T7283] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   79.694015][ T7283] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a803c098, mo2=0003]
[   79.702130][ T7283] System zones: 0-1, 3-12
[   79.707232][ T7283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.731779][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.985744][ T7307] loop5: detected capacity change from 0 to 2048
[   80.009283][ T7310] sg_write: data in/out 122/10 bytes for SCSI command 0xe4-- guessing data in;
[   80.009283][ T7310]    program syz.4.1506 not setting count and/or reply_len properly
[   80.025943][ T7307] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.132557][ T7307] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2 with max blocks 1 with error 28
[   80.144810][ T7307] EXT4-fs (loop5): This should not happen!! Data will be lost
[   80.144810][ T7307] 
[   80.154468][ T7307] EXT4-fs (loop5): Total free blocks count 0
[   80.160442][ T7307] EXT4-fs (loop5): Free/Dirty block details
[   80.166432][ T7307] EXT4-fs (loop5): free_blocks=0
[   80.171418][ T7307] EXT4-fs (loop5): dirty_blocks=0
[   80.176572][ T7307] EXT4-fs (loop5): Block reservation details
[   80.182720][ T7307] EXT4-fs (loop5): i_reserved_data_blocks=0
[   80.255822][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.389566][ T7344] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1521'.
[   80.545469][ T7356] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.552667][ T7356] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.560845][ T7356] bridge0: entered allmulticast mode
[   80.570790][ T7356] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.577888][ T7356] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.585327][ T7356] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.592439][ T7356] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.601266][ T7356] bridge0: entered promiscuous mode
[   80.802915][ T7388] ref_ctr_offset mismatch. inode: 0x44f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8
[   80.898012][ T7395] netlink: 2040 bytes leftover after parsing attributes in process `syz.5.1543'.
[   80.958552][ T7399] loop4: detected capacity change from 0 to 512
[   80.977080][ T7399] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   80.996829][ T7399] EXT4-fs (loop4): 1 truncate cleaned up
[   81.009583][ T7399] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.037898][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.103396][ T7418] netlink: 'syz.0.1555': attribute type 10 has an invalid length.
[   81.111449][ T7418] dummy0: entered promiscuous mode
[   81.119841][ T7418] bridge0: port 3(dummy0) entered blocking state
[   81.121883][   T29] kauditd_printk_skb: 178 callbacks suppressed
[   81.121899][   T29] audit: type=1400 audit(1745656762.341:2114): avc:  denied  { unmount } for  pid=5844 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   81.126342][ T7418] bridge0: port 3(dummy0) entered disabled state
[   81.160368][ T7418] dummy0: entered allmulticast mode
[   81.166408][ T7418] bridge0: port 3(dummy0) entered blocking state
[   81.172795][ T7418] bridge0: port 3(dummy0) entered forwarding state
[   81.263285][   T29] audit: type=1326 audit(1745656762.491:2115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.314418][   T29] audit: type=1326 audit(1745656762.491:2116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.315307][ T7429] netlink: 'syz.4.1562': attribute type 4 has an invalid length.
[   81.337945][   T29] audit: type=1326 audit(1745656762.491:2117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.369096][   T29] audit: type=1326 audit(1745656762.491:2118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.392472][   T29] audit: type=1326 audit(1745656762.491:2119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.419043][   T29] audit: type=1326 audit(1745656762.641:2120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.442589][   T29] audit: type=1326 audit(1745656762.641:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.513903][   T29] audit: type=1326 audit(1745656762.741:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.537428][   T29] audit: type=1326 audit(1745656762.741:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7426 comm="syz.6.1561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[   81.568644][ T7431] loop7: detected capacity change from 0 to 512
[   81.586123][ T7431] EXT4-fs: dax option not supported
[   81.811853][ T7458] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.819069][ T7458] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.829620][ T7465] x_tables: ip_tables: osf match: only valid for protocol 6
[   81.836995][ T7458] bridge0: left promiscuous mode
[   81.848758][ T7458] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.855831][ T7458] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.863125][ T7458] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.870167][ T7458] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.880473][ T7458] bridge0: entered promiscuous mode
[   81.934036][ T7475] loop5: detected capacity change from 0 to 512
[   81.940566][ T7475] EXT4-fs: dax option not supported
[   82.241280][ T7495] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.248621][ T7495] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.283812][ T7495] bridge0: entered allmulticast mode
[   82.300938][ T7509] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.308183][ T7509] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.315601][ T7509] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.322668][ T7509] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.330161][ T7509] bridge0: entered promiscuous mode
[   82.628413][ T7534] netlink: 'syz.5.1607': attribute type 4 has an invalid length.
[   82.644941][ T3382] kernel read not supported for file /eth0 (pid: 3382 comm: kworker/1:5)
[   82.828749][ T7548] syzkaller1: entered promiscuous mode
[   82.834367][ T7548] syzkaller1: entered allmulticast mode
[   83.047171][ T7572] loop5: detected capacity change from 0 to 512
[   83.107243][ T7572] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   83.158035][ T7572] EXT4-fs (loop5): 1 truncate cleaned up
[   83.173261][ T7572] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.186011][ T7592] bridge: RTM_NEWNEIGH with invalid ether address
[   83.217780][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.352059][ T7608] loop5: detected capacity change from 0 to 256
[   83.504954][ T7616] loop5: detected capacity change from 0 to 512
[   83.512084][ T7616] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   83.581115][ T7616] EXT4-fs (loop5): 1 truncate cleaned up
[   83.587398][ T7616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.603974][ T7616] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[   83.621962][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.708660][ T7631] syzkaller1: entered promiscuous mode
[   83.714279][ T7631] syzkaller1: entered allmulticast mode
[   83.966499][ T7660] __nla_validate_parse: 14 callbacks suppressed
[   83.966514][ T7660] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1658'.
[   83.996849][ T7665] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   84.602209][ T7755] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.039242][ T7784] vhci_hcd: invalid port number 96
[   85.044465][ T7784] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   85.201757][ T7806] loop6: detected capacity change from 0 to 1024
[   85.225404][ T7806] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   85.240152][ T7806] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1704: bg 0: block 260: invalid block bitmap
[   85.254999][ T7806] EXT4-fs error (device loop6): ext4_free_inode:354: comm syz.6.1704: bit already cleared for inode 15
[   85.281979][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.532799][ T7840] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1716'.
[   86.314871][   T29] kauditd_printk_skb: 226 callbacks suppressed
[   86.314886][   T29] audit: type=1400 audit(1745656767.541:2350): avc:  denied  { connect } for  pid=7870 comm="syz.0.1729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   86.350521][   T29] audit: type=1400 audit(1745656767.541:2351): avc:  denied  { write } for  pid=7870 comm="syz.0.1729" path="socket:[20072]" dev="sockfs" ino=20072 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   86.375435][ T7873] loop5: detected capacity change from 0 to 164
[   86.494693][   T29] audit: type=1400 audit(1745656767.711:2352): avc:  denied  { write } for  pid=7883 comm="syz.0.1734" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   86.587324][ T7892] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[   86.710488][ T7905] loop4: detected capacity change from 0 to 164
[   86.744671][   T29] audit: type=1326 audit(1745656767.961:2353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.768089][   T29] audit: type=1326 audit(1745656767.961:2354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.792203][   T29] audit: type=1326 audit(1745656767.971:2355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.815633][   T29] audit: type=1326 audit(1745656767.971:2356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.839084][   T29] audit: type=1326 audit(1745656767.971:2357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.867344][ T7913] loop7: detected capacity change from 0 to 1024
[   86.885213][   T29] audit: type=1326 audit(1745656768.031:2358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.908747][   T29] audit: type=1326 audit(1745656768.031:2359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7906 comm="syz.5.1754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b25bfe969 code=0x7ffc0000
[   86.987691][ T7913] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.000145][ T7913] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.200651][ T7913] EXT4-fs (loop7): shut down requested (2)
[   87.274100][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.471511][ T7969] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.599930][ T7969] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.658951][ T8005] loop7: detected capacity change from 0 to 256
[   87.669331][ T7969] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.751352][ T7969] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.836660][ T7969] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.872027][ T7969] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.927943][ T7969] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.961805][ T7969] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.099312][ T8036] hub 9-0:1.0: USB hub found
[   88.104502][ T8036] hub 9-0:1.0: 8 ports detected
[   88.205353][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.214520][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.247107][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.285773][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.294758][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.312598][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.396397][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.405436][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[   88.478203][ T8050] IPv6: Can't replace route, no match found
[   88.708116][ T8070] vlan2: entered allmulticast mode
[   88.747818][ T8076] loop7: detected capacity change from 0 to 2048
[   88.754525][ T8076] EXT4-fs: inline encryption not supported
[   88.764859][ T8076] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.814771][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.957868][ T8098] loop7: detected capacity change from 0 to 1024
[   88.983260][ T8098] EXT4-fs (loop7): can't mount with journal_checksum, fs mounted w/o journal
[   89.345552][ T8118] __nla_validate_parse: 2 callbacks suppressed
[   89.345564][ T8118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1829'.
[   89.360791][ T8118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1829'.
[   89.607415][ T8156] loop6: detected capacity change from 0 to 256
[   90.313084][ T8170] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1851'.
[   90.449635][ T8185] loop4: detected capacity change from 0 to 128
[   90.456538][ T8185] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   90.468963][ T8185] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   90.502469][ T8190] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1860'.
[   90.560711][ T8203] block device autoloading is deprecated and will be removed.
[   90.564912][ T8199] syzkaller1: entered promiscuous mode
[   90.573833][ T8199] syzkaller1: entered allmulticast mode
[   91.021102][ T8255] loop6: detected capacity change from 0 to 1024
[   91.049708][ T8255] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.062601][ T8255] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.070011][ T8260] loop5: detected capacity change from 0 to 128
[   91.090100][ T8260] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.116384][ T8260] ext4 filesystem being mounted at /207/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.202150][ T8255] EXT4-fs (loop6): shut down requested (2)
[   91.211614][ T5539] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.223809][ T8266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1891'.
[   91.232784][ T8266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1891'.
[   91.255072][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.293456][ T8272] bridge0: port 3(syz_tun) entered blocking state
[   91.300035][ T8272] bridge0: port 3(syz_tun) entered disabled state
[   91.323946][ T8272] syz_tun: entered allmulticast mode
[   91.354509][ T8279] loop7: detected capacity change from 0 to 512
[   91.361274][ T8279] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   91.373523][ T8272] syz_tun: entered promiscuous mode
[   91.378952][ T8272] bridge0: port 3(syz_tun) entered blocking state
[   91.385445][ T8272] bridge0: port 3(syz_tun) entered forwarding state
[   91.395036][ T8279] EXT4-fs (loop7): 1 truncate cleaned up
[   91.407690][ T8279] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.422414][ T8285] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8285 comm=syz.4.1899
[   91.438614][   T29] kauditd_printk_skb: 189 callbacks suppressed
[   91.438627][   T29] audit: type=1400 audit(1745656772.661:2549): avc:  denied  { setopt } for  pid=8286 comm="syz.6.1900" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   91.479629][   T29] audit: type=1400 audit(1745656772.701:2550): avc:  denied  { setattr } for  pid=8278 comm="syz.7.1897" name="file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   91.515929][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.609887][ T8298] loop4: detected capacity change from 0 to 1024
[   91.618188][ T8297] SELinux: failed to load policy
[   91.635735][ T8298] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.643957][ T8306] loop7: detected capacity change from 0 to 2048
[   91.655094][ T8298] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.668480][ T8308] loop6: detected capacity change from 0 to 128
[   91.676721][ T8306] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.811615][ T8298] EXT4-fs (loop4): shut down requested (2)
[   91.913807][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.956919][ T8321] ALSA: seq fatal error: cannot create timer (-19)
[   91.981066][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.010358][ T8324] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   92.056674][   T29] audit: type=1400 audit(1745656773.281:2551): avc:  denied  { create } for  pid=8337 comm="syz.6.1921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   92.105240][ T8342] loop5: detected capacity change from 0 to 128
[   92.118297][ T8342] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   92.195037][ T8342] ext4 filesystem being mounted at /209/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   92.337323][ T8361] loop7: detected capacity change from 0 to 1024
[   92.344152][ T8361] EXT4-fs: Ignoring removed orlov option
[   92.351065][   T29] audit: type=1400 audit(1745656773.571:2552): avc:  denied  { map } for  pid=8341 comm="syz.5.1922" path="/209/mnt/cgroup.controllers" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   92.374793][   T29] audit: type=1400 audit(1745656773.571:2553): avc:  denied  { create } for  pid=8341 comm="syz.5.1922" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   92.410925][ T8361] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.455229][   T29] audit: type=1400 audit(1745656773.681:2554): avc:  denied  { getopt } for  pid=8364 comm="syz.6.1931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   92.567259][ T5539] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.600923][ T8373] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1932'.
[   92.877528][ T8382] loop5: detected capacity change from 0 to 1024
[   92.903802][ T8382] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.933030][ T8382] ext4 filesystem being mounted at /214/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.084058][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1938'.
[   93.084427][ T8382] EXT4-fs (loop5): shut down requested (2)
[   93.092979][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1938'.
[   93.110809][ T8396] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1941'.
[   93.121397][ T8399] loop4: detected capacity change from 0 to 128
[   93.151265][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.168766][ T8399] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   93.191837][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.208161][ T8399] ext4 filesystem being mounted at /203/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   93.303004][ T8414] loop5: detected capacity change from 0 to 8192
[   93.413531][ T5618] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.435735][ T8428] syz.5.1949: attempt to access beyond end of device
[   93.435735][ T8428] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   93.461339][   T29] audit: type=1326 audit(1745656774.681:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   93.484842][   T29] audit: type=1326 audit(1745656774.681:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   93.508253][   T29] audit: type=1326 audit(1745656774.681:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   93.527271][ T8433] loop0: detected capacity change from 0 to 128
[   93.531694][   T29] audit: type=1326 audit(1745656774.681:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8430 comm="syz.4.1953" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   93.572975][ T8433] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   93.586681][ T8433] ext4 filesystem being mounted at /309/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   93.687936][ T4687] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.716453][ T8443] loop0: detected capacity change from 0 to 512
[   93.723264][ T8443] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   93.734650][ T8443] EXT4-fs (loop0): 1 truncate cleaned up
[   93.740846][ T8443] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.776980][ T4687] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.800248][ T8457] loop0: detected capacity change from 0 to 1024
[   93.824219][ T8457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.850136][ T4687] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.868219][ T8462] bridge0: port 4(syz_tun) entered blocking state
[   93.874747][ T8462] bridge0: port 4(syz_tun) entered disabled state
[   93.882111][ T8462] syz_tun: entered allmulticast mode
[   93.888496][ T8462] syz_tun: entered promiscuous mode
[   93.894930][ T8462] bridge0: port 4(syz_tun) entered blocking state
[   93.901415][ T8462] bridge0: port 4(syz_tun) entered forwarding state
[   93.964597][ T8467] loop5: detected capacity change from 0 to 164
[   93.979298][ T8467] +}[@: attempt to access beyond end of device
[   93.979298][ T8467] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   93.992890][ T8467] +}[@: attempt to access beyond end of device
[   93.992890][ T8467] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[   94.072374][ T8481] loop5: detected capacity change from 0 to 512
[   94.079426][ T8481] EXT4-fs: Ignoring removed orlov option
[   94.091238][ T8481] EXT4-fs error (device loop5): ext4_iget_extra_inode:4693: inode #15: comm syz.5.1974: corrupted in-inode xattr: invalid ea_ino
[   94.114013][ T8481] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1974: couldn't read orphan inode 15 (err -117)
[   94.126679][ T8481] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.127314][ T8484] loop4: detected capacity change from 0 to 512
[   94.160011][ T8484] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   94.194585][ T8484] EXT4-fs (loop4): 1 truncate cleaned up
[   94.207258][ T8484] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.233650][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.269985][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.292957][ T8500] loop4: detected capacity change from 0 to 512
[   94.300013][ T8500] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   94.309110][ T8500] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   94.318937][ T8500] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[   94.329058][ T8500] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   94.339599][ T8500] System zones: 0-2, 18-18, 34-35
[   94.494536][ T8527] loop4: detected capacity change from 0 to 256
[   94.631196][ T8540] SELinux: failed to load policy
[   94.751635][ T8550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.760317][ T8550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   95.135077][ T8557] 9pnet_fd: p9_fd_create_tcp (8557): problem connecting socket to 127.0.0.1
[   95.161310][ T8559] __nla_validate_parse: 7 callbacks suppressed
[   95.161322][ T8559] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2008'.
[   95.297387][ T8569] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8569 comm=syz.4.2013
[   95.331199][ T8571] loop5: detected capacity change from 0 to 512
[   95.340503][ T8571] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   95.383284][ T8571] EXT4-fs (loop5): 1 truncate cleaned up
[   95.417321][ T8589] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2021'.
[   95.461469][ T8597] netlink: 'syz.4.2026': attribute type 39 has an invalid length.
[   95.474088][ T8597] veth1_macvtap: left promiscuous mode
[   95.482438][ T8599] SELinux: syz.7.2025 (8599) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   95.501090][ T8604] loop6: detected capacity change from 0 to 1024
[   95.517507][ T8604] EXT4-fs (loop6): can't mount with journal_checksum, fs mounted w/o journal
[   95.607307][ T8612] netlink: 'syz.7.2031': attribute type 4 has an invalid length.
[   95.657910][ T8618] loop0: detected capacity change from 0 to 256
[   96.348016][ T8626] loop6: detected capacity change from 0 to 512
[   96.357149][ T8626] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   96.370709][ T8626] EXT4-fs (loop6): 1 truncate cleaned up
[   96.377169][ T8626] EXT4-fs mount: 4 callbacks suppressed
[   96.377181][ T8626] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.421920][ T8628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.422080][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.435264][ T8631] loop4: detected capacity change from 0 to 8192
[   96.445801][ T8628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.454070][   T29] kauditd_printk_skb: 221 callbacks suppressed
[   96.454106][   T29] audit: type=1326 audit(1745656777.681:2780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f920e39d5ca code=0x7ffc0000
[   96.483540][   T29] audit: type=1326 audit(1745656777.681:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f920e39d5ca code=0x7ffc0000
[   96.506840][   T29] audit: type=1326 audit(1745656777.681:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f920e39d1d7 code=0x7ffc0000
[   96.530304][   T29] audit: type=1326 audit(1745656777.681:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f920e3a010a code=0x7ffc0000
[   96.576280][   T29] audit: type=1326 audit(1745656777.801:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f920e39d2d0 code=0x7ffc0000
[   96.599804][   T29] audit: type=1326 audit(1745656777.801:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f920e39d6b7 code=0x7ffc0000
[   96.628385][   T29] audit: type=1326 audit(1745656777.801:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f920e39d2d0 code=0x7ffc0000
[   96.651919][   T29] audit: type=1326 audit(1745656777.801:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   96.675362][   T29] audit: type=1326 audit(1745656777.801:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   96.698778][   T29] audit: type=1326 audit(1745656777.801:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8630 comm="syz.4.2039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=137 compat=0 ip=0x7f920e39e969 code=0x7ffc0000
[   96.783254][ T8647] loop7: detected capacity change from 0 to 512
[   96.795776][ T8647] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.818260][ T8647] ext4 filesystem being mounted at /221/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[   96.837382][ T8647] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.912358][ T8667] vhci_hcd: invalid port number 249
[   96.917712][ T8667] vhci_hcd: default hub control req: 4018 v000e i00f9 l0
[   97.001498][ T8684] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2063'.
[   97.040380][ T8692] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2068'.
[   97.079300][ T3373] Process accounting resumed
[   97.289171][ T8722] loop7: detected capacity change from 0 to 128
[   97.317214][ T8722] syz.7.2081: attempt to access beyond end of device
[   97.317214][ T8722] loop7: rw=2049, sector=145, nr_sectors = 8 limit=128
[   97.342821][ T8722] syz.7.2081: attempt to access beyond end of device
[   97.342821][ T8722] loop7: rw=2049, sector=161, nr_sectors = 8 limit=128
[   97.512912][ T8738] loop7: detected capacity change from 0 to 512
[   97.519509][ T8738] journal_path: Non-blockdev passed as './bus'
[   97.525742][ T8738] EXT4-fs: error: could not find journal device path
[   97.599453][ T8747] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8747 comm=syz.5.2092
[   97.612219][ T8747] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=8747 comm=syz.5.2092
[   97.782883][ T8761] loop7: detected capacity change from 0 to 512
[   97.814761][ T8761] EXT4-fs (loop7): 1 orphan inode deleted
[   97.822060][ T8761] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.834928][ T7653] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:16: Failed to release dquot type 1
[   97.846729][ T8761] ext4 filesystem being mounted at /240/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.873683][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.930670][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2102'.
[   98.180808][ T8797] netlink: 9 bytes leftover after parsing attributes in process `syz.5.2113'.
[   98.190002][ T8797] 0�: renamed from hsr_slave_1 (while UP)
[   98.198493][ T8797] 0�: entered allmulticast mode
[   98.204059][ T8797] A link change request failed with some changes committed already. Interface 
c0� may have been left with an inconsistent configuration, please check.
[   98.236512][ T8800] loop5: detected capacity change from 0 to 256
[   98.244315][ T8801] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2115'.
[   98.280125][ T8805] loop5: detected capacity change from 0 to 512
[   98.287066][ T8805] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   98.309763][ T8805] EXT4-fs (loop5): 1 truncate cleaned up
[   98.316247][ T8805] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.343927][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.357569][ T8813] loop7: detected capacity change from 0 to 2048
[   98.395418][ T8813] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.415287][ T8821] netlink: 'syz.5.2123': attribute type 1 has an invalid length.
[   98.428161][ T8821] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.447214][ T8821] bond1: (slave veth5): Enslaving as an active interface with a down link
[   98.463995][ T8821] bond1: (slave dummy0): making interface the new active one
[   98.472511][ T8821] dummy0: entered promiscuous mode
[   98.477817][ T8821] bond1: (slave dummy0): Enslaving as an active interface with an up link
[   98.515310][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.558031][ T8832] loop7: detected capacity change from 0 to 1024
[   98.565186][ T8832] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   98.608987][ T8836] loop0: detected capacity change from 0 to 1024
[   98.616192][ T8836] EXT4-fs: Ignoring removed bh option
[   98.624139][ T8836] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.638671][ T8836] EXT4-fs error (device loop0): __ext4_remount:6738: comm syz.0.2130: Abort forced by user
[   98.649064][ T8836] EXT4-fs (loop0): Remounting filesystem read-only
[   98.655666][ T8836] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   98.678172][ T4687] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.726533][ T8847] loop7: detected capacity change from 0 to 512
[   98.744337][ T8847] EXT4-fs error (device loop7): ext4_read_inode_bitmap:139: comm syz.7.2134: Invalid inode bitmap blk 4 in block_group 0
[   98.761746][ T8847] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.848290][ T8857] loop4: detected capacity change from 0 to 128
[   98.865669][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.874991][ T8857] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   98.893683][ T8857] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   99.033866][ T8861] hub 4-0:1.0: USB hub found
[   99.038531][ T8861] hub 4-0:1.0: 8 ports detected
[   99.078159][ T8872] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2145'.
[   99.260361][ T8893] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   99.313035][ T8899] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2158'.
[   99.456439][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.464412][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.472155][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.480321][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.488124][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.495937][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.503779][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.511547][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.519350][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.527304][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.535069][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.542815][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.550573][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.556353][ T8932] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2174'.
[   99.558306][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.558544][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.583070][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.590814][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.598615][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.606415][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.614184][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.621990][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.629748][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.637520][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.645270][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.653021][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.660818][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.668564][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.676397][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.684169][ T3389] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[   99.695744][ T3389] hid-generic 0000:0000:20000000.0001: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz1
[   99.733412][ T8947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.764693][ T8947] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.006187][ T8977] SELinux:  Context : is not valid (left unmapped).
[  100.369127][ T8988] __nla_validate_parse: 3 callbacks suppressed
[  100.369141][ T8988] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2196'.
[  100.527097][ T8993] netlink: 'syz.0.2198': attribute type 1 has an invalid length.
[  100.534864][ T8993] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2198'.
[  100.597745][ T9000] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  100.887952][ T9034] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  101.146854][ T9044] loop6: detected capacity change from 0 to 256
[  101.314493][ T9051] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  101.454976][ T9061] loop9: detected capacity change from 0 to 7
[  101.474851][ T9061] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.513140][ T9061] Buffer I/O error on dev loop9, logical block 0, async page read
[  101.520963][ T9061]  loop9: unable to read partition table
[  101.562769][ T9061] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  101.562769][ T9061] 
U�������) failed (rc=-5)
[  101.589996][   T29] kauditd_printk_skb: 172 callbacks suppressed
[  101.590009][   T29] audit: type=1400 audit(1745656782.811:2961): avc:  denied  { accept } for  pid=9075 comm="syz.4.2235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  101.679869][   T29] audit: type=1400 audit(1745656782.891:2962): avc:  denied  { shutdown } for  pid=9075 comm="syz.4.2235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  101.736847][ T9089] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2240'.
[  101.782596][ T9096] loop5: detected capacity change from 0 to 1024
[  101.791150][ T9096] EXT4-fs: Ignoring removed bh option
[  101.813926][ T9096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.938060][ T9111] atomic_op ffff88810f38fd28 conn xmit_atomic 0000000000000000
[  101.948762][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.966808][   T29] audit: type=1326 audit(1745656783.191:2963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[  102.010197][   T29] audit: type=1326 audit(1745656783.221:2964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fa5f6b4e969 code=0x7ffc0000
[  102.033749][   T29] audit: type=1326 audit(1745656783.221:2965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa5f6b4e9a3 code=0x7ffc0000
[  102.057048][   T29] audit: type=1326 audit(1745656783.221:2966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa5f6b4d41f code=0x7ffc0000
[  102.086850][   T29] audit: type=1326 audit(1745656783.231:2967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fa5f6b4e9f7 code=0x7ffc0000
[  102.120271][ T9114] loop6: detected capacity change from 0 to 512
[  102.133327][ T9114] EXT4-fs: Ignoring removed nobh option
[  102.179060][ T9135] loop7: detected capacity change from 0 to 164
[  102.198639][ T9114] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.211665][   T29] audit: type=1400 audit(1745656783.331:2968): avc:  denied  { mount } for  pid=9120 comm="syz.7.2252" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  102.234018][   T29] audit: type=1400 audit(1745656783.331:2969): avc:  denied  { mounton } for  pid=9120 comm="syz.7.2252" path="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  102.255932][   T29] audit: type=1326 audit(1745656783.341:2970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9113 comm="syz.6.2247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa5f6b4d2d0 code=0x7ffc0000
[  102.280155][ T9114] ext4 filesystem being mounted at /235/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  102.291085][ T9135] syz.7.2257: attempt to access beyond end of device
[  102.291085][ T9135] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  102.307101][ T9135] syz.7.2257: attempt to access beyond end of device
[  102.307101][ T9135] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  102.322342][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.335572][ T9137] loop4: detected capacity change from 0 to 512
[  102.346454][ T9139] loop5: detected capacity change from 0 to 1024
[  102.348282][ T9137] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  102.367599][ T9139] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  102.408077][ T9139] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #3: comm syz.5.2260: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 3(4), depth 0(0)
[  102.435536][ T9137] EXT4-fs (loop4): 1 truncate cleaned up
[  102.441780][ T9137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.454035][ T9139] EXT4-fs error (device loop5): ext4_quota_enable:7129: comm syz.5.2260: Bad quota inode: 3, type: 0
[  102.476184][ T9139] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  102.507453][ T9139] EXT4-fs (loop5): mount failed
[  102.537119][ T9158] netlink: 'syz.6.2267': attribute type 13 has an invalid length.
[  102.557054][ T9156] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  102.564626][ T9156] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  102.572446][ T9156] vhci_hcd: default hub control req: 6314 v0008 i0002 l0
[  102.584273][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.603784][ T9158] bridge0: port 3(syz_tun) entered disabled state
[  102.619787][ T9158] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.627021][ T9158] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.677247][ T9158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.688994][ T9158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.725939][ T9158] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.735080][ T9158] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.744050][ T9158] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.753031][ T9158] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.849384][ T9175] loop5: detected capacity change from 0 to 512
[  102.856267][ T9175] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  102.892870][ T9182] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(7)
[  102.899397][ T9182] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  102.904641][ T9175] EXT4-fs (loop5): 1 truncate cleaned up
[  102.907481][ T9182] vhci_hcd vhci_hcd.0: Device attached
[  102.913619][ T9175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.939675][ T9183] vhci_hcd: connection closed
[  102.939835][ T7653] vhci_hcd: stop threads
[  102.948839][ T7653] vhci_hcd: release socket
[  102.953361][ T7653] vhci_hcd: disconnect device
[  102.974043][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.170031][ T9198] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  103.569686][ T9248] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2304'.
[  103.626760][ T9259] all: renamed from lo
[  103.654553][ T9263] netlink: 3 bytes leftover after parsing attributes in process `syz.6.2310'.
[  103.663756][ T9263] 0�X���: renamed from caif0
[  103.677154][ T9263] 0�X���: entered allmulticast mode
[  103.682368][ T9263] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  103.783766][ T9283] can0: slcan on ttyS3.
[  103.821481][ T9291] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2324'.
[  103.830866][ T9283] can0 (unregistered): slcan off ttyS3.
[  103.836619][ T9283] Falling back ldisc for ttyS3.
[  103.871986][ T9297] loop6: detected capacity change from 0 to 512
[  103.878828][ T9297] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  103.896491][ T9297] EXT4-fs (loop6): 1 truncate cleaned up
[  103.902638][ T9297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.939795][ T9308] netlink: 92 bytes leftover after parsing attributes in process `syz.7.2332'.
[  103.979054][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.996151][ T9314] loop7: detected capacity change from 0 to 1024
[  104.024101][ T9314] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.045204][ T9324] loop6: detected capacity change from 0 to 512
[  104.063120][ T9324] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.2339: iget: bad extended attribute block 1
[  104.086048][ T9324] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.2339: couldn't read orphan inode 15 (err -117)
[  104.105530][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.116815][ T9324] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.131018][ T9324] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  104.157943][ T9337] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2342'.
[  104.169264][ T5713] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.197063][ T9342] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2348'.
[  104.209575][ T9342] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  104.218520][ T9342] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  104.227272][ T9342] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  104.235997][ T9342] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  104.250473][ T9342] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  104.259470][ T9342] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  104.268465][ T9342] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  104.277347][ T9342] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  104.413839][ T9364] loop4: detected capacity change from 0 to 164
[  104.421018][ T9364] Unable to read rock-ridge attributes
[  104.427504][ T9362] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.439249][ T9364] Unable to read rock-ridge attributes
[  104.450589][ T9364] iso9660: Corrupted directory entry in block 4 of inode 1792
[  104.460032][ T9367] netlink: 'syz.0.2357': attribute type 10 has an invalid length.
[  104.464172][ T9364] block device autoloading is deprecated and will be removed.
[  104.467929][ T9367] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2357'.
[  104.477079][ T9364] syz.4.2356: attempt to access beyond end of device
[  104.477079][ T9364] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  104.506950][ T9362] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.572539][ T9378] loop0: detected capacity change from 0 to 1024
[  104.580086][ T9378] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.605388][ T9362] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.621026][ T9378] EXT4-fs (loop0): stripe (4) is not aligned with cluster size (16), stripe is disabled
[  104.656080][ T9362] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.669314][ T9378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.698056][ T4687] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.744321][ T9362] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.757990][ T9362] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.769820][ T9362] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.781486][ T9362] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.075928][ T9433] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9433 comm=syz.5.2383
[  105.175487][ T9438] loop5: detected capacity change from 0 to 512
[  105.182368][ T9438] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  105.193563][ T9438] EXT4-fs (loop5): 1 truncate cleaned up
[  105.199541][ T9438] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.244735][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.259307][ T9441] veth0_vlan: entered allmulticast mode
[  105.274357][ T9441] veth0_vlan: left promiscuous mode
[  105.280430][ T9441] veth0_vlan: entered promiscuous mode
[  105.321745][ T9443] loop5: detected capacity change from 0 to 2048
[  105.344260][ T9443] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.358235][ T9443] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2387: bg 0: block 408: padding at end of block bitmap is not set
[  105.373001][ T9443] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  105.389611][ T7657] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[  105.401821][ T7657] EXT4-fs (loop5): This should not happen!! Data will be lost
[  105.401821][ T7657] 
[  105.411505][ T7657] EXT4-fs (loop5): Total free blocks count 0
[  105.417518][ T7657] EXT4-fs (loop5): Free/Dirty block details
[  105.423483][ T7657] EXT4-fs (loop5): free_blocks=16
[  105.428655][ T7657] EXT4-fs (loop5): dirty_blocks=16
[  105.433791][ T7657] EXT4-fs (loop5): Block reservation details
[  105.439821][ T7657] EXT4-fs (loop5): i_reserved_data_blocks=1
[  105.446627][ T5539] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.456956][ T9447] __nla_validate_parse: 1 callbacks suppressed
[  105.456970][ T9447] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2389'.
[  105.762753][ T9474] netlink: 288 bytes leftover after parsing attributes in process `syz.7.2400'.
[  105.771991][ T9474] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2400'.
[  105.846072][ T9485] random: crng reseeded on system resumption
[  105.979780][ T9490] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  105.991400][ T9490] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  106.220331][ T9503] netlink: 100 bytes leftover after parsing attributes in process `syz.5.2412'.
[  106.275282][ T9508] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2423'.
[  106.398626][ T9521] netlink: 'syz.6.2418': attribute type 39 has an invalid length.
[  106.421983][ T9523] loop5: detected capacity change from 0 to 128
[  106.437522][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.437522][ T9523] loop5: rw=2049, sector=153, nr_sectors = 8 limit=128
[  106.461528][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.461528][ T9523] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  106.479198][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.479198][ T9523] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  106.493424][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.493424][ T9523] loop5: rw=2049, sector=201, nr_sectors = 8 limit=128
[  106.507147][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.507147][ T9523] loop5: rw=2049, sector=217, nr_sectors = 8 limit=128
[  106.520695][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.520695][ T9523] loop5: rw=2049, sector=233, nr_sectors = 8 limit=128
[  106.539713][ T9523] syz.5.2419: attempt to access beyond end of device
[  106.539713][ T9523] loop5: rw=2049, sector=249, nr_sectors = 8 limit=128
[  106.587733][ T7653] Buffer I/O error on dev loop5, logical block 353, lost async page write
[  106.597075][ T7653] Buffer I/O error on dev loop5, logical block 354, lost async page write
[  106.607104][ T7653] Buffer I/O error on dev loop5, logical block 355, lost async page write
[  106.632786][ T7653] Buffer I/O error on dev loop5, logical block 356, lost async page write
[  106.641415][ T7653] Buffer I/O error on dev loop5, logical block 357, lost async page write
[  106.662708][ T7653] Buffer I/O error on dev loop5, logical block 358, lost async page write
[  106.671243][ T7653] Buffer I/O error on dev loop5, logical block 359, lost async page write
[  106.685817][   T29] kauditd_printk_skb: 203 callbacks suppressed
[  106.685830][   T29] audit: type=1326 audit(1745656787.911:3174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[  106.720872][   T29] audit: type=1326 audit(1745656787.921:3175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[  106.744293][   T29] audit: type=1326 audit(1745656787.921:3176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f64098ee969 code=0x7ffc0000
[  106.744676][ T9541] loop7: detected capacity change from 0 to 8192
[  106.767722][   T29] audit: type=1326 audit(1745656787.921:3177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f64098ee9a3 code=0x7ffc0000
[  106.778099][ T9544] loop5: detected capacity change from 0 to 512
[  106.797323][   T29] audit: type=1326 audit(1745656787.931:3178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f64098ed41f code=0x7ffc0000
[  106.807255][ T9544] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  106.829589][ T9541] FAT-fs (loop7): error, invalid access to FAT (entry 0x0000e1b1)
[  106.844581][ T9541] FAT-fs (loop7): Filesystem has been set read-only
[  106.844651][   T29] audit: type=1326 audit(1745656787.951:3179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f64098ee9f7 code=0x7ffc0000
[  106.852753][ T9541] FAT-fs (loop7): error, invalid access to FAT (entry 0x0000e1b1)
[  106.874454][   T29] audit: type=1326 audit(1745656787.971:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f64098ed2d0 code=0x7ffc0000
[  106.883606][ T9541] FAT-fs (loop7): error, invalid access to FAT (entry 0x0000e1b1)
[  106.905606][   T29] audit: type=1326 audit(1745656787.971:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64098ee56b code=0x7ffc0000
[  106.936826][   T29] audit: type=1400 audit(1745656788.031:3182): avc:  denied  { mounton } for  pid=9542 comm="syz.5.2427" path="/300/bus" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  106.960967][   T29] audit: type=1326 audit(1745656788.031:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.7.2430" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f64098ed5ca code=0x7ffc0000
[  106.972815][ T9544] EXT4-fs (loop5): 1 truncate cleaned up
[  106.990437][ T9544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.012549][ T9552] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2432'.
[  107.013961][ T9544] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.069939][ T9560] netlink: 'syz.5.2435': attribute type 39 has an invalid length.
[  107.079439][ T9560] veth1_macvtap: left promiscuous mode
[  107.117353][ T9568] batadv_slave_1: entered promiscuous mode
[  107.123428][ T9568] batadv_slave_1: left promiscuous mode
[  107.166522][ T9572] SELinux: ebitmap: truncated map
[  107.172373][ T9572] SELinux: failed to load policy
[  107.184578][ T3389] kernel write not supported for file /663/attr/exec (pid: 3389 comm: kworker/0:4)
[  107.202552][ T9577] loop4: detected capacity change from 0 to 512
[  107.210321][ T9577] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  107.235579][ T9577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.248538][ T9577] ext4 filesystem being mounted at /318/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.252646][ T9584] loop7: detected capacity change from 0 to 2048
[  107.261227][ T9577] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.2443: corrupted xattr block 19: overlapping e_value 
[  107.279170][ T9577] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  107.288233][ T9577] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.2443: corrupted xattr block 19: overlapping e_value 
[  107.302173][ T9577] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  107.311293][ T9577] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.2443: corrupted xattr block 19: overlapping e_value 
[  107.343440][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.496081][ T9615] netlink: 'syz.0.2460': attribute type 10 has an invalid length.
[  107.510111][ T9615] hsr_slave_0: left promiscuous mode
[  107.538086][ T9615] hsr_slave_1: left promiscuous mode
[  107.628341][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.636149][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.644001][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.652029][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.659795][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.667703][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.675498][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.683256][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.691097][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.698845][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.706733][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.714498][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.722210][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.729940][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.737766][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.745534][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.753336][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.761131][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.768927][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.776716][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.784553][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.789397][ T9638] loop4: detected capacity change from 0 to 512
[  107.792346][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.799882][ T9638] EXT4-fs: Ignoring removed nobh option
[  107.806233][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.806255][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.806275][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.806328][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.826854][ T9638] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[  107.827267][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.836772][ T9638] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.2469: attempt to clear invalid blocks 2 len 1
[  107.842781][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.852216][ T9638] EXT4-fs (loop4): Remounting filesystem read-only
[  107.858562][ T3382] hid-generic 0000:0000:20000000.0002: unknown main item tag 0x0
[  107.860340][ T3382] hid-generic 0000:0000:20000000.0002: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz0
[  107.872043][ T9638] EXT4-fs (loop4): 1 truncate cleaned up
[  107.909797][ T9638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.942159][ T9641] loop7: detected capacity change from 0 to 512
[  107.949414][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.949439][ T9641] EXT4-fs: inline encryption not supported
[  107.970005][ T9645] loop6: detected capacity change from 0 to 1024
[  107.976744][ T9645] EXT4-fs: Ignoring removed i_version option
[  107.983160][ T9645] EXT4-fs: Ignoring removed mblk_io_submit option
[  107.989892][ T9645] EXT4-fs: Ignoring removed nobh option
[  107.990699][ T9641] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.995567][ T9645] EXT4-fs: Ignoring removed bh option
[  108.013775][ T9641] ext4 filesystem being mounted at /324/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.046156][ T9645] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.078734][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.098619][ T9645] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.2474: Allocating blocks 385-513 which overlap fs metadata
[  108.124082][ T9645] EXT4-fs (loop6): pa ffff888106535770: logic 16, phys. 129, len 24
[  108.132240][ T9645] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  108.155007][ T9645] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  108.167296][ T9645] EXT4-fs (loop6): This should not happen!! Data will be lost
[  108.167296][ T9645] 
[  108.177013][ T9645] EXT4-fs (loop6): Total free blocks count 0
[  108.183012][ T9645] EXT4-fs (loop6): Free/Dirty block details
[  108.188996][ T9645] EXT4-fs (loop6): free_blocks=128
[  108.194160][ T9645] EXT4-fs (loop6): dirty_blocks=0
[  108.199183][ T9645] EXT4-fs (loop6): Block reservation details
[  108.205189][ T9645] EXT4-fs (loop6): i_reserved_data_blocks=0
[  108.229043][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2478'.
[  108.237964][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2478'.
[  108.254517][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2478'.
[  108.285041][ T9662] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2478'.
[  108.351215][ T9681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.362672][ T9681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.603525][ T9708] loop6: detected capacity change from 0 to 128
[  108.614554][ T9715] 9pnet_fd: Insufficient options for proto=fd
[  108.629610][ T9708] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  108.776897][ T9728] loop6: detected capacity change from 0 to 512
[  108.795397][ T9728] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.808518][ T9728] ext4 filesystem being mounted at /284/file0 (deleted) supports timestamps until 2038-01-19 (0x7fffffff)
[  108.821161][ T9728] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.926426][ T9743] vhci_hcd: invalid port number 249
[  108.931738][ T9743] vhci_hcd: default hub control req: 4018 v000e i00f9 l0
[  108.951364][ T9737] loop7: detected capacity change from 0 to 8192
[  109.166768][ T9756] loop0: detected capacity change from 0 to 128
[  109.206445][ T9756] bio_check_eod: 27 callbacks suppressed
[  109.206460][ T9756] syz.0.2511: attempt to access beyond end of device
[  109.206460][ T9756] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128
[  109.284319][ T9756] syz.0.2511: attempt to access beyond end of device
[  109.284319][ T9756] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128
[  109.301941][ T9761] loop5: detected capacity change from 0 to 512
[  109.329502][ T9761] journal_path: Non-blockdev passed as './bus'
[  109.335813][ T9761] EXT4-fs: error: could not find journal device path
[  109.490345][ T9778] loop7: detected capacity change from 0 to 512
[  109.514824][ T9778] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  109.528479][ T9780] syz.5.2523: attempt to access beyond end of device
[  109.528479][ T9780] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  109.552069][ T9778] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002]
[  109.561459][ T9778] System zones: 1-12
[  109.566362][ T9778] EXT4-fs (loop7): orphan cleanup on readonly fs
[  109.573124][ T9778] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.2522: bg 0: block 361: padding at end of block bitmap is not set
[  109.575286][ T9784] can0: slcan on ptm0.
[  109.587610][ T9778] EXT4-fs (loop7): Remounting filesystem read-only
[  109.600683][ T9778] EXT4-fs (loop7): 1 truncate cleaned up
[  109.606977][ T9778] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  109.620154][ T9778] sg_write: data in/out 33856/8 bytes for SCSI command 0x6e-- guessing data in;
[  109.620154][ T9778]    program syz.7.2522 not setting count and/or reply_len properly
[  109.747139][ T5844] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  109.782825][ T9783] can0 (unregistered): slcan off ptm0.
[  109.822791][ T9786] Falling back ldisc for ttyS3.
[  109.854351][ T9792] loop5: detected capacity change from 0 to 128
[  109.883621][ T7657] dummy0: left promiscuous mode
[  109.898714][ T9792] syz.5.2529: attempt to access beyond end of device
[  109.898714][ T9792] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[  109.976970][ T9792] syz.5.2529: attempt to access beyond end of device
[  109.976970][ T9792] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[  110.145541][ T9810] serio: Serial port ptm1
[  110.521788][ T9838] vlan3: entered allmulticast mode
[  110.621748][ T9851] __nla_validate_parse: 6 callbacks suppressed
[  110.621763][ T9851] netlink: 9 bytes leftover after parsing attributes in process `syz.4.2553'.
[  110.640165][ T9851] 0�: renamed from hsr_slave_1 (while UP)
[  110.659546][ T9851] 0�: entered allmulticast mode
[  110.664691][ T9853] loop5: detected capacity change from 0 to 1024
[  110.671646][ T9853] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  110.673526][ T9851] A link change request failed with some changes committed already. Interface 
c0� may have been left with an inconsistent configuration, please check.
[  110.703917][ T9856] loop6: detected capacity change from 0 to 128
[  110.723531][ T9856] syz.6.2556: attempt to access beyond end of device
[  110.723531][ T9856] loop6: rw=2049, sector=145, nr_sectors = 8 limit=128
[  110.739783][ T9856] syz.6.2556: attempt to access beyond end of device
[  110.739783][ T9856] loop6: rw=2049, sector=161, nr_sectors = 8 limit=128
[  110.834680][ T9874] loop4: detected capacity change from 0 to 256
[  110.859577][ T9871] hub 4-0:1.0: USB hub found
[  110.864646][ T9871] hub 4-0:1.0: 8 ports detected
[  110.993949][ T9897] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2569'.
[  111.037364][ T9901] loop4: detected capacity change from 0 to 2048
[  111.064879][ T9901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.146585][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.172640][ T9910] loop4: detected capacity change from 0 to 512
[  111.179562][ T9910] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  111.201268][ T9910] EXT4-fs (loop4): 1 truncate cleaned up
[  111.207488][ T9910] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.236323][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.254562][ T9913] loop4: detected capacity change from 0 to 128
[  111.265524][ T9913] syz.4.2575: attempt to access beyond end of device
[  111.265524][ T9913] loop4: rw=2049, sector=145, nr_sectors = 8 limit=128
[  111.279181][ T9913] syz.4.2575: attempt to access beyond end of device
[  111.279181][ T9913] loop4: rw=2049, sector=161, nr_sectors = 8 limit=128
[  111.388568][ T9917] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  111.713185][ T9956] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2595'.
[  111.770506][ T9966] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2599'.
[  111.837795][ T9977] loop4: detected capacity change from 0 to 1024
[  111.846207][ T9977] EXT4-fs: Ignoring removed orlov option
[  111.855844][ T9977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.944238][ T9988] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2607'.
[  111.966087][ T9990] can0: slcan on ptm0.
[  112.032917][ T9989] can0 (unregistered): slcan off ptm0.
[  112.148240][T10000] syz.7.2612: attempt to access beyond end of device
[  112.148240][T10000] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  112.183445][   T29] kauditd_printk_skb: 210 callbacks suppressed
[  112.183458][   T29] audit: type=1400 audit(1745656793.411:3394): avc:  denied  { write } for  pid=10001 comm="syz.5.2614" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  112.183863][T10002] vhci_hcd: default hub control req: 0000 v0000 i0000 l65535
[  112.325221][ T9984] ==================================================================
[  112.333392][ T9984] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[  112.341303][ T9984] 
[  112.343622][ T9984] write to 0xffff88811025d8d4 of 4 bytes by task 9977 on cpu 0:
[  112.351238][ T9984]  xas_set_mark+0x12b/0x140
[  112.355752][ T9984]  __folio_start_writeback+0x1dd/0x430
[  112.361194][ T9984]  ext4_bio_write_folio+0x590/0x9d0
[  112.366383][ T9984]  mpage_process_page_bufs+0x46c/0x5b0
[  112.371864][ T9984]  mpage_prepare_extent_to_map+0x775/0xb80
[  112.377667][ T9984]  ext4_do_writepages+0xa25/0x2270
[  112.382802][ T9984]  ext4_writepages+0x176/0x300
[  112.387609][ T9984]  do_writepages+0x1d2/0x480
[  112.392192][ T9984]  file_write_and_wait_range+0x156/0x2c0
[  112.397811][ T9984]  generic_buffers_fsync_noflush+0x45/0x120
[  112.403747][ T9984]  ext4_sync_file+0x1ab/0x690
[  112.408452][ T9984]  vfs_fsync_range+0x10a/0x130
[  112.413211][ T9984]  ext4_buffered_write_iter+0x34f/0x3c0
[  112.418754][ T9984]  ext4_file_write_iter+0x383/0xf00
[  112.423946][ T9984]  iter_file_splice_write+0x5ef/0x970
[  112.429317][ T9984]  direct_splice_actor+0x153/0x2a0
[  112.434418][ T9984]  splice_direct_to_actor+0x30f/0x680
[  112.439798][ T9984]  do_splice_direct+0xda/0x150
[  112.444574][ T9984]  do_sendfile+0x380/0x640
[  112.449010][ T9984]  __x64_sys_sendfile64+0x105/0x150
[  112.454215][ T9984]  x64_sys_call+0xb39/0x2fb0
[  112.458806][ T9984]  do_syscall_64+0xd0/0x1a0
[  112.463313][ T9984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.469199][ T9984] 
[  112.471506][ T9984] read to 0xffff88811025d8d4 of 4 bytes by task 9984 on cpu 1:
[  112.479028][ T9984]  __writeback_single_inode+0x1f9/0x7c0
[  112.484575][ T9984]  writeback_single_inode+0x167/0x3e0
[  112.489942][ T9984]  sync_inode_metadata+0x5b/0x90
[  112.494875][ T9984]  generic_buffers_fsync_noflush+0xd9/0x120
[  112.500773][ T9984]  ext4_sync_file+0x1ab/0x690
[  112.505446][ T9984]  vfs_fsync_range+0x10a/0x130
[  112.510199][ T9984]  ext4_buffered_write_iter+0x34f/0x3c0
[  112.515755][ T9984]  ext4_file_write_iter+0x383/0xf00
[  112.520943][ T9984]  iter_file_splice_write+0x5ef/0x970
[  112.526299][ T9984]  direct_splice_actor+0x153/0x2a0
[  112.531395][ T9984]  splice_direct_to_actor+0x30f/0x680
[  112.536754][ T9984]  do_splice_direct+0xda/0x150
[  112.541529][ T9984]  do_sendfile+0x380/0x640
[  112.545964][ T9984]  __x64_sys_sendfile64+0x105/0x150
[  112.551168][ T9984]  x64_sys_call+0xb39/0x2fb0
[  112.555746][ T9984]  do_syscall_64+0xd0/0x1a0
[  112.560236][ T9984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.566114][ T9984] 
[  112.568443][ T9984] value changed: 0x0a000021 -> 0x04000021
[  112.574143][ T9984] 
[  112.576470][ T9984] Reported by Kernel Concurrency Sanitizer on:
[  112.582603][ T9984] CPU: 1 UID: 0 PID: 9984 Comm: syz.4.2604 Not tainted 6.15.0-rc3-syzkaller-00283-gf1a3944c860b #0 PREEMPT(voluntary) 
[  112.595021][ T9984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  112.605069][ T9984] ==================================================================
[  112.749933][ T5618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.