last executing test programs:

38.246324907s ago: executing program 0 (id=2841):
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(0x0, 0x4000)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000200)=ANY=[], 0x2c, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0xc6da5938055fb7fd, 0x20005}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x2054)

38.179106243s ago: executing program 0 (id=2843):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r2, &(0x7f0000000740)=[{{&(0x7f00000002c0)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000540)='P', 0x1}], 0x1}}], 0x1, 0x0)

38.150896225s ago: executing program 0 (id=2844):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
openat(0xffffffffffffff9c, 0x0, 0x0, 0x80)

37.942280242s ago: executing program 0 (id=2848):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @auto='\x00\x00&\x00'}})

37.748174788s ago: executing program 0 (id=2853):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x402)
r1 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f5, 0x1, @perf_config_ext={0x2, 0x2}, 0x4100, 0xfffc, 0x8, 0x6, 0xf5, 0x7, 0xc, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
io_setup(0x7, &(0x7f0000000600)=<r2=>0x0)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
openat$cgroup_type(0xffffffffffffffff, &(0x7f00000002c0), 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r6}, 0x0, &(0x7f00000003c0)=r7}, 0x20)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r8, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r8, 0x6, 0x1e, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r8, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10)
close(r8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
setpgid(0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r3, &(0x7f00000000c0)="01", 0x400000}])

37.365630448s ago: executing program 0 (id=2858):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r0}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

37.365390438s ago: executing program 32 (id=2858):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r0}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r1}, 0x18)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

19.10859459s ago: executing program 2 (id=3401):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x2, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000540)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x14}}}}}}}, 0x0)

18.994569709s ago: executing program 2 (id=3406):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_config_ext={0x7, 0x2006}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x58, &(0x7f00000001c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
write(r0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

18.820971953s ago: executing program 2 (id=3415):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8000}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, 0x0)

18.748043159s ago: executing program 2 (id=3417):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='utf8=1,utf8=1,utf8\x00\x00,utf8=1,shortname=win95,errors=remount-ro,uni_xlate=1,\x00'], 0x3, 0x236, &(0x7f0000000380)="$eJzs2r+LHGUYB/BnLomJFy574i8SEF+0UJshd7VFDrmAuKBoVoiCZOLN6rLj7rGzHKyIuUpb/wRrsbQTJaXNNf4FFnbXXJlCHEl2Y3JhLYKYXfXzafaBZ7/M8+67vLzFHL761Sf9bp13i3GsZFmsXIr9uJXFeqzEXfvxyktXf3runavvvbHVbm+/ndLlrSsbmymlc8//+P5n375wc3z23e/OfX86DtY/ODza/PXgmYPzh79f+bhXp16dBsNxKtL14XBcXK/KtNOr+3lKb1VlUZepN6jL0bF+txru7k5SMdhZW90dlXWdisEk9ctJGg/TeDRJxUdFb5DyPE9rq8Hf0fnmVtPEUXPqWjRN8/jXcfZmrP0SrcieSNmTl7Knr2XP7mfnj5qmtehR+UfY//+3+w71MxHVl3udvc70c9rf6kYvqijjYrTit7j9N5mZ1pdfb29fTHesxxfVjVn+xl7nxPH8RrRifX5+Y5pPx/OnYzXiVMQsvxmteGpO/ofY3pybPxMvv3jf8/Noxc8fxjCq2Inb2XvP/3wjpdfebD+Qv3DnewAA/zV5+tPc+1ue/1V/mn+I++ED96uTceHkYtdORD35tF9UVTn6txd3F7Qs8yxr8dic1onZb7ccEyqWoljcmcSjc2/TFz0JAAAAAAAAAAAAD+NRvE646DUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL7Y8AAAD//+u8zfo=")
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)='K', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x4008014)
r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x21, r0, 0x0, 0x0)

18.709242752s ago: executing program 2 (id=3419):
socket$nl_xfrm(0x10, 0x3, 0x6)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r1, r1, 0x2f, 0x3e000000, @void}, 0x10)

18.346751122s ago: executing program 2 (id=3435):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000900)="bbcf1b5d7e", 0x5, 0x4000081, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c2c000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000004a00)=""/231, 0xe7, 0x0, 0x0}, &(0x7f00000064c0)=0x40)
ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000040))

18.319977633s ago: executing program 33 (id=3435):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7f7e, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000900)="bbcf1b5d7e", 0x5, 0x4000081, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c2c000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000004a00)=""/231, 0xe7, 0x0, 0x0}, &(0x7f00000064c0)=0x40)
ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000040))

1.923725095s ago: executing program 1 (id=4054):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x3, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.845099401s ago: executing program 1 (id=4060):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x88640, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x2, 0x4, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r2 = syz_open_pts(r1, 0x141601)
write(r2, &(0x7f0000000000)="d5", 0xfffffedf)
close_range(r0, 0xffffffffffffffff, 0x0)

1.815195944s ago: executing program 1 (id=4062):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x304}, "d56d9847bfcb49e2", "16549f18408d640d012ebcc31bd9870b", "bcd58d40", "4f5b22bc20c62b22"}, 0x28)
sendto$inet6(r0, &(0x7f0000000240)="c6", 0x1, 0x8040, 0x0, 0x0)
write$binfmt_elf64(r0, 0x0, 0x78)

1.769863238s ago: executing program 1 (id=4075):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x0, 0x1002, 0x0, 0x3, 0xfffffffd}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x2400c000)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x78)

1.382213518s ago: executing program 5 (id=4083):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)

1.337141742s ago: executing program 5 (id=4086):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000380)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f00000003c0)="10", 0x1, 0x4000, &(0x7f0000000140)={0x11, 0xf7, r3, 0x1, 0x0, 0x6, @local}, 0x14)

1.297938635s ago: executing program 3 (id=4088):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000740), 0x3, 0x438, &(0x7f0000000d80)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
syz_mount_image$ext4(&(0x7f0000000340)='ext3\x00', &(0x7f0000000180)='./file2\x00', 0xa00470, &(0x7f00000001c0), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000d40)=ANY=[@ANYBLOB="000000004c90020052feffff0300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d89632b40000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])

1.284796006s ago: executing program 5 (id=4090):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x96, 0x1, 0x0, 0x0, 0x0, 0x1, 0x10002, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r1 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f00000003c0)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r7}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRES32=r9, @ANYRESDEC, @ANYBLOB="aacc0dba9e722b99f0c820efcea2a2b84300d93cc3912c573ab5421b0e3bf3b6df14a3a6e8cf13fe22d251f991dccc1cd673843d1765f9cdd52986b6030191ebe0ed5a299691adc01713141e1a0d0e8155b18a22e0a419c74f6b4852543e40462cf6fd67674ccbb7aa060cb52ad042ee2dfb282a03341817466ed2581e4b2e71581906eb0e77d7e5790c019ab7f3209a7b8810819fa8236755a9065f2602a49a55a53b02134ca03829a51ff5277de71c1b724d5b783ddbef085f497e81489e7813bafe3247c359715b7eb83bd222d6f63f557264", @ANYRES32=r8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0a00000001010000ff7f"], 0x50)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500), 0x111, 0x1}}, 0x12)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r11)

1.222592721s ago: executing program 3 (id=4093):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10)
r2 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x5baa, 0x40})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

1.177150035s ago: executing program 3 (id=4095):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)=',-\x15*\x00', &(0x7f0000000440)='$\b&U0\xb5i\x16\xca\xcd\x01\xf8\x13x\\\x16\x0e\x8c\x1b\xc1rv\xa5k|\x92*ON\x9d\xf21KH\xfcx\xdayx\xe4\xf8\x86\xc3\xf1\xb4\x94/9\',\xf7uX/W\xcc5\a\x9e^\x90\xa8\xaf\xda\x97\xe0M]\xcd\xe2\x17\'\xbf\x04i\xcakbA\xf6\xd2P\xa5H\xf0\xa0B=\x01\x00\x86%\x97\xcb\xbcWo\xf2\xa6', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000540)='\x00', &(0x7f0000001c80)='n', 0x1)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r1)
close(r1)

1.148684927s ago: executing program 3 (id=4106):
r0 = syz_io_uring_setup(0x83a, &(0x7f0000000180)={0x0, 0x2b94, 0x1000, 0x4, 0x3cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002340)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000002140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1000})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

960.973822ms ago: executing program 3 (id=4112):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000000)={r2, @local, @loopback}, 0xc)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@local, @random="fad1e048716e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003680)=""/27, 0x1b}}], 0x39, 0x2, 0x0)

918.233726ms ago: executing program 1 (id=4102):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r2, 0x2f, 0x0, @void}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)

649.029958ms ago: executing program 1 (id=4115):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r1=>0x0)
close(0x3)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r3 = eventfd2(0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r3}])

616.03516ms ago: executing program 6 (id=4104):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r2, 0xfff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x4000}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xa, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x8}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

401.435607ms ago: executing program 5 (id=4113):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
r0 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
io_setup(0x200, &(0x7f0000000140)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0x8008}])

400.889008ms ago: executing program 6 (id=4114):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x303, 0x36}, "0000000000000080", "a14748a65151e96d6d2a01e49419560000000000000000000000004000", "6d40e581", "066580001e00"}, 0x38)

334.724283ms ago: executing program 4 (id=4117):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x54, 0x2c, 0xd27, 0x30bd29, 0x40000002, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{0x7}, {0x7, 0xffffffffffffff5c}}}]}]}]}}]}, 0x54}}, 0x0)

334.362293ms ago: executing program 6 (id=4118):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r1, &(0x7f00000005c0)="f5", 0x1, 0x4000010, &(0x7f0000000800)={0xa, 0x4e23, 0xffffbffc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

286.874317ms ago: executing program 5 (id=4119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_clone(0x64a47400, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x64, 0x0)

277.395198ms ago: executing program 6 (id=4120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xc2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mq_notify(0xffffffffffffffff, 0x0)

273.833158ms ago: executing program 4 (id=4121):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x2, 0x1, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000280)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)='O', 0x1}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0)

245.23909ms ago: executing program 6 (id=4122):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)

197.411734ms ago: executing program 4 (id=4123):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
writev(r0, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
sendmsg$nl_route_sched(r0, 0x0, 0x40000)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0xfe37, 0x0)

165.407727ms ago: executing program 4 (id=4124):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xffffffffffffec25, 0x0, 0x0, 0xffffffffffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x11, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002c000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

126.7223ms ago: executing program 5 (id=4125):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x96, 0x1, 0x0, 0x0, 0x0, 0x1, 0x10002, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
r1 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f00000003c0)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r6, 0x545c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r7}, 0x18)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYRES32=r9, @ANYRESDEC, @ANYBLOB="aacc0dba9e722b99f0c820efcea2a2b84300d93cc3912c573ab5421b0e3bf3b6df14a3a6e8cf13fe22d251f991dccc1cd673843d1765f9cdd52986b6030191ebe0ed5a299691adc01713141e1a0d0e8155b18a22e0a419c74f6b4852543e40462cf6fd67674ccbb7aa060cb52ad042ee2dfb282a03341817466ed2581e4b2e71581906eb0e77d7e5790c019ab7f3209a7b8810819fa8236755a9065f2602a49a55a53b02134ca03829a51ff5277de71c1b724d5b783ddbef085f497e81489e7813bafe3247c359715b7eb83bd222d6f63f557264", @ANYRES32=r8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0a00000001010000ff7f"], 0x50)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000500), 0x111, 0x1}}, 0x12)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r11)

111.708291ms ago: executing program 3 (id=4126):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)
sendto$inet(r1, &(0x7f00000007c0), 0x0, 0x10, 0x0, 0x0)

106.639261ms ago: executing program 4 (id=4127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r2, &(0x7f0000000240)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000340)="00000064c6ee84b46cd2525d13c96b5dbe1a", 0x12}, {&(0x7f0000000000)="1746", 0x2}], 0x2}}], 0x1, 0x0)

26.185568ms ago: executing program 4 (id=4128):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20081e, &(0x7f0000000100), 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==")
r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
fallocate(r2, 0x0, 0xbf5, 0x2000402)

0s ago: executing program 6 (id=4129):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x30)

kernel console output (not intermixed with test programs):

ock = 0, count = 4096
[  102.523965][ T8859] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.548885][ T8854] EXT4-fs (loop4): Remounting filesystem read-only
[  102.555517][ T8854] EXT4-fs (loop4): 1 orphan inode deleted
[  102.561909][ T8854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.578737][ T1711] EXT4-fs (loop4): Quota write (off=3072, len=1024) cancelled because transaction is not started
[  102.586604][ T8859] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.603408][ T8859] Symlink component flag not implemented
[  102.609146][ T8859] Symlink component flag not implemented
[  102.614938][ T8859] Symlink component flag not implemented (7)
[  102.621098][ T8859] Symlink component flag not implemented (116)
[  102.629471][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.631294][ T8872] bridge0: port 3(syz_tun) entered blocking state
[  102.645185][ T8872] bridge0: port 3(syz_tun) entered disabled state
[  102.652085][ T8872] syz_tun: entered allmulticast mode
[  102.658183][ T8872] bridge0: port 3(syz_tun) entered blocking state
[  102.664808][ T8872] bridge0: port 3(syz_tun) entered forwarding state
[  102.715968][ T8881] tipc: Started in network mode
[  102.721197][ T8881] tipc: Node identity , cluster identity 4711
[  102.727443][ T8881] tipc: Failed to obtain node identity
[  102.733000][ T8881] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  102.741872][ T8878] netlink: 'syz.0.2234': attribute type 3 has an invalid length.
[  102.826716][ T8892] loop4: detected capacity change from 0 to 128
[  102.894264][ T8900] loop4: detected capacity change from 0 to 164
[  102.894845][ T8901] delete_channel: no stack
[  102.905567][ T8900] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.920675][ T8900] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.930059][ T8900] Symlink component flag not implemented
[  102.935750][ T8900] Symlink component flag not implemented
[  102.947793][ T8900] Symlink component flag not implemented (7)
[  102.954082][ T8900] Symlink component flag not implemented (116)
[  102.974352][ T8906] 9pnet_fd: Insufficient options for proto=fd
[  103.004588][ T8909] loop4: detected capacity change from 0 to 2048
[  103.022194][ T8909] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.034928][ T8909] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.062891][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.085533][ T8920] loop4: detected capacity change from 0 to 512
[  103.092328][ T8920] EXT4-fs: Ignoring removed nobh option
[  103.119682][ T8920] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.132898][ T8920] ext4 filesystem being mounted at /475/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.156286][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.448921][ T8928] loop3: detected capacity change from 0 to 128
[  103.811551][ T8962] loop3: detected capacity change from 0 to 512
[  103.831527][ T8962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.844362][ T8962] ext4 filesystem being mounted at /399/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.871761][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.033387][ T8984] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  104.136779][ T8994] lo speed is unknown, defaulting to 1000
[  104.443082][ T9018] loop4: detected capacity change from 0 to 512
[  104.467073][ T9018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.480778][ T9018] ext4 filesystem being mounted at /483/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.507431][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.182942][ T9101] netlink: 'syz.3.2319': attribute type 1 has an invalid length.
[  105.546730][ T9163] sd 0:0:1:0: device reset
[  105.702936][ T9181] netlink: 'syz.0.2357': attribute type 21 has an invalid length.
[  105.922195][ T9204] loop2: detected capacity change from 0 to 1024
[  105.937436][ T9204] EXT4-fs: Ignoring removed mblk_io_submit option
[  105.944356][ T9204] EXT4-fs: Ignoring removed bh option
[  105.963885][ T9204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.009271][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.038913][   T29] kauditd_printk_skb: 1270 callbacks suppressed
[  106.038927][   T29] audit: type=1326 audit(1755705677.924:11744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.075709][   T29] audit: type=1326 audit(1755705677.954:11745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.099492][   T29] audit: type=1326 audit(1755705677.954:11746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.123395][   T29] audit: type=1400 audit(1755705677.954:11747): avc:  denied  { open } for  pid=9221 comm="syz.3.2375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  106.142778][   T29] audit: type=1400 audit(1755705677.954:11748): avc:  denied  { kernel } for  pid=9221 comm="syz.3.2375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  106.162639][   T29] audit: type=1326 audit(1755705677.954:11749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.186370][   T29] audit: type=1326 audit(1755705677.954:11750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.210037][   T29] audit: type=1326 audit(1755705677.954:11751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.233962][   T29] audit: type=1326 audit(1755705677.954:11752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.258452][   T29] audit: type=1326 audit(1755705677.954:11753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9221 comm="syz.3.2375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d6916ebe9 code=0x7ffc0000
[  106.288009][ T9235] tap0: tun_chr_ioctl cmd 1074025675
[  106.293427][ T9235] tap0: persist enabled
[  106.297968][ T9235] tap0: tun_chr_ioctl cmd 1074025675
[  106.304158][ T9235] tap0: persist disabled
[  106.555795][ T9245] __nla_validate_parse: 8 callbacks suppressed
[  106.555809][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2386'.
[  106.960513][ T9287] loop3: detected capacity change from 0 to 128
[  106.973505][ T9287] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  106.981585][ T9287] FAT-fs (loop3): Filesystem has been set read-only
[  106.989823][ T9287] bio_check_eod: 21 callbacks suppressed
[  106.989902][ T9287] syz.3.2404: attempt to access beyond end of device
[  106.989902][ T9287] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  107.010300][ T9287] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  107.018409][ T9287] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  107.027356][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.027356][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.052447][ T9290] netlink: 'syz.1.2405': attribute type 21 has an invalid length.
[  107.057925][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.057925][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.074011][ T9290] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2405'.
[  107.096458][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.096458][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.110920][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.110920][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.124578][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.124578][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.139384][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.139384][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.160212][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.160212][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.177393][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.177393][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.196980][ T9287] syz.3.2404: attempt to access beyond end of device
[  107.196980][ T9287] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  107.276697][ T9309] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2414'.
[  107.525594][ T9318] netlink: 'syz.2.2418': attribute type 6 has an invalid length.
[  107.621129][ T9329] block device autoloading is deprecated and will be removed.
[  107.668069][ T9334] loop4: detected capacity change from 0 to 512
[  107.676716][ T9334] EXT4-fs (loop4): orphan cleanup on readonly fs
[  107.683943][ T9334] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2427: bg 0: block 248: padding at end of block bitmap is not set
[  107.699921][ T9334] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.2427: Failed to acquire dquot type 1
[  107.712136][ T9334] EXT4-fs (loop4): 1 truncate cleaned up
[  107.719813][ T9334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  107.734030][ T9334] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  107.744721][ T9334] EXT4-fs warning (device loop4): read_mmp_block:115: Error -117 while reading MMP block 0
[  107.767181][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.830702][ T9343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  107.839573][ T9343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.390570][ T9364] SELinux:  Context Ü is not valid (left unmapped).
[  108.429258][ T9369] loop0: detected capacity change from 0 to 128
[  108.729930][ T3627] kernel write not supported for file /1136/clear_refs (pid: 3627 comm: kworker/0:5)
[  108.784686][ T9384] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2447'.
[  109.225219][ T9429] SELinux: failed to load policy
[  109.228867][ T9432] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2471'.
[  109.239407][ T9432] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2471'.
[  109.252196][ T9432] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2471'.
[  109.262085][ T9432] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2471'.
[  109.271426][ T9432] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2471'.
[  109.306540][ T9436] loop2: detected capacity change from 0 to 1024
[  109.332559][ T9436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  109.345205][ T9436] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.431137][ T9450] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  109.449692][ T9450] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 52 with error 28
[  109.462241][ T9450] EXT4-fs (loop2): This should not happen!! Data will be lost
[  109.462241][ T9450] 
[  109.472341][ T9450] EXT4-fs (loop2): Total free blocks count 0
[  109.478819][ T9450] EXT4-fs (loop2): Free/Dirty block details
[  109.484765][ T9450] EXT4-fs (loop2): free_blocks=4293918720
[  109.490527][ T9450] EXT4-fs (loop2): dirty_blocks=3888
[  109.496176][ T9450] EXT4-fs (loop2): Block reservation details
[  109.502343][ T9450] EXT4-fs (loop2): i_reserved_data_blocks=274
[  109.771488][   T51] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm kworker/u8:3: lblock 0 mapped to illegal pblock 0 (length 6)
[  109.786211][   T51] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  109.800605][   T51] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:3: lblock 8 mapped to illegal pblock 8 (length 8)
[  110.599164][ T9553] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2527'.
[  110.632674][ T9556] netlink: 'syz.1.2534': attribute type 1 has an invalid length.
[  110.640498][ T9556] netlink: 'syz.1.2534': attribute type 2 has an invalid length.
[  110.693367][ T9568] loop4: detected capacity change from 0 to 512
[  110.714282][ T9568] EXT4-fs (loop4): 1 truncate cleaned up
[  110.722441][ T9568] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.767155][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.940069][ T9600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.952167][ T9600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.098002][ T9613] loop4: detected capacity change from 0 to 8192
[  111.321453][   T29] kauditd_printk_skb: 1017 callbacks suppressed
[  111.321471][   T29] audit: type=1326 audit(1755705683.204:12769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.351986][   T29] audit: type=1326 audit(1755705683.204:12770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.376309][   T29] audit: type=1326 audit(1755705683.204:12771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.400677][   T29] audit: type=1326 audit(1755705683.204:12772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.424544][   T29] audit: type=1326 audit(1755705683.204:12773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.448044][   T29] audit: type=1326 audit(1755705683.204:12774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.473042][   T29] audit: type=1326 audit(1755705683.204:12775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.497600][   T29] audit: type=1326 audit(1755705683.204:12776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.523335][   T29] audit: type=1326 audit(1755705683.204:12777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.547554][   T29] audit: type=1326 audit(1755705683.204:12778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9641 comm="syz.4.2568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  111.575957][ T9648] __nla_validate_parse: 1 callbacks suppressed
[  111.575971][ T9648] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2571'.
[  111.592455][ T9648] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2571'.
[  111.687384][ T9662] netlink: 'syz.0.2579': attribute type 12 has an invalid length.
[  111.695780][ T9662] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2579'.
[  111.741392][ T9670] loop0: detected capacity change from 0 to 512
[  111.758343][ T9670] EXT4-fs (loop0): 1 truncate cleaned up
[  111.784341][ T9670] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.811150][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.840812][ T9675] openvswitch: netlink: Message has 6 unknown bytes.
[  112.044250][ T9703] netlink: 276 bytes leftover after parsing attributes in process `syz.0.2596'.
[  112.080698][ T9703] netlink: 276 bytes leftover after parsing attributes in process `syz.0.2596'.
[  112.149795][ T9720] IPv6: Can't replace route, no match found
[  112.229381][ T9734] netlink: 'syz.0.2611': attribute type 10 has an invalid length.
[  112.307347][ T9746] loop3: detected capacity change from 0 to 128
[  112.434098][ T9760] loop0: detected capacity change from 0 to 256
[  112.475497][ T9758] loop3: detected capacity change from 0 to 8192
[  112.601261][ T9772] netlink: 272 bytes leftover after parsing attributes in process `syz.4.2630'.
[  112.683429][ T9786] loop4: detected capacity change from 0 to 512
[  112.722411][ T9786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.724622][ T9796] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2640'.
[  112.736527][ T9786] ext4 filesystem being mounted at /548/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.775814][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.836135][ T9803] ipvlan2: entered promiscuous mode
[  112.844044][ T9803] bridge0: port 4(ipvlan2) entered blocking state
[  112.850802][ T9803] bridge0: port 4(ipvlan2) entered disabled state
[  112.858782][ T9803] ipvlan2: entered allmulticast mode
[  112.864219][ T9803] bridge0: entered allmulticast mode
[  112.871297][ T9803] ipvlan2: left allmulticast mode
[  112.876469][ T9803] bridge0: left allmulticast mode
[  112.954850][ T9822] netlink: 664 bytes leftover after parsing attributes in process `syz.0.2650'.
[  113.344746][ T9871] ip6tnl2: entered promiscuous mode
[  113.350172][ T9871] ip6tnl2: entered allmulticast mode
[  113.467416][ T9892] lo speed is unknown, defaulting to 1000
[  113.680383][ T9911] netlink: 'syz.3.2693': attribute type 10 has an invalid length.
[  113.707239][ T9911] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.734904][ T9911] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  114.016441][ T9949] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2709'.
[  114.326361][ T9974] loop9: detected capacity change from 0 to 7
[  114.332713][ T9974] buffer_io_error: 6 callbacks suppressed
[  114.332803][ T9974] Buffer I/O error on dev loop9, logical block 0, async page read
[  114.346737][ T9974] Buffer I/O error on dev loop9, logical block 0, async page read
[  114.354679][ T9974]  loop9: unable to read partition table
[  114.360448][ T9974] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  114.360448][ T9974] 
) failed (rc=-5)
[  114.391080][ T9976] 9pnet: p9_errstr2errno: server reported unknown error êW~uå½ÚZ²ù‰z&4‹�
[  114.468397][ T9978] lo speed is unknown, defaulting to 1000
[  115.097467][T10006] loop3: detected capacity change from 0 to 164
[  115.102833][T10008] netlink: 'syz.4.2731': attribute type 21 has an invalid length.
[  115.112130][T10008] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2731'.
[  115.112668][T10006] Unable to read rock-ridge attributes
[  115.166639][T10012] loop3: detected capacity change from 0 to 4096
[  115.183481][T10012] loop3: detected capacity change from 0 to 512
[  115.191676][T10012] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2733: iget: bad extended attribute block 1
[  115.204409][T10012] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2733: couldn't read orphan inode 15 (err -117)
[  115.217267][T10012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.240559][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.626446][T10033] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  116.177310][T10054] loop2: detected capacity change from 0 to 512
[  116.192071][T10054] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.206251][T10054] ext4 filesystem being mounted at /503/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.243950][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.332891][   T29] kauditd_printk_skb: 1049 callbacks suppressed
[  116.332980][   T29] audit: type=1326 audit(1755705688.214:13828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.363071][   T29] audit: type=1326 audit(1755705688.214:13829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.386906][   T29] audit: type=1326 audit(1755705688.214:13830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.410589][   T29] audit: type=1326 audit(1755705688.214:13831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.434242][   T29] audit: type=1326 audit(1755705688.214:13832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.457948][   T29] audit: type=1326 audit(1755705688.214:13833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.481824][   T29] audit: type=1326 audit(1755705688.214:13834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.505954][   T29] audit: type=1326 audit(1755705688.214:13835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.529765][   T29] audit: type=1326 audit(1755705688.214:13836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  116.553404][   T29] audit: type=1326 audit(1755705688.214:13837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10065 comm="syz.2.2756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  117.050705][T10103] loop3: detected capacity change from 0 to 1024
[  117.058660][T10103] EXT4-fs: Ignoring removed bh option
[  117.084322][T10103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.117423][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.167574][T10111] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2782'.
[  117.178083][T10111] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  117.189551][T10111] bridge0: port 3(syz_tun) entered disabled state
[  117.196249][T10111] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.203570][T10111] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.311284][T10129] loop2: detected capacity change from 0 to 4096
[  117.330292][T10129] loop2: detected capacity change from 0 to 512
[  117.339250][T10129] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2781: iget: bad extended attribute block 1
[  117.351969][T10129] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2781: couldn't read orphan inode 15 (err -117)
[  117.364636][T10129] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.389187][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.406438][T10135] loop2: detected capacity change from 0 to 128
[  117.420166][T10135] bio_check_eod: 16187 callbacks suppressed
[  117.420181][T10135] syz.2.2783: attempt to access beyond end of device
[  117.420181][T10135] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  117.599162][T10144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2786'.
[  117.608198][T10144] IPVS: Error joining to the multicast group
[  117.851010][T10173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2800'.
[  117.925001][T10180] loop0: detected capacity change from 0 to 164
[  117.935504][T10180] rock: directory entry would overflow storage
[  117.942038][T10180] rock: sig=0x66, size=4, remaining=3
[  118.545539][T10229] loop3: detected capacity change from 0 to 128
[  118.555178][T10232] netlink: 830 bytes leftover after parsing attributes in process `syz.4.2824'.
[  118.574729][T10233] ip6gretap0: entered promiscuous mode
[  118.585027][T10235] loop4: detected capacity change from 0 to 512
[  118.592354][T10233] ip6gretap0: left promiscuous mode
[  118.621410][T10235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.635129][T10235] ext4 filesystem being mounted at /581/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  118.676065][T10235] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.2825: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  118.697226][T10235] EXT4-fs (loop4): Remounting filesystem read-only
[  118.726640][T10246] loop3: detected capacity change from 0 to 512
[  118.734958][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.749883][T10246] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.2831: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  118.781602][T10246] EXT4-fs error (device loop3): ext4_quota_enable:7131: comm syz.3.2831: Bad quota inode: 3, type: 0
[  118.792969][T10246] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  118.809217][T10246] EXT4-fs (loop3): mount failed
[  118.844132][T10258] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2837'.
[  118.855604][T10258] IPVS: Error joining to the multicast group
[  118.949018][T10269] ip6gretap0: entered promiscuous mode
[  118.956031][T10269] ip6gretap0: left promiscuous mode
[  119.043834][T10279] loop0: detected capacity change from 0 to 512
[  119.071199][T10279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.084626][T10286] loop4: detected capacity change from 0 to 1024
[  119.085315][T10279] ext4 filesystem being mounted at /600/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.100875][T10286] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.107064][T10279] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.2844: corrupted inode contents
[  119.136950][T10286] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.2846: Allocating blocks 449-513 which overlap fs metadata
[  119.159449][T10279] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.2844: mark_inode_dirty error
[  119.160318][T10283] EXT4-fs (loop4): pa ffff88810072d7e0: logic 48, phys. 177, len 21
[  119.173454][T10279] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.2844: corrupted inode contents
[  119.179152][T10283] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  119.192876][T10279] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.2844: mark_inode_dirty error
[  119.214869][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.246853][T10293] loop4: detected capacity change from 0 to 512
[  119.254345][T10293] EXT4-fs: Ignoring removed nobh option
[  119.256517][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.280584][T10293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.284429][T10299] loop0: detected capacity change from 0 to 512
[  119.293527][T10293] ext4 filesystem being mounted at /587/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  119.311153][T10299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.318734][T10293] EXT4-fs error (device loop4): ext4_find_dest_de:2052: inode #2: block 3: comm syz.4.2847: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[  119.325512][T10299] ext4 filesystem being mounted at /601/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.367089][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.398574][T10299] loop0: detected capacity change from 512 to 64
[  119.405920][T10299] syz.0.2848: attempt to access beyond end of device
[  119.405920][T10299] loop0: rw=2051, sector=104, nr_sectors = 408 limit=64
[  119.430543][ T3303] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Out of memory
[  119.439986][ T3303] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error
[  119.520268][T10313] netlink: 'syz.4.2856': attribute type 10 has an invalid length.
[  119.521796][ T6516] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.542078][T10313] team0: Port device dummy0 added
[  119.550569][T10313] netlink: 'syz.4.2856': attribute type 10 has an invalid length.
[  119.569269][T10313] team0: Port device dummy0 removed
[  119.577817][T10313] .`: (slave dummy0): Enslaving as an active interface with an up link
[  119.785229][  T113] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.835300][  T113] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.866937][T10321] loop2: detected capacity change from 0 to 1024
[  119.887497][T10325] netlink: 'syz.4.2863': attribute type 2 has an invalid length.
[  119.895970][T10325] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2863'.
[  119.912827][T10321] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.929660][  T113] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.931423][T10321] ext4 filesystem being mounted at /522/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.969649][T10336] netlink: 'syz.3.2866': attribute type 13 has an invalid length.
[  119.977564][T10336] netlink: 'syz.3.2866': attribute type 17 has an invalid length.
[  119.987200][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.997590][T10334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2865'.
[  120.009267][  T113] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.020792][T10334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2865'.
[  120.038735][T10334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2865'.
[  120.048307][T10334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2865'.
[  120.073292][T10341] loop2: detected capacity change from 0 to 2048
[  120.101657][  T113] bridge_slave_1: left allmulticast mode
[  120.107468][  T113] bridge_slave_1: left promiscuous mode
[  120.113429][  T113] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.122745][  T113] bridge_slave_0: left allmulticast mode
[  120.128453][  T113] bridge_slave_0: left promiscuous mode
[  120.134380][  T113] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.138270][T10341] Alternate GPT is invalid, using primary GPT.
[  120.148327][T10341]  loop2: p2 p3 p7
[  120.203272][T10354] loop2: detected capacity change from 0 to 512
[  120.211850][T10354] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  120.241208][T10354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.259337][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  120.282725][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 12: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  120.282945][  T113] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  120.315647][  T113] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  120.325674][  T113] bond0 (unregistering): Released all slaves
[  120.338330][T10323] lo speed is unknown, defaulting to 1000
[  120.399016][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  120.434169][  T113] hsr_slave_0: left promiscuous mode
[  120.441674][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 14: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  120.462429][  T113] hsr_slave_1: left promiscuous mode
[  120.468380][  T113] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.475888][  T113] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.484598][  T113] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.492127][  T113] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.505826][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 15: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  120.535782][  T113] veth1_macvtap: left promiscuous mode
[  120.541473][  T113] veth0_macvtap: left promiscuous mode
[  120.547264][  T113] veth1_vlan: left promiscuous mode
[  120.552759][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 16: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  120.574348][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 17: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  120.595868][T10354] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 18: comm syz.2.2871: lblock 23 mapped to illegal pblock 18 (length 1)
[  120.611217][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 19: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  120.633418][T10354] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 20: comm syz.2.2871: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  120.729863][  T113] team0 (unregistering): Port device team_slave_1 removed
[  120.750376][  T113] team0 (unregistering): Port device team_slave_0 removed
[  120.870118][T10371] ip6gretap0: entered promiscuous mode
[  120.878073][T10371] ip6gretap0: left promiscuous mode
[  120.895249][T10323] chnl_net:caif_netlink_parms(): no params data found
[  120.949939][T10323] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.957134][T10323] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.964728][T10323] bridge_slave_0: entered allmulticast mode
[  120.971993][T10323] bridge_slave_0: entered promiscuous mode
[  120.979396][T10323] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.986577][T10323] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.011783][T10323] bridge_slave_1: entered allmulticast mode
[  121.018463][T10323] bridge_slave_1: entered promiscuous mode
[  121.067497][T10323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.077217][ T3312] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  121.079941][T10323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.096275][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.124544][T10323] team0: Port device team_slave_0 added
[  121.127424][T10381] loop2: detected capacity change from 0 to 1024
[  121.132036][T10323] team0: Port device team_slave_1 added
[  121.150861][T10381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  121.164573][T10381] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.176254][T10323] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.177192][T10381] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  121.183445][T10323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.198471][T10381] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  121.224177][T10323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.236785][T10381] EXT4-fs (loop2): This should not happen!! Data will be lost
[  121.236785][T10381] 
[  121.236806][T10381] EXT4-fs (loop2): Total free blocks count 0
[  121.236818][T10381] EXT4-fs (loop2): Free/Dirty block details
[  121.236831][T10381] EXT4-fs (loop2): free_blocks=4293918720
[  121.236843][T10381] EXT4-fs (loop2): dirty_blocks=16
[  121.236854][T10381] EXT4-fs (loop2): Block reservation details
[  121.236865][T10381] EXT4-fs (loop2): i_reserved_data_blocks=1
[  121.293365][T10384] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.2878: Freeing blocks not in datazone - block = 0, count = 16
[  121.309695][T10323] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.316725][T10323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.342861][T10323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.361131][  T113] IPVS: stop unused estimator thread 0...
[  121.374542][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  121.387075][T10323] hsr_slave_0: entered promiscuous mode
[  121.394213][T10323] hsr_slave_1: entered promiscuous mode
[  121.402449][T10323] debugfs: 'hsr0' already exists in 'hsr'
[  121.408208][T10323] Cannot create hsr debugfs directory
[  121.444959][T10388] loop4: detected capacity change from 0 to 1024
[  121.453818][T10388] EXT4-fs: Ignoring removed nobh option
[  121.460045][T10388] EXT4-fs: Ignoring removed bh option
[  121.475344][T10388] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.526694][   T29] kauditd_printk_skb: 549 callbacks suppressed
[  121.526711][   T29] audit: type=1400 audit(1755705693.404:14387): avc:  denied  { connect } for  pid=10398 comm="syz.2.2884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  121.567189][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.593169][T10323] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  121.607527][T10323] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  121.612122][   T29] audit: type=1326 audit(1755705693.484:14388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.637979][   T29] audit: type=1326 audit(1755705693.484:14389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.661745][   T29] audit: type=1326 audit(1755705693.484:14390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.685505][   T29] audit: type=1326 audit(1755705693.484:14391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.708952][   T29] audit: type=1326 audit(1755705693.484:14392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.732804][   T29] audit: type=1326 audit(1755705693.484:14393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.756902][   T29] audit: type=1326 audit(1755705693.484:14394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.780684][   T29] audit: type=1326 audit(1755705693.484:14395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.804672][   T29] audit: type=1326 audit(1755705693.484:14396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10402 comm="syz.2.2887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2c175ebe9 code=0x7ffc0000
[  121.831162][T10323] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  121.844807][T10323] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  121.890817][T10323] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.905678][T10323] 8021q: adding VLAN 0 to HW filter on device team0
[  121.925835][  T113] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.933322][  T113] bridge0: port 1(bridge_slave_0) entered forwarding state
[  121.971645][  T113] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.978846][  T113] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.000371][T10323] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  122.010901][T10323] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  122.092541][T10323] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.144813][T10411] loop3: detected capacity change from 0 to 32768
[  122.189391][T10411]  loop3: p1 p2 p3 < p5 p6 >
[  122.194826][T10411] loop3: p2 size 16775168 extends beyond EOD, truncated
[  122.205814][T10411] loop3: p5 start 4294970168 is beyond EOD, truncated
[  122.264705][T10323] veth0_vlan: entered promiscuous mode
[  122.274842][T10323] veth1_vlan: entered promiscuous mode
[  122.297203][T10323] veth0_macvtap: entered promiscuous mode
[  122.307009][T10323] veth1_macvtap: entered promiscuous mode
[  122.344297][T10323] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.357215][T10323] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.371551][ T1711] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.395547][ T1711] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.410564][ T1711] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.425070][ T1711] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.516497][T10473] loop3: detected capacity change from 0 to 2048
[  122.558946][T10473]  loop3: p1 < > p4
[  122.565351][T10473] loop3: p4 size 8388608 extends beyond EOD, truncated
[  122.570602][T10479] loop5: detected capacity change from 0 to 512
[  122.610327][T10479] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.632083][T10487] loop4: detected capacity change from 0 to 512
[  122.639189][T10479] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  122.653410][T10487] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  122.666650][T10479] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.2909: corrupted inode contents
[  122.686593][T10479] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #2: comm syz.5.2909: mark_inode_dirty error
[  122.698010][T10490] loop3: detected capacity change from 0 to 1024
[  122.705682][T10479] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #2: comm syz.5.2909: corrupted inode contents
[  122.707342][T10487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.718851][T10479] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.2909: mark_inode_dirty error
[  122.743576][T10490] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  122.745421][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  122.756936][T10490] ext4 filesystem being mounted at /523/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.787887][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 12: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  122.810807][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 13: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  122.810811][T10323] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.834244][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 14: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  122.843467][T10490] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  122.864253][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 15: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  122.898194][T10490] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  122.910878][T10490] EXT4-fs (loop3): This should not happen!! Data will be lost
[  122.910878][T10490] 
[  122.920559][T10490] EXT4-fs (loop3): Total free blocks count 0
[  122.926663][T10490] EXT4-fs (loop3): Free/Dirty block details
[  122.932611][T10490] EXT4-fs (loop3): free_blocks=4293918720
[  122.938353][T10490] EXT4-fs (loop3): dirty_blocks=16
[  122.943584][T10490] EXT4-fs (loop3): Block reservation details
[  122.949609][T10490] EXT4-fs (loop3): i_reserved_data_blocks=1
[  122.955740][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 16: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  122.956613][T10497] EXT4-fs error (device loop3): ext4_free_blocks:6696: comm syz.3.2923: Freeing blocks not in datazone - block = 0, count = 16
[  122.978634][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 17: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  123.011742][T10487] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 18: comm syz.4.2913: lblock 23 mapped to illegal pblock 18 (length 1)
[  123.044786][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 19: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  123.066818][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  123.084200][T10487] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 20: comm syz.4.2913: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0
[  123.112000][T10501] lo speed is unknown, defaulting to 1000
[  123.180473][T10507] loop2: detected capacity change from 0 to 1024
[  123.211357][T10507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.297239][T10507] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2918: Allocating blocks 449-513 which overlap fs metadata
[  123.354027][T10506] EXT4-fs (loop2): pa ffff88810072d770: logic 48, phys. 177, len 21
[  123.362223][T10506] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 4
[  123.409030][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.512878][T10522] netlink: 'syz.2.2921': attribute type 1 has an invalid length.
[  123.520831][T10522] __nla_validate_parse: 4 callbacks suppressed
[  123.520845][T10522] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.2921'.
[  123.562085][ T3305] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  123.581609][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.633641][T10531] loop5: detected capacity change from 0 to 1024
[  123.646049][T10531] EXT4-fs: Ignoring removed nobh option
[  123.654138][T10531] EXT4-fs: Ignoring removed bh option
[  123.671468][T10531] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.701951][T10323] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.863433][T10551] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2932'.
[  123.887350][T10554] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2936'.
[  123.897299][T10554] netlink: 'syz.5.2936': attribute type 1 has an invalid length.
[  123.905155][T10554] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2936'.
[  124.020332][T10560] loop5: detected capacity change from 0 to 1024
[  124.043955][T10560] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  124.056490][T10560] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.073211][T10560] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  124.089484][T10560] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  124.101942][T10560] EXT4-fs (loop5): This should not happen!! Data will be lost
[  124.101942][T10560] 
[  124.111698][T10560] EXT4-fs (loop5): Total free blocks count 0
[  124.117725][T10560] EXT4-fs (loop5): Free/Dirty block details
[  124.123668][T10560] EXT4-fs (loop5): free_blocks=4293918720
[  124.129440][T10560] EXT4-fs (loop5): dirty_blocks=16
[  124.134582][T10560] EXT4-fs (loop5): Block reservation details
[  124.140644][T10560] EXT4-fs (loop5): i_reserved_data_blocks=1
[  124.162234][T10564] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.2938: Freeing blocks not in datazone - block = 0, count = 16
[  124.214116][T10323] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  124.319536][T10572] lo speed is unknown, defaulting to 1000
[  124.338852][T10575] loop5: detected capacity change from 0 to 1024
[  124.357015][T10575] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.430730][ T1917] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm kworker/u8:8: lblock 0 mapped to illegal pblock 0 (length 1)
[  124.459683][ T1917] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  124.472188][ T1917] EXT4-fs (loop5): This should not happen!! Data will be lost
[  124.472188][ T1917] 
[  124.523483][T10592] vcan0: tx drop: invalid sa for name 0x0000000000000004
[  124.727162][T10623] netlink: 'syz.4.2963': attribute type 1 has an invalid length.
[  124.735234][T10623] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.2963'.
[  124.842815][T10633] loop4: detected capacity change from 0 to 1024
[  124.854053][T10633] EXT4-fs: Ignoring removed nobh option
[  124.861015][T10633] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  124.872966][T10633] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.2967: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  124.892746][T10633] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2967: couldn't read orphan inode 11 (err -117)
[  126.667515][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881188ecc00: rx timeout, send abort
[  126.675794][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881188eca00: rx timeout, send abort
[  126.684081][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881188ecc00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  126.698538][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881188eca00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  126.745537][T10675] loop4: detected capacity change from 0 to 1024
[  126.790539][T10675] ext4 filesystem being mounted at /616/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.860138][   T12] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm kworker/u8:0: lblock 0 mapped to illegal pblock 0 (length 1)
[  126.890640][T10695] loop3: detected capacity change from 0 to 4096
[  126.901231][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  126.913840][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  126.913840][   T12] 
[  126.977559][T10712] loop4: detected capacity change from 0 to 512
[  126.991320][T10712] ext4 filesystem being mounted at /618/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  127.076686][T10718] lo speed is unknown, defaulting to 1000
[  127.101635][   T29] kauditd_printk_skb: 329 callbacks suppressed
[  127.101654][   T29] audit: type=1326 audit(1755705698.984:14726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.135432][   T29] audit: type=1326 audit(1755705698.984:14727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.159229][   T29] audit: type=1326 audit(1755705698.984:14728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.187138][T10733] vcan0: tx drop: invalid da for name 0x0000000000080000
[  127.194663][   T29] audit: type=1326 audit(1755705699.064:14729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.218640][   T29] audit: type=1326 audit(1755705699.064:14730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.270884][   T29] audit: type=1326 audit(1755705699.074:14731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.294940][   T29] audit: type=1326 audit(1755705699.074:14732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.318900][   T29] audit: type=1326 audit(1755705699.074:14733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.329967][T10740] loop4: detected capacity change from 0 to 1024
[  127.342861][   T29] audit: type=1326 audit(1755705699.074:14734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  127.373973][   T29] audit: type=1326 audit(1755705699.074:14735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10728 comm="syz.5.3011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7cb5b4ec23 code=0x7ffc0000
[  127.424555][T10740] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  127.550212][T10759] loop4: detected capacity change from 0 to 136
[  127.563961][T10759] Symlink component flag not implemented
[  127.574371][T10759] Symlink component flag not implemented (108)
[  127.844796][T10768] loop3: detected capacity change from 0 to 256
[  127.851647][T10768] vfat: Bad value for 'uni_xlate'
[  128.040530][T10787] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3035'.
[  128.042602][T10789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3036'.
[  128.060457][T10789] IPVS: Error joining to the multicast group
[  128.152533][T10802] loop3: detected capacity change from 0 to 512
[  128.181014][T10802] ext4 filesystem being mounted at /549/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.455882][T10814] loop2: detected capacity change from 0 to 1024
[  128.467376][T10814] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  128.589534][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119945400: rx timeout, send abort
[  128.597984][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119945800: rx timeout, send abort
[  128.606669][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119945400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  128.621001][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119945800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  128.676987][T10823] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  128.719088][T10826] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3048'.
[  128.728147][T10826] netlink: 'syz.1.3048': attribute type 15 has an invalid length.
[  128.736093][T10826] netlink: 'syz.1.3048': attribute type 18 has an invalid length.
[  128.747077][T10826] vxlan0: entered promiscuous mode
[  128.754162][ T1711] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  128.763410][ T1711] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  128.773000][ T1711] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  128.781856][ T1711] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  128.793194][T10829] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3051'.
[  128.802766][T10829] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  128.810473][T10829] 0ªî{X¹¦: entered allmulticast mode
[  128.816450][T10829] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  129.125162][T10849] loop5: detected capacity change from 0 to 1024
[  129.132080][T10849] EXT4-fs: Ignoring removed bh option
[  129.138613][T10849] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  129.149948][T10849] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  129.160176][T10849] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.3060: lblock 2 mapped to illegal pblock 2 (length 1)
[  129.174654][T10849] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3060: lblock 0 mapped to illegal pblock 48 (length 1)
[  129.189717][T10849] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.3060: Failed to acquire dquot type 0
[  129.202760][T10849] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  129.212324][T10849] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.3060: mark_inode_dirty error
[  129.224550][T10849] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  129.235086][T10849] EXT4-fs (loop5): 1 orphan inode deleted
[  129.248219][ T1917] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  129.265049][ T1917] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 0
[  129.279785][T10849] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.3060: lblock 0 mapped to illegal pblock 48 (length 1)
[  129.344219][T10855] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3063'.
[  129.437110][T10869] loop3: detected capacity change from 0 to 1024
[  129.449396][T10869] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  129.618739][T10894] loop2: detected capacity change from 0 to 7
[  129.642004][T10896] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3081'.
[  129.750019][T10908] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3087'.
[  129.762609][T10912] netlink: 'syz.5.3088': attribute type 10 has an invalid length.
[  129.773357][T10912] team0: Device hsr_slave_0 failed to register rx_handler
[  129.829549][T10922] netlink: 'syz.2.3093': attribute type 21 has an invalid length.
[  129.844011][T10925] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3094'.
[  129.924730][T10937] macvtap0: refused to change device tx_queue_len
[  129.971913][T10943] loop5: detected capacity change from 0 to 512
[  129.981033][T10943] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  130.001596][T10943] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.043226][T10953] loop4: detected capacity change from 0 to 128
[  130.050304][T10953] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  130.064116][T10953] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.111999][T10957] loop2: detected capacity change from 0 to 7
[  130.176595][T10971] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3116'.
[  130.213205][T10977] loop2: detected capacity change from 0 to 128
[  130.220939][T10977] vfat: Unknown parameter '@
'
[  130.242720][T10979] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3121'.
[  130.244393][T10981] loop2: detected capacity change from 0 to 128
[  130.258859][T10981] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  130.271885][T10981] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  130.445063][T10993] loop3: detected capacity change from 0 to 1024
[  130.452158][T10993] EXT4-fs: Ignoring removed bh option
[  130.464712][T10993] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  130.475929][T10993] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  130.485894][T10993] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3125: lblock 2 mapped to illegal pblock 2 (length 1)
[  130.500420][T10993] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3125: lblock 0 mapped to illegal pblock 48 (length 1)
[  130.515164][T10993] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3125: Failed to acquire dquot type 0
[  130.527213][T10993] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  130.550623][T10993] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3125: mark_inode_dirty error
[  130.564249][T10993] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  130.575171][T10993] EXT4-fs (loop3): 1 orphan inode deleted
[  130.593209][  T113] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  130.612016][  T113] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 0
[  130.629097][T10993] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3125: lblock 0 mapped to illegal pblock 48 (length 1)
[  131.010015][T11029] loop3: detected capacity change from 0 to 128
[  131.016991][T11029] FAT-fs (loop3): bogus sectors per cluster 7
[  131.023315][T11029] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; no bootstrapping code
[  131.032493][T11029] FAT-fs (loop3): Can't find a valid FAT filesystem
[  131.402200][ T3312] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  131.413274][ T3312] CPU: 0 UID: 0 PID: 3312 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  131.413314][ T3312] Tainted: [W]=WARN
[  131.413322][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  131.413336][ T3312] Call Trace:
[  131.413346][ T3312]  <TASK>
[  131.413355][ T3312]  __dump_stack+0x1d/0x30
[  131.413388][ T3312]  dump_stack_lvl+0xe8/0x140
[  131.413413][ T3312]  dump_stack+0x15/0x1b
[  131.413492][ T3312]  dump_header+0x81/0x220
[  131.413547][ T3312]  oom_kill_process+0x342/0x400
[  131.413656][ T3312]  out_of_memory+0x979/0xb80
[  131.413707][ T3312]  try_charge_memcg+0x5e6/0x9e0
[  131.413741][ T3312]  charge_memcg+0x51/0xc0
[  131.413759][ T3312]  __mem_cgroup_charge+0x28/0xb0
[  131.413778][ T3312]  filemap_add_folio+0x4e/0x1b0
[  131.413913][ T3312]  __filemap_get_folio+0x31e/0x6b0
[  131.414033][ T3312]  filemap_fault+0x41f/0xb40
[  131.414065][ T3312]  __do_fault+0xbc/0x200
[  131.414095][ T3312]  handle_mm_fault+0xf78/0x2c20
[  131.414230][ T3312]  do_user_addr_fault+0x636/0x1090
[  131.414266][ T3312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  131.414299][ T3312]  exc_page_fault+0x62/0xa0
[  131.414350][ T3312]  asm_exc_page_fault+0x26/0x30
[  131.414376][ T3312] RIP: 0033:0x7fb2c1635c24
[  131.414402][ T3312] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 78 fb e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 89 fa e7 00 48 01 d1
[  131.414423][ T3312] RSP: 002b:00007fff79a1a310 EFLAGS: 00010206
[  131.414444][ T3312] RAX: 0000001b33024000 RBX: 000000000000050e RCX: 000000000001ffb8
[  131.414458][ T3312] RDX: 0000000005b33655 RSI: 00007fff79a1a3a0 RDI: 0000000000000001
[  131.414545][ T3312] RBP: 00007fff79a1a34c R08: 0000000015be73f4 R09: 7fffffffffffffff
[  131.414557][ T3312] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  131.414569][ T3312] R13: 00000000000927c0 R14: 000000000001fe69 R15: 00007fff79a1a3a0
[  131.414641][ T3312]  </TASK>
[  131.414649][ T3312] memory: usage 307200kB, limit 307200kB, failcnt 941
[  131.612983][ T3312] memory+swap: usage 307604kB, limit 9007199254740988kB, failcnt 0
[  131.620983][ T3312] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[  131.628378][ T3312] Memory cgroup stats for /syz2:
[  131.640720][ T3312] cache 0
[  131.648696][ T3312] rss 0
[  131.651479][ T3312] shmem 0
[  131.654432][ T3312] mapped_file 0
[  131.657905][ T3312] dirty 0
[  131.660953][ T3312] writeback 0
[  131.664314][ T3312] workingset_refault_anon 207
[  131.669093][ T3312] workingset_refault_file 702
[  131.673779][ T3312] swap 413696
[  131.677164][ T3312] swapcached 8192
[  131.680852][ T3312] pgpgin 95745
[  131.684237][ T3312] pgpgout 95743
[  131.687762][ T3312] pgfault 120386
[  131.691477][ T3312] pgmajfault 110
[  131.695084][ T3312] inactive_anon 0
[  131.698773][ T3312] active_anon 8192
[  131.702525][ T3312] inactive_file 0
[  131.706274][ T3312] active_file 0
[  131.709802][ T3312] unevictable 0
[  131.713369][ T3312] hierarchical_memory_limit 314572800
[  131.718800][ T3312] hierarchical_memsw_limit 9223372036854771712
[  131.724967][ T3312] total_cache 0
[  131.728557][ T3312] total_rss 0
[  131.731889][ T3312] total_shmem 0
[  131.735453][ T3312] total_mapped_file 0
[  131.739563][ T3312] total_dirty 0
[  131.743058][ T3312] total_writeback 0
[  131.746895][ T3312] total_workingset_refault_anon 207
[  131.752167][ T3312] total_workingset_refault_file 702
[  131.757501][ T3312] total_swap 413696
[  131.761369][ T3312] total_swapcached 8192
[  131.765547][ T3312] total_pgpgin 95745
[  131.769674][ T3312] total_pgpgout 95743
[  131.773676][ T3312] total_pgfault 120386
[  131.777933][ T3312] total_pgmajfault 110
[  131.782039][ T3312] total_inactive_anon 0
[  131.786227][ T3312] total_active_anon 8192
[  131.790552][ T3312] total_inactive_file 0
[  131.794736][ T3312] total_active_file 0
[  131.798991][ T3312] total_unevictable 0
[  131.803099][ T3312] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3131,pid=11006,uid=0
[  131.817962][ T3312] Memory cgroup out of memory: Killed process 11006 (syz.2.3131) total-vm:93632kB, anon-rss:1072kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  132.080346][T11092] program syz.2.3170 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.090451][T11092] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  132.197088][   T29] kauditd_printk_skb: 786 callbacks suppressed
[  132.197103][   T29] audit: type=1400 audit(1755705704.074:15514): avc:  denied  { ioctl } for  pid=11108 comm="syz.2.3180" path="socket:[27581]" dev="sockfs" ino=27581 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  132.229329][   T29] audit: type=1326 audit(1755705704.074:15515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.253927][   T29] audit: type=1326 audit(1755705704.074:15516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.278264][   T29] audit: type=1326 audit(1755705704.084:15517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.304483][   T29] audit: type=1326 audit(1755705704.084:15518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.328947][   T29] audit: type=1326 audit(1755705704.084:15519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.352941][   T29] audit: type=1326 audit(1755705704.084:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.376933][   T29] audit: type=1326 audit(1755705704.084:15521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.401166][   T29] audit: type=1326 audit(1755705704.084:15522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.425735][   T29] audit: type=1326 audit(1755705704.084:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11106 comm="syz.4.3179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  132.546703][T11120] program syz.5.3185 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.556760][T11120] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  132.622977][T11130] lo speed is unknown, defaulting to 1000
[  132.662195][T11136] loop2: detected capacity change from 0 to 128
[  132.702378][T11136] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 52)
[  132.710657][T11136] FAT-fs (loop2): Filesystem has been set read-only
[  132.779347][T11142] dummy0: entered promiscuous mode
[  132.794274][T11142] macsec1: entered allmulticast mode
[  132.810409][T11142] dummy0: entered allmulticast mode
[  132.838288][T11150] smc: net device bond0 applied user defined pnetid SYZ2
[  132.845777][T11150] smc: net device bond0 erased user defined pnetid SYZ2
[  133.040486][T11167] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3207'.
[  133.054423][T11167] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.062158][T11167] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.071382][T11167] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.078921][T11167] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.086569][T11167] batman_adv: batadv0: Interface deactivated: dummy0
[  133.093515][T11167] batman_adv: batadv0: Removing interface: dummy0
[  133.315902][T11195] netlink: 'syz.3.3219': attribute type 10 has an invalid length.
[  133.334171][T11195] team0: Device dummy0 failed to register rx_handler
[  133.349661][T11195] netlink: 'syz.3.3219': attribute type 10 has an invalid length.
[  133.584677][T11225] loop3: detected capacity change from 0 to 128
[  133.597387][T11225] EXT4-fs mount: 24 callbacks suppressed
[  133.597408][T11225] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.616649][T11225] ext4 filesystem being mounted at /600/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.630211][T11225] EXT4-fs (loop3): resizing filesystem from 64 to 1 blocks
[  133.637579][T11225] EXT4-fs warning (device loop3): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  133.675261][ T3311] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.695014][T11238] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3233'.
[  133.780160][T11260] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3245'.
[  134.123850][T11284] loop2: detected capacity change from 0 to 512
[  134.139751][T11284] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  134.148012][T11284] EXT4-fs (loop2): orphan cleanup on readonly fs
[  134.155032][T11284] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  134.170076][T11284] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  134.177641][T11284] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3254: bg 0: block 40: padding at end of block bitmap is not set
[  134.192119][T11284] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  134.201304][T11284] EXT4-fs (loop2): 1 truncate cleaned up
[  134.207516][T11284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.232098][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.290111][T11293] pimreg: entered allmulticast mode
[  134.297713][T11293] pimreg: left allmulticast mode
[  134.760630][T11326] ip6gre1: entered allmulticast mode
[  134.864319][T11331] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3269'.
[  134.946783][T11338] loop5: detected capacity change from 0 to 128
[  134.967312][T11338] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  134.984120][T11338] EXT4-fs (loop5): resizing filesystem from 64 to 1 blocks
[  134.991494][T11338] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  135.012380][T10323] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  135.078973][T11354] netlink: 'syz.5.3280': attribute type 10 has an invalid length.
[  135.091040][T11354] team0: Port device dummy0 added
[  135.102152][T11354] netlink: 'syz.5.3280': attribute type 10 has an invalid length.
[  135.118867][T11354] team0: Port device dummy0 removed
[  135.128027][T11354] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  135.161729][T11362] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3283'.
[  135.264165][T11376] SELinux:  Context system_u:object_r:chfn_exec_t:s0 is not valid (left unmapped).
[  135.371944][T11390] netlink: 'syz.2.3297': attribute type 10 has an invalid length.
[  135.385046][T11390] team0: Port device dummy0 added
[  135.410820][T11390] netlink: 'syz.2.3297': attribute type 10 has an invalid length.
[  135.427569][T11390] team0: Port device dummy0 removed
[  135.437197][T11390] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  135.496506][T11400] netlink: 'syz.4.3302': attribute type 3 has an invalid length.
[  135.517202][T11406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3303'.
[  135.548542][T11406] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.556035][T11406] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.591462][T11406] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.599124][T11406] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.615795][T11406] bond0: (slave batadv0): Releasing backup interface
[  135.671728][T11417] loop4: detected capacity change from 0 to 1024
[  135.701899][T11417] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.715139][T11422] 9pnet: Could not find request transport: 0xffffffffffffffff
[  135.724608][T11417] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  135.750631][T11417] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  135.763411][T11417] EXT4-fs (loop4): This should not happen!! Data will be lost
[  135.763411][T11417] 
[  135.773143][T11417] EXT4-fs (loop4): Total free blocks count 0
[  135.779202][T11417] EXT4-fs (loop4): Free/Dirty block details
[  135.785205][T11417] EXT4-fs (loop4): free_blocks=20480
[  135.790720][T11417] EXT4-fs (loop4): dirty_blocks=96
[  135.796087][T11417] EXT4-fs (loop4): Block reservation details
[  135.802162][T11417] EXT4-fs (loop4): i_reserved_data_blocks=6
[  135.848272][T11433] netlink: 'syz.1.3317': attribute type 3 has an invalid length.
[  135.871410][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  136.020418][T11459] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3328'.
[  136.070506][T11463] bridge0: port 3(batadv0) entered blocking state
[  136.077109][T11463] bridge0: port 3(batadv0) entered disabled state
[  136.100419][T11463] batadv0: entered allmulticast mode
[  136.106389][T11463] batadv0: entered promiscuous mode
[  136.225887][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1
[  136.233374][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.240959][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.248553][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.256336][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.263820][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x2
[  136.271269][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.278822][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.286352][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.293823][ T3392] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  136.303519][ T3392] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  136.450382][T11488] IPv6: Can't replace route, no match found
[  136.569956][   T31] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  136.579597][   T31] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  136.904565][T11511] openvswitch: netlink: Message has 6 unknown bytes.
[  137.134570][T11550] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3367'.
[  137.179716][T11553] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3368'.
[  137.262245][   T29] kauditd_printk_skb: 600 callbacks suppressed
[  137.262261][   T29] audit: type=1400 audit(137.253:16123): avc:  denied  { write } for  pid=11562 comm="syz.5.3373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  137.317388][T11568] netlink: 428 bytes leftover after parsing attributes in process `+}[@'.
[  137.607311][T11596] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3387'.
[  137.617509][T11596] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3387'.
[  137.731160][   T29] audit: type=1400 audit(137.723:16124): avc:  denied  { relabelfrom } for  pid=11598 comm="syz.1.3388" name="NETLINK" dev="sockfs" ino=29423 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  137.755283][   T29] audit: type=1400 audit(137.723:16125): avc:  denied  { relabelto } for  pid=11598 comm="syz.1.3388" name="NETLINK" dev="sockfs" ino=29423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_route_socket permissive=1
[  137.931290][T11619] loop2: detected capacity change from 0 to 128
[  137.940659][T11619] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.957686][   T29] audit: type=1400 audit(137.933:16126): avc:  denied  { listen } for  pid=11602 comm="syz.1.3390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  137.977507][   T29] audit: type=1400 audit(137.933:16127): avc:  denied  { accept } for  pid=11602 comm="syz.1.3390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  137.998010][   T29] audit: type=1400 audit(137.973:16128): avc:  denied  { read write open } for  pid=11618 comm="syz.2.3397" path="/617/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  138.021481][   T29] audit: type=1400 audit(137.973:16129): avc:  denied  { setattr } for  pid=11618 comm="syz.2.3397" path="/617/file1/file1" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  138.060010][   T29] audit: type=1400 audit(138.043:16130): avc:  denied  { ioctl } for  pid=11618 comm="syz.2.3397" path="/617/file1/file1" dev="loop2" ino=12 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  138.086632][ T3312] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  138.193439][   T29] audit: type=1326 audit(138.183:16131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11638 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  138.235920][   T29] audit: type=1326 audit(138.213:16132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11638 comm="syz.4.3405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  138.354126][T11654] loop3: detected capacity change from 0 to 8192
[  138.401947][T11664] loop2: detected capacity change from 0 to 128
[  138.411402][T11666] loop3: detected capacity change from 0 to 1024
[  138.448699][T11666] EXT4-fs: Ignoring removed nobh option
[  138.492305][T11666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.529459][T11666] EXT4-fs warning (device loop3): ext4_rename_delete:3731: inode #12: comm syz.3.3416: Deleting old file: nlink 2, error=-2
[  138.593326][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.840411][   T31] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.915197][   T31] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.927563][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881194b0600: rx timeout, send abort
[  138.991624][   T31] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.032571][   T31] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.076854][T11711] lo speed is unknown, defaulting to 1000
[  139.107220][   T31] bridge_slave_1: left allmulticast mode
[  139.113046][   T31] bridge_slave_1: left promiscuous mode
[  139.119043][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.137163][   T31] bridge_slave_0: left allmulticast mode
[  139.143134][   T31] bridge_slave_0: left promiscuous mode
[  139.149038][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.247230][T11744] loop3: detected capacity change from 0 to 1024
[  139.254456][T11744] EXT4-fs: Ignoring removed orlov option
[  139.260395][T11744] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.271357][T11744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.284810][T11744] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.320482][  T113] smc: removing ib device syz2
[  139.325537][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.335702][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.345749][   T31] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  139.355314][   T31] bond0 (unregistering): Released all slaves
[  139.427609][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881041fe400: rx timeout, send abort
[  139.436008][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881194b0600: abort rx timeout. Force session deactivation
[  139.500642][T11711] chnl_net:caif_netlink_parms(): no params data found
[  139.557166][T11771] __nla_validate_parse: 2 callbacks suppressed
[  139.557186][T11771] netlink: 128124 bytes leftover after parsing attributes in process `syz.5.3458'.
[  139.601841][T11711] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.609135][T11711] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.638726][T11711] bridge_slave_0: entered allmulticast mode
[  139.646032][T11711] bridge_slave_0: entered promiscuous mode
[  139.662089][T11711] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.669377][T11711] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.682715][T11711] bridge_slave_1: entered allmulticast mode
[  139.690336][T11711] bridge_slave_1: entered promiscuous mode
[  139.724110][   T31] hsr_slave_0: left promiscuous mode
[  139.740100][   T31] hsr_slave_1: left promiscuous mode
[  139.755548][   T31] veth0_macvtap: left allmulticast mode
[  139.765841][   T31] veth1_macvtap: left promiscuous mode
[  139.778714][   T31] veth0_macvtap: left promiscuous mode
[  139.787594][   T31] veth1_vlan: left promiscuous mode
[  139.796268][   T31] veth0_vlan: left promiscuous mode
[  139.883957][T11788] SELinux:  Context system_u:object_r:iptables_conf_t:s0 is not valid (left unmapped).
[  139.901444][   T31] team0 (unregistering): Port device team_slave_1 removed
[  139.935912][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881041fe400: abort rx timeout. Force session deactivation
[  139.959857][T11711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  139.970827][T11711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  139.994835][T11711] team0: Port device team_slave_0 added
[  140.002292][T11711] team0: Port device team_slave_1 added
[  140.019818][T11711] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.026869][T11711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.053056][T11711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.067629][T11711] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.074755][T11711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.100711][T11711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.129387][T11711] hsr_slave_0: entered promiscuous mode
[  140.135447][T11711] hsr_slave_1: entered promiscuous mode
[  140.141584][T11711] debugfs: 'hsr0' already exists in 'hsr'
[  140.147335][T11711] Cannot create hsr debugfs directory
[  140.208748][   T31] IPVS: stop unused estimator thread 0...
[  140.243305][T11711] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  140.252754][T11711] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  140.262891][T11711] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  140.272099][T11711] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  140.313386][T11711] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.325826][T11711] 8021q: adding VLAN 0 to HW filter on device team0
[  140.336377][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.344641][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.357538][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.364853][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.387526][T11711] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  140.398063][T11711] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.458038][T11711] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.490874][T11827] loop3: detected capacity change from 0 to 1024
[  140.497692][T11827] EXT4-fs: Ignoring removed nobh option
[  140.503403][T11827] EXT4-fs: Ignoring removed bh option
[  140.522081][T11827] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.598288][T11711] veth0_vlan: entered promiscuous mode
[  140.607849][T11711] veth1_vlan: entered promiscuous mode
[  140.625660][T11711] veth0_macvtap: entered promiscuous mode
[  140.639091][T11711] veth1_macvtap: entered promiscuous mode
[  140.651009][T11711] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.660313][T11711] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.681095][   T31] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.692767][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.703064][   T51] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.719543][   T51] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.735593][   T51] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.897361][T11870] pim6reg: entered allmulticast mode
[  140.906467][T11870] pim6reg: left allmulticast mode
[  140.961091][T11878] IPv6: Can't replace route, no match found
[  141.174258][T11913] IPv6: Can't replace route, no match found
[  141.539116][T11938] IPv6: Can't replace route, no match found
[  141.663242][T11955] IPv6: Can't replace route, no match found
[  141.687161][T11957] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3528'.
[  141.714978][T11959] 9pnet_fd: Insufficient options for proto=fd
[  141.744867][T11961] pim6reg: entered allmulticast mode
[  141.750989][T11961] pim6reg: left allmulticast mode
[  141.852173][T11967] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3534'.
[  141.893870][T11971] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  141.967131][T11979] loop6: detected capacity change from 0 to 512
[  142.000430][T11985] loop4: detected capacity change from 0 to 512
[  142.008367][T11985] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  142.023078][T11985] EXT4-fs (loop4): 1 truncate cleaned up
[  142.029701][T11985] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.044154][T11985] sg_write: data in/out 11329/120 bytes for SCSI command 0x0-- guessing data in;
[  142.044154][T11985]    program syz.4.3543 not setting count and/or reply_len properly
[  142.087334][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.126170][T12001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  142.144739][T12001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  142.321167][   T29] kauditd_printk_skb: 151 callbacks suppressed
[  142.321205][   T29] audit: type=1400 audit(142.313:16284): avc:  denied  { load_policy } for  pid=12009 comm="syz.3.3554" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  142.349223][T12010] SELinux: failed to load policy
[  142.412708][   T29] audit: type=1326 audit(142.383:16285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  142.435967][   T29] audit: type=1326 audit(142.383:16286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  142.459372][   T29] audit: type=1326 audit(142.383:16287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  142.482357][   T29] audit: type=1326 audit(142.383:16288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12002 comm="syz.4.3549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  142.791199][T12046] lo speed is unknown, defaulting to 1000
[  142.926526][T12059] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3576'.
[  142.956680][T12059] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3576'.
[  143.181182][   T29] audit: type=1326 audit(143.143:16289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  143.204274][   T29] audit: type=1326 audit(143.143:16290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  143.227657][   T29] audit: type=1326 audit(143.143:16291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  143.250661][   T29] audit: type=1326 audit(143.143:16292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  143.273741][   T29] audit: type=1326 audit(143.143:16293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12066 comm="syz.5.3580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  143.467395][T12084] loop6: detected capacity change from 0 to 2048
[  143.522365][T12084] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.572457][T11711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.622650][T12099] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3591'.
[  143.666204][T12104] SELinux: security_context_str_to_sid () failed with errno=-22
[  143.708951][T12109] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3597'.
[  143.779358][T12119] loop4: detected capacity change from 0 to 512
[  143.786604][T12119] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  143.801194][T12119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.946383][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.028789][T12151] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  144.044964][T12149] geneve2: entered promiscuous mode
[  144.050357][T12149] geneve2: entered allmulticast mode
[  144.178110][T12159] loop4: detected capacity change from 0 to 512
[  144.184896][T12159] EXT4-fs: Ignoring removed i_version option
[  144.195598][T12159] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  144.245271][T12159] EXT4-fs (loop4): 1 truncate cleaned up
[  144.272863][T12159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.340569][T12173] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3625'.
[  144.501055][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.659101][T12204] sctp: [Deprecated]: syz.5.3639 (pid 12204) Use of int in max_burst socket option deprecated.
[  144.659101][T12204] Use struct sctp_assoc_value instead
[  145.152044][T12216] loop3: detected capacity change from 0 to 512
[  145.466352][T12238] IPv6: Can't replace route, no match found
[  145.594358][T12257] bridge_slave_0: default FDB implementation only supports local addresses
[  145.606464][T12257] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3662'.
[  145.615459][T12257] bridge_slave_0: default FDB implementation only supports local addresses
[  145.642629][T12255] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3661'.
[  145.679339][T12255] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3661'.
[  145.806748][T12284] ipvlan2: entered promiscuous mode
[  145.827614][T12284] bridge0: port 3(ipvlan2) entered blocking state
[  145.834245][T12284] bridge0: port 3(ipvlan2) entered disabled state
[  145.863084][T12284] ipvlan2: entered allmulticast mode
[  145.868567][T12284] bridge0: entered allmulticast mode
[  145.874685][T12284] ipvlan2: left allmulticast mode
[  145.879830][T12284] bridge0: left allmulticast mode
[  145.949921][T12300] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3681'.
[  145.972951][T12303] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3684'.
[  146.083823][T12323] wg2: entered promiscuous mode
[  146.089050][T12323] wg2: entered allmulticast mode
[  146.241090][T12349] bridge0: port 4(batadv0) entered blocking state
[  146.247705][T12349] bridge0: port 4(batadv0) entered disabled state
[  146.260564][T12349] batadv0: entered allmulticast mode
[  146.267040][T12349] batadv0: entered promiscuous mode
[  146.273123][T12351] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  146.394339][T12369] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3717'.
[  146.456269][T12373] loop3: detected capacity change from 0 to 512
[  146.470697][T12373] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  146.496886][T12373] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002]
[  146.506347][T12373] System zones: 1-12
[  146.510884][T12373] EXT4-fs (loop3): orphan cleanup on readonly fs
[  146.512855][T12388] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3725'.
[  146.528275][T12373] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3719: bg 0: block 361: padding at end of block bitmap is not set
[  146.545590][T12373] EXT4-fs (loop3): Remounting filesystem read-only
[  146.552407][T12373] EXT4-fs (loop3): 1 truncate cleaned up
[  146.559699][T12373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  146.587239][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  146.691291][T12411] bridge0: port 3(batadv1) entered blocking state
[  146.697832][T12411] bridge0: port 3(batadv1) entered disabled state
[  146.705470][T12411] batadv1: entered allmulticast mode
[  146.712548][T12411] batadv1: entered promiscuous mode
[  146.744143][  T113] batman_adv: batadv0: IGMP Querier appeared
[  146.750415][  T113] batman_adv: batadv0: MLD Querier appeared
[  146.785223][T12428] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  146.874542][T12447] loop4: detected capacity change from 0 to 512
[  146.917235][T12447] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.3752: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  146.950861][T12447] EXT4-fs error (device loop4): ext4_quota_enable:7131: comm syz.4.3752: Bad quota inode: 3, type: 0
[  146.964900][T12447] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  147.001479][T12447] EXT4-fs (loop4): mount failed
[  147.027431][T12464] loop6: detected capacity change from 0 to 1024
[  147.053585][T12471] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.063160][T12471] bridge0: entered allmulticast mode
[  147.067237][T12464] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.096713][T12471] batadv0: left allmulticast mode
[  147.102155][T12471] batadv0: left promiscuous mode
[  147.107562][T12471] bridge0: port 3(batadv0) entered disabled state
[  147.117036][T11711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.137414][T12471] bridge_slave_1: left allmulticast mode
[  147.143225][T12471] bridge_slave_1: left promiscuous mode
[  147.149324][T12471] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.159651][T12479] loop6: detected capacity change from 0 to 512
[  147.169206][T12479] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.3764: Invalid inode bitmap blk 4 in block_group 0
[  147.183359][T12479] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.184102][T12471] bridge_slave_0: left allmulticast mode
[  147.204336][T12471] bridge_slave_0: left promiscuous mode
[  147.210536][T12471] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.219360][   T12] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  147.224290][T12479] netlink: 104 bytes leftover after parsing attributes in process `syz.6.3764'.
[  147.228873][   T12] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  147.262052][T11711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.318390][T12491] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3769'.
[  147.327801][T12491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3769'.
[  147.336599][T12493] loop6: detected capacity change from 0 to 1024
[  147.342649][T12491] bridge0: port 5(macsec1) entered blocking state
[  147.350596][T12491] bridge0: port 5(macsec1) entered disabled state
[  147.357499][T12491] macsec1: entered allmulticast mode
[  147.361796][T12493] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.376246][T12491] macsec1: left allmulticast mode
[  147.398352][T11711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.415864][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  147.415883][   T29] audit: type=1326 audit(147.403:16529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.454829][   T29] audit: type=1326 audit(147.403:16530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.480319][   T29] audit: type=1326 audit(147.413:16531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.504367][   T29] audit: type=1326 audit(147.413:16532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.528662][   T29] audit: type=1326 audit(147.413:16533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.554021][   T29] audit: type=1326 audit(147.413:16534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.578799][   T29] audit: type=1326 audit(147.413:16535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.603061][   T29] audit: type=1326 audit(147.413:16536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.627621][   T29] audit: type=1326 audit(147.413:16537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.653444][   T29] audit: type=1326 audit(147.413:16538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12498 comm="syz.6.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6f33eebe9 code=0x7ffc0000
[  147.871492][T12515] netlink: 'syz.5.3779': attribute type 10 has an invalid length.
[  147.886280][T12515] bond0: (slave dummy0): Releasing backup interface
[  147.896935][T12515] team0: Port device dummy0 added
[  147.911200][T12515] netlink: 'syz.5.3779': attribute type 10 has an invalid length.
[  147.924270][T12515] team0: Port device dummy0 removed
[  147.932224][T12515] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  148.032708][T12527] netlink: 'syz.1.3785': attribute type 3 has an invalid length.
[  148.216905][T12545] netlink: 'syz.1.3792': attribute type 3 has an invalid length.
[  148.790342][T12594] loop4: detected capacity change from 0 to 512
[  148.794592][T12594] EXT4-fs: Ignoring removed mblk_io_submit option
[  148.805089][T12594] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  148.817426][T12594] EXT4-fs (loop4): 1 truncate cleaned up
[  148.823605][T12594] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.861314][T12600] syzkaller1: entered promiscuous mode
[  148.866871][T12600] syzkaller1: entered allmulticast mode
[  148.982967][    T9] hid_parser_main: 23 callbacks suppressed
[  148.982985][    T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  148.996629][    T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  149.032153][    T9] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x3
[  149.041369][    T9] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  149.093810][T12615] loop3: detected capacity change from 0 to 512
[  149.129749][T12615] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.3818: Invalid inode bitmap blk 4 in block_group 0
[  149.154755][T12615] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.242374][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.408951][T12629] syz_tun: entered allmulticast mode
[  149.430166][T12629] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  149.439236][T12629] mroute: pending queue full, dropping entries
[  149.519428][T12628] syz_tun: left allmulticast mode
[  149.697604][T12649] syzkaller1: entered promiscuous mode
[  149.703572][T12649] syzkaller1: entered allmulticast mode
[  149.822289][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.089744][    T9] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4
[  150.097715][    T9] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2
[  150.117608][    T9] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x3
[  150.128629][    T9] hid-generic 0000:3000000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  150.167959][T12702] syz_tun: entered allmulticast mode
[  150.177369][T12702] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  150.186067][T12702] mroute: pending queue full, dropping entries
[  150.198728][T12704] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2
[  150.211446][T12701] syz_tun: left allmulticast mode
[  150.581723][T12740] loop6: detected capacity change from 0 to 164
[  150.591844][T12740] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  150.634328][T12744] __nla_validate_parse: 3 callbacks suppressed
[  150.634347][T12744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3871'.
[  150.634978][T12744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3871'.
[  150.635210][T12744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3871'.
[  150.635474][T12744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3871'.
[  150.658013][T12746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3872'.
[  152.032340][T12856] loop4: detected capacity change from 0 to 8192
[  152.097865][T12860] 9pnet_fd: Insufficient options for proto=fd
[  152.150228][T12867] loop4: detected capacity change from 0 to 128
[  152.159126][T12867] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  152.219771][T12872] IPv6: Can't replace route, no match found
[  152.274674][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  152.313351][T12875] loop4: detected capacity change from 0 to 164
[  152.329264][T12875] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  152.470608][T12894] 9p: Unknown Cache mode or invalid value f
[  152.526983][   T29] kauditd_printk_skb: 187 callbacks suppressed
[  152.527002][   T29] audit: type=1400 audit(152.513:16726): avc:  denied  { read } for  pid=12901 comm="syz.4.3938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  152.598526][   T29] audit: type=1326 audit(152.583:16727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12905 comm="syz.4.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  152.621854][   T29] audit: type=1326 audit(152.583:16728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12905 comm="syz.4.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  152.647364][   T29] audit: type=1326 audit(152.583:16729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12905 comm="syz.4.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  152.670747][   T29] audit: type=1326 audit(152.583:16730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12905 comm="syz.4.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  152.694148][   T29] audit: type=1326 audit(152.583:16731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12905 comm="syz.4.3940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa143cfebe9 code=0x7ffc0000
[  152.812504][T12915] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3952'.
[  153.058597][   T29] audit: type=1326 audit(153.043:16732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.5.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  153.082627][   T29] audit: type=1326 audit(153.043:16733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.5.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  153.107542][T12951] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3960'.
[  153.123326][T12952] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  153.156041][   T29] audit: type=1326 audit(153.053:16734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.5.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  153.179350][   T29] audit: type=1326 audit(153.133:16735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12945 comm="syz.5.3958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cb5b4ebe9 code=0x7ffc0000
[  153.406728][T12975] loop6: detected capacity change from 0 to 128
[  153.438833][T12975] syz.6.3979: attempt to access beyond end of device
[  153.438833][T12975] loop6: rw=0, sector=121, nr_sectors = 8 limit=128
[  153.578773][T12983] 9p: Unknown Cache mode or invalid value f
[  153.686445][T12999] loop6: detected capacity change from 0 to 128
[  153.697844][T12999] FAT-fs (loop6): Directory bread(block 32) failed
[  153.704567][T12999] FAT-fs (loop6): Directory bread(block 33) failed
[  153.711429][T12999] FAT-fs (loop6): Directory bread(block 34) failed
[  153.718005][T12999] FAT-fs (loop6): Directory bread(block 35) failed
[  153.724805][T12999] FAT-fs (loop6): Directory bread(block 36) failed
[  153.731667][T12999] FAT-fs (loop6): Directory bread(block 37) failed
[  153.738226][T12999] FAT-fs (loop6): Directory bread(block 38) failed
[  153.744918][T12999] FAT-fs (loop6): Directory bread(block 39) failed
[  153.751580][T12999] FAT-fs (loop6): Directory bread(block 40) failed
[  153.758208][T12999] FAT-fs (loop6): Directory bread(block 41) failed
[  153.780321][T13004] loop3: detected capacity change from 0 to 1024
[  153.798889][T12999] FAT-fs (loop6): error, fat_free_clusters: deleting FAT entry beyond EOF
[  153.807625][T12999] FAT-fs (loop6): Filesystem has been set read-only
[  153.815771][T13004] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.836414][T12999] syz.6.3982: attempt to access beyond end of device
[  153.836414][T12999] loop6: rw=2049, sector=4184, nr_sectors = 8 limit=128
[  153.847330][T13004] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 49 with max blocks 1 with error 28
[  153.853183][T12999] syz.6.3982: attempt to access beyond end of device
[  153.853183][T12999] loop6: rw=2049, sector=4200, nr_sectors = 4 limit=128
[  153.862447][T13004] EXT4-fs (loop3): This should not happen!! Data will be lost
[  153.862447][T13004] 
[  153.875938][T12999] Buffer I/O error on dev loop6, logical block 1050, lost async page write
[  153.885597][T13004] EXT4-fs (loop3): Total free blocks count 0
[  153.885619][T13004] EXT4-fs (loop3): Free/Dirty block details
[  153.894745][T12999] syz.6.3982: attempt to access beyond end of device
[  153.894745][T12999] loop6: rw=2049, sector=4208, nr_sectors = 4 limit=128
[  153.900338][T13004] EXT4-fs (loop3): free_blocks=0
[  153.906277][T12999] Buffer I/O error on dev loop6, logical block 1052, lost async page write
[  153.919770][T13004] EXT4-fs (loop3): dirty_blocks=0
[  153.924885][T12999] syz.6.3982: attempt to access beyond end of device
[  153.924885][T12999] loop6: rw=2049, sector=4220, nr_sectors = 4 limit=128
[  153.933491][T13004] EXT4-fs (loop3): Block reservation details
[  153.938551][T12999] Buffer I/O error on dev loop6, logical block 1055, lost async page write
[  153.952323][T13004] EXT4-fs (loop3): i_reserved_data_blocks=0
[  153.958575][T12999] syz.6.3982: attempt to access beyond end of device
[  153.958575][T12999] loop6: rw=2049, sector=4228, nr_sectors = 4 limit=128
[  153.958601][T12999] Buffer I/O error on dev loop6, logical block 1057, lost async page write
[  154.014703][T12999] syz.6.3982: attempt to access beyond end of device
[  154.014703][T12999] loop6: rw=2049, sector=4240, nr_sectors = 4 limit=128
[  154.028360][T12999] Buffer I/O error on dev loop6, logical block 1060, lost async page write
[  154.037254][T12999] syz.6.3982: attempt to access beyond end of device
[  154.037254][T12999] loop6: rw=2049, sector=4248, nr_sectors = 4 limit=128
[  154.050894][T12999] Buffer I/O error on dev loop6, logical block 1062, lost async page write
[  154.061216][T12999] syz.6.3982: attempt to access beyond end of device
[  154.061216][T12999] loop6: rw=2049, sector=4252, nr_sectors = 4 limit=128
[  154.110449][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.234136][T13032] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3998'.
[  154.262846][T13033] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3996'.
[  154.283941][T13042] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  154.392823][T13055] loop3: detected capacity change from 0 to 128
[  154.402238][T13055] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  154.427563][T13055] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  154.524161][T13076] loop3: detected capacity change from 0 to 1024
[  154.560160][T13076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.624905][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.726577][T13101] lo speed is unknown, defaulting to 1000
[  155.288538][T13171] @: renamed from vlan0 (while UP)
[  155.423831][T13194] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4065'.
[  155.517170][T13203] IPv6: Can't replace route, no match found
[  155.604412][T13213] loop6: detected capacity change from 0 to 512
[  155.612862][T13213] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.4084: casefold flag without casefold feature
[  155.627040][T13213] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.4084: couldn't read orphan inode 15 (err -117)
[  155.640293][T13213] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.665067][T11711] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.746133][T13225] __nla_validate_parse: 1 callbacks suppressed
[  155.746151][T13225] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4076'.
[  155.761632][T13225] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4076'.
[  155.822846][T13235] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4083'.
[  155.879158][T13243] loop3: detected capacity change from 0 to 512
[  155.890123][T13243] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  155.906071][T13243] EXT4-fs (loop3): 1 truncate cleaned up
[  155.923190][T13243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.964854][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.047162][T13265] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4097'.
[  156.193618][T13275] loop4: detected capacity change from 0 to 1024
[  156.200536][T13275] EXT4-fs: Ignoring removed orlov option
[  156.209632][T13275] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.575356][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.596500][T13288] loop4: detected capacity change from 0 to 128
[  156.762866][T13299] loop4: detected capacity change from 0 to 128
[  156.770570][T13299] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  156.784810][T13299] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  156.932690][T13315] lo speed is unknown, defaulting to 1000
[  157.047087][T13328] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4124'.
[  157.084892][T13331] loop3: detected capacity change from 0 to 1024
[  157.096992][T13331] EXT4-fs: Ignoring removed orlov option
[  157.107408][T13331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.178434][T13337] loop4: detected capacity change from 0 to 512
[  157.221920][T13337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.254832][T13331] ==================================================================
[  157.262986][T13331] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  157.272419][T13331] 
[  157.274779][T13331] write to 0xffff888118cead10 of 4 bytes by task 13339 on cpu 0:
[  157.282527][T13331]  writeback_single_inode+0x14a/0x3e0
[  157.287958][T13331]  sync_inode_metadata+0x5b/0x90
[  157.292946][T13331]  generic_buffers_fsync_noflush+0xd9/0x120
[  157.299005][T13331]  ext4_sync_file+0x1ab/0x690
[  157.303939][T13331]  vfs_fsync_range+0x10d/0x130
[  157.308745][T13331]  ext4_buffered_write_iter+0x34f/0x3c0
[  157.314528][T13331]  ext4_file_write_iter+0x383/0xf00
[  157.319786][T13331]  iter_file_splice_write+0x663/0xa60
[  157.325279][T13331]  direct_splice_actor+0x153/0x2a0
[  157.330425][T13331]  splice_direct_to_actor+0x30f/0x680
[  157.336011][T13331]  do_splice_direct+0xda/0x150
[  157.340819][T13331]  do_sendfile+0x380/0x650
[  157.345282][T13331]  __x64_sys_sendfile64+0x105/0x150
[  157.350568][T13331]  x64_sys_call+0x2bb0/0x2ff0
[  157.355979][T13331]  do_syscall_64+0xd2/0x200
[  157.361676][T13331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.367825][T13331] 
[  157.370167][T13331] read to 0xffff888118cead10 of 4 bytes by task 13331 on cpu 1:
[  157.378070][T13331]  generic_buffers_fsync_noflush+0x80/0x120
[  157.384084][T13331]  ext4_sync_file+0x1ab/0x690
[  157.390893][T13331]  vfs_fsync_range+0x10d/0x130
[  157.395699][T13331]  ext4_buffered_write_iter+0x34f/0x3c0
[  157.401284][T13331]  ext4_file_write_iter+0x383/0xf00
[  157.406552][T13331]  iter_file_splice_write+0x663/0xa60
[  157.412044][T13331]  direct_splice_actor+0x153/0x2a0
[  157.417275][T13331]  splice_direct_to_actor+0x30f/0x680
[  157.422760][T13331]  do_splice_direct+0xda/0x150
[  157.427669][T13331]  do_sendfile+0x380/0x650
[  157.432125][T13331]  __x64_sys_sendfile64+0x105/0x150
[  157.437434][T13331]  x64_sys_call+0x2bb0/0x2ff0
[  157.442237][T13331]  do_syscall_64+0xd2/0x200
[  157.447019][T13331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.452939][T13331] 
[  157.455366][T13331] value changed: 0x00000038 -> 0x00000002
[  157.461577][T13331] 
[  157.464186][T13331] Reported by Kernel Concurrency Sanitizer on:
[  157.470714][T13331] CPU: 1 UID: 0 PID: 13331 Comm: syz.3.4126 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  157.483092][T13331] Tainted: [W]=WARN
[  157.487523][T13331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.497964][T13331] ==================================================================
[  157.515028][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.567383][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.