last executing test programs:

2m19.040621818s ago: executing program 32 (id=685):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)

2m18.88511286s ago: executing program 33 (id=687):
r0 = syz_open_procfs(0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003000afe6cbf96caa5debdad61b67ddb2fb68fcf19f7807076430a00010071756f7461"], 0xc8}, 0x1, 0x0, 0x0, 0x4008011}, 0x0)

2m18.482640496s ago: executing program 34 (id=689):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0)
add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r2)

2m18.435798437s ago: executing program 35 (id=690):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

1m46.071712407s ago: executing program 6 (id=1789):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000d000000000000002018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
listxattr(&(0x7f0000000180)='./file1\x00', &(0x7f00000002c0)=""/43, 0x2b)

1m45.893965131s ago: executing program 6 (id=1794):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000030428b57000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a100000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x44}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)

1m45.758069112s ago: executing program 6 (id=1801):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000080)=r1}, 0x20)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="3700000013000318680907070000000f0000ff3f13000000170a001700000000040037000d00030001362564aa58b9a6c011f6bbf44dc4", 0x37}], 0x1)

1m45.672376674s ago: executing program 6 (id=1802):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x80, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_clone(0x3000, 0x0, 0x0, &(0x7f0000000800), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

1m45.3251229s ago: executing program 6 (id=1812):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)

1m45.195920111s ago: executing program 1 (id=1816):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)

1m44.709302119s ago: executing program 1 (id=1838):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
close(0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x2}, {}, {}, {}, {0xfffffffc, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x0, 0x1}, {0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0x0, 0x800000}, {}, {}, {}, {0x0, 0x0, 0x2}, {0x4, 0x4000000}, {}, {0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x0, 0x3}, {0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x2, 0xfffffffd}, {}, {0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, {}, {}, {}, {0xfffffffd}, {}, {}, {0x0, 0x0, 0x1, 0xfffffffe, 0x747}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {0x0, 0x6}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0xfffffffe}, {}, {}, {}, {0x0, 0x5}], [{0x2}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)

1m44.61355398s ago: executing program 1 (id=1829):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r0, 0x400, 0x1)

1m44.203748337s ago: executing program 6 (id=1834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0xffffffffffffffd7, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1m44.203596537s ago: executing program 36 (id=1834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0xffffffffffffffd7, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1m43.749345684s ago: executing program 1 (id=1843):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x80, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
syz_clone(0x3000, 0x0, 0x0, &(0x7f0000000800), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

1m43.427623359s ago: executing program 1 (id=1847):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

1m42.7254502s ago: executing program 1 (id=1848):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
memfd_secret(0x80000)

1m42.7253108s ago: executing program 37 (id=1848):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
memfd_secret(0x80000)

1m32.221085236s ago: executing program 5 (id=2116):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000680)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000000000)=[{&(0x7f0000001100)=""/4083, 0xff3}], 0x1, 0x31, 0x0)

1m32.184877076s ago: executing program 5 (id=2120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)

1m32.128547637s ago: executing program 5 (id=2124):
perf_event_open(&(0x7f0000000380)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb4120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, @perf_config_ext={0x0, 0x2}, 0x1080, 0xc8, 0x0, 0x0, 0x0, 0xda}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102032908000000000000000000000000ac14140a000000000000000000000000ac1414aa"], 0xfdef)

1m32.128375287s ago: executing program 5 (id=2125):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

1m32.084188038s ago: executing program 5 (id=2127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getitimer(0x2, &(0x7f0000000140))

1m31.899459131s ago: executing program 5 (id=2134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x9, 0x7ffc1ffb}]})
msgctl$IPC_SET(0x0, 0x1, 0x0)
setgroups(0x0, 0x0)

1m31.874726561s ago: executing program 38 (id=2134):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x9, 0x7ffc1ffb}]})
msgctl$IPC_SET(0x0, 0x1, 0x0)
setgroups(0x0, 0x0)

1m30.980209865s ago: executing program 2 (id=2157):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"})
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="36400000260091"], 0xfe33)

1m30.847845218s ago: executing program 2 (id=2162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1m30.810427088s ago: executing program 2 (id=2164):
setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={0x0, 0x204000, 0x1000}, 0x20)

1m30.761063349s ago: executing program 2 (id=2165):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

1m30.69757288s ago: executing program 2 (id=2167):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4)
close(r1)

1m30.611868621s ago: executing program 2 (id=2168):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0xe8034000, 0x0, 0x41, 0x0, &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9f", 0x5dc}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
creat(&(0x7f0000000980)='./bus\x00', 0x19)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

1m30.611750752s ago: executing program 39 (id=2168):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000010018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0xe8034000, 0x0, 0x41, 0x0, &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9f", 0x5dc}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
creat(&(0x7f0000000980)='./bus\x00', 0x19)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

1m22.981302102s ago: executing program 3 (id=2426):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
utimes(0x0, 0x0)

1m22.964453312s ago: executing program 3 (id=2417):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x10000002}, 0x18)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1m22.940904342s ago: executing program 3 (id=2420):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ppoll(&(0x7f0000000000)=[{r2, 0x4}], 0x1, 0x0, 0x0, 0x0)

1m22.921687843s ago: executing program 3 (id=2421):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b105f, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file0/file0\x00', 0x201)

1m22.907000733s ago: executing program 3 (id=2422):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0})

1m22.679290887s ago: executing program 3 (id=2432):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
recvmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x42)
read(r0, &(0x7f0000001480)=""/4096, 0x1000)

1m22.635619597s ago: executing program 40 (id=2432):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
recvmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x42)
read(r0, &(0x7f0000001480)=""/4096, 0x1000)

1.100577903s ago: executing program 4 (id=5924):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x3, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x84, 0x77, 0x0, 0x0, @time={0x2, 0x9}, {0x3, 0xfb}, {0x7, 0xf5}, @raw32={[0x6, 0xfff7fffd, 0x2be8]}}, {0x2, 0x0, 0x5, 0x83, @tick, {0xf9}, {}, @quote={{0x1, 0x1}, 0xd6f}}], 0x38)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xa8c01)
poll(&(0x7f0000000000)=[{r0, 0x2081}, {r0, 0x4010}], 0x2, 0xfffffffc)
write$sndseq(r1, &(0x7f0000000080)=[{0x1e, 0x0, 0x8, 0xfd, @tick=0x8, {}, {}, @result}], 0x1c)

968.276615ms ago: executing program 9 (id=5932):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x4e20, 0x0, 0xa}, {0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x10000, 0x5}, {}, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x1}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$key(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x158)

904.543596ms ago: executing program 0 (id=5935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x18)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
mbind(&(0x7f00002fb000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)

843.840337ms ago: executing program 9 (id=5936):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x6, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592e66e6229bc5c7ac135fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8)

843.769807ms ago: executing program 8 (id=5937):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r1, &(0x7f0000000040)={0x23, 0x14}, 0x10)
bind$phonet(r0, &(0x7f0000000000)={0x23, 0x4}, 0x10)

838.547427ms ago: executing program 9 (id=5938):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d858952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a8b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac141416441805034d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

838.158407ms ago: executing program 0 (id=5939):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x1d8, 0x12, 0x60d, 0x1d8, 0x202, 0x2a8, 0x2e8, 0x2e8, 0x2a8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xc0], [], 'veth0_to_team\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x4, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8)

773.275828ms ago: executing program 0 (id=5940):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getpgid(0x0)

727.317459ms ago: executing program 9 (id=5952):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x3ff, 0x0, 0x0, 0xffff, 0x0, "fffffffffffff1ff"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0xa)

723.815979ms ago: executing program 0 (id=5942):
r0 = syz_clone(0x2180, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
wait4(0x0, 0x0, 0x40000000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r0, &(0x7f0000000040)='io\x00')

586.115761ms ago: executing program 8 (id=5946):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getcwd(&(0x7f0000000a00)=""/4096, 0x1000)

566.636511ms ago: executing program 7 (id=5947):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
listen(r1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)

515.131622ms ago: executing program 8 (id=5948):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x100000004}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000000400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

514.980372ms ago: executing program 7 (id=5949):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
arch_prctl$ARCH_GET_UNTAG_MASK(0x4001, 0x0)

514.696512ms ago: executing program 7 (id=5950):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0xfffffffc, 0x100, 0x0, 0x1dd}, &(0x7f0000000340), &(0x7f0000000300))

493.649122ms ago: executing program 7 (id=5951):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00')
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x688200, 0x0)
fchdir(r0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)

493.227632ms ago: executing program 0 (id=5953):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/wakeup_count', 0x141000, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000200)={0xa000000a})
finit_module(r1, 0x0, 0x3)

450.224303ms ago: executing program 7 (id=5954):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
process_madvise(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000180)}], 0x2, 0x13, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)

450.069523ms ago: executing program 8 (id=5955):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

449.917433ms ago: executing program 7 (id=5956):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

351.988895ms ago: executing program 8 (id=5957):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x2b32, 0x10000, 0x0, 0x5, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x60)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x44, &(0x7f0000000200)=""/68}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

350.711585ms ago: executing program 8 (id=5958):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
ioctl$EVIOCRMFF(r0, 0x40095505, 0x0)

287.901436ms ago: executing program 0 (id=5959):
semop(0x0, &(0x7f0000000240)=[{0x2, 0x7fff, 0x1000}], 0x1)
r0 = semget$private(0x0, 0x6, 0x0)
semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x0, 0xfffe}], 0x1)
semop(r0, &(0x7f0000001240)=[{}, {0x2, 0x0, 0x2000}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000240))

263.046736ms ago: executing program 9 (id=5960):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r2)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
sendmmsg$unix(r3, &(0x7f0000006dc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="d521c9d6", 0x4}], 0x1, &(0x7f0000000440)=[@cred={{0x1c, 0x1, 0x2, {0x0, r1, r4}}}], 0x20, 0x20000000}}], 0x1, 0x40)

207.760957ms ago: executing program 9 (id=5961):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0x10000000000000, 0xffffff6a)
r1 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
io_setup(0x1, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x1a00001a}])

207.555487ms ago: executing program 4 (id=5962):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r1}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

176.239967ms ago: executing program 4 (id=5963):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x14)
prctl$PR_SET_NAME(0xf, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)

107.619468ms ago: executing program 4 (id=5964):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0)={[{@oldalloc}, {@stripe={'stripe', 0x3d, 0x6}}, {@noblock_validity}, {@grpjquota}, {@noinit_itable}, {@orlov}, {@abort}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

107.136008ms ago: executing program 4 (id=5965):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a01de00000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000c0a09030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002140000001100", @ANYRESDEC], 0xc0}, 0x1, 0x0, 0x0, 0x40895}, 0x20008800)

0s ago: executing program 4 (id=5966):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = mq_open(&(0x7f00000004c0)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xednux\x02\xc7\x12\xec\xca7\xbc\x1fS\x1c\x05y\x91\xe5\x9aL\xa9u\b\x00\x00\x00\xa0pC\x19\x9b\vY\x186\xa4\xe7\x1eg{`\xfa\xf3n\x8fIj6f\xfb\x13-g\x19(a6\x18\xe24nz\x83w8\xff\xfb\x83\f\x9a\xda\xc5w\x8eo\x02\xa3\xc1\x83\x91\xc6\xfd\x8c\xc4s\x03\x16\xa4+\xce|^\x98K_0\x8a\xb0\xff~\x1e\xd92\xb4r\xd8\xe7', 0x40, 0x110, 0x0)
mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x2000000, 0x0)

kernel console output (not intermixed with test programs):

69][T10745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.605915][T10745] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2941: bg 0: block 234: padding at end of block bitmap is not set
[  128.620538][T10745] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2048 with max blocks 1 with error 117
[  128.633246][T10745] EXT4-fs (loop0): This should not happen!! Data will be lost
[  128.633246][T10745] 
[  128.648390][T10744] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  128.660706][T10744] EXT4-fs (loop0): This should not happen!! Data will be lost
[  128.660706][T10744] 
[  128.670422][T10744] EXT4-fs (loop0): Total free blocks count 0
[  128.676481][T10744] EXT4-fs (loop0): Free/Dirty block details
[  128.682387][T10744] EXT4-fs (loop0): free_blocks=0
[  128.687523][T10744] EXT4-fs (loop0): dirty_blocks=16
[  128.692685][T10744] EXT4-fs (loop0): Block reservation details
[  128.884946][T10777] loop8: detected capacity change from 0 to 512
[  128.902009][T10777] EXT4-fs: Ignoring removed nobh option
[  128.947418][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.2953: corrupted inode contents
[  128.966377][T10777] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #3: comm syz.8.2953: mark_inode_dirty error
[  129.006092][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #3: comm syz.8.2953: corrupted inode contents
[  129.025999][T10777] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.2953: mark_inode_dirty error
[  129.046031][T10785] loop0: detected capacity change from 0 to 2048
[  129.055024][T10777] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.2953: Failed to acquire dquot type 0
[  129.066804][T10787] loop9: detected capacity change from 0 to 2048
[  129.075037][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.2953: corrupted inode contents
[  129.091432][T10787] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.104658][T10777] EXT4-fs error (device loop8): ext4_dirty_inode:6459: inode #16: comm syz.8.2953: mark_inode_dirty error
[  129.106073][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.120458][T10785] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.142154][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.2953: corrupted inode contents
[  129.155922][T10787] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.2958: bg 0: block 234: padding at end of block bitmap is not set
[  129.175904][T10787] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 2048 with max blocks 1 with error 117
[  129.188588][T10787] EXT4-fs (loop9): This should not happen!! Data will be lost
[  129.188588][T10787] 
[  129.198356][T10777] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.2953: mark_inode_dirty error
[  129.218165][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.2953: corrupted inode contents
[  129.230609][T10777] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  129.230641][ T8864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.241864][T10786] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  129.249246][T10777] EXT4-fs error (device loop8): ext4_do_update_inode:5568: inode #16: comm syz.8.2953: corrupted inode contents
[  129.260331][T10786] EXT4-fs (loop9): This should not happen!! Data will be lost
[  129.260331][T10786] 
[  129.260384][T10786] EXT4-fs (loop9): Total free blocks count 0
[  129.260396][T10786] EXT4-fs (loop9): Free/Dirty block details
[  129.284192][T10777] EXT4-fs error (device loop8): ext4_truncate:4597: inode #16: comm syz.8.2953: mark_inode_dirty error
[  129.287977][T10786] EXT4-fs (loop9): free_blocks=0
[  129.287994][T10786] EXT4-fs (loop9): dirty_blocks=16
[  129.294352][T10777] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  129.304965][T10786] EXT4-fs (loop9): Block reservation details
[  129.313395][T10777] EXT4-fs (loop8): 1 truncate cleaned up
[  129.336477][T10777] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.351039][T10777] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.365732][T10796] netem: change failed
[  129.527314][T10821] IPv6: Can't replace route, no match found
[  129.665167][T10830] loop0: detected capacity change from 0 to 128
[  129.683407][T10830] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  129.696950][T10830] ext4 filesystem being mounted at /143/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  129.738388][ T5118] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.848745][ T8864] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  129.864928][T10847] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2982'.
[  129.873999][T10847] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2982'.
[  129.922080][T10852] IPv6: Can't replace route, no match found
[  130.245835][T10879] SELinux: failed to load policy
[  130.295483][T10885] netlink: 'syz.8.3000': attribute type 10 has an invalid length.
[  130.307406][T10887] netem: change failed
[  130.311709][T10885] syz_tun: entered promiscuous mode
[  130.332898][T10885] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  130.426868][T10905] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3011'.
[  130.437013][T10905] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.458325][T10905] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.471208][T10907] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3012'.
[  130.890461][T10959] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3046'.
[  130.937059][T10968] loop9: detected capacity change from 0 to 512
[  130.937963][T10966] SELinux:  policydb version 164 does not match my version range 15-34
[  130.945541][T10968] EXT4-fs error (device loop9): ext4_iget_extra_inode:5035: inode #15: comm syz.9.3039: corrupted in-inode xattr: invalid ea_ino
[  130.967046][T10968] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.3039: couldn't read orphan inode 15 (err -117)
[  130.975772][T10966] SELinux: failed to load policy
[  130.980852][T10968] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.025268][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.261466][T11001] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  131.268893][T11001] IPv6: NLM_F_CREATE should be set when creating new route
[  131.361680][T11014] syzkaller0: refused to change device tx_queue_len
[  131.717317][T11052] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3079'.
[  131.764880][T11052] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.777394][T11060] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3084'.
[  131.797870][T11052] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.816961][   T31] smc: removing ib device syz0
[  131.824341][ T1036] syz0: Port: 1 Link DOWN
[  132.100420][T11090] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3097'.
[  132.131718][T11092] netlink: 'syz.7.3098': attribute type 3 has an invalid length.
[  132.224090][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3101'.
[  132.247389][T11098] bond1: entered promiscuous mode
[  132.252522][T11098] bond1: entered allmulticast mode
[  132.284713][T11098] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.353604][T11113] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3105'.
[  132.366336][T11115] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3107'.
[  132.376884][T11113] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.395486][T11114] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11114 comm=syz.8.3106
[  132.395764][T11113] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.794804][   T29] kauditd_printk_skb: 138 callbacks suppressed
[  132.794822][   T29] audit: type=1400 audit(1749842256.758:3738): avc:  denied  { create } for  pid=11156 comm="syz.7.3126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  132.852737][   T29] audit: type=1400 audit(1749842256.798:3739): avc:  denied  { getopt } for  pid=11156 comm="syz.7.3126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  132.872517][   T29] audit: type=1400 audit(1749842256.798:3740): avc:  denied  { connect } for  pid=11156 comm="syz.7.3126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  132.892346][   T29] audit: type=1400 audit(1749842256.798:3741): avc:  denied  { name_connect } for  pid=11156 comm="syz.7.3126" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  132.983504][   T29] audit: type=1400 audit(1749842256.948:3742): avc:  denied  { create } for  pid=11166 comm="syz.0.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  133.026989][   T29] audit: type=1400 audit(1749842256.958:3743): avc:  denied  { setopt } for  pid=11166 comm="syz.0.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  133.079835][   T29] audit: type=1400 audit(1749842257.048:3744): avc:  denied  { create } for  pid=11176 comm="syz.9.3135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  133.113232][   T29] audit: type=1400 audit(1749842257.068:3745): avc:  denied  { setopt } for  pid=11176 comm="syz.9.3135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  133.143135][   T29] audit: type=1400 audit(1749842257.078:3746): avc:  denied  { create } for  pid=11181 comm="syz.0.3136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  133.163912][   T29] audit: type=1400 audit(1749842257.078:3747): avc:  denied  { write } for  pid=11181 comm="syz.0.3136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  133.495620][T11214] batadv_slave_1: entered promiscuous mode
[  133.503477][T11212] batadv_slave_1: left promiscuous mode
[  133.625179][T11233] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3159'.
[  133.668627][T11242] netlink: 'syz.8.3163': attribute type 29 has an invalid length.
[  133.684088][T11242] netlink: 'syz.8.3163': attribute type 29 has an invalid length.
[  134.102140][T11286] netlink: 'syz.8.3180': attribute type 6 has an invalid length.
[  134.279985][T11320] netlink: zone id is out of range
[  134.291325][T11320] netlink: zone id is out of range
[  134.297048][T11320] netlink: zone id is out of range
[  134.302334][T11320] netlink: del zone limit has 8 unknown bytes
[  134.834701][T11365] netlink: 'syz.7.3216': attribute type 1 has an invalid length.
[  135.257252][T11428] hub 9-0:1.0: USB hub found
[  135.262222][T11428] hub 9-0:1.0: 8 ports detected
[  135.272330][ T7757] nci: nci_ntf_packet: unknown ntf opcode 0x10d
[  135.651579][T11454] IPv6: NLM_F_CREATE should be specified when creating new route
[  135.699289][T11461] __nla_validate_parse: 11 callbacks suppressed
[  135.699308][T11461] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3258'.
[  135.714536][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3258'.
[  135.726244][T11461] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  135.735016][T11461] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  135.743878][T11461] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  135.752621][T11461] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  135.825918][T11471] vhci_hcd: default hub control req: c517 v0020 i0000 l0
[  136.116336][T11487] vhci_hcd: invalid port number 96
[  136.121505][T11487] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  136.131957][ T7255] nci: nci_ntf_packet: unknown ntf opcode 0x10d
[  136.905489][T11495] netlink: 256 bytes leftover after parsing attributes in process `syz.8.3271'.
[  136.986362][T11514] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3279'.
[  137.081915][T11528] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  137.117731][T11534] netem: incorrect gi model size
[  137.122859][T11534] netem: change failed
[  137.230760][T11550] netlink: 276 bytes leftover after parsing attributes in process `syz.8.3298'.
[  137.234491][T11555] loop0: detected capacity change from 0 to 512
[  137.255873][T11555] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  137.290901][T11562] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  137.298777][T11555] EXT4-fs (loop0): 1 truncate cleaned up
[  137.315039][T11555] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.338854][T11571] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3306'.
[  137.363069][T11555] EXT4-fs error (device loop0): ext4_check_dx_root:2203: inode #2: comm syz.0.3299: Corrupt dir, invalid name for '..', running e2fsck is recommended
[  137.386707][T11571] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3306'.
[  137.396473][T11575] SELinux:  Context system_u:object_r:ssh_agent_exec_t:s0 is not valid (left unmapped).
[  137.404932][T11555] EXT4-fs (loop0): Remounting filesystem read-only
[  137.457874][ T8864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.538475][T11591] IPv6: Can't replace route, no match found
[  137.634014][T11602] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3322'.
[  137.643119][T11602] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3322'.
[  137.692028][T11610] tipc: Started in network mode
[  137.697060][T11610] tipc: Node identity 4, cluster identity 4711
[  137.700780][T11612] loop9: detected capacity change from 0 to 512
[  137.703311][T11610] tipc: Node number set to 4
[  137.730695][T11612] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.3326: casefold flag without casefold feature
[  137.782102][T11612] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.3326: couldn't read orphan inode 15 (err -117)
[  137.803096][T11612] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.824346][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  137.824364][   T29] audit: type=1400 audit(1749842261.788:3893): avc:  denied  { append } for  pid=11611 comm="syz.9.3326" path="/346/file0/file1" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  137.860701][   T29] audit: type=1400 audit(1749842261.818:3894): avc:  denied  { read } for  pid=11611 comm="syz.9.3326" name="file1" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  137.882588][   T29] audit: type=1400 audit(1749842261.818:3895): avc:  denied  { watch watch_reads } for  pid=11611 comm="syz.9.3326" path="/346/file0/file1" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  137.906566][   T29] audit: type=1400 audit(1749842261.818:3896): avc:  denied  { setattr } for  pid=11611 comm="syz.9.3326" name="file1" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  137.952643][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.965418][   T29] audit: type=1326 audit(1749842261.938:3897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11626 comm="syz.7.3335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  137.989022][   T29] audit: type=1326 audit(1749842261.938:3898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11626 comm="syz.7.3335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  138.012840][   T29] audit: type=1326 audit(1749842261.958:3899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11626 comm="syz.7.3335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  138.036756][   T29] audit: type=1326 audit(1749842261.958:3900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11626 comm="syz.7.3335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  138.060460][   T29] audit: type=1326 audit(1749842261.968:3901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11626 comm="syz.7.3335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  138.102014][T11639] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3338'.
[  138.217135][   T29] audit: type=1326 audit(1749842262.178:3902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11653 comm="syz.7.3347" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f281305e929 code=0x0
[  138.265127][T11657] Invalid ELF header magic: != ELF
[  138.412796][T11684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  138.434110][T11684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  138.489004][T11696] netlink: 'syz.0.3364': attribute type 1 has an invalid length.
[  138.496850][T11696] netlink: 'syz.0.3364': attribute type 4 has an invalid length.
[  138.511957][T11695] IPv6: Can't replace route, no match found
[  138.704041][T11722] IPv6: Can't replace route, no match found
[  138.863562][T11730] Invalid ELF header magic: != ELF
[  138.979008][T11751] 8021q: adding VLAN 0 to HW filter on device bond1
[  138.987072][T11751] bridge0: port 3(bond1) entered blocking state
[  138.993367][T11751] bridge0: port 3(bond1) entered disabled state
[  139.000434][T11751] bond1: entered allmulticast mode
[  139.006932][T11751] bond1: entered promiscuous mode
[  139.012367][T11751] bridge0: port 3(bond1) entered blocking state
[  139.018672][T11751] bridge0: port 3(bond1) entered forwarding state
[  139.368071][ T5118] bond0: (slave syz_tun): Releasing backup interface
[  139.459213][ T7255] bridge0: port 3(bond1) entered disabled state
[  139.490617][ T7732] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.501025][ T7732] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.572056][ T7732] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.582602][ T7732] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.618463][ T7732] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.628891][ T7732] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.687698][ T7732] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  139.698279][ T7732] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.826702][ T7732] bridge_slave_1: left allmulticast mode
[  139.832504][ T7732] bridge_slave_1: left promiscuous mode
[  139.838363][ T7732] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.860265][ T7732] bridge_slave_0: left promiscuous mode
[  139.866293][ T7732] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.030717][ T7732] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.041432][ T7732] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.051407][ T7732] bond0 (unregistering): Released all slaves
[  140.061339][ T7732] bond1 (unregistering): Released all slaves
[  140.107901][T11822] vlan2: entered allmulticast mode
[  140.113275][T11822] bond0: entered allmulticast mode
[  140.118468][T11822] bond_slave_0: entered allmulticast mode
[  140.124252][T11822] bond_slave_1: entered allmulticast mode
[  140.130148][T11822] syz_tun: entered allmulticast mode
[  140.164165][ T7732] hsr_slave_0: left promiscuous mode
[  140.173933][ T7732] hsr_slave_1: left promiscuous mode
[  140.190001][ T7732] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  140.197704][ T7732] batman_adv: batadv0: Removing interface: batadv_slave_0
[  140.208234][ T7732] veth1_macvtap: left promiscuous mode
[  140.213830][ T7732] veth0_macvtap: left promiscuous mode
[  140.270236][ T7732] team0 (unregistering): Port device team_slave_1 removed
[  140.293562][ T7732] team0 (unregistering): Port device team_slave_0 removed
[  140.303473][ T7255] smc: removing ib device syz!
[  140.457450][T11793] chnl_net:caif_netlink_parms(): no params data found
[  140.533349][T11793] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.540632][T11793] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.550007][T11793] bridge_slave_0: entered allmulticast mode
[  140.556835][T11793] bridge_slave_0: entered promiscuous mode
[  140.563997][T11793] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.571187][T11793] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.579761][T11793] bridge_slave_1: entered allmulticast mode
[  140.586336][T11793] bridge_slave_1: entered promiscuous mode
[  140.618437][T11793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.634304][T11793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.664282][T11793] team0: Port device team_slave_0 added
[  140.680162][T11793] team0: Port device team_slave_1 added
[  140.703830][T11793] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.710907][T11793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.736903][T11793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.770918][T11793] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.777993][T11793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.804145][T11793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.844094][T11793] hsr_slave_0: entered promiscuous mode
[  140.850345][T11793] hsr_slave_1: entered promiscuous mode
[  140.856242][T11793] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  140.863870][T11793] Cannot create hsr debugfs directory
[  141.160650][T11793] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  141.169776][T11793] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  141.180520][T11793] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  141.197906][T11793] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  141.287427][T11793] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.319149][T11793] 8021q: adding VLAN 0 to HW filter on device team0
[  141.353746][ T7732] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.360994][ T7732] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.399551][ T7724] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.406701][ T7724] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.529295][T11793] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.697727][T11973] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.706508][T11973] bridge0: port 4(bond1) entered blocking state
[  141.712838][T11973] bridge0: port 4(bond1) entered disabled state
[  141.720107][T11973] bond1: entered allmulticast mode
[  141.727829][T11973] bond1: entered promiscuous mode
[  141.734235][T11973] bridge0: port 4(bond1) entered blocking state
[  141.740658][T11973] bridge0: port 4(bond1) entered forwarding state
[  141.768857][   T31] bridge0: port 4(bond1) entered disabled state
[  141.872249][T11990] vlan2: entered allmulticast mode
[  141.877557][T11990] bond0: entered allmulticast mode
[  141.882724][T11990] bond_slave_0: entered allmulticast mode
[  141.888547][T11990] bond_slave_1: entered allmulticast mode
[  141.894410][T11990] syz_tun: entered allmulticast mode
[  141.923791][T11793] veth0_vlan: entered promiscuous mode
[  141.934142][T11793] veth1_vlan: entered promiscuous mode
[  141.975913][T11793] veth0_macvtap: entered promiscuous mode
[  142.000265][T11793] veth1_macvtap: entered promiscuous mode
[  142.016692][T11793] batman_adv: batadv0: Interface activated: batadv_slave_0
[  142.039639][T11793] batman_adv: batadv0: Interface activated: batadv_slave_1
[  142.059797][T11999] loop9: detected capacity change from 0 to 256
[  142.063073][T11793] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.075008][T11793] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.084001][T11793] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.092768][T11793] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.222794][T12017] __nla_validate_parse: 4 callbacks suppressed
[  142.222812][T12017] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3501'.
[  142.409719][T12029] veth1_to_bond: entered allmulticast mode
[  142.442025][T12029] veth1_to_bond: left allmulticast mode
[  142.869448][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  142.869510][   T29] audit: type=1326 audit(1749842266.838:4040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  142.965726][   T29] audit: type=1326 audit(1749842266.838:4041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  142.989756][   T29] audit: type=1326 audit(1749842266.838:4042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.013358][   T29] audit: type=1326 audit(1749842266.838:4043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.037002][   T29] audit: type=1326 audit(1749842266.838:4044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.060613][   T29] audit: type=1326 audit(1749842266.838:4045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.084293][   T29] audit: type=1326 audit(1749842266.838:4046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.107899][   T29] audit: type=1326 audit(1749842266.838:4047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.131455][   T29] audit: type=1326 audit(1749842266.838:4048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.155003][   T29] audit: type=1326 audit(1749842266.838:4049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12089 comm="syz.9.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  143.159348][T12107] veth1_to_bond: entered allmulticast mode
[  143.238447][T12107] veth1_to_bond: left allmulticast mode
[  143.478634][T12134] loop8: detected capacity change from 0 to 512
[  143.508061][T12134] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.520784][T12134] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.546929][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.762178][T12181] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3566'.
[  143.771329][T12181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3566'.
[  143.797392][T12184] veth1_to_bond: entered allmulticast mode
[  143.809140][T12181] wireguard0: entered promiscuous mode
[  143.814708][T12181] wireguard0: entered allmulticast mode
[  143.838824][T12184] veth1_to_bond: left allmulticast mode
[  144.040617][T12212] netlink: 'syz.7.3579': attribute type 21 has an invalid length.
[  144.048601][T12212] IPv6: NLM_F_CREATE should be specified when creating new route
[  144.086455][T12218] veth1_to_bond: entered allmulticast mode
[  144.098647][T12218] veth1_to_bond: left allmulticast mode
[  144.281123][T12240] hsr0: entered promiscuous mode
[  144.407668][T12253] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  144.492153][T12267] netlink: 596 bytes leftover after parsing attributes in process `syz.0.3604'.
[  144.504743][T12269] netlink: 'syz.9.3606': attribute type 4 has an invalid length.
[  144.748992][T12311] netdevsim netdevsim9: Direct firmware load for � failed with error -2
[  144.957027][T12331] SELinux: failed to load policy
[  145.016948][T12340] loop8: detected capacity change from 0 to 164
[  145.024339][T12340] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  145.034748][T12340] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  145.067456][T12346] loop8: detected capacity change from 0 to 512
[  145.074498][T12346] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  145.086354][T12346] EXT4-fs (loop8): 1 truncate cleaned up
[  145.092790][T12346] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.109481][T12344] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.3642: bg 0: block 256: padding at end of block bitmap is not set
[  145.125200][T12344] EXT4-fs (loop8): Remounting filesystem read-only
[  145.135289][T12351] 9pnet: p9_errstr2errno: server reported unknown error �@��hQI���t
[  145.144498][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.184957][T12356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.199984][T12356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.231576][T12364] netlink: 'syz.8.3650': attribute type 21 has an invalid length.
[  145.239499][T12364] IPv6: NLM_F_CREATE should be specified when creating new route
[  145.263552][T12366] netlink: 596 bytes leftover after parsing attributes in process `syz.8.3651'.
[  145.289250][T12368] netlink: 'syz.8.3652': attribute type 4 has an invalid length.
[  145.391145][T12379] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  145.430445][T12383] netdevsim netdevsim8: Direct firmware load for � failed with error -2
[  145.597278][T12391] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3663'.
[  145.606463][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3663'.
[  145.618564][T12391] wireguard0: entered promiscuous mode
[  145.624250][T12391] wireguard0: entered allmulticast mode
[  145.733101][T12400] loop8: detected capacity change from 0 to 512
[  145.740322][T12400] EXT4-fs: Ignoring removed nobh option
[  145.748716][T12400] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  145.757688][T12400] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.3667: attempt to clear invalid blocks 2 len 1
[  145.770990][T12400] EXT4-fs (loop8): Remounting filesystem read-only
[  145.778041][T12400] EXT4-fs (loop8): 1 truncate cleaned up
[  145.784307][T12400] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.812090][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.852370][T12412] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3672'.
[  145.969149][T12432] loop8: detected capacity change from 0 to 512
[  145.988086][T12432] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.003360][T12432] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.028158][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.293498][T12460] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  146.303979][T12458] vhci_hcd: invalid port number 96
[  146.309194][T12458] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  146.362574][T12470] 9pnet: p9_errstr2errno: server reported unknown error �@��hQI���t
[  146.423246][T12474] loop8: detected capacity change from 0 to 256
[  146.431106][T12474] FAT-fs (loop8): bogus number of FAT sectors
[  146.437372][T12474] FAT-fs (loop8): Can't find a valid FAT filesystem
[  146.641822][T12491] loop9: detected capacity change from 0 to 164
[  146.648999][T12491] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  146.662608][T12491] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  146.729130][T12501] loop9: detected capacity change from 0 to 512
[  146.735957][T12501] EXT4-fs: Ignoring removed nobh option
[  146.742819][T12501] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -13
[  146.752322][T12501] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.3712: attempt to clear invalid blocks 2 len 1
[  146.766989][T12501] EXT4-fs (loop9): Remounting filesystem read-only
[  146.773791][T12501] EXT4-fs (loop9): 1 truncate cleaned up
[  146.781876][T12501] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.809896][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.913578][T12523] loop9: detected capacity change from 0 to 1024
[  146.927660][T12523] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.952535][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.000779][T12534] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  148.106254][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  148.106274][   T29] audit: type=1400 audit(1749842272.068:4232): avc:  denied  { write } for  pid=12535 comm="syz.0.3728" path="socket:[36143]" dev="sockfs" ino=36143 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  148.152116][T12549] loop8: detected capacity change from 0 to 128
[  148.164253][T12549] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  148.178297][T12549] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.192911][   T29] audit: type=1400 audit(1749842272.158:4233): avc:  denied  { create } for  pid=12553 comm="syz.4.3734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  148.235783][   T29] audit: type=1326 audit(1749842272.188:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.241687][T12549] EXT4-fs error (device loop8): dx_make_map:1296: inode #2: block 63: comm syz.8.3732: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  148.259486][   T29] audit: type=1326 audit(1749842272.188:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.301403][   T29] audit: type=1326 audit(1749842272.188:4236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.325431][   T29] audit: type=1326 audit(1749842272.188:4237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.342855][T12549] EXT4-fs error (device loop8) in do_split:2029: Corrupt filesystem
[  148.349075][   T29] audit: type=1326 audit(1749842272.188:4238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.380801][   T29] audit: type=1326 audit(1749842272.188:4239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.404462][   T29] audit: type=1326 audit(1749842272.188:4240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.428143][   T29] audit: type=1326 audit(1749842272.188:4241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.4.3734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  148.455362][T11793] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  148.475262][T12561] loop9: detected capacity change from 0 to 128
[  148.510053][T12561] syz.9.3739: attempt to access beyond end of device
[  148.510053][T12561] loop9: rw=2049, sector=145, nr_sectors = 8 limit=128
[  148.543238][T12572] loop8: detected capacity change from 0 to 128
[  148.554365][T12561] syz.9.3739: attempt to access beyond end of device
[  148.554365][T12561] loop9: rw=2049, sector=161, nr_sectors = 8 limit=128
[  148.566314][T12569] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  148.590368][T12561] syz.9.3739: attempt to access beyond end of device
[  148.590368][T12561] loop9: rw=2049, sector=177, nr_sectors = 24 limit=128
[  148.604190][T12561] syz.9.3739: attempt to access beyond end of device
[  148.604190][T12561] loop9: rw=2049, sector=209, nr_sectors = 8 limit=128
[  148.617886][T12561] syz.9.3739: attempt to access beyond end of device
[  148.617886][T12561] loop9: rw=2049, sector=225, nr_sectors = 8 limit=128
[  148.637773][T12561] syz.9.3739: attempt to access beyond end of device
[  148.637773][T12561] loop9: rw=2049, sector=241, nr_sectors = 8 limit=128
[  148.670197][T12561] syz.9.3739: attempt to access beyond end of device
[  148.670197][T12561] loop9: rw=2049, sector=257, nr_sectors = 8 limit=128
[  148.693880][T12561] syz.9.3739: attempt to access beyond end of device
[  148.693880][T12561] loop9: rw=2049, sector=273, nr_sectors = 8 limit=128
[  148.709209][T12561] syz.9.3739: attempt to access beyond end of device
[  148.709209][T12561] loop9: rw=2049, sector=289, nr_sectors = 9 limit=128
[  148.872910][T12609] loop8: detected capacity change from 0 to 512
[  148.880936][T12610] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3761'.
[  148.892251][T12609] EXT4-fs: Ignoring removed nobh option
[  148.938675][T12609] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  148.959075][T12609] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.3762: attempt to clear invalid blocks 2 len 1
[  148.977420][T12609] EXT4-fs (loop8): Remounting filesystem read-only
[  148.988615][T12609] EXT4-fs (loop8): 1 truncate cleaned up
[  149.006396][T12609] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.066125][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.179916][T12639] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3775'.
[  150.114258][T12728] SELinux: failed to load policy
[  150.191731][T12736] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3818'.
[  150.370039][T12751] loop8: detected capacity change from 0 to 512
[  150.400340][T12751] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.433232][T12751] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  150.500229][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.844830][T12793] loop8: detected capacity change from 0 to 128
[  150.864812][T12793] syz.8.3844: attempt to access beyond end of device
[  150.864812][T12793] loop8: rw=2049, sector=145, nr_sectors = 8 limit=128
[  151.126199][T12826] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3858'.
[  151.382119][T12846] xt_CT: You must specify a L4 protocol and not use inversions on it
[  151.409003][T12848] netlink: 'syz.8.3869': attribute type 3 has an invalid length.
[  151.429005][T12850] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[  151.497702][T12854] 9pnet_fd: Insufficient options for proto=fd
[  151.600765][T12867] netlink: 'syz.9.3878': attribute type 1 has an invalid length.
[  151.608576][T12867] netlink: 224 bytes leftover after parsing attributes in process `syz.9.3878'.
[  151.981000][T12898] netlink: 'syz.9.3890': attribute type 4 has an invalid length.
[  152.004500][T12898] netlink: 'syz.9.3890': attribute type 4 has an invalid length.
[  152.134740][T12906] loop9: detected capacity change from 0 to 512
[  152.203113][T12906] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  152.217086][T12906] EXT4-fs (loop9): 1 truncate cleaned up
[  152.223422][T12906] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.260410][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.361190][T12924] loop9: detected capacity change from 0 to 164
[  153.173307][T12994] loop8: detected capacity change from 0 to 164
[  153.263528][T13003] 9pnet_fd: Insufficient options for proto=fd
[  153.351841][T13017] netlink: 'syz.0.3942': attribute type 1 has an invalid length.
[  153.359798][T13017] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3942'.
[  153.491967][T13031] loop9: detected capacity change from 0 to 1024
[  153.506087][T13031] EXT4-fs: Ignoring removed orlov option
[  153.511946][T13031] EXT4-fs: Ignoring removed nomblk_io_submit option
[  153.575493][T13031] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.608959][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  153.608977][   T29] audit: type=1400 audit(1749842277.578:4282): avc:  denied  { remount } for  pid=13029 comm="syz.9.3948" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  153.663731][T13031] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  153.721100][   T29] audit: type=1400 audit(1749842277.628:4283): avc:  denied  { execute } for  pid=13029 comm="syz.9.3948" name="file0" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  153.743764][   T29] audit: type=1400 audit(1749842277.628:4284): avc:  denied  { execute_no_trans } for  pid=13029 comm="syz.9.3948" path="/466/file1/file0/file0" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  153.796320][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.973610][   T29] audit: type=1400 audit(1749842277.938:4285): avc:  denied  { write } for  pid=13076 comm="syz.8.3968" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  154.093230][   T29] audit: type=1400 audit(1749842278.058:4286): avc:  denied  { read } for  pid=13086 comm="syz.8.3974" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  154.116804][   T29] audit: type=1400 audit(1749842278.058:4287): avc:  denied  { open } for  pid=13086 comm="syz.8.3974" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  154.191927][   T29] audit: type=1400 audit(1749842278.118:4288): avc:  denied  { ioctl } for  pid=13086 comm="syz.8.3974" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x4592 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  154.440073][T13115] netlink: 'syz.4.3986': attribute type 3 has an invalid length.
[  154.581811][   T29] audit: type=1400 audit(1749842278.548:4289): avc:  denied  { read write } for  pid=13126 comm="syz.8.3993" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  154.605494][   T29] audit: type=1400 audit(1749842278.548:4290): avc:  denied  { open } for  pid=13126 comm="syz.8.3993" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  154.630849][ T2961] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  154.638338][ T2961] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  154.645865][ T2961] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0
[  154.653997][ T2961] hid-generic 0003:0004:0000.0007: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  154.720074][T13134] netem: change failed
[  154.831113][   T29] audit: type=1326 audit(1749842278.798:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13153 comm="syz.8.4007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94b50ce929 code=0x7ffc0000
[  154.881116][T13161] loop8: detected capacity change from 0 to 512
[  154.891018][T13161] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  154.905844][T13161] EXT4-fs (loop8): 1 truncate cleaned up
[  154.912046][T13161] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.951545][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.170257][T13190] netlink: 'syz.7.4022': attribute type 4 has an invalid length.
[  155.180906][T13190] netlink: 'syz.7.4022': attribute type 4 has an invalid length.
[  155.241499][T13194] loop8: detected capacity change from 0 to 1024
[  155.251600][T13194] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  155.262704][T13194] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  155.284831][T13194] JBD2: no valid journal superblock found
[  155.290629][T13194] EXT4-fs (loop8): Could not load journal inode
[  155.302621][T13194] netlink: 52 bytes leftover after parsing attributes in process `syz.8.4026'.
[  155.434957][T13210] loop8: detected capacity change from 0 to 2048
[  155.476245][T13210]  loop8: p1 < > p4
[  155.485094][T13210] loop8: p4 size 8388608 extends beyond EOD, truncated
[  155.875167][T13259] netlink: 'syz.0.4055': attribute type 13 has an invalid length.
[  155.910140][T13267] netdevsim netdevsim8 netdevsim0: Unsupported IPsec algorithm
[  155.927172][T13259] gretap0: refused to change device tx_queue_len
[  155.933642][T13259] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  155.965381][T13277] netlink: 'syz.8.4065': attribute type 1 has an invalid length.
[  155.990592][T13277] 8021q: adding VLAN 0 to HW filter on device bond1
[  156.020252][T13277] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  156.629285][T13302] netlink: 96 bytes leftover after parsing attributes in process `syz.9.4083'.
[  156.726917][ T2961] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  156.734388][ T2961] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  156.741836][ T2961] hid-generic 0003:0004:0000.0008: unknown main item tag 0x0
[  156.750559][ T2961] hid-generic 0003:0004:0000.0008: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  156.773871][T13321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4084'.
[  156.938200][T13341] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4092'.
[  156.998390][T13349] netlink: 'syz.0.4096': attribute type 4 has an invalid length.
[  157.048029][T13353] netlink: 'syz.9.4098': attribute type 1 has an invalid length.
[  157.067751][ T2961] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  157.071976][T13353] bond1: entered promiscuous mode
[  157.075178][ T2961] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  157.084512][T13353] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.087950][ T2961] hid-generic 0003:0004:0000.0009: unknown main item tag 0x0
[  157.129636][T13353] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.137096][T13353] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  157.147470][T13353] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  157.166167][ T2961] hid-generic 0003:0004:0000.0009: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  157.182244][T13371] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4106'.
[  157.185384][T13353] bond1: (slave vxcan3): making interface the new active one
[  157.198879][T13353] vxcan3: entered promiscuous mode
[  157.221474][T13353] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  157.395452][T13399] loop8: detected capacity change from 0 to 128
[  157.421411][T13399] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  157.449442][T13399] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.502914][T13415] loop9: detected capacity change from 0 to 128
[  157.514082][T13415] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  157.530931][T13415] ext4 filesystem being mounted at /492/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  157.553627][T13415] syz_tun: entered allmulticast mode
[  157.573944][T13423] netlink: 'syz.7.4129': attribute type 1 has an invalid length.
[  157.582990][T13420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4127'.
[  157.632913][T11793] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  157.645430][ T8032] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  157.665998][T13429] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4133'.
[  158.119611][T13487] netlink: 'syz.8.4158': attribute type 1 has an invalid length.
[  158.257326][T13498] netlink: 'syz.7.4163': attribute type 1 has an invalid length.
[  158.277871][T13498] bond2: entered promiscuous mode
[  158.284438][T13498] 8021q: adding VLAN 0 to HW filter on device bond2
[  158.295046][T13503] syz_tun: entered allmulticast mode
[  158.309965][T13498] 8021q: adding VLAN 0 to HW filter on device bond2
[  158.319548][T13498] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  158.329880][T13498] bond2: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  158.344508][T13498] bond2: (slave vxcan3): making interface the new active one
[  158.352050][T13498] vxcan3: entered promiscuous mode
[  158.358934][T13498] bond2: (slave vxcan3): Enslaving as an active interface with an up link
[  158.388060][T13509] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4168'.
[  158.397817][T13509] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4168'.
[  158.534556][T13529] SELinux: failed to load policy
[  158.661255][T13539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4181'.
[  158.743133][T13542] loop8: detected capacity change from 0 to 164
[  158.760032][T13542] bio_check_eod: 8 callbacks suppressed
[  158.760049][T13542] syz.8.4183: attempt to access beyond end of device
[  158.760049][T13542] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  158.780325][T13542] syz.8.4183: attempt to access beyond end of device
[  158.780325][T13542] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  158.831439][   T29] kauditd_printk_skb: 149 callbacks suppressed
[  158.831456][   T29] audit: type=1326 audit(1749842282.798:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.873324][   T29] audit: type=1326 audit(1749842282.838:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.897166][   T29] audit: type=1326 audit(1749842282.838:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.920745][   T29] audit: type=1326 audit(1749842282.838:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.944312][   T29] audit: type=1326 audit(1749842282.838:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.968069][   T29] audit: type=1326 audit(1749842282.838:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  158.991711][   T29] audit: type=1326 audit(1749842282.838:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  159.015415][   T29] audit: type=1326 audit(1749842282.838:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  159.039093][   T29] audit: type=1326 audit(1749842282.838:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  159.062964][   T29] audit: type=1326 audit(1749842282.838:4450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13550 comm="syz.9.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  159.139126][T13567] Cannot find add_set index 0 as target
[  159.265792][T13585] hub 9-0:1.0: USB hub found
[  159.280092][T13585] hub 9-0:1.0: 8 ports detected
[  160.420205][T13695] netlink: 'syz.0.4251': attribute type 3 has an invalid length.
[  160.567935][T13716] __nla_validate_parse: 2 callbacks suppressed
[  160.567950][T13716] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4262'.
[  160.718305][T13737] loop8: detected capacity change from 0 to 2048
[  160.727138][T13742] veth1_macvtap: left promiscuous mode
[  160.733556][T13742] macsec0: entered promiscuous mode
[  160.756259][T13737]  loop8: p1 < > p4
[  160.768648][T13737] loop8: p4 size 8388608 extends beyond EOD, truncated
[  160.895807][T13756] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4282'.
[  160.906754][T13756] IPVS: Error joining to the multicast group
[  161.051241][T13775] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4291'.
[  161.323441][T13805] netlink: 'syz.4.4304': attribute type 4 has an invalid length.
[  161.331428][T13805] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.4304'.
[  161.415954][T13811] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4308'.
[  161.424890][T13811] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4308'.
[  161.467539][T13811] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4308'.
[  161.816072][T13860] pim6reg1: entered promiscuous mode
[  161.821482][T13860] pim6reg1: entered allmulticast mode
[  162.157283][T13900] loop9: detected capacity change from 0 to 256
[  162.182730][T13900] FAT-fs (loop9): bogus number of FAT sectors
[  162.189100][T13900] FAT-fs (loop9): Can't find a valid FAT filesystem
[  162.229066][T13907] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.253362][T13907] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.345052][T13917] loop9: detected capacity change from 0 to 1024
[  162.362801][T13917] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  162.388717][T13917] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  162.403410][T13917] EXT4-fs (loop9): orphan cleanup on readonly fs
[  162.414503][T13917] EXT4-fs error (device loop9): __ext4_get_inode_loc:4792: comm syz.9.4354: Invalid inode table block 0 in block_group 0
[  162.431155][T13917] EXT4-fs (loop9): Remounting filesystem read-only
[  162.451270][T13917] EXT4-fs (loop9): 1 truncate cleaned up
[  162.458707][T13917] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.513439][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.838597][T13968] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4377'.
[  162.840793][T13966] loop9: detected capacity change from 0 to 1024
[  162.864621][T13968] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4377'.
[  162.926479][T13966] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.959209][T13966] ext4 filesystem being mounted at /535/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.980581][T13966] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  163.045116][T13966] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28
[  163.057691][T13966] EXT4-fs (loop9): This should not happen!! Data will be lost
[  163.057691][T13966] 
[  163.067510][T13966] EXT4-fs (loop9): Total free blocks count 0
[  163.073618][T13966] EXT4-fs (loop9): Free/Dirty block details
[  163.079656][T13966] EXT4-fs (loop9): free_blocks=4293918720
[  163.085415][T13966] EXT4-fs (loop9): dirty_blocks=16
[  163.090576][T13966] EXT4-fs (loop9): Block reservation details
[  163.096643][T13966] EXT4-fs (loop9): i_reserved_data_blocks=1
[  163.224918][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.344772][T14032] syz_tun: left allmulticast mode
[  163.366341][T14032] dvmrp1: left allmulticast mode
[  163.406426][T14030] SELinux: ebitmap: truncated map
[  163.439335][T14030] SELinux: failed to load policy
[  163.491927][T14044] netlink: 'syz.7.4413': attribute type 10 has an invalid length.
[  163.511345][T14044] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.518649][T14044] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.547331][T14049] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4413'.
[  163.566019][T14044] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.573326][T14044] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.580695][T14044] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.587883][T14044] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.605476][T14044] bridge0: entered allmulticast mode
[  163.611933][T14044] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  163.620938][T14042] netlink: 'syz.9.4412': attribute type 3 has an invalid length.
[  163.629956][T14049] bond1: left allmulticast mode
[  163.634875][T14049] bond1: left promiscuous mode
[  163.639865][T14049] bridge0: port 4(bond1) entered disabled state
[  163.657953][T14049] bridge0: port 3(batadv0) entered disabled state
[  163.677849][T14049] bridge_slave_1: left allmulticast mode
[  163.683622][T14049] bridge_slave_1: left promiscuous mode
[  163.689469][T14049] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.709560][T14049] bridge_slave_0: left promiscuous mode
[  163.715342][T14049] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.754640][T14049] bond0: (slave bridge0): Releasing backup interface
[  163.763116][T14049] bridge0 (unregistering): left allmulticast mode
[  164.491959][   T29] kauditd_printk_skb: 249 callbacks suppressed
[  164.491976][   T29] audit: type=1326 audit(1749842288.458:4698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.523957][T14168] netem: change failed
[  164.532396][   T29] audit: type=1326 audit(1749842288.458:4699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.556042][   T29] audit: type=1326 audit(1749842288.498:4700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.579595][   T29] audit: type=1326 audit(1749842288.498:4701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.603147][   T29] audit: type=1326 audit(1749842288.498:4702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.626702][   T29] audit: type=1326 audit(1749842288.498:4703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.650216][   T29] audit: type=1326 audit(1749842288.498:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.673754][   T29] audit: type=1326 audit(1749842288.498:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.697301][   T29] audit: type=1326 audit(1749842288.498:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.846383][   T29] audit: type=1326 audit(1749842288.768:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14161 comm="syz.7.4452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  164.931608][T14212] ref_ctr_offset mismatch. inode: 0xb03 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  165.001335][T14225] SELinux:  Context system_u:object_r:dhcpd_exec_t:s0 is not valid (left unmapped).
[  165.375891][T14271] af_packet: tpacket_rcv: packet too big, clamped from 18 to 4294967272. macoff=96
[  165.408086][T14276] loop8: detected capacity change from 0 to 1024
[  165.417216][T14276] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.452862][T14276] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.471970][T14283] loop9: detected capacity change from 0 to 1024
[  165.487613][T14283] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  165.498616][T14283] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  165.511473][T14276] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  165.536968][T14276] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28
[  165.549431][T14276] EXT4-fs (loop8): This should not happen!! Data will be lost
[  165.549431][T14276] 
[  165.559162][T14276] EXT4-fs (loop8): Total free blocks count 0
[  165.565190][T14276] EXT4-fs (loop8): Free/Dirty block details
[  165.571134][T14276] EXT4-fs (loop8): free_blocks=4293918720
[  165.576929][T14276] EXT4-fs (loop8): dirty_blocks=16
[  165.577417][T14283] JBD2: no valid journal superblock found
[  165.582045][T14276] EXT4-fs (loop8): Block reservation details
[  165.588030][T14283] EXT4-fs (loop9): Could not load journal inode
[  165.593983][T14276] EXT4-fs (loop8): i_reserved_data_blocks=1
[  165.655761][T14283] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  165.673297][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.740434][T14303] loop9: detected capacity change from 0 to 256
[  165.759900][T14303] FAT-fs (loop9): error, fat_free_clusters: deleting FAT entry beyond EOF
[  165.768551][T14303] FAT-fs (loop9): Filesystem has been set read-only
[  165.898596][T14317] rdma_op ffff888115407580 conn xmit_rdma 0000000000000000
[  166.626436][T14411] ieee802154 phy1 wpan1: encryption failed: -22
[  166.760916][T14415] __nla_validate_parse: 3 callbacks suppressed
[  166.760935][T14415] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4549'.
[  167.308429][T14466] loop8: detected capacity change from 0 to 164
[  167.336921][T14466] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.358901][T14471] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14471 comm=syz.0.4573
[  167.371534][T14471] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14471 comm=syz.0.4573
[  167.378207][T14466] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  167.415425][T14466] Symlink component flag not implemented
[  167.421171][T14466] Symlink component flag not implemented
[  167.452543][T14466] Symlink component flag not implemented (7)
[  167.458781][T14466] Symlink component flag not implemented (116)
[  167.851236][T14508] loop8: detected capacity change from 0 to 512
[  167.868706][T14508] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a840c19d, mo2=0002]
[  167.886912][T14508] System zones: 1-12
[  167.897951][T14508] EXT4-fs error (device loop8): ext4_iget_extra_inode:5035: inode #15: comm syz.8.4586: corrupted in-inode xattr: e_value size too large
[  167.929495][T14508] EXT4-fs error (device loop8): ext4_orphan_get:1398: comm syz.8.4586: couldn't read orphan inode 15 (err -117)
[  167.961222][T14508] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.015606][T14519] loop9: detected capacity change from 0 to 512
[  168.026453][T14519] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  168.048073][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.058431][T14519] EXT4-fs (loop9): 1 truncate cleaned up
[  168.078066][T14519] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.195559][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.532232][T14549] loop8: detected capacity change from 0 to 128
[  168.541648][T14549] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.554629][T14549] ext4 filesystem being mounted at /269/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  168.582264][T11793] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.641640][T14556] loop8: detected capacity change from 0 to 512
[  168.650375][T14556] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  168.671998][T14556] EXT4-fs (loop8): 1 truncate cleaned up
[  168.680412][T14556] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.719112][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.337555][T14647] netlink: 112 bytes leftover after parsing attributes in process `syz.9.4648'.
[  169.388166][T14654] netlink: 'syz.4.4650': attribute type 6 has an invalid length.
[  169.404882][T14656] rdma_op ffff88812702c580 conn xmit_rdma 0000000000000000
[  169.545047][   T29] kauditd_printk_skb: 93 callbacks suppressed
[  169.545065][   T29] audit: type=1326 audit(1749842293.508:4801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.580053][   T29] audit: type=1326 audit(1749842293.538:4802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.603689][   T29] audit: type=1326 audit(1749842293.538:4803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.627280][   T29] audit: type=1326 audit(1749842293.538:4804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.650803][   T29] audit: type=1326 audit(1749842293.548:4805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.674503][   T29] audit: type=1326 audit(1749842293.548:4806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.698033][   T29] audit: type=1326 audit(1749842293.548:4807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.721649][   T29] audit: type=1326 audit(1749842293.548:4808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.721683][   T29] audit: type=1326 audit(1749842293.548:4809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  169.721716][   T29] audit: type=1326 audit(1749842293.548:4810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14683 comm="syz.7.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  170.183516][T14758] serio: Serial port ptm1
[  170.403741][T14781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4712'.
[  170.425834][T14781] IPVS: Error joining to the multicast group
[  170.773897][T14830] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4732'.
[  170.784174][T14830] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4732'.
[  170.797227][T14827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4731'.
[  170.807880][T14827] IPVS: Error joining to the multicast group
[  170.909141][T14838] loop8: detected capacity change from 0 to 1024
[  170.916529][T14838] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  170.928799][T14838] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  170.937612][T14838] EXT4-fs (loop8): orphan cleanup on readonly fs
[  170.944896][T14838] EXT4-fs error (device loop8): __ext4_get_inode_loc:4792: comm syz.8.4736: Invalid inode table block 0 in block_group 0
[  170.958752][T14838] EXT4-fs (loop8): Remounting filesystem read-only
[  170.965362][T14838] EXT4-fs (loop8): 1 truncate cleaned up
[  170.973946][T14838] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  171.004311][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.164754][T14867] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4749'.
[  171.274519][T14886] syz_tun: left allmulticast mode
[  171.280501][T14887] netlink: 'syz.0.4759': attribute type 10 has an invalid length.
[  171.281463][T14888] sd 0:0:1:0: device reset
[  171.290236][T14886] dvmrp1: left allmulticast mode
[  171.301987][T14887] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.309278][T14887] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.328486][T14887] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.335693][T14887] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.343192][T14887] bridge0: port 1(bridge_slave_0) entered blocking state
[  171.350325][T14887] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.360344][T14892] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4761'.
[  171.363622][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4759'.
[  171.377247][T14887] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  171.387804][T14893] bond1: left allmulticast mode
[  171.393206][T14893] bond1: left promiscuous mode
[  171.398451][T14893] bridge0: port 3(bond1) entered disabled state
[  171.412379][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.419987][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.427537][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.435972][T14893] bridge_slave_1: left allmulticast mode
[  171.441708][T14893] bridge_slave_1: left promiscuous mode
[  171.447524][T14893] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.457520][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.464961][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.472431][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.479932][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.487417][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.494808][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.502258][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.509698][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.517121][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.524567][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.532002][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.539869][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.547368][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.554782][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.562285][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.569878][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.577315][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.584740][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.592217][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.599636][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.607069][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.614463][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.621929][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.629344][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.636841][ T2961] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  171.645088][T14893] bridge_slave_0: left promiscuous mode
[  171.647547][ T2961] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  171.650896][T14893] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.675184][T14893] bond0: (slave bridge0): Releasing backup interface
[  171.772846][T14907] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4766'.
[  171.812778][T14913] loop8: detected capacity change from 0 to 128
[  171.823370][T14913] FAT-fs (loop8): Directory bread(block 32) failed
[  171.830210][T14913] FAT-fs (loop8): Directory bread(block 33) failed
[  171.837175][T14913] FAT-fs (loop8): Directory bread(block 34) failed
[  171.844291][T14913] FAT-fs (loop8): Directory bread(block 35) failed
[  171.851165][T14913] FAT-fs (loop8): Directory bread(block 36) failed
[  171.857916][T14913] FAT-fs (loop8): Directory bread(block 37) failed
[  171.864769][T14913] FAT-fs (loop8): Directory bread(block 38) failed
[  171.879757][T14913] FAT-fs (loop8): Directory bread(block 39) failed
[  171.890140][T14917] netlink: 112 bytes leftover after parsing attributes in process `syz.0.4770'.
[  171.905752][T14913] FAT-fs (loop8): Directory bread(block 40) failed
[  171.923791][T14913] FAT-fs (loop8): Directory bread(block 41) failed
[  171.969090][T14923] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  171.977044][T14913] syz.8.4769: attempt to access beyond end of device
[  171.977044][T14913] loop8: rw=0, sector=4108, nr_sectors = 4 limit=128
[  171.996903][T14913] FAT-fs (loop8): error, fat_free: invalid cluster chain (i_pos 196)
[  172.005144][T14913] FAT-fs (loop8): Filesystem has been set read-only
[  172.028271][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.035792][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.043213][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.058574][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.066306][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.073745][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.081285][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.088793][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.096307][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.103750][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.111250][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.118747][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.126215][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.133633][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.142103][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.149555][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.157018][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.164677][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.172112][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.179564][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.187062][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.194489][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.201978][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.209433][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.216920][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.224447][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.231963][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.239506][ T2961] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  172.297058][ T2961] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  172.329629][T14937] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  172.338979][ T3396] IPVS: starting estimator thread 0...
[  172.435817][T14939] IPVS: using max 1920 ests per chain, 96000 per kthread
[  172.465862][T14954] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4787'.
[  172.544044][T14959] netlink: 'syz.4.4790': attribute type 10 has an invalid length.
[  172.552093][T14959] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4790'.
[  172.563279][T14959] dummy0: entered promiscuous mode
[  172.570010][T14959] bridge0: port 4(dummy0) entered blocking state
[  172.576483][T14959] bridge0: port 4(dummy0) entered disabled state
[  172.584660][T14959] dummy0: entered allmulticast mode
[  172.592962][T14959] bridge0: port 4(dummy0) entered blocking state
[  172.599372][T14959] bridge0: port 4(dummy0) entered forwarding state
[  172.615991][T14969] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4794'.
[  172.679778][T14975] netlink: 276 bytes leftover after parsing attributes in process `syz.4.4797'.
[  172.934504][T15020] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4819'.
[  172.981047][T15027] loop8: detected capacity change from 0 to 256
[  173.113448][T15046] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  173.141725][T15048] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4831'.
[  173.166621][T15050] C: renamed from team_slave_0 (while UP)
[  173.174317][T15050] netlink: '+}[@': attribute type 3 has an invalid length.
[  173.181564][T15050] netlink: 152 bytes leftover after parsing attributes in process `+}[@'.
[  173.191037][T15050] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  173.436300][T15070] netdevsim netdevsim0: Direct firmware load for � failed with error -2
[  173.462083][T15074] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  173.471831][T15074] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  173.489543][T15076] vhci_hcd: invalid port number 96
[  173.494790][T15076] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  173.519547][ T2961] kernel write not supported for file [eventfd] (pid: 2961 comm: kworker/1:2)
[  174.024898][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.032526][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.040079][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.048266][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.055871][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.063405][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.071192][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.078758][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.086217][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.093669][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.101187][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.108736][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.116259][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.123669][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.148680][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.156255][ T3396] hid-generic 0006:0000:0000.000C: unknown main item tag 0x0
[  174.185984][ T3396] hid-generic 0006:0000:0000.000C: hidraw0: VIRTUAL HID vffffff.00 Device [syz0] on syz1
[  174.262035][T15196] netlink: 'syz.9.4898': attribute type 10 has an invalid length.
[  174.273115][T15196] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.280490][T15196] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.298856][T15196] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.306036][T15196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  174.313473][T15196] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.320715][T15196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  174.330002][T15196] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  174.491592][T15223] netem: incorrect gi model size
[  174.496699][T15223] netem: change failed
[  174.551296][T15229] netlink: zone id is out of range
[  174.556782][T15229] netlink: del zone limit has 8 unknown bytes
[  174.606117][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  174.606135][   T29] audit: type=1400 audit(1749842298.578:4946): avc:  denied  { attach_queue } for  pid=15239 comm="syz.4.4917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  174.716826][   T29] audit: type=1400 audit(1749842298.688:4947): avc:  denied  { mounton } for  pid=15251 comm="syz.8.4922" path="/proc/744/cgroup" dev="proc" ino=43790 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  174.752634][   T29] audit: type=1326 audit(1749842298.718:4948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15253 comm="syz.4.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.776297][   T29] audit: type=1326 audit(1749842298.718:4949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15253 comm="syz.4.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.799945][   T29] audit: type=1326 audit(1749842298.718:4950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15253 comm="syz.4.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.823454][   T29] audit: type=1326 audit(1749842298.718:4951): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15253 comm="syz.4.4923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.852697][   T29] audit: type=1400 audit(1749842298.828:4952): avc:  denied  { execute } for  pid=15255 comm="syz.9.4924" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=43802 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  174.904990][   T29] audit: type=1326 audit(1749842298.868:4953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15261 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.928123][   T29] audit: type=1326 audit(1749842298.868:4954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15261 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f266cefe929 code=0x7ffc0000
[  174.951233][   T29] audit: type=1326 audit(1749842298.868:4955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15261 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f266cefd290 code=0x7ffc0000
[  175.045664][T15281] loop8: detected capacity change from 0 to 1024
[  175.071020][T15281] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.073605][T15286] ALSA: seq fatal error: cannot create timer (-19)
[  175.131414][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.153007][T15299] ip6tnl2: entered promiscuous mode
[  175.158503][T15299] ip6tnl2: entered allmulticast mode
[  175.167387][T15299] team0: Device ip6tnl2 is of different type
[  175.924620][T15388] netlink: 'syz.7.4983': attribute type 4 has an invalid length.
[  176.181969][T15406] IPVS: stopping master sync thread 15407 ...
[  176.184568][T15407] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  176.250963][T15411] netlink: 'syz.4.4994': attribute type 3 has an invalid length.
[  176.533316][T15432] loop9: detected capacity change from 0 to 1024
[  176.567396][T15432] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.587079][T15432] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.703230][T15443] loop9: detected capacity change from 0 to 128
[  176.756992][T15443] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  176.787068][T15443] ext4 filesystem being mounted at /644/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.878766][ T8032] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  177.557287][T15507] program syz.4.5036 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  177.645939][T15521] netlink: 'syz.4.5042': attribute type 21 has an invalid length.
[  177.796319][T15534] __nla_validate_parse: 16 callbacks suppressed
[  177.796335][T15534] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5048'.
[  178.185056][T15561] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5062'.
[  178.649769][T15594] netlink: 664 bytes leftover after parsing attributes in process `syz.9.5077'.
[  178.939629][T15622] netlink: 132 bytes leftover after parsing attributes in process `syz.9.5089'.
[  178.986599][T15624] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5090'.
[  179.020315][T15628] loop9: detected capacity change from 0 to 1024
[  179.033796][T15628] EXT4-fs: Ignoring removed nobh option
[  179.040886][T15628] EXT4-fs: Ignoring removed bh option
[  179.134881][T15628] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.160737][T15628] EXT4-fs error (device loop9): mb_free_blocks:1948: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  179.185701][T15628] EXT4-fs (loop9): Remounting filesystem read-only
[  179.242280][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.299566][T15649] netlink: 'syz.9.5100': attribute type 10 has an invalid length.
[  179.307474][T15649] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5100'.
[  179.331744][T15649] dummy0: entered promiscuous mode
[  179.340673][T15649] bridge0: port 4(dummy0) entered blocking state
[  179.347222][T15649] bridge0: port 4(dummy0) entered disabled state
[  179.365082][T15649] dummy0: entered allmulticast mode
[  179.375454][T15649] bridge0: port 4(dummy0) entered blocking state
[  179.381897][T15649] bridge0: port 4(dummy0) entered forwarding state
[  179.527775][T15658] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5104'.
[  179.631972][T15664] netlink: 108 bytes leftover after parsing attributes in process `syz.9.5107'.
[  179.641308][T15664] netlink: 108 bytes leftover after parsing attributes in process `syz.9.5107'.
[  179.650412][T15664] netlink: 108 bytes leftover after parsing attributes in process `syz.9.5107'.
[  180.192665][   T29] kauditd_printk_skb: 55 callbacks suppressed
[  180.192684][   T29] audit: type=1326 audit(1749842304.158:5011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.234039][   T29] audit: type=1326 audit(1749842304.158:5012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.257833][   T29] audit: type=1326 audit(1749842304.158:5013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.281729][   T29] audit: type=1326 audit(1749842304.158:5014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.305798][   T29] audit: type=1326 audit(1749842304.158:5015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.329604][   T29] audit: type=1326 audit(1749842304.158:5016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.353955][   T29] audit: type=1326 audit(1749842304.178:5017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15704 comm="syz.0.5123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  180.836714][T15749] netdevsim netdevsim4: Direct firmware load for � failed with error -2
[  180.860744][   T29] audit: type=1326 audit(1749842304.828:5018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15751 comm="syz.7.5148" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f281305e929 code=0x0
[  181.035787][   T29] audit: type=1326 audit(1749842304.998:5019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15781 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  181.059421][   T29] audit: type=1326 audit(1749842304.998:5020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15781 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7ffc0000
[  181.097699][T15787] netdevsim netdevsim8: Direct firmware load for � failed with error -2
[  181.368270][T15814] C: renamed from team_slave_0 (while UP)
[  181.378025][T15814] netlink: '+}[@': attribute type 3 has an invalid length.
[  181.386740][T15814] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  181.403508][T15816] netdevsim netdevsim9: Direct firmware load for � failed with error -2
[  181.441159][T15824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.451199][T15824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.065375][T15853] C: renamed from team_slave_0 (while UP)
[  182.076312][T15853] netlink: '+}[@': attribute type 3 has an invalid length.
[  182.084937][T15853] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  182.150015][T15861] netdevsim netdevsim8: Direct firmware load for ��n���gkN��q>�*x(O�@ failed with error -2
[  182.465745][ T3383] page_pool_release_retry() stalled pool shutdown: id 86, 1 inflight 60 sec
[  182.713010][T15878] netlink: 'syz.8.5204': attribute type 10 has an invalid length.
[  182.724537][T15884] C: renamed from team_slave_0 (while UP)
[  182.735375][T15884] netlink: '+}[@': attribute type 3 has an invalid length.
[  182.743703][T15884] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  182.766751][T15878] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.774132][T15878] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.815218][T15878] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.822518][T15878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.829939][T15878] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.837184][T15878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.872419][T15878] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  182.980190][T15906] __nla_validate_parse: 32 callbacks suppressed
[  182.980206][T15906] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5213'.
[  183.560149][T15925] loop8: detected capacity change from 0 to 2048
[  183.571499][T15928] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  183.851296][T15976] netdevsim netdevsim0: Direct firmware load for ��n���gkN��q>�*x(O�@ failed with error -2
[  183.959151][T15992] ip6tnl1: entered promiscuous mode
[  183.964463][T15992] ip6tnl1: entered allmulticast mode
[  183.971144][T15992] team0: Device ip6tnl1 is of different type
[  184.829159][T16038] netlink: 'syz.8.5268': attribute type 3 has an invalid length.
[  184.856330][T16041] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  184.931086][T16055] loop9: detected capacity change from 0 to 1024
[  184.939375][T16055] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  184.949285][T16055] EXT4-fs (loop9): group descriptors corrupted!
[  184.964142][T16055] ptp: physical clock is free running
[  185.019271][T16065] loop8: detected capacity change from 0 to 512
[  185.028408][T16065] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  185.057026][T16065] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.087421][T16065] ext4 filesystem being mounted at /416/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.103437][T16078] netlink: 'syz.0.5287': attribute type 4 has an invalid length.
[  185.111453][T16078] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.5287'.
[  185.153105][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.215104][T16091] SELinux:  policydb version 1458486401 does not match my version range 15-34
[  185.236955][T16091] SELinux: failed to load policy
[  185.300308][T16105] netlink: 'syz.0.5301': attribute type 3 has an invalid length.
[  185.323490][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  185.323507][   T29] audit: type=1326 audit(1749842309.288:5094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.355564][   T29] audit: type=1326 audit(1749842309.328:5095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.379262][   T29] audit: type=1326 audit(1749842309.328:5096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.403003][   T29] audit: type=1326 audit(1749842309.328:5097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.427740][   T29] audit: type=1326 audit(1749842309.408:5098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.451298][   T29] audit: type=1326 audit(1749842309.408:5099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.474985][   T29] audit: type=1326 audit(1749842309.408:5100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.500464][   T29] audit: type=1326 audit(1749842309.478:5101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.579010][   T29] audit: type=1326 audit(1749842309.518:5102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.602780][   T29] audit: type=1326 audit(1749842309.518:5103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16106 comm="syz.9.5302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f638e929 code=0x7ffc0000
[  185.739740][T16132] ------------[ cut here ]------------
[  185.745283][T16132] WARNING: CPU: 1 PID: 16132 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x218/0x360
[  185.755597][T16132] Modules linked in:
[  185.759578][T16132] CPU: 1 UID: 0 PID: 16132 Comm: syz.9.5315 Not tainted 6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  185.772331][T16132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.782548][T16132] RIP: 0010:__alloc_frozen_pages_noprof+0x218/0x360
[  185.789347][T16132] Code: 83 3d 53 24 50 05 02 72 0e 48 83 b8 e0 fb ff ff 00 0f 84 48 ff ff ff 81 ca 00 01 00 00 e9 3d ff ff ff c6 05 0a 1d 4c 05 01 90 <0f> 0b 90 31 c0 eb 84 a9 00 00 08 00 75 52 44 89 f1 81 e1 7f ff ff
[  185.809182][T16132] RSP: 0018:ffffc90000eaba98 EFLAGS: 00010246
[  185.815331][T16132] RAX: da83d9b615a4f300 RBX: 0000000000000015 RCX: 0000000000000000
[  185.823364][T16132] RDX: 0000000000000000 RSI: 0000000000000015 RDI: 0000000000040dc0
[  185.831419][T16132] RBP: 0000000000000dc0 R08: ffff8881261a8a98 R09: 0000000000000000
[  185.839445][T16132] R10: ffff88811faaac10 R11: 000188811faaac10 R12: ffffc90000eabd28
[  185.847489][T16132] R13: 0000000030303030 R14: 0000000000040dc0 R15: 0000000000000000
[  185.855494][T16132] FS:  00007fb9f49f76c0(0000) GS:ffff8882aef3c000(0000) knlGS:0000000000000000
[  185.864545][T16132] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  185.871250][T16132] CR2: 0000200000001000 CR3: 000000010ce70000 CR4: 00000000003506f0
[  185.879282][T16132] DR0: 0000200000000300 DR1: 0000000000000000 DR2: 0000000000000000
[  185.887393][T16132] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  185.895476][T16132] Call Trace:
[  185.898871][T16132]  <TASK>
[  185.901838][T16132]  ? __rcu_read_unlock+0x4f/0x70
[  185.904909][T16144] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5319'.
[  185.906941][T16132]  ? bpf_snprintf_btf+0x58/0x150
[  185.920926][T16132]  __alloc_pages_noprof+0x9/0x20
[  185.925950][T16132]  ___kmalloc_large_node+0x73/0x140
[  185.931244][T16132]  __kmalloc_large_node_noprof+0x16/0xa0
[  185.936959][T16132]  __kmalloc_noprof+0x2ab/0x3e0
[  185.941930][T16132]  ? hashtab_init+0x9b/0xe0
[  185.946583][T16132]  hashtab_init+0x9b/0xe0
[  185.950957][T16132]  symtab_init+0x2c/0x40
[  185.955368][T16132]  policydb_read+0x516/0x1330
[  185.960126][T16132]  security_load_policy+0xba/0x890
[  185.965345][T16132]  ? rep_movs_alternative+0x4a/0x90
[  185.970724][T16132]  sel_write_load+0x1d4/0x380
[  185.975452][T16132]  ? __pfx_sel_write_load+0x10/0x10
[  185.980766][T16132]  vfs_write+0x269/0x8e0
[  185.985052][T16132]  ? __rcu_read_unlock+0x4f/0x70
[  185.990059][T16132]  ? __fget_files+0x184/0x1c0
[  185.994861][T16132]  ksys_write+0xda/0x1a0
[  185.999168][T16132]  __x64_sys_write+0x40/0x50
[  186.003841][T16132]  x64_sys_call+0x2cdd/0x2fb0
[  186.008593][T16132]  do_syscall_64+0xd2/0x200
[  186.013217][T16132]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  186.019355][T16132]  ? clear_bhb_loop+0x40/0x90
[  186.024072][T16132]  ? clear_bhb_loop+0x40/0x90
[  186.028820][T16132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.034872][T16132] RIP: 0033:0x7fb9f638e929
[  186.039391][T16132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.059166][T16132] RSP: 002b:00007fb9f49f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  186.067744][T16132] RAX: ffffffffffffffda RBX: 00007fb9f65b5fa0 RCX: 00007fb9f638e929
[  186.075788][T16132] RDX: 0000000000001790 RSI: 0000200000000000 RDI: 0000000000000003
[  186.083846][T16132] RBP: 00007fb9f6410b39 R08: 0000000000000000 R09: 0000000000000000
[  186.091896][T16132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  186.099990][T16132] R13: 0000000000000000 R14: 00007fb9f65b5fa0 R15: 00007ffe8caa8968
[  186.108060][T16132]  </TASK>
[  186.111107][T16132] ---[ end trace 0000000000000000 ]---
[  186.116653][T16132] SELinux: failed to load policy
[  186.162887][T16153] netlink: 'syz.4.5323': attribute type 1 has an invalid length.
[  186.211747][T16163] loop8: detected capacity change from 0 to 128
[  186.215881][T16153] 8021q: adding VLAN 0 to HW filter on device bond2
[  186.226530][T16153] bond1: (slave bond2): making interface the new active one
[  186.227737][T16163] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  186.234247][T16153] bond1: (slave bond2): Enslaving as an active interface with an up link
[  186.246533][T16163] ext4 filesystem being mounted at /429/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.277533][T16165] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5328'.
[  186.334924][T11793] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  186.554526][T16217] netlink: 'syz.7.5351': attribute type 1 has an invalid length.
[  186.573259][T16217] bond3: entered promiscuous mode
[  186.579074][T16217] 8021q: adding VLAN 0 to HW filter on device bond3
[  186.608471][T16217] 8021q: adding VLAN 0 to HW filter on device batadv1
[  186.618042][T16217] bond3: (slave batadv1): making interface the new active one
[  186.625562][T16217] batadv1: entered promiscuous mode
[  186.632577][T16217] bond3: (slave batadv1): Enslaving as an active interface with an up link
[  186.652984][T16231] loop9: detected capacity change from 0 to 128
[  186.776897][T16261] vhci_hcd: invalid port number 96
[  186.782207][T16261] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  186.818896][T16268] loop8: detected capacity change from 0 to 256
[  186.899108][T16278] SELinux: security policydb version 18 (MLS) not backwards compatible
[  186.909268][T16278] SELinux: failed to load policy
[  186.959184][T16294] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  186.969134][T16288] program syz.9.5382 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.018461][T16300] loop9: detected capacity change from 0 to 512
[  187.048008][T16300] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  187.066293][T16300] EXT4-fs (loop9): mount failed
[  187.132499][T16321] SELinux: failed to load policy
[  187.290633][T16347] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16347 comm=syz.8.5408
[  187.341483][T16357] netlink: 'syz.7.5413': attribute type 21 has an invalid length.
[  187.391787][T16363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.393250][T16365] netlink: 87 bytes leftover after parsing attributes in process `+}[@'.
[  187.424303][T16363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.434704][T16372] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5418'.
[  187.539273][T16392] netlink: 268 bytes leftover after parsing attributes in process `syz.7.5429'.
[  187.551351][T16394] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5426'.
[  187.698302][T16423] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16423 comm=syz.9.5443
[  187.711003][T16423] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16423 comm=syz.9.5443
[  187.864087][T16449] netlink: 'syz.0.5456': attribute type 1 has an invalid length.
[  187.867239][T16451] netlink: 88 bytes leftover after parsing attributes in process `syz.9.5457'.
[  187.872110][T16449] netlink: 224 bytes leftover after parsing attributes in process `syz.0.5456'.
[  187.986939][T16472] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[  188.090057][T16489] SELinux:  policydb version -1238197807 does not match my version range 15-34
[  188.099328][T16489] SELinux: failed to load policy
[  188.159338][T16501] 9pnet_fd: Insufficient options for proto=fd
[  188.700021][T16553] loop8: detected capacity change from 0 to 1024
[  188.724440][T16553] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.830068][T11793] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.887399][T16571] __nla_validate_parse: 1 callbacks suppressed
[  188.887444][T16571] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5510'.
[  188.997882][T16590] geneve2: entered promiscuous mode
[  189.003275][T16590] geneve2: entered allmulticast mode
[  189.019506][T16592] loop9: detected capacity change from 0 to 1024
[  189.041976][T16592] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  189.091241][T16602] atomic_op ffff8881572c2128 conn xmit_atomic 0000000000000000
[  189.093853][T16592] EXT4-fs error (device loop9): mb_free_blocks:1948: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  189.139155][T16605] rdma_op ffff88812d837180 conn xmit_rdma 0000000000000000
[  189.161878][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.204317][T16608] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5528'.
[  189.319410][T16634] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5539'.
[  189.335002][T16636] program syz.0.5540 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  189.545130][T16668] SELinux:  policydb version -1238197807 does not match my version range 15-34
[  189.554555][T16668] SELinux: failed to load policy
[  189.596859][T16676] 9pnet_fd: Insufficient options for proto=fd
[  189.661562][T16684] netlink: 'syz.4.5564': attribute type 21 has an invalid length.
[  189.811968][T16697] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5570'.
[  189.826330][T16697] bond3: entered promiscuous mode
[  189.831567][T16697] 8021q: adding VLAN 0 to HW filter on device bond3
[  189.844191][T16697] 8021q: adding VLAN 0 to HW filter on device bond3
[  189.851391][T16697] bond3: (slave ipip0): The slave device specified does not support setting the MAC address
[  189.862936][T16697] bond3: (slave ipip0): Error -95 calling set_mac_address
[  189.932516][T16700] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5571'.
[  189.941604][T16700] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5571'.
[  189.950632][T16700] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5571'.
[  189.959626][T16700] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5571'.
[  190.194025][T16735] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  190.202817][T16737] ref_ctr_offset mismatch. inode: 0xc2c offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  190.313162][T16741] geneve2: entered promiscuous mode
[  190.318536][T16741] geneve2: entered allmulticast mode
[  190.329215][T16743] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5590'.
[  190.360412][T16745] netlink: 'syz.4.5592': attribute type 4 has an invalid length.
[  190.368353][T16745] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.5592'.
[  190.378250][T16747] wireguard0: entered promiscuous mode
[  190.383846][T16747] wireguard0: entered allmulticast mode
[  190.432029][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  190.432045][   T29] audit: type=1326 audit(1749842320.401:5296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16673 comm="syz.0.5560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec1ee9e929 code=0x7fc00000
[  190.542703][T16768] loop9: detected capacity change from 0 to 512
[  190.549905][T16768] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  190.584717][T16768] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.597997][T16768] ext4 filesystem being mounted at /765/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.643429][T16784] geneve2: entered promiscuous mode
[  190.648883][T16784] geneve2: entered allmulticast mode
[  190.656607][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.744506][T16800] netlink: 'syz.9.5616': attribute type 3 has an invalid length.
[  190.828883][T16813] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16813 comm=syz.7.5633
[  190.841594][T16813] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16813 comm=syz.7.5633
[  190.978578][   T29] audit: type=1400 audit(1749842320.951:5297): avc:  denied  { create } for  pid=16839 comm="syz.8.5636" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  191.014501][   T29] audit: type=1400 audit(1749842320.971:5298): avc:  denied  { ioctl } for  pid=16839 comm="syz.8.5636" path="socket:[49205]" dev="sockfs" ino=49205 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  191.203234][   T29] audit: type=1326 audit(1749842321.171:5299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16859 comm="syz.7.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  191.226931][   T29] audit: type=1326 audit(1749842321.171:5300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16859 comm="syz.7.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  191.250533][   T29] audit: type=1326 audit(1749842321.171:5301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16859 comm="syz.7.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  191.282531][   T29] audit: type=1326 audit(1749842321.171:5302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16859 comm="syz.7.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  191.306214][   T29] audit: type=1400 audit(1749842321.221:5303): avc:  denied  { bind } for  pid=16835 comm="syz.0.5634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  191.524350][   T29] audit: type=1400 audit(1749842321.491:5304): avc:  denied  { map } for  pid=16885 comm="syz.0.5655" path="socket:[49281]" dev="sockfs" ino=49281 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  191.547666][   T29] audit: type=1400 audit(1749842321.491:5305): avc:  denied  { read } for  pid=16885 comm="syz.0.5655" path="socket:[49281]" dev="sockfs" ino=49281 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  191.968405][T16946] netlink: 'syz.7.5681': attribute type 1 has an invalid length.
[  192.052094][T16946] 8021q: adding VLAN 0 to HW filter on device bond5
[  192.103130][T16946] bond4: (slave bond5): making interface the new active one
[  192.112268][T16946] bond4: (slave bond5): Enslaving as an active interface with an up link
[  192.594802][T17018] loop9: detected capacity change from 0 to 256
[  192.632841][T17020] SELinux: security policydb version 18 (MLS) not backwards compatible
[  192.651850][T17020] SELinux: failed to load policy
[  192.679482][T17026] program syz.8.5715 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  192.773179][T17042] netlink: 'syz.9.5724': attribute type 21 has an invalid length.
[  192.781104][T17042] IPv6: NLM_F_CREATE should be specified when creating new route
[  192.940007][T17071] syzkaller1: entered promiscuous mode
[  192.945564][T17071] syzkaller1: entered allmulticast mode
[  193.014435][T17085] netlink: 'syz.4.5742': attribute type 1 has an invalid length.
[  193.033157][T17085] bond4: entered promiscuous mode
[  193.046210][T17085] 8021q: adding VLAN 0 to HW filter on device bond4
[  193.079177][T17085] 8021q: adding VLAN 0 to HW filter on device batadv1
[  193.089533][T17085] bond4: (slave batadv1): making interface the new active one
[  193.097149][T17085] batadv1: entered promiscuous mode
[  193.105705][T17085] bond4: (slave batadv1): Enslaving as an active interface with an up link
[  193.131514][T17098] loop8: detected capacity change from 0 to 164
[  193.153454][T17098] syz.8.5747: attempt to access beyond end of device
[  193.153454][T17098] loop8: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  193.185700][T17098] syz.8.5747: attempt to access beyond end of device
[  193.185700][T17098] loop8: rw=0, sector=263328, nr_sectors = 4 limit=164
[  193.273582][T17115] netlink: 'syz.4.5757': attribute type 4 has an invalid length.
[  193.309156][T17115] netlink: 'syz.4.5757': attribute type 4 has an invalid length.
[  193.562648][T17149] loop9: detected capacity change from 0 to 7
[  193.570210][T17149] buffer_io_error: 6 callbacks suppressed
[  193.570275][T17149] Buffer I/O error on dev loop9, logical block 0, async page read
[  193.584257][T17149] Buffer I/O error on dev loop9, logical block 0, async page read
[  193.592214][T17149]  loop9: unable to read partition table
[  193.599329][T17149] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[  193.599329][T17149] 
U�������) failed (rc=-5)
[  193.699403][T17163] loop9: detected capacity change from 0 to 512
[  193.730515][T17163] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.752069][T17163] ext4 filesystem being mounted at /810/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.788986][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.992724][T17214] __nla_validate_parse: 5 callbacks suppressed
[  193.992742][T17214] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5799'.
[  194.218864][T17242] SELinux: ebitmap: truncated map
[  194.226908][T17242] SELinux: failed to load policy
[  194.470934][T17287] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5835'.
[  194.607570][T17308] bond6: entered promiscuous mode
[  194.612680][T17308] bond6: entered allmulticast mode
[  194.620902][T17308] 8021q: adding VLAN 0 to HW filter on device bond6
[  194.633117][T17308] bond6 (unregistering): Released all slaves
[  194.674923][T17319] loop9: detected capacity change from 0 to 512
[  194.694352][T17319] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  194.738951][T17319] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  194.762076][T17319] System zones: 0-2, 18-18, 34-34
[  194.770829][T17319] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.784451][T17336] loop8: detected capacity change from 0 to 128
[  194.785318][T17319] ext4 filesystem being mounted at /825/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.834899][ T8032] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.990003][T17371] netlink: 'syz.9.5874': attribute type 4 has an invalid length.
[  194.997907][T17371] netlink: 199836 bytes leftover after parsing attributes in process `syz.9.5874'.
[  195.365273][T17413] bond0: entered promiscuous mode
[  195.370501][T17413] bond_slave_0: entered promiscuous mode
[  195.376338][T17413] bond_slave_1: entered promiscuous mode
[  195.384071][T17413] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network
[  195.394370][T17413] 8021q: adding VLAN 0 to HW filter on device hsr1
[  195.404339][T17413] bond0: left promiscuous mode
[  195.409197][T17413] bond_slave_0: left promiscuous mode
[  195.414718][T17413] bond_slave_1: left promiscuous mode
[  195.767134][   T29] kauditd_printk_skb: 155 callbacks suppressed
[  195.767149][   T29] audit: type=1326 audit(1749842325.731:5461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.797241][   T29] audit: type=1326 audit(1749842325.741:5462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.822634][   T29] audit: type=1326 audit(1749842325.791:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.846322][   T29] audit: type=1326 audit(1749842325.791:5464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.869869][   T29] audit: type=1326 audit(1749842325.791:5465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.897313][   T29] audit: type=1326 audit(1749842325.791:5466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.921022][   T29] audit: type=1326 audit(1749842325.791:5467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.944639][   T29] audit: type=1326 audit(1749842325.791:5468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  195.968166][   T29] audit: type=1326 audit(1749842325.791:5469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  196.000637][T17434] atomic_op ffff888118d94128 conn xmit_atomic 0000000000000000
[  196.043803][   T29] audit: type=1326 audit(1749842325.971:5470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17427 comm="syz.7.5898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f281305e929 code=0x7ffc0000
[  196.173025][T17455] ip6gre1: entered allmulticast mode
[  196.377120][T17482] netlink: 340 bytes leftover after parsing attributes in process `syz.7.5923'.
[  196.442973][T17491] loop9: detected capacity change from 0 to 128
[  196.454627][T17491] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  196.471068][T17491] ext4 filesystem being mounted at /837/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.512815][ T8032] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  196.661417][T17519] Cannot find add_set index 0 as target
[  197.293455][T17571] loop9: detected capacity change from 0 to 8192
[  197.815051][T17579] ==================================================================
[  197.823192][T17579] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[  197.830438][T17579] 
[  197.832792][T17579] write to 0xffff88811b01992e of 2 bytes by task 17571 on cpu 0:
[  197.840535][T17579]  fat16_ent_put+0x28/0x60
[  197.845011][T17579]  fat_free_clusters+0x2a9/0x790
[  197.849972][T17579]  fat_truncate_blocks+0x4c2/0x550
[  197.855148][T17579]  fat_write_end+0xba/0x160
[  197.859700][T17579]  generic_perform_write+0x30f/0x490
[  197.865015][T17579]  __generic_file_write_iter+0x9e/0x120
[  197.870601][T17579]  generic_file_write_iter+0x8d/0x2f0
[  197.876020][T17579]  vfs_write+0x49d/0x8e0
[  197.880308][T17579]  ksys_write+0xda/0x1a0
[  197.884581][T17579]  __x64_sys_write+0x40/0x50
[  197.889185][T17579]  x64_sys_call+0x2cdd/0x2fb0
[  197.893885][T17579]  do_syscall_64+0xd2/0x200
[  197.898427][T17579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.904339][T17579] 
[  197.906675][T17579] read to 0xffff88811b019800 of 512 bytes by task 17579 on cpu 1:
[  197.914493][T17579]  fat_mirror_bhs+0x1df/0x320
[  197.919230][T17579]  fat_ent_write+0xd0/0xe0
[  197.923669][T17579]  fat_chain_add+0x15b/0x3f0
[  197.928285][T17579]  fat_get_block+0x46c/0x5e0
[  197.932912][T17579]  __block_write_begin_int+0x400/0xf90
[  197.938389][T17579]  cont_write_begin+0x5fc/0x970
[  197.943257][T17579]  fat_write_begin+0x4f/0xe0
[  197.947874][T17579]  generic_perform_write+0x181/0x490
[  197.953217][T17579]  __generic_file_write_iter+0x9e/0x120
[  197.958795][T17579]  generic_file_write_iter+0x8d/0x2f0
[  197.964182][T17579]  aio_write+0x2e5/0x410
[  197.968444][T17579]  io_submit_one+0xacd/0x11d0
[  197.973136][T17579]  __se_sys_io_submit+0xfb/0x280
[  197.978091][T17579]  __x64_sys_io_submit+0x43/0x50
[  197.983040][T17579]  x64_sys_call+0xfc4/0x2fb0
[  197.987645][T17579]  do_syscall_64+0xd2/0x200
[  197.992160][T17579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.998073][T17579] 
[  198.000412][T17579] Reported by Kernel Concurrency Sanitizer on:
[  198.006581][T17579] CPU: 1 UID: 0 PID: 17579 Comm: syz.9.5961 Tainted: G        W           6.16.0-rc1-syzkaller-00157-g02adc1490e6d #0 PREEMPT(voluntary) 
[  198.020667][T17579] Tainted: [W]=WARN
[  198.024480][T17579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.034634][T17579] ==================================================================
[  198.225713][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog