last executing test programs:

1m55.248917774s ago: executing program 2 (id=584):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

1m55.197522264s ago: executing program 2 (id=587):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r4, @ANYBLOB="f5ff06fdff000000140012000c000100627269646765"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0xff, r4}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r5 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r5, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @empty}, 0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r9}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75b, &(0x7f0000000d40)="$eJzs3M9rHOUbAPBnptmmP/L9bgTBHwcRWmihdJM0IO2p8eKtUCh4rSGZhJBJNmQ3tRsLtp6F2lwUBFHPHr0Kpf4B3qSg4F0QrfEgXlZms0lpmt1um6Qr6ecDk3ne+fW8T3Z4swN5J4AX1pvFjyRiKCIuR0S5vT2NiMOt6EjEzY3j1h/cmCqWJJrNK78nxWmx3ixvXStpr49H65R4NSLulSLOfPR43lpjdX4yz7PldnukvrA0Umusnp1bmJzNZrPFsfELo+fHx8+Pjj+xhld6rPXkuxeO3vnhnbW1H7+t335j4GwSE626o11bj5d5Khu/k1JMtNuH2uvF/UjWR0m/OwAAQE/S9nfSgda31HIcakUAAADAQdIcbAIAAAAHXhL97gEAAACwvzb/D2Bzbu9+zYPt5Le3I2J4p/wDrTnEEUeiFBHH1pNHZiYkG6fBrty8FRF3J7bff18Xd9jNXV57dFv70TnSh3d5dfbC3WL8mdhp/Em3xp/YYfwZ2Hx3wi51Hv8e5j/UYfy73GOO7754rdQx/62I1wcey//Ww/v/SCvXTvnf6zH/7bWP73Ta1/wq4tSOf3+SR3J1eT/ExMxc3vX1A/f+OX2/W/3HOuVPute/1GP9H6z/Od9pLCnynz7R/fPfKX9xT3zS7kcaEXfa66K9ti3HiYWfvu9W/3REc6f6n/T5f9lj/b98M3i9x0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgJY2IoUjSylacppVKxPGIeDmOpXm1Vj8zU11ZnC72RQxHKZ2Zy7PRiChvtJOiPdaKH7bPbWuPR8RLPx/dSDqXZ5Wpaj7d7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYcjwihiJJKxGRRsRf5TStVCIGejh38Dn0DwAAANgjw/3uAAAAALDvPP8DAADAwfesz//JHvcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONAuX7pULM31Bzemivb0tcbKfPXa2emsNl9ZWJmqTFWXlyqz1epsnlWmqgtPul5erS6NXYiV6yP1rFYfqTVWry5UVxbrV+cWJmezq1npuVQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0xpqLUlaiYi0FadppRLxv4gYjlIyM5dnoxHx/4i4Xy4NFu2xfncaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPVdrrM5P5nm2LBAInlvwYUT8B7rRJej3yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD/UGqvzk3meLdf63RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6K/01iYhiOVU+ObR97+Hk73JrHRHvf37l0+uT9fryWLH9j63t9c/a28/1o/8AAADwQrj4NAdvPqdvPscDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qtZYnZ/M82x5d8HFaKw2kw7H9LtGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg2fwbAAD//2Wnx3E=")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
r11 = memfd_create(&(0x7f0000000a80)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96', 0x5)
fsetxattr$security_selinux(r11, &(0x7f0000000480), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1a, 0x0)
r12 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r12, 0x0, r12, &(0x7f00000000c0)=0xc615, 0x39ea, 0x0)
ioctl$SG_GET_VERSION_NUM(r12, 0x2282, &(0x7f0000000380))
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r13}}, 0x24}}, 0x0)

1m54.69019933s ago: executing program 2 (id=594):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000006c0)="0d18687da3e7f33aed145cf8ff2d1e5a18c0d5f9856f4824f41040f6987d0b531da10713ed151bc4867681f28e033aef683334d03864ed30590dd4ea64a20ecbbc1346c9f42510d91eec0632885b7da95ca85f4b1435c5c1e993a85257df5f19bdfc5e038a16e6a8aef907e347081fdb93cee93217e11f19cde423e6138bd1b79ee615527ccaf8049959ac6e32af46d777ccb8c26ca925f69590df13a81aee3213e80ba5cacf1f930b3cc49093d11594ef13325790b55efbdc2dd99ed1c3c609a49cc151", 0xc4}, {&(0x7f00000002c0)="9c811ff500139d7d28a5f0de630ec6041ed353d314e58721edf306c382ac611fe34479cb9e2585745ff3c61da74b06eb64f69a4e90d706178176dc533f123b66d04d51fb740c1efdf8db3b99ed18fb67c1f75ef7d55b3bb185f5", 0x5a}, {&(0x7f0000000180)="3f82090ccda4f8ce11f43ea8b51b08afd200c6075794cdd2e0021e30a0f6267447162a2085457cf687e74d142e85e9c4ac6eefcdaa493bcb54152b1339a38d3898707b77a9333cfb7b", 0x49}], 0x3}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000c40)="5c5eafd3ae55a73702d6befaee97f47f4be65587e1fca708cee084691e4587d887a5eaab43ac5edc4886496910cd7a153cd84b93208c7b1a625b3ea990092389b19dab4f61e30ee60a4d7e51ffc9a5accbe20844356dd0ce192542d5e58d80657b3b5fb7a3d39337df9305959f", 0x6d}, {&(0x7f0000000800)="104b0b7073fbd7f77a847bdbfdf6da474f700bf113b18d16d8380f42e296b49f1326c7d0d97be798e205654b8a885df6ee57ec7b690491c55ca484b54170549c7a72b8a579005ffcb0b309dae34571b17126534a763ca881f12d750072abc05a7cb8f0e32fc3ec3ed14c3322630ae8e710fb68299cbb5accee8813185c77248ddec7b5688599f1bfccbec448bc6ce5c139c2095da22c9d7edf7bfa1392c76ab0dddf4db130420df295ea16aa3e841d50dc813025315eea3990c2de68e835c4fec57e2dd70f47b58472c2f915de1a58a32d021d9a26", 0xd5}, {&(0x7f0000000900)="5c3eb8799e8565193cf737e01055d298a4193e91d6dd89384d12d1da97e7e88852e279071ca7a9b536c7911d", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001800)="353a35d6094e4ee7d764b6993f65136c5d6b84d9b1324a0b25e094700c9a66f9181738098f32e3e48859c3878d53a9752474da0d6af299d849d48f2fa2c8c807d7a1521da940585790ff1e6f9da83e32b751d1af9cfac640c1361f5ae8b99c187dafe9ea854120f6eaab11e7fdeb3f2152ebdbc21520ca01f64bb821576deef4ed6696cdddc1768b5b4fbd68a687cb6ba52ecf5cc6f8f05062f26de19d6aaaeb6cbca00e46685f77d2b3e8dd9d0d099e799cd5a76c67ab283f790366f7f744508edc9e48fa101b89215bd330c4e706c1f09d781a5a50aef5e424a7a88b3241a338ca7411cda28aa167b5628b79e8a7d588efb69636181b9c54f6d296386c95f8a08e27d5792dcb20fa3b5b4f60c71f310b31bb1ab4a825c2dc10fac150a17d92bb51849d9eea53c78d427d8d1036dc906084046fcae09499c220ef50c2c7c475f392bc288eb5efb8032d1ade92e88e50a05a95dd5c6cbbdfb086fa53bca14d40c8c3f7149b39b16b7c7370978389366174db5fbc99dbe958f8c1690cd695dfbe6c384162a412c8d3cfd7cf223f9df4c67b92514111891f53d4e19826797302e1a87e7a627c52740bb3bd311771a68d349c0a68ef6f2a765f8220323add67b2b6695ca41adcda387a4264bcd94c8578a9ccca3b55ebcda45369b56068cfeec34abc2cbd94b9b12d057fa9d4328d57073f40e5ae64443e4a10ed400575bbd1168a170a0134b9ad28735dbd9603a9e417cce864f2141a92f57e1fdfcff4776f94a794d6db8d3e9e0ecc783956c7ab15a8d5639d3df1ac9da6057af913a563bd55b657f37cbf4cae2919aea6ff8a748eb4c036361b8866cc062bbad019f43d02b0c38bd6309f2baa53924466203ab8d00daaac4c9da846e645d64c10e47c32e9824e79ade4eeee7cbf71b1bb48f760800b04334745ab553dea12a85f0671eb07a4cc67ceaffa8269e0b052f25136cfb8a6b9327a2d165c42933642d3171ad00ebf0be485f5ed319021600a94072f251c8905a2451eba3ba7db2ec5fb8613463a796610629719166259ffa3261e06f09b5a69798b88848da9028ff7ed8a729c384374fce0f4f5cda3b61cc4d61da382c5708f26edb16e9b65d667ed61248dfbed35a6a886adec25361c17d9f30f94db7e3085440df135ddec94f3f01fe2e2f9edb9e19fd8ae0b93363f0dbadc858d8e0a93dea50e89b2d7674b7e0f813c38f70a87554f5d0b95b531ec006716207abc5c34bcf447f0e547516d2fa23e2871db3662c8fb30e93b", 0x384}], 0x1}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1m53.747160123s ago: executing program 2 (id=611):
r0 = socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b700000000000000950000000000001e0000000000d7ba9e4c436faff12fc77df7777afdba2623cbff7c9dcda10ad0"], &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
accept(r0, &(0x7f00000005c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000a00)=0x80)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000100)=0x100000001)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e20, @dev}, 0x10)
close(r4)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
r6 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d312c757466383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f72746e616d653d6d697865642c73686f72746e616d653d6c6f7765722c646f733178666c6f7070792c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee9bf46262f3a2b1452bf206c0e2ae8a465e6e1be6eeb5d588035a24458d476fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9", @ANYRES8], 0xfe, 0x2ae, &(0x7f0000000a40)="$eJzs3c9qY1UYAPDvpkka7SJZuBLBu5iFG8tkti7MIBXErpQs/AM6ODMwNGGggcCoGGblE7hw4Xu4cy+48Q0EH8CdgxSO3NzbJLZp2rSmlfr7bXo45/vu+U7uabO43NPPXxsePHw6evz869+i1cqi1otevMiiE7U4lioBANwKL1KKPy71/V6vbaomAGCzFr7/G2eEbJ/uenvTZQEAG/ThRx+/f39/f++DPG9FDL8d97Mof5bj9x/HkxjEo7gb7TiaPwtIqWy/+97+XtTzQifuDCfjfpE5/OyXxccGRX432tFZnt/NSwv5k3G/ES9HZFnEk15RyL1oxyun8ovxvXtL8qPfjDda1SKL+XejHb9+EU9jEA+nzzTm83/TzfN30nd/fvVJEVzkZ5Nxf3saN5e2rvveAAAAAAAAAAAAAAAAAAAAAABwe+3mM524Myy6qvN3to6m47v/GJ+er1Objpf5WURz2jhxPtAkxQ/H5+vczfM8ZWX8/Hyferxaj/qNLRwAAAAAAAAAAAAAAAAAAAD+Q0bPvjx4MBg8OvxXGtVL/rPX+i97nd5Cz+uxOnh7rbliqwovaj0Z0/350+Gsp1jEZYofN/KIVTU3TvW8VNRz/pX/SimlLIu42m1qXGSucxo7q2OKD/in73fePHiQnfcZto5v3I+LQ804HD07cU8jW6fCtNb2a66IaVY75kLX2bniL9Fbv5eTVT3ZGqtoVI04a/u11trP1/c3CAAAAAAAAAAAAAAAAAAAKM1f+l0y+Hxlam1jRQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANZv///81GpMqeXlMSmky62nG4eiGlwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wN8BAAD//7DYbww=")
bind$l2tp6(r0, &(0x7f0000000680)={0xa, 0x0, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x101, 0x2}, 0x20)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r7, 0x0, 0xd, &(0x7f0000000000)='S', 0x1)
r8 = ioctl$TIOCGPTPEER(r3, 0x5441, 0x7fff)
ioctl$TIOCGPGRP(r8, 0x540f, &(0x7f00000009c0))
getsockopt$inet_opts(r7, 0x0, 0x400000000000009, 0x0, &(0x7f0000000080))
r9 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r6, r9, 0x0, 0x800000009)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x5, 0x4e, 0x1, 0x1, 0x0, 0x674d, 0x108, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000100), 0x8}, 0x510, 0x6, 0x6, 0x7, 0x9, 0x281, 0xf23, 0x0, 0x42, 0x0, 0x4964}, 0xffffffffffffffff, 0x6, r9, 0x2)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x8, 0x10, 0x6169, 0x9, 0xd3, 0x0, 0xffffeffa, 0x7, 0x2ac8}}}}]}, 0x58}}, 0x44080)
syz_clone3(&(0x7f00000004c0)={0x2000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
rt_sigaction(0x2f, &(0x7f0000000840)={&(0x7f00000007c0)="66660f38dd5a86450fafd665f2abc401d5f336c461f8ae11ff7609f3440f2a1bc4a3ed696c2c01080f18cfc44279357100", 0x1, &(0x7f0000000800)="c4e1fd50e26645d94100c443f962cebdc442013d51242e0f749b3ef3551affa88b2918fb660f64d53e40d0ddff063e66460f3a42c7db", {[0x3]}}, &(0x7f0000000940)={&(0x7f0000000880)="c4c279245df00f01c066410fc5e1d8c4820bf79d410000000fe4550367676644dfd5c483e9785300a20f970b44a3a32c000000000000c461fd10de", 0x0, &(0x7f00000008c0)="0f1ee8c4c253f6260f0fabae00000090470f8b1b08161f8fc978829b69000000c4817951b11ed46d29660f1bc066450f38057709c4c235dc81feefffff420fd28b000060ff"}, 0x8, &(0x7f0000000980))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000740)={'syztnl1\x00', &(0x7f00000006c0)={'syztnl2\x00', r5, 0x4, 0xff, 0xb4, 0xe30b, 0x32, @ipv4={'\x00', '\xff\xff', @multicast2}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x10, 0x8000, 0x0, 0x4}})
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x8008)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r5, {}, {0x9, 0xa}, {0x1, 0x10}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x2}}]}, 0x30}, 0x1, 0x0, 0x0, 0x55}, 0x4000)

1m53.254529759s ago: executing program 2 (id=619):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x16, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000060060000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x7fff, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
r4 = getpgrp(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x1f, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85000000430000009574711c344eb77d0fc6a834a0bad55e40f81b9e4d84d2f107797be72f37a6c266d27ef0b6d486eca22ea0567b02b78387b57358fe0c587adc6d78fd2c83cdd7a294aea66c875d6ba0e6e904f5a47bc9e4a8fad6776846c23901564f0030a9aad095c867f94ee0404b31274d84426e9552d75ce5faf82a8710f3e750b9eec90239ff35f3d63913eaeb00"/217], 0x0, 0x10000004, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000203010200000000000000000000000008000340000000000900020000000000020000000800010001"], 0x30}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r8}, 0x10)
syz_clone3(&(0x7f00000007c0)={0x40120000, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0x39, 0x1ff, 0xfffffffb, 0x22c5, 0xb04, <r9=>0xffffffffffffffff})
r10 = socket$kcm(0x2, 0x3, 0x84)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
sendmsg$inet(r10, &(0x7f0000001000)={&(0x7f0000000080)={0x2, 0x29, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="d40a000040000000180000000000000000000000743039fe95"], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42}, 0x94)
kcmp(r4, r9, 0x4, r3, r0)
r13 = shmget(0x0, 0x1000, 0x100, &(0x7f0000ffd000/0x1000)=nil)
shmctl$IPC_RMID(r13, 0x0)
shmat(r13, &(0x7f0000ffc000/0x3000)=nil, 0x6000)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002600)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x548, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe40c, 0x0, 0x0, 0x0, 0x240000, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x518eaa54, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8001, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xf2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x550, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x800000, 0x4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x8000009, 0x934a, {0x10, 0x2, 0x5, 0x4, 0x3, 0x100}, {0xf9, 0x2, 0x100, 0x81, 0xa}, 0x63febb3a, 0x4, 0x85}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x0, 0x1}}}}]}]}, 0x488}}, 0x0)

1m52.719726176s ago: executing program 2 (id=627):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

1m52.663879967s ago: executing program 32 (id=627):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)

5.145881814s ago: executing program 0 (id=2255):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$vga_arbiter(r1, &(0x7f0000000100)=@other={'lock', ' ', 'none'}, 0xa)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000180))

5.076173754s ago: executing program 0 (id=2257):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r1, 0x4004550c, 0x0)

4.243580335s ago: executing program 0 (id=2266):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)

4.242913935s ago: executing program 0 (id=2268):
socket$inet6(0xa, 0x3, 0x3c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES8, @ANYRES32=0x0, @ANYRES32], 0x48)
openat$incfs(0xffffffffffffff9c, 0x0, 0x20000, 0x140)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x8000, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x20, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x31, 0x0, 0x53047d57ead3861d, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffbffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r4], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)

3.717346102s ago: executing program 1 (id=2269):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000000000040ac059f0200000000000109022400010000d005090400b9010300010009210008050122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00221800000046"], 0x0}, 0x0)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)

3.158242249s ago: executing program 3 (id=2273):
r0 = socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
link(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000300)='./file0\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x403, 0x0, 0x300, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gre={{0x8}, {0x4}}}]}, 0x30}, 0x1, 0xba01, 0x0, 0x4004001}, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r8, &(0x7f0000001280)=""/4089, 0xff9)

2.959824742s ago: executing program 4 (id=2275):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000ffffffff850000000e00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x2)
readv(r1, &(0x7f00000008c0)=[{&(0x7f00000002c0)=""/156, 0x9c}], 0x1)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x2)

2.566540977s ago: executing program 5 (id=2276):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sync()

2.487795268s ago: executing program 4 (id=2277):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

2.423936308s ago: executing program 4 (id=2278):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="80008e020a000200aaaa"], 0x28}}, 0x0)

2.423637068s ago: executing program 4 (id=2279):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
sendmmsg$inet(r0, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="717aaef143af52", 0x7}], 0x1}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="d56289416b", 0x5}], 0x1}}, {{0x0, 0x0, &(0x7f00000023c0)=[{&(0x7f0000000080)="c2ec", 0x2}], 0x1}}], 0x3, 0x0)

2.261026941s ago: executing program 3 (id=2280):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000300)={0xffffffffffffffff, 0x0, 0x0, 0x7f})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="060000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r5, 0xffffffffffffffff, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})

2.124846812s ago: executing program 1 (id=2281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
readlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000740)=""/4096, 0x1000)

2.106093223s ago: executing program 1 (id=2282):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

1.279935153s ago: executing program 0 (id=2283):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x4c001, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0x8, 0x89110041, 0x0, 0x0)

1.276980084s ago: executing program 4 (id=2284):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000140)=[0x0])
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

1.271784594s ago: executing program 1 (id=2285):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r4, &(0x7f0000001280), 0x6)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})

1.261331774s ago: executing program 5 (id=2286):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700"], 0x48)
socket$igmp(0x2, 0x3, 0x2)
inotify_init()
epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f0000000280)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)

443.525754ms ago: executing program 0 (id=2287):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000005c0)={[{@discard}, {@bh}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r1, &(0x7f0000004200)='t', 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00"/11], 0x48)
prctl$PR_GET_FPEMU(0x9, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

360.615215ms ago: executing program 5 (id=2288):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="020100000e000000000000000000000005000600"], 0x70}, 0x1, 0x7}, 0x0)

359.960135ms ago: executing program 3 (id=2289):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

344.270785ms ago: executing program 4 (id=2290):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000040)={{0x1}})
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0x4, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
write(0xffffffffffffffff, 0x0, 0x0)
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/vlan0\x00')
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r2, 0x8923, &(0x7f0000000040)={'vlan0\x00', 0x40})
write$P9_RUNLINKAT(r1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)

207.320007ms ago: executing program 1 (id=2291):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x1, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x2001, 0x0)

206.788117ms ago: executing program 5 (id=2292):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
getpeername(r0, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffe1a, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00N\b\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
close(0xffffffffffffffff)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x10)
setgid(0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0x3fe3aa0262d8c583, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0xe}}, [@TCA_STAB={0x4}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x30}}, 0x4048000)
sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

206.414067ms ago: executing program 1 (id=2293):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000050000106a05310300000000000109022400010000800009040002090300010009210000000122000509058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x5, 0x71, &(0x7f0000000540)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x2, 0x1, 0x7, 0x10, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x1, 'tZ/'}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x10, 0x3, 0xe117, 0x1}, {0x6, 0x24, 0x1a, 0xc, 0x8}}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x9, 0x2, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xfb, 0xa, 0x83}}, {{0x9, 0x5, 0x3, 0x2, 0x40, 0x3d, 0x5, 0x2}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f0000000180)={0x14, &(0x7f0000000040)={0x20, 0x24, 0x2, {0x2, 0x1a}}, &(0x7f0000000100)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000400)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="9c4b9343d6ca1c1b075c67f17320e00a4996"], 0x0, 0x0, &(0x7f0000000280)={0x20, 0x80, 0x1c, {0x1, 0x8, 0x7, 0xb, 0x8, 0xeb8, 0x2, 0x33, 0xb, 0x7, 0x1ff, 0x3}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

115.800918ms ago: executing program 3 (id=2294):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2808080, &(0x7f0000000680)={[{@numtail}, {@numtail}, {@uni_xlateno}, {@shortname_winnt}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8no}, {@numtail}, {@rodir}, {@fat=@showexec}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@shortname_winnt}, {@shortname_winnt}, {@rodir}]}, 0x81, 0x2ba, &(0x7f00000003c0)="$eJzs3c+KI0UYAPCvJ52ZRBeSgycRbNCDp2Fnn2AHGWFxTkof9KLiZkEmYWECgVUx7sm74Ml38Am8+ABeBB/Ag0fBm3sQW5Lu/J1O2JFMlPH3u8zXVfVVV1XXzECgKx++Mrh4+Hj46Onnv0SrlcTB/bgfz5LoxkHMfBkAwG3yrCji96IUcbi1bTqtLzrV1cF+RggA7Nrq/38A4P/g3ffef/v0/PzsnSxrRQy+GuVJRAySUV7Wnz6KT6Ifvbgbnfgzopgr4zsPzs8izbLZhwGjduQRgw9+rK5Pf4uY5p9EJ7pX8996cH52kpXi9cF4lE/uPPnZjBeSiNMiKTu6F514KaJoRtXJIv9eTX7kh/HGa99W4/+rF8fRiZ8+jsfRj4fTLhb5X5xk2ZvFN398Vs4gj0jGo/xo2m6haOztoQAAAAAAAAAAAAAAAAAAAAAAcOsdZ3Pd5fNzZqcBHh/X10/PB2rUnA9UnfAzXjpf526WZbNjfEZ5M8r8NF5OI/1XJw8AAAAAAAAAAAAAAAAAAAD/EcMnn1581O/3LleCH4r1kpqgeqM/qpJ0qSpdrdreT01w8V3E9bOeJ4hGNbR+cuUWswk9d4fp5sZH1xlYu66fONi0hmk/ysF/ff1FeHXrBBs1WcU/WOfZ7ppski2NGzF80ioneKe9WrW0M9tVZ5fD6QNqb9q0q0FRs3SNjVmHO9pjhy/udtNOZtycL+Zqm9bkSS6VNHf8m7ImuYk/PwAAAAAAAAAAAAAAAAAAwJLFS7/x65XKp1tTv//5BscFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPu0+P7/eRDd9ZL1YFwl9+rS14Kjy2HNbbt7niYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC33N8BAAD//w2EV5M=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

109.624709ms ago: executing program 5 (id=2295):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b7, 0x0, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x77, 0x0, 0x0, 0x0, 0x3, 0x248a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x5, 0x0, 0xf439})
r0 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8}, 0x0)
pipe(&(0x7f0000000340))
r1 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
ioctl$MON_IOCG_STATS(r1, 0xc0109207, &(0x7f00000000c0))

11.862079ms ago: executing program 3 (id=2296):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f0000000280)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r2, 0x4008550d, 0x0)

2.10813ms ago: executing program 5 (id=2297):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x800)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, 0x0, 0x4044020)
getpid()
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000440)={0x24, &(0x7f0000000340)={0x40, 0x6, 0x2, {0x2, 0xd}}, &(0x7f0000000ac0)={0x0, 0x3, 0x31, @string={0x31, 0x3, "cf46fb3d162e4cfb2fb913b2667ef55c1cca3abd6c93108cafb59856919c8009a0ad5b0ff78ee75ff25593eefaa737"}}, &(0x7f00000003c0)={0x0, 0x22, 0x5, {[@main=@item_012={0x1, 0x0, 0x9, "ed"}, @global=@item_012={0x0, 0x1, 0xb}, @main=@item_012={0x1, 0x0, 0x8, "eb"}]}}, 0x0}, &(0x7f0000000a80)={0x2c, 0x0, &(0x7f0000000480)={0x0, 0xa, 0x1, 0x2}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000940)={0x20, 0x1, 0x39, "f863bac923cc682499d56d43e6861d1a439b555dd58ebb2c6aff9d9bd3dc5755bb879d106ac110c60d30599e6d117a9cf22f41bed03fae2534"}, 0x0})

0s ago: executing program 3 (id=2298):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
pause()

kernel console output (not intermixed with test programs):

 148.343470][ T9892] program syz.0.1454 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  148.408665][ T9899] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1455'.
[  148.416901][ T9901] loop3: detected capacity change from 0 to 1024
[  148.424761][ T9901] EXT4-fs: Ignoring removed nobh option
[  148.443111][ T9901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.469916][ T9901] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.1458: Allocating blocks 385-513 which overlap fs metadata
[  148.555809][ T9901] EXT4-fs (loop3): pa ffff888106a24460: logic 16, phys. 129, len 24
[  148.564184][ T9901] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  148.614753][ T9912] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1460'.
[  148.659193][ T9919] loop1: detected capacity change from 0 to 2048
[  148.667809][ T9920] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1462'.
[  148.684491][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.686196][ T9922] netlink: 'syz.5.1464': attribute type 1 has an invalid length.
[  148.713893][ T9919] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.729169][ T9924] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1465'.
[  148.747708][ T9919] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.750633][ T9922] 8021q: adding VLAN 0 to HW filter on device bond3
[  148.781915][ T9930] bond3: (slave veth7): Enslaving as an active interface with a down link
[  148.784089][ T9933] program syz.0.1467 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  148.842733][ T9922] bond2: (slave dummy0): Releasing active interface
[  148.850583][ T9922] dummy0: left promiscuous mode
[  148.874785][ T9922] bond3: (slave dummy0): making interface the new active one
[  148.893284][ T9922] dummy0: entered promiscuous mode
[  148.898649][ T9922] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  148.967048][ T9942] wg2: left promiscuous mode
[  148.973145][ T9942] wg2: left allmulticast mode
[  149.016333][ T9942] wg2: entered promiscuous mode
[  149.023700][ T9942] wg2: entered allmulticast mode
[  149.182904][ T9950] loop5: detected capacity change from 0 to 128
[  149.232083][ T9950] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  149.240244][ T9950] FAT-fs (loop5): Filesystem has been set read-only
[  149.281356][ T9950] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  149.289342][ T9950] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  149.811964][ T9964] program syz.0.1478 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  149.880432][ T9967] loop3: detected capacity change from 0 to 1024
[  149.932631][ T9970] netlink: 'syz.4.1480': attribute type 1 has an invalid length.
[  149.969056][ T9970] 8021q: adding VLAN 0 to HW filter on device bond9
[  150.033123][ T9980] program syz.0.1484 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  150.042678][ T9976] loop3: detected capacity change from 0 to 2048
[  150.057105][ T9970] bond9: (slave veth21): Enslaving as an active interface with a down link
[  150.083128][ T9976] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.085669][ T9983] bond9: (slave dummy0): making interface the new active one
[  150.104527][ T9976] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.108370][ T9983] dummy0: entered promiscuous mode
[  150.119173][ T9983] bond9: (slave dummy0): Enslaving as an active interface with an up link
[  150.161696][ T9989] futex_wake_op: syz.1.1487 tries to shift op by 144; fix this program
[  150.358944][T10007] loop5: detected capacity change from 0 to 1024
[  150.388574][T10009] program syz.4.1495 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  150.404775][T10010] loop3: detected capacity change from 0 to 128
[  150.442103][T10010] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.450009][T10010] FAT-fs (loop3): Filesystem has been set read-only
[  150.485462][T10010] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.490731][T10011] wg2: entered promiscuous mode
[  150.493370][T10010] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.506203][T10011] wg2: entered allmulticast mode
[  150.588586][T10018] loop5: detected capacity change from 0 to 128
[  150.623086][T10018] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  150.630963][T10018] FAT-fs (loop5): Filesystem has been set read-only
[  150.648019][T10018] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  150.656004][T10018] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  151.369492][T10048] __nla_validate_parse: 3 callbacks suppressed
[  151.369511][T10048] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1507'.
[  151.543096][   T29] kauditd_printk_skb: 307 callbacks suppressed
[  151.543153][   T29] audit: type=1400 audit(1751523674.541:6170): avc:  denied  { write } for  pid=10044 comm="syz.1.1507" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  151.745131][   T29] audit: type=1400 audit(1751523674.731:6171): avc:  denied  { create } for  pid=10050 comm="syz.0.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  151.764820][   T29] audit: type=1400 audit(1751523674.731:6172): avc:  denied  { setopt } for  pid=10050 comm="syz.0.1509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  151.875738][T10057] loop4: detected capacity change from 0 to 2048
[  151.939333][T10057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  152.026283][   T29] audit: type=1400 audit(1751523674.791:6173): avc:  denied  { mounton } for  pid=10055 comm="syz.4.1511" path="/313/file0" dev="tmpfs" ino=1682 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  152.036835][T10057] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.049186][   T29] audit: type=1400 audit(1751523674.801:6174): avc:  denied  { mount } for  pid=10055 comm="syz.4.1511" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  152.080281][   T29] audit: type=1400 audit(1751523674.801:6175): avc:  denied  { write } for  pid=10055 comm="syz.4.1511" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.101229][   T29] audit: type=1400 audit(1751523674.801:6176): avc:  denied  { open } for  pid=10055 comm="syz.4.1511" path="/313/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.123660][   T29] audit: type=1400 audit(1751523674.841:6177): avc:  denied  { unmount } for  pid=6657 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  152.143605][   T29] audit: type=1400 audit(1751523674.871:6178): avc:  denied  { open } for  pid=10058 comm="syz.1.1512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  152.162945][   T29] audit: type=1400 audit(1751523674.871:6179): avc:  denied  { kernel } for  pid=10058 comm="syz.1.1512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  152.226489][T10067] loop5: detected capacity change from 0 to 1024
[  152.234961][T10065] wg2: left promiscuous mode
[  152.241032][T10065] wg2: left allmulticast mode
[  152.351425][T10072] wg2: entered promiscuous mode
[  152.356389][T10072] wg2: entered allmulticast mode
[  152.389667][T10078] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1517'.
[  152.460730][T10080] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1518'.
[  152.582405][T10090] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1520'.
[  152.673002][T10100] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1521'.
[  152.697599][T10099] netlink: 'syz.5.1524': attribute type 1 has an invalid length.
[  152.733727][T10099] 8021q: adding VLAN 0 to HW filter on device bond4
[  152.768764][T10107] bond4: (slave veth9): Enslaving as an active interface with a down link
[  152.788139][T10109] loop1: detected capacity change from 0 to 128
[  152.805486][T10113] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1526'.
[  152.811860][T10109] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  152.822378][T10109] FAT-fs (loop1): Filesystem has been set read-only
[  152.836994][T10099] bond3: (slave dummy0): Releasing active interface
[  152.839394][T10109] bio_check_eod: 44929 callbacks suppressed
[  152.839413][T10109] syz.1.1527: attempt to access beyond end of device
[  152.839413][T10109] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  152.853839][T10099] dummy0: left promiscuous mode
[  152.872440][T10109] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  152.876404][T10099] bond4: (slave dummy0): making interface the new active one
[  152.880366][T10109] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  152.897256][T10109] syz.1.1527: attempt to access beyond end of device
[  152.897256][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.911025][T10099] dummy0: entered promiscuous mode
[  152.911750][T10116] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1529'.
[  152.916371][T10099] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  152.934400][T10109] syz.1.1527: attempt to access beyond end of device
[  152.934400][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.948078][T10109] syz.1.1527: attempt to access beyond end of device
[  152.948078][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.961597][T10109] syz.1.1527: attempt to access beyond end of device
[  152.961597][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.975516][T10109] syz.1.1527: attempt to access beyond end of device
[  152.975516][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  152.989921][T10109] syz.1.1527: attempt to access beyond end of device
[  152.989921][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.003247][T10109] syz.1.1527: attempt to access beyond end of device
[  153.003247][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.016522][T10109] syz.1.1527: attempt to access beyond end of device
[  153.016522][T10109] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.029891][T10118] syz.1.1527: attempt to access beyond end of device
[  153.029891][T10118] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  153.311081][T10130] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1533'.
[  153.786418][T10148] wg2: left promiscuous mode
[  153.793190][T10148] wg2: left allmulticast mode
[  153.856579][T10151] wg2: entered promiscuous mode
[  153.861563][T10151] wg2: entered allmulticast mode
[  153.872931][T10156] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1541'.
[  154.182356][T10159] hub 6-0:1.0: USB hub found
[  154.193933][T10159] hub 6-0:1.0: 8 ports detected
[  154.240262][T10166] program syz.0.1544 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.819291][T10185] program syz.0.1547 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  155.007322][T10194] loop3: detected capacity change from 0 to 2048
[  155.061307][T10194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.083643][T10194] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.418230][T10211] futex_wake_op: syz.5.1553 tries to shift op by 144; fix this program
[  155.483701][T10216] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1554'.
[  155.529306][T10218] wg2: left promiscuous mode
[  155.536273][T10218] wg2: left allmulticast mode
[  155.573036][T10218] wg2: entered promiscuous mode
[  155.578556][T10218] wg2: entered allmulticast mode
[  155.897125][T10227] loop5: detected capacity change from 0 to 1024
[  156.083878][T10258] loop4: detected capacity change from 0 to 1024
[  156.151408][T10274] futex_wake_op: syz.5.1566 tries to shift op by 144; fix this program
[  156.569620][T10282] __nla_validate_parse: 1 callbacks suppressed
[  156.569641][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1569'.
[  156.627947][T10284] loop5: detected capacity change from 0 to 1024
[  156.631859][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  156.631878][   T29] audit: type=1326 audit(1751523679.111:6317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54207e929 code=0x7ffc0000
[  156.664083][   T29] audit: type=1326 audit(1751523679.111:6318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd54207d290 code=0x7ffc0000
[  156.687523][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1569'.
[  156.696563][   T29] audit: type=1326 audit(1751523679.111:6319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54207e929 code=0x7ffc0000
[  156.720111][   T29] audit: type=1326 audit(1751523679.111:6320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54207e929 code=0x7ffc0000
[  156.743647][   T29] audit: type=1400 audit(1751523679.111:6321): avc:  denied  { create } for  pid=10271 comm="syz.0.1565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  156.763183][   T29] audit: type=1400 audit(1751523679.111:6322): avc:  denied  { setopt } for  pid=10271 comm="syz.0.1565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  156.783138][   T29] audit: type=1400 audit(1751523679.221:6323): avc:  denied  { create } for  pid=10254 comm="syz.3.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  156.802733][   T29] audit: type=1400 audit(1751523679.221:6324): avc:  denied  { setopt } for  pid=10254 comm="syz.3.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  156.822512][   T29] audit: type=1326 audit(1751523679.251:6325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd54207e929 code=0x7ffc0000
[  156.828969][T10290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1572'.
[  156.846081][   T29] audit: type=1326 audit(1751523679.251:6326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10257 comm="syz.4.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd54207e929 code=0x7ffc0000
[  157.033282][T10325] FAULT_INJECTION: forcing a failure.
[  157.033282][T10325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.046483][T10325] CPU: 0 UID: 0 PID: 10325 Comm: syz.3.1576 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  157.046518][T10325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.046533][T10325] Call Trace:
[  157.046541][T10325]  <TASK>
[  157.046615][T10325]  __dump_stack+0x1d/0x30
[  157.046738][T10325]  dump_stack_lvl+0xe8/0x140
[  157.046809][T10325]  dump_stack+0x15/0x1b
[  157.046830][T10325]  should_fail_ex+0x265/0x280
[  157.046927][T10325]  should_fail+0xb/0x20
[  157.046954][T10325]  should_fail_usercopy+0x1a/0x20
[  157.047017][T10325]  _copy_to_user+0x20/0xa0
[  157.047045][T10325]  copy_siginfo_to_user+0x22/0xb0
[  157.047073][T10325]  x64_setup_rt_frame+0x2b5/0x580
[  157.047136][T10325]  arch_do_signal_or_restart+0x27c/0x480
[  157.047165][T10325]  exit_to_user_mode_loop+0x7a/0x100
[  157.047197][T10325]  do_syscall_64+0x1d6/0x200
[  157.047221][T10325]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  157.047323][T10325]  ? clear_bhb_loop+0x40/0x90
[  157.047344][T10325]  ? clear_bhb_loop+0x40/0x90
[  157.047381][T10325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.047484][T10325] RIP: 0033:0x7fdd9f39e927
[  157.047502][T10325] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  157.047524][T10325] RSP: 002b:00007fdd9da07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  157.047626][T10325] RAX: 0000000000000013 RBX: 00007fdd9f5c5fa0 RCX: 00007fdd9f39e929
[  157.047641][T10325] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  157.047655][T10325] RBP: 00007fdd9da07090 R08: 0000000000000000 R09: 0000000000000000
[  157.047670][T10325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.047713][T10325] R13: 0000000000000000 R14: 00007fdd9f5c5fa0 R15: 00007ffc3de04df8
[  157.047736][T10325]  </TASK>
[  157.274904][T10290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1572'.
[  157.299321][T10338] futex_wake_op: syz.4.1578 tries to shift op by 144; fix this program
[  157.304028][T10337] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1579'.
[  157.391346][T10354] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1585'.
[  157.423139][T10345] loop3: detected capacity change from 0 to 1024
[  157.463544][T10352] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1584'.
[  157.560687][T10365] program syz.3.1589 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  158.505555][T10361] loop1: detected capacity change from 0 to 1024
[  158.535920][T10365] loop3: detected capacity change from 0 to 1024
[  158.561295][T10375] FAULT_INJECTION: forcing a failure.
[  158.561295][T10375] name failslab, interval 1, probability 0, space 0, times 0
[  158.574030][T10375] CPU: 0 UID: 0 PID: 10375 Comm: syz.0.1592 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  158.574117][T10375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  158.574130][T10375] Call Trace:
[  158.574145][T10375]  <TASK>
[  158.574155][T10375]  __dump_stack+0x1d/0x30
[  158.574180][T10375]  dump_stack_lvl+0xe8/0x140
[  158.574212][T10375]  dump_stack+0x15/0x1b
[  158.574232][T10375]  should_fail_ex+0x265/0x280
[  158.574338][T10375]  should_failslab+0x8c/0xb0
[  158.574368][T10375]  kmem_cache_alloc_node_noprof+0x57/0x320
[  158.574396][T10375]  ? __alloc_skb+0x101/0x320
[  158.574460][T10375]  __alloc_skb+0x101/0x320
[  158.574495][T10375]  netlink_alloc_large_skb+0xba/0xf0
[  158.574532][T10375]  netlink_sendmsg+0x3cf/0x6b0
[  158.574554][T10375]  ? __pfx_netlink_sendmsg+0x10/0x10
[  158.574599][T10375]  __sock_sendmsg+0x145/0x180
[  158.574628][T10375]  ____sys_sendmsg+0x31e/0x4e0
[  158.574696][T10375]  ___sys_sendmsg+0x17b/0x1d0
[  158.574775][T10375]  __x64_sys_sendmsg+0xd4/0x160
[  158.574823][T10375]  x64_sys_call+0x2999/0x2fb0
[  158.574846][T10375]  do_syscall_64+0xd2/0x200
[  158.574866][T10375]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  158.575010][T10375]  ? clear_bhb_loop+0x40/0x90
[  158.575039][T10375]  ? clear_bhb_loop+0x40/0x90
[  158.575068][T10375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.575095][T10375] RIP: 0033:0x7f094677e929
[  158.575113][T10375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.575159][T10375] RSP: 002b:00007f0944de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  158.575182][T10375] RAX: ffffffffffffffda RBX: 00007f09469a5fa0 RCX: 00007f094677e929
[  158.575217][T10375] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000005
[  158.575297][T10375] RBP: 00007f0944de7090 R08: 0000000000000000 R09: 0000000000000000
[  158.575313][T10375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.575329][T10375] R13: 0000000000000000 R14: 00007f09469a5fa0 R15: 00007ffff76ca8f8
[  158.575349][T10375]  </TASK>
[  158.843317][T10380] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1593'.
[  158.855422][T10365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.880097][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1595'.
[  158.895514][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1595'.
[  158.921483][T10365] EXT4-fs (loop3): shut down requested (2)
[  158.930075][T10365] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  158.947453][T10365] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  158.962083][T10393] loop5: detected capacity change from 0 to 1024
[  158.998866][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.062561][T10408] program syz.3.1603 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  159.137079][T10413] program syz.5.1606 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  159.460271][T10437] loop3: detected capacity change from 0 to 1024
[  159.524511][T10441] program syz.5.1616 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  159.540014][T10441] loop5: detected capacity change from 0 to 1024
[  159.554006][T10441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.572261][T10441] EXT4-fs (loop5): shut down requested (2)
[  159.581521][T10441] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  159.590686][T10441] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  159.609734][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.695299][T10449] loop3: detected capacity change from 0 to 128
[  159.706216][T10449] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  159.714134][T10449] FAT-fs (loop3): Filesystem has been set read-only
[  159.723751][T10449] bio_check_eod: 8669 callbacks suppressed
[  159.723768][T10449] syz.3.1619: attempt to access beyond end of device
[  159.723768][T10449] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  159.745297][T10449] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  159.753288][T10449] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  159.783015][T10449] syz.3.1619: attempt to access beyond end of device
[  159.783015][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.796542][T10449] syz.3.1619: attempt to access beyond end of device
[  159.796542][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.810800][T10449] syz.3.1619: attempt to access beyond end of device
[  159.810800][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.826015][T10449] syz.3.1619: attempt to access beyond end of device
[  159.826015][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.842911][T10449] syz.3.1619: attempt to access beyond end of device
[  159.842911][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.858620][T10449] syz.3.1619: attempt to access beyond end of device
[  159.858620][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.876854][T10449] syz.3.1619: attempt to access beyond end of device
[  159.876854][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.890321][T10449] syz.3.1619: attempt to access beyond end of device
[  159.890321][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.914054][T10449] syz.3.1619: attempt to access beyond end of device
[  159.914054][T10449] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  159.927538][T10460] 9pnet_fd: Insufficient options for proto=fd
[  159.967257][T10458] set match dimension is over the limit!
[  160.109076][T10470] netlink: 'syz.4.1627': attribute type 1 has an invalid length.
[  160.169828][T10470] 8021q: adding VLAN 0 to HW filter on device bond10
[  160.286461][T10476] program syz.1.1628 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.299277][T10474] bond10: (slave veth23): Enslaving as an active interface with a down link
[  160.316099][T10476] loop1: detected capacity change from 0 to 1024
[  160.353690][T10476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.369292][T10476] EXT4-fs (loop1): shut down requested (2)
[  160.383924][T10476] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  160.396715][T10476] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  160.407564][T10470] bond9: (slave dummy0): Releasing active interface
[  160.425429][T10470] dummy0: left promiscuous mode
[  160.431967][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.445874][T10470] bond10: (slave dummy0): making interface the new active one
[  160.461831][T10470] dummy0: entered promiscuous mode
[  160.467639][T10470] bond10: (slave dummy0): Enslaving as an active interface with an up link
[  160.572715][T10487] loop1: detected capacity change from 0 to 1024
[  160.634093][T10497] 9pnet_fd: Insufficient options for proto=fd
[  160.676214][T10502] program syz.0.1635 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.738194][T10509] capability: warning: `syz.4.1639' uses deprecated v2 capabilities in a way that may be insecure
[  160.765981][T10509] loop4: detected capacity change from 0 to 1024
[  160.775240][T10511] loop5: detected capacity change from 0 to 2048
[  160.827739][T10511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.875722][T10511] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.962967][T10531] 9pnet_fd: Insufficient options for proto=fd
[  161.003170][T10535] loop3: detected capacity change from 0 to 1024
[  161.178182][T10541] wg2: left promiscuous mode
[  161.186937][T10541] wg2: left allmulticast mode
[  161.196912][T10543] program syz.1.1652 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  161.323512][T10544] wg2: entered promiscuous mode
[  161.328505][T10544] wg2: entered allmulticast mode
[  161.369092][T10546] loop5: detected capacity change from 0 to 1024
[  161.403034][T10546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.447546][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.766176][T10555] __nla_validate_parse: 10 callbacks suppressed
[  161.766196][T10555] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1656'.
[  161.910505][   T29] kauditd_printk_skb: 275 callbacks suppressed
[  161.910524][   T29] audit: type=1400 audit(1751523684.901:6602): avc:  denied  { getopt } for  pid=10559 comm="syz.4.1659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  162.001294][   T29] audit: type=1400 audit(1751523684.971:6603): avc:  denied  { tracepoint } for  pid=10559 comm="syz.4.1659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  162.065652][   T29] audit: type=1400 audit(1751523685.051:6604): avc:  denied  { create } for  pid=10557 comm="syz.5.1657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  162.085379][   T29] audit: type=1400 audit(1751523685.051:6605): avc:  denied  { bpf } for  pid=10557 comm="syz.5.1657" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  162.106088][   T29] audit: type=1400 audit(1751523685.051:6606): avc:  denied  { setopt } for  pid=10557 comm="syz.5.1657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  162.125705][   T29] audit: type=1400 audit(1751523685.061:6607): avc:  denied  { create } for  pid=10564 comm="syz.1.1660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  162.146261][   T29] audit: type=1400 audit(1751523685.061:6608): avc:  denied  { write } for  pid=10564 comm="syz.1.1660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  162.224965][T10570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1661'.
[  162.296361][   T29] audit: type=1400 audit(1751523685.171:6609): avc:  denied  { read } for  pid=10564 comm="syz.1.1660" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  162.316837][   T29] audit: type=1400 audit(1751523685.171:6610): avc:  denied  { create } for  pid=10559 comm="syz.4.1659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.319540][T10573] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1662'.
[  162.336470][   T29] audit: type=1400 audit(1751523685.171:6611): avc:  denied  { shutdown } for  pid=10559 comm="syz.4.1659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  162.425599][T10585] program syz.0.1667 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  162.465428][T10578] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1663'.
[  162.488921][T10593] netlink: 280 bytes leftover after parsing attributes in process `syz.1.1669'.
[  162.554613][T10599] loop4: detected capacity change from 0 to 2048
[  162.596446][T10601] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1673'.
[  162.606949][T10606] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1674'.
[  162.626159][T10599] Alternate GPT is invalid, using primary GPT.
[  162.632771][T10599]  loop4: p1 p2 p3
[  162.678040][T10599] loop4: detected capacity change from 0 to 1024
[  162.708016][T10599] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.722244][T10601] bridge_slave_0: left allmulticast mode
[  162.727943][T10601] bridge_slave_0: left promiscuous mode
[  162.733764][T10601] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.742978][T10599] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.755743][T10601] bridge_slave_1: left allmulticast mode
[  162.761509][T10601] bridge_slave_1: left promiscuous mode
[  162.767295][T10601] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.780652][T10601] team0: Port device team_slave_0 removed
[  162.787303][T10601] team0: Port device team_slave_1 removed
[  162.793617][T10601] batman_adv: batadv0: Removing interface: batadv_slave_0
[  162.801578][T10601] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.809941][T10601] bond1: (slave veth3): Releasing active interface
[  162.818023][T10601] bond2: (slave veth5): Releasing active interface
[  162.825676][T10601] bond3: (slave veth7): Releasing active interface
[  162.832914][T10621] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1672'.
[  162.842255][T10601] bond4: (slave veth9): Releasing active interface
[  162.849911][T10601] bond5: (slave veth11): Releasing active interface
[  162.964102][T10628] loop1: detected capacity change from 0 to 1024
[  162.965448][T10631] program syz.5.1680 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  162.996550][T10631] loop5: detected capacity change from 0 to 1024
[  163.068823][T10635] loop1: detected capacity change from 0 to 1024
[  163.113341][T10631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.139481][T10631] EXT4-fs (loop5): shut down requested (2)
[  163.146887][T10631] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  163.157952][T10631] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  163.179853][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.610759][T10648] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1685'.
[  163.637023][T10650] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1686'.
[  163.702339][T10657] loop3: detected capacity change from 0 to 2048
[  163.713710][T10657] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.727304][T10658] wg2: left promiscuous mode
[  163.728407][T10657] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.732715][T10658] wg2: left allmulticast mode
[  163.770775][T10664] wg2: entered promiscuous mode
[  163.775751][T10664] wg2: entered allmulticast mode
[  163.813576][T10669] program syz.3.1693 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  163.855322][T10673] loop5: detected capacity change from 0 to 1024
[  163.862329][T10673] EXT4-fs: Ignoring removed nobh option
[  163.892928][T10673] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.920043][T10673] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1695: Allocating blocks 385-513 which overlap fs metadata
[  163.950669][T10673] EXT4-fs (loop5): pa ffff888106a70ee0: logic 16, phys. 129, len 24
[  163.958872][T10673] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  163.985854][T10686] loop1: detected capacity change from 0 to 128
[  163.995648][T10686] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  164.003794][T10686] FAT-fs (loop1): Filesystem has been set read-only
[  164.010982][T10686] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  164.018934][T10686] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  164.038568][T10679] bond10: (slave dummy0): Releasing active interface
[  164.049856][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.064525][T10679] dummy0: left promiscuous mode
[  164.078430][T10679] bond9: (slave veth21): Releasing active interface
[  164.090683][T10679] bond10: (slave veth23): Releasing active interface
[  164.239217][T10704] loop5: detected capacity change from 0 to 1024
[  164.254643][T10703] loop3: detected capacity change from 0 to 2048
[  164.263268][T10704] EXT4-fs (loop5): orphan cleanup on readonly fs
[  164.271901][T10704] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1701: Failed to acquire dquot type 0
[  164.292561][T10704] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  164.336839][T10704] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1701: corrupted inode contents
[  164.351090][T10704] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1701: mark_inode_dirty error
[  164.363893][T10704] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1701: corrupted inode contents
[  164.376073][T10704] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1701: mark_inode_dirty error
[  164.388726][T10704] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1701: corrupted inode contents
[  164.400815][T10704] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  164.410543][T10704] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1701: corrupted inode contents
[  164.423707][T10704] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1701: mark_inode_dirty error
[  164.457295][T10703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.470830][T10704] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  164.477056][T10703] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.495777][T10704] EXT4-fs (loop5): 1 truncate cleaned up
[  164.511725][T10704] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.551230][T10712] wg2: left promiscuous mode
[  164.557926][T10712] wg2: left allmulticast mode
[  164.576690][T10714] loop3: detected capacity change from 0 to 1024
[  164.589734][T10715] wg2: entered promiscuous mode
[  164.594700][T10715] wg2: entered allmulticast mode
[  164.676279][T10725] program syz.0.1710 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  164.715022][T10727] program syz.0.1712 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  164.731250][T10686] bio_check_eod: 27612 callbacks suppressed
[  164.731269][T10686] syz.1.1698: attempt to access beyond end of device
[  164.731269][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.750603][T10686] syz.1.1698: attempt to access beyond end of device
[  164.750603][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.765282][T10686] syz.1.1698: attempt to access beyond end of device
[  164.765282][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.780624][T10686] syz.1.1698: attempt to access beyond end of device
[  164.780624][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.795703][T10686] syz.1.1698: attempt to access beyond end of device
[  164.795703][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.809682][T10686] syz.1.1698: attempt to access beyond end of device
[  164.809682][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.826448][T10730] program syz.4.1713 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  164.835909][T10686] syz.1.1698: attempt to access beyond end of device
[  164.835909][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.851370][T10686] syz.1.1698: attempt to access beyond end of device
[  164.851370][T10686] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  164.869668][T10730] loop4: detected capacity change from 0 to 1024
[  164.903399][T10730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.923161][T10733] loop3: detected capacity change from 0 to 512
[  164.936646][T10741] netlink: 'syz.1.1716': attribute type 1 has an invalid length.
[  164.946781][T10733] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.958474][T10730] EXT4-fs (loop4): shut down requested (2)
[  164.965886][T10730] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  164.976012][T10730] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  164.998824][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.015859][T10741] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.026928][T10733] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.052789][T10733] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.073209][T10744] bond0: (slave veth13): Enslaving as an active interface with a down link
[  165.098265][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.114028][T10741] bond0: (slave dummy0): making interface the new active one
[  165.123298][T10741] dummy0: entered promiscuous mode
[  165.128702][T10741] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  165.150654][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.196692][T10754] loop5: detected capacity change from 0 to 1024
[  165.210730][T10753] netlink: 'syz.3.1718': attribute type 1 has an invalid length.
[  165.235977][T10753] 8021q: adding VLAN 0 to HW filter on device bond6
[  165.276148][T10753] bond6: (slave veth15): Enslaving as an active interface with a down link
[  165.357414][T10765] program syz.1.1723 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  165.375168][T10753] bond6: (slave dummy0): making interface the new active one
[  165.387544][T10753] dummy0: entered promiscuous mode
[  165.397752][T10765] loop1: detected capacity change from 0 to 1024
[  165.404691][T10753] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  165.417846][T10764] wg2: left promiscuous mode
[  165.423298][T10764] wg2: left allmulticast mode
[  165.431062][T10765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.455984][T10768] wg2: entered promiscuous mode
[  165.460936][T10768] wg2: entered allmulticast mode
[  165.468616][T10765] EXT4-fs (loop1): shut down requested (2)
[  165.474893][T10765] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  165.490646][T10765] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  165.551874][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.594774][T10772] loop5: detected capacity change from 0 to 128
[  165.603778][T10776] program syz.3.1727 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  165.613947][T10775] loop1: detected capacity change from 0 to 512
[  165.615962][T10772] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  165.628211][T10772] FAT-fs (loop5): Filesystem has been set read-only
[  165.635252][T10772] syz.5.1726: attempt to access beyond end of device
[  165.635252][T10772] loop5: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  165.638156][T10775] EXT4-fs: Ignoring removed mblk_io_submit option
[  165.649081][T10772] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  165.655463][T10775] EXT4-fs: Ignoring removed bh option
[  165.663310][T10772] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  165.678100][T10772] syz.5.1726: attempt to access beyond end of device
[  165.678100][T10772] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  165.692573][T10775] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  165.713449][T10775] EXT4-fs (loop1): 1 truncate cleaned up
[  165.719647][T10775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.770452][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.953997][T10783] SET target dimension over the limit!
[  165.972782][T10786] loop4: detected capacity change from 0 to 1024
[  166.029229][T10783] loop1: detected capacity change from 0 to 8192
[  166.038565][T10783] FAULT_INJECTION: forcing a failure.
[  166.038565][T10783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.051687][T10783] CPU: 1 UID: 0 PID: 10783 Comm: syz.1.1729 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  166.051722][T10783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.051738][T10783] Call Trace:
[  166.051814][T10783]  <TASK>
[  166.051824][T10783]  __dump_stack+0x1d/0x30
[  166.051848][T10783]  dump_stack_lvl+0xe8/0x140
[  166.051873][T10783]  dump_stack+0x15/0x1b
[  166.051890][T10783]  should_fail_ex+0x265/0x280
[  166.051931][T10783]  should_fail+0xb/0x20
[  166.052002][T10783]  should_fail_usercopy+0x1a/0x20
[  166.052056][T10783]  strncpy_from_user+0x25/0x230
[  166.052080][T10783]  ? kmem_cache_alloc_noprof+0x186/0x310
[  166.052112][T10783]  ? getname_flags+0x80/0x3b0
[  166.052149][T10783]  getname_flags+0xae/0x3b0
[  166.052171][T10783]  do_sys_openat2+0x60/0x110
[  166.052244][T10783]  __x64_sys_openat+0xf2/0x120
[  166.052271][T10783]  x64_sys_call+0x1af/0x2fb0
[  166.052295][T10783]  do_syscall_64+0xd2/0x200
[  166.052312][T10783]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  166.052347][T10783]  ? clear_bhb_loop+0x40/0x90
[  166.052424][T10783]  ? clear_bhb_loop+0x40/0x90
[  166.052451][T10783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.052491][T10783] RIP: 0033:0x7faafeb6e929
[  166.052510][T10783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.052603][T10783] RSP: 002b:00007faafd1d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  166.052628][T10783] RAX: ffffffffffffffda RBX: 00007faafed95fa0 RCX: 00007faafeb6e929
[  166.052666][T10783] RDX: 000000000000275a RSI: 0000200000000140 RDI: ffffffffffffff9c
[  166.052683][T10783] RBP: 00007faafd1d7090 R08: 0000000000000000 R09: 0000000000000000
[  166.052698][T10783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.052714][T10783] R13: 0000000000000000 R14: 00007faafed95fa0 R15: 00007fff96c6d8c8
[  166.052738][T10783]  </TASK>
[  166.322867][T10798] netlink: 'syz.1.1733': attribute type 1 has an invalid length.
[  166.347458][T10798] 8021q: adding VLAN 0 to HW filter on device bond6
[  166.367293][T10798] bond6: (slave veth15): Enslaving as an active interface with a down link
[  166.380643][T10798] bond0: (slave dummy0): Releasing active interface
[  166.388524][T10798] dummy0: left promiscuous mode
[  166.400899][T10798] bond6: (slave dummy0): making interface the new active one
[  166.409894][T10798] dummy0: entered promiscuous mode
[  166.415309][T10798] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  166.467752][T10804] loop5: detected capacity change from 0 to 2048
[  166.475117][ T3654] dummy0: left promiscuous mode
[  166.487285][T10804] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.500048][T10804] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.559001][T10812] loop1: detected capacity change from 0 to 2048
[  166.585689][T10812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.621938][T10812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.732837][T10824] bond4: (slave dummy0): Releasing active interface
[  166.736709][T10835] loop1: detected capacity change from 0 to 128
[  166.748133][T10835] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  166.748420][T10824] bridge_slave_0: left allmulticast mode
[  166.756015][T10835] FAT-fs (loop1): Filesystem has been set read-only
[  166.757300][T10835] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  166.761769][T10824] bridge_slave_0: left promiscuous mode
[  166.768534][T10835] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  166.776527][T10824] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.808465][T10824] bridge_slave_1: left allmulticast mode
[  166.811101][T10836] __nla_validate_parse: 16 callbacks suppressed
[  166.811121][T10836] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1745'.
[  166.814227][T10824] bridge_slave_1: left promiscuous mode
[  166.835168][T10824] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.850109][T10824] bond0: (slave bond_slave_0): Releasing backup interface
[  166.860075][T10824] bond0: (slave bond_slave_1): Releasing backup interface
[  166.872638][T10824] team0: Port device team_slave_0 removed
[  166.882243][T10824] team0: Port device team_slave_1 removed
[  166.888303][T10824] batman_adv: batadv0: Removing interface: batadv_slave_0
[  166.909580][T10824] batman_adv: batadv0: Removing interface: batadv_slave_1
[  166.928074][T10824] bond1: (slave veth3): Releasing active interface
[  166.939265][T10824] bond2: (slave veth5): Releasing active interface
[  166.954891][T10824] bond3: (slave veth7): Releasing active interface
[  166.965038][T10824] bond4: (slave veth9): Releasing active interface
[  167.089730][   T29] kauditd_printk_skb: 467 callbacks suppressed
[  167.089745][   T29] audit: type=1400 audit(1751523690.081:7077): avc:  denied  { write } for  pid=10848 comm="syz.3.1751" name="001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  167.122511][T10851] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1750'.
[  167.154993][T10854] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1752'.
[  167.275726][   T29] audit: type=1400 audit(1751523690.271:7078): avc:  denied  { create } for  pid=10863 comm="syz.5.1758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  167.310402][   T29] audit: type=1400 audit(1751523690.271:7079): avc:  denied  { create } for  pid=10863 comm="syz.5.1758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  167.352742][T10870] netlink: 212 bytes leftover after parsing attributes in process `syz.5.1760'.
[  167.386822][T10868] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1759'.
[  167.434027][T10875] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1763'.
[  167.453266][T10877] wg2: left promiscuous mode
[  167.458218][T10877] wg2: left allmulticast mode
[  167.487694][T10877] wg2: entered promiscuous mode
[  167.493854][T10877] wg2: entered allmulticast mode
[  167.509549][   T29] audit: type=1326 audit(1751523690.501:7080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.533342][   T29] audit: type=1326 audit(1751523690.501:7081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.557810][   T29] audit: type=1326 audit(1751523690.551:7082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.581282][   T29] audit: type=1326 audit(1751523690.551:7083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.604829][   T29] audit: type=1326 audit(1751523690.551:7084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.636435][   T29] audit: type=1326 audit(1751523690.551:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.660076][   T29] audit: type=1326 audit(1751523690.551:7086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10878 comm="syz.5.1764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1441f7e929 code=0x7ffc0000
[  167.691776][T10879] loop5: detected capacity change from 0 to 1024
[  167.712129][T10882] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1765'.
[  167.802816][T10897] netlink: 'syz.4.1771': attribute type 1 has an invalid length.
[  167.813488][T10892] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1770'.
[  167.829789][T10897] 8021q: adding VLAN 0 to HW filter on device bond11
[  167.855486][T10892] bond6: (slave dummy0): Releasing active interface
[  167.863433][T10892] dummy0: left promiscuous mode
[  167.872848][T10892] bond0: (slave veth13): Releasing active interface
[  167.880075][T10905] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1772'.
[  167.891124][T10892] bond6: (slave veth15): Releasing active interface
[  167.946103][T10897] bond11: (slave veth25): Enslaving as an active interface with a down link
[  167.958685][T10906] bond11: (slave dummy0): making interface the new active one
[  167.968614][T10906] dummy0: entered promiscuous mode
[  167.974494][T10906] bond11: (slave dummy0): Enslaving as an active interface with an up link
[  168.072978][T10916] loop5: detected capacity change from 0 to 1024
[  168.079922][T10916] EXT4-fs: Ignoring removed nobh option
[  168.108021][T10917] loop1: detected capacity change from 0 to 2048
[  168.147188][T10916] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.155610][T10924] loop3: detected capacity change from 0 to 128
[  168.177965][T10917] Alternate GPT is invalid, using primary GPT.
[  168.180836][T10924] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  168.184409][T10917]  loop1: p1 p2 p3
[  168.192048][T10924] FAT-fs (loop3): Filesystem has been set read-only
[  168.192173][T10924] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  168.199488][T10916] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.1775: Allocating blocks 385-513 which overlap fs metadata
[  168.202465][T10924] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  168.265270][T10911] loop1: detected capacity change from 0 to 1024
[  168.276930][T10916] EXT4-fs (loop5): pa ffff888106a70f50: logic 16, phys. 129, len 24
[  168.285133][T10916] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  168.312884][T10911] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.341380][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.354483][T10911] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.366477][T10934] hub 6-0:1.0: USB hub found
[  168.372616][T10934] hub 6-0:1.0: 8 ports detected
[  168.428567][T10941] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1781'.
[  168.609114][T10959] program syz.0.1783 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  168.618096][T10955] wg2: left promiscuous mode
[  168.624688][T10955] wg2: left allmulticast mode
[  168.734785][T10963] wg2: entered promiscuous mode
[  168.739813][T10963] wg2: entered allmulticast mode
[  169.136224][T11008] loop3: detected capacity change from 0 to 1024
[  169.280069][T11037] loop4: detected capacity change from 0 to 1024
[  169.302616][T11037] EXT4-fs: Ignoring removed nobh option
[  169.308964][T11008] EXT4-fs (loop3): orphan cleanup on readonly fs
[  169.335400][T11037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.393510][T11008] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1787: Failed to acquire dquot type 0
[  169.407709][T11050] wg2: left promiscuous mode
[  169.413750][T11050] wg2: left allmulticast mode
[  169.417606][T11037] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1791: Allocating blocks 385-513 which overlap fs metadata
[  169.427954][T11008] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  169.438061][T11037] EXT4-fs (loop4): pa ffff888106a70ee0: logic 16, phys. 129, len 24
[  169.455163][T11037] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  169.465654][T11008] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1787: corrupted inode contents
[  169.491854][T11008] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #13: comm syz.3.1787: mark_inode_dirty error
[  169.505661][T11041] wg2: entered promiscuous mode
[  169.510563][T11041] wg2: entered allmulticast mode
[  169.519183][T11008] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1787: corrupted inode contents
[  169.546865][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.556198][T11008] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.1787: mark_inode_dirty error
[  169.581287][T11008] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1787: corrupted inode contents
[  169.600146][T11008] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  169.609532][T11008] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1787: corrupted inode contents
[  169.625551][T11057] loop1: detected capacity change from 0 to 128
[  169.628280][T11008] EXT4-fs error (device loop3): ext4_truncate:4597: inode #13: comm syz.3.1787: mark_inode_dirty error
[  169.638362][T11057] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  169.650956][T11057] FAT-fs (loop1): Filesystem has been set read-only
[  169.658325][T11008] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  169.667774][T11057] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  169.675754][T11057] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  169.702882][T11008] EXT4-fs (loop3): 1 truncate cleaned up
[  169.709125][T11008] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.749709][T11057] bio_check_eod: 42281 callbacks suppressed
[  169.749725][T11057] syz.1.1796: attempt to access beyond end of device
[  169.749725][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.792401][T11057] syz.1.1796: attempt to access beyond end of device
[  169.792401][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.820901][T11057] syz.1.1796: attempt to access beyond end of device
[  169.820901][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.834250][T11057] syz.1.1796: attempt to access beyond end of device
[  169.834250][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.848160][T11057] syz.1.1796: attempt to access beyond end of device
[  169.848160][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.868176][T11057] syz.1.1796: attempt to access beyond end of device
[  169.868176][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  169.882155][T11063] syz.1.1796: attempt to access beyond end of device
[  169.882155][T11063] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.043086][T11063] syz.1.1796: attempt to access beyond end of device
[  170.043086][T11063] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.233645][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.268376][T11057] syz.1.1796: attempt to access beyond end of device
[  170.268376][T11057] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.313795][T11063] syz.1.1796: attempt to access beyond end of device
[  170.313795][T11063] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  170.414463][T11075] futex_wake_op: syz.3.1799 tries to shift op by 144; fix this program
[  170.480336][T11081] loop3: detected capacity change from 0 to 128
[  170.489378][T11081] EXT4-fs: Ignoring removed nobh option
[  170.497784][T11081] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  170.510202][T11081] ext4 filesystem being mounted at /336/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  170.523449][T11079] hub 6-0:1.0: USB hub found
[  170.530560][T11079] hub 6-0:1.0: 8 ports detected
[  170.549746][T11081] FAULT_INJECTION: forcing a failure.
[  170.549746][T11081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.562891][T11081] CPU: 1 UID: 0 PID: 11081 Comm: syz.3.1802 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  170.562925][T11081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  170.562953][T11081] Call Trace:
[  170.562960][T11081]  <TASK>
[  170.562969][T11081]  __dump_stack+0x1d/0x30
[  170.562995][T11081]  dump_stack_lvl+0xe8/0x140
[  170.563018][T11081]  dump_stack+0x15/0x1b
[  170.563086][T11081]  should_fail_ex+0x265/0x280
[  170.563123][T11081]  should_fail+0xb/0x20
[  170.563154][T11081]  should_fail_usercopy+0x1a/0x20
[  170.563192][T11081]  strncpy_from_user+0x25/0x230
[  170.563227][T11081]  ? kmem_cache_alloc_noprof+0x186/0x310
[  170.563257][T11081]  ? getname_flags+0x80/0x3b0
[  170.563284][T11081]  getname_flags+0xae/0x3b0
[  170.563309][T11081]  __x64_sys_link+0x33/0x70
[  170.563368][T11081]  x64_sys_call+0x2af9/0x2fb0
[  170.563393][T11081]  do_syscall_64+0xd2/0x200
[  170.563481][T11081]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  170.563510][T11081]  ? clear_bhb_loop+0x40/0x90
[  170.563600][T11081]  ? clear_bhb_loop+0x40/0x90
[  170.563625][T11081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.563712][T11081] RIP: 0033:0x7fdd9f39e929
[  170.563730][T11081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.563884][T11081] RSP: 002b:00007fdd9da07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  170.563905][T11081] RAX: ffffffffffffffda RBX: 00007fdd9f5c5fa0 RCX: 00007fdd9f39e929
[  170.563919][T11081] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 00002000000009c0
[  170.563933][T11081] RBP: 00007fdd9da07090 R08: 0000000000000000 R09: 0000000000000000
[  170.563946][T11081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.563959][T11081] R13: 0000000000000000 R14: 00007fdd9f5c5fa0 R15: 00007ffc3de04df8
[  170.564051][T11081]  </TASK>
[  170.673879][T11089] loop5: detected capacity change from 0 to 128
[  170.782157][ T3304] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  170.793306][T11089] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  170.801164][T11089] FAT-fs (loop5): Filesystem has been set read-only
[  170.808244][T11089] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  170.816185][T11089] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  170.830796][T11097] 9pnet_fd: Insufficient options for proto=fd
[  170.970761][T11115] loop3: detected capacity change from 0 to 2048
[  171.065828][T11115] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.106995][T11115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.663239][T11159] netlink: 'syz.1.1812': attribute type 1 has an invalid length.
[  171.679303][T11159] 8021q: adding VLAN 0 to HW filter on device bond7
[  171.696624][T11166] 9pnet_fd: Insufficient options for proto=fd
[  171.709993][T11159] bond7: (slave veth17): Enslaving as an active interface with a down link
[  171.838220][T11159] bond7: (slave dummy0): making interface the new active one
[  171.858473][T11174] 9pnet_fd: Insufficient options for proto=fd
[  171.862963][T11159] dummy0: entered promiscuous mode
[  171.871567][T11159] bond7: (slave dummy0): Enslaving as an active interface with an up link
[  171.958338][T11182] program syz.1.1822 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  172.103690][T11185] __nla_validate_parse: 5 callbacks suppressed
[  172.103716][T11185] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1823'.
[  172.171574][T11190] FAULT_INJECTION: forcing a failure.
[  172.171574][T11190] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  172.184711][T11190] CPU: 1 UID: 0 PID: 11190 Comm: syz.5.1820 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  172.184739][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  172.184752][T11190] Call Trace:
[  172.184830][T11190]  <TASK>
[  172.184839][T11190]  __dump_stack+0x1d/0x30
[  172.184921][T11190]  dump_stack_lvl+0xe8/0x140
[  172.184943][T11190]  dump_stack+0x15/0x1b
[  172.184958][T11190]  should_fail_ex+0x265/0x280
[  172.184989][T11190]  should_fail+0xb/0x20
[  172.185024][T11190]  should_fail_usercopy+0x1a/0x20
[  172.185110][T11190]  strncpy_from_user+0x25/0x230
[  172.185142][T11190]  ? kstrtoull+0x111/0x140
[  172.185177][T11190]  bpf_raw_tp_link_attach+0x148/0x3f0
[  172.185223][T11190]  ? kstrtouint+0x76/0xc0
[  172.185264][T11190]  bpf_raw_tracepoint_open+0x154/0x2b0
[  172.185290][T11190]  ? security_bpf+0x2b/0x90
[  172.185324][T11190]  __sys_bpf+0x321/0x790
[  172.185370][T11190]  __x64_sys_bpf+0x41/0x50
[  172.185461][T11190]  x64_sys_call+0x2478/0x2fb0
[  172.185482][T11190]  do_syscall_64+0xd2/0x200
[  172.185500][T11190]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  172.185558][T11190]  ? clear_bhb_loop+0x40/0x90
[  172.185578][T11190]  ? clear_bhb_loop+0x40/0x90
[  172.185599][T11190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.185627][T11190] RIP: 0033:0x7f1441f7e929
[  172.185646][T11190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  172.185669][T11190] RSP: 002b:00007f14405a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  172.185716][T11190] RAX: ffffffffffffffda RBX: 00007f14421a6160 RCX: 00007f1441f7e929
[  172.185728][T11190] RDX: 0000000000000010 RSI: 0000200000000580 RDI: 0000000000000011
[  172.185744][T11190] RBP: 00007f14405a5090 R08: 0000000000000000 R09: 0000000000000000
[  172.185782][T11190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.185797][T11190] R13: 0000000000000000 R14: 00007f14421a6160 R15: 00007fff2f817ad8
[  172.185820][T11190]  </TASK>
[  172.431544][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  172.431562][   T29] audit: type=1400 audit(1751523695.401:7438): avc:  denied  { write } for  pid=11192 comm="syz.0.1824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  172.478136][T11195] bond6: (slave dummy0): Releasing active interface
[  172.501306][T11195] dummy0: left promiscuous mode
[  172.550790][T11199] loop4: detected capacity change from 0 to 128
[  172.561588][T11199] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  172.569501][T11199] FAT-fs (loop4): Filesystem has been set read-only
[  172.578194][T11195] bridge_slave_0: left allmulticast mode
[  172.584014][T11195] bridge_slave_0: left promiscuous mode
[  172.589722][T11195] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.643169][T11199] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  172.651094][T11199] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  172.659852][T11195] bridge_slave_1: left allmulticast mode
[  172.665726][T11211] loop1: detected capacity change from 0 to 512
[  172.665858][T11195] bridge_slave_1: left promiscuous mode
[  172.677866][T11195] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.753529][T11195] team0: Port device team_slave_0 removed
[  172.760879][T11195] team0: Port device team_slave_1 removed
[  172.769013][T11195] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.786077][T11211] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.084116][T11195] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.107788][T11211] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  173.169354][T11195] bond0: (slave veth3): Releasing active interface
[  173.182926][T11211] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1828: corrupted inode contents
[  173.204262][   T29] audit: type=1400 audit(1751523696.181:7439): avc:  denied  { setattr } for  pid=11209 comm="syz.1.1828" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  173.255150][T11195] bond1: (slave veth5): Releasing active interface
[  173.280106][T11211] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.1828: mark_inode_dirty error
[  173.297957][   T29] audit: type=1400 audit(1751523696.291:7440): avc:  denied  { setopt } for  pid=11209 comm="syz.1.1828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  173.314548][T11211] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.1828: corrupted inode contents
[  173.331559][T11195] bond2: (slave veth7): Releasing active interface
[  173.339695][   T29] audit: type=1400 audit(1751523696.331:7441): avc:  denied  { map } for  pid=11209 comm="syz.1.1828" path="socket:[28800]" dev="sockfs" ino=28800 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  173.363260][   T29] audit: type=1400 audit(1751523696.331:7442): avc:  denied  { read } for  pid=11209 comm="syz.1.1828" path="socket:[28800]" dev="sockfs" ino=28800 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  173.393531][T11195] bond3: (slave veth9): Releasing active interface
[  173.402595][T11195] bond4: (slave veth11): Releasing active interface
[  173.412950][T11195] bond5: (slave veth13): Releasing active interface
[  173.420488][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.431505][T11195] bond6: (slave veth15): Releasing active interface
[  173.633635][T11228] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1830'.
[  173.694504][   T29] audit: type=1326 audit(1751523696.681:7443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11234 comm="syz.3.1837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  173.718234][   T29] audit: type=1326 audit(1751523696.691:7444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11234 comm="syz.3.1837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  173.730159][T11240] loop1: detected capacity change from 0 to 1024
[  173.741745][   T29] audit: type=1326 audit(1751523696.691:7445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11234 comm="syz.3.1837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  173.771947][   T29] audit: type=1326 audit(1751523696.691:7446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11234 comm="syz.3.1837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  173.795703][   T29] audit: type=1326 audit(1751523696.691:7447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11234 comm="syz.3.1837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  173.821505][T11237] loop5: detected capacity change from 0 to 2048
[  174.144959][T11255] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1840'.
[  174.314061][T11261] netlink: 'syz.0.1842': attribute type 1 has an invalid length.
[  174.482153][T11261] 8021q: adding VLAN 0 to HW filter on device bond4
[  174.493517][T11237] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.516931][T11237] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.543300][T11262] bond4: (slave veth13): Enslaving as an active interface with a down link
[  174.591712][T11263] bond4: (slave dummy0): making interface the new active one
[  174.608622][T11263] dummy0: entered promiscuous mode
[  174.622887][T11263] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  174.666154][T11269] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1844'.
[  174.692840][T11271] loop4: detected capacity change from 0 to 1024
[  174.712028][T11271] EXT4-fs: Ignoring removed nobh option
[  174.763347][T11271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  174.792350][T11277] loop5: detected capacity change from 0 to 1024
[  174.803278][T11281] loop3: detected capacity change from 0 to 1024
[  174.822122][T11271] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1845: Allocating blocks 385-513 which overlap fs metadata
[  174.842774][T11277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.865353][T11271] EXT4-fs (loop4): pa ffff888106a70f50: logic 16, phys. 129, len 24
[  174.873529][T11271] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  174.884344][T11277] EXT4-fs (loop5): shut down requested (2)
[  174.890562][T11277] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  174.899973][T11277] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=12
[  174.923971][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.938073][T11298] program syz.3.1856 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  174.959013][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.970664][T11300] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1853'.
[  174.989234][T11304] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1854'.
[  175.015241][T11292] bond7: (slave dummy0): Releasing active interface
[  175.029335][T11292] dummy0: left promiscuous mode
[  175.038915][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1858'.
[  175.055965][T11292] bond7: (slave veth17): Releasing active interface
[  175.072416][T11293] bond4: (slave dummy0): Releasing active interface
[  175.079170][T11293] dummy0: left promiscuous mode
[  175.092206][T11293] bond4: (slave veth13): Releasing active interface
[  175.257212][T11328] loop4: detected capacity change from 0 to 1024
[  175.259349][T11329] loop3: detected capacity change from 0 to 128
[  175.275980][T11329] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.284133][T11329] FAT-fs (loop3): Filesystem has been set read-only
[  175.290899][T11329] bio_check_eod: 15538 callbacks suppressed
[  175.290913][T11329] syz.3.1865: attempt to access beyond end of device
[  175.290913][T11329] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  175.320069][T11329] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.328072][T11329] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  175.341790][T11329] syz.3.1865: attempt to access beyond end of device
[  175.341790][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.356499][T11329] syz.3.1865: attempt to access beyond end of device
[  175.356499][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.372314][T11329] syz.3.1865: attempt to access beyond end of device
[  175.372314][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.385864][T11329] syz.3.1865: attempt to access beyond end of device
[  175.385864][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.404165][T11329] syz.3.1865: attempt to access beyond end of device
[  175.404165][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.417718][T11338] syz.3.1865: attempt to access beyond end of device
[  175.417718][T11338] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.431093][T11329] syz.3.1865: attempt to access beyond end of device
[  175.431093][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.451415][T11338] syz.3.1865: attempt to access beyond end of device
[  175.451415][T11338] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.464871][T11329] syz.3.1865: attempt to access beyond end of device
[  175.464871][T11329] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  175.718877][T11348] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1870'.
[  176.104021][T11362] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1873'.
[  176.119939][T11361] SET target dimension over the limit!
[  176.207935][T11369] loop1: detected capacity change from 0 to 1024
[  176.253787][T11369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.352533][T11380] netlink: 'syz.0.1874': attribute type 3 has an invalid length.
[  176.382345][T11379] program syz.5.1880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  176.411014][T11369] EXT4-fs (loop1): shut down requested (2)
[  176.420357][T11369] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  176.433734][T11369] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  176.522920][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.719637][T11387] wg2: left promiscuous mode
[  176.726025][T11387] wg2: left allmulticast mode
[  176.865797][T11390] wg2: entered promiscuous mode
[  176.870778][T11390] wg2: entered allmulticast mode
[  176.931555][T11395] loop1: detected capacity change from 0 to 128
[  176.941723][T11395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  176.949609][T11395] FAT-fs (loop1): Filesystem has been set read-only
[  177.222859][T11395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  177.230827][T11395] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  177.487991][   T29] kauditd_printk_skb: 153 callbacks suppressed
[  177.488009][   T29] audit: type=1400 audit(1751523700.481:7601): avc:  denied  { create } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  177.546938][T11407] loop5: detected capacity change from 0 to 1024
[  177.692963][T11412] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1891'.
[  177.724211][T11407] EXT4-fs (loop5): orphan cleanup on readonly fs
[  177.736886][T11407] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  177.746120][T11407] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  177.746263][   T29] audit: type=1400 audit(1751523700.521:7602): avc:  denied  { getopt } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  177.755642][T11407] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1888: Failed to acquire dquot type 0
[  177.775320][   T29] audit: type=1400 audit(1751523700.521:7603): avc:  denied  { tracepoint } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  177.806588][   T29] audit: type=1400 audit(1751523700.521:7604): avc:  denied  { read } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  177.826003][   T29] audit: type=1400 audit(1751523700.521:7605): avc:  denied  { create } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  177.846747][   T29] audit: type=1400 audit(1751523700.521:7606): avc:  denied  { write } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  177.867335][   T29] audit: type=1400 audit(1751523700.521:7607): avc:  denied  { read } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  177.887758][   T29] audit: type=1400 audit(1751523700.521:7608): avc:  denied  { create } for  pid=11405 comm="syz.3.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  177.901009][T11420] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1894'.
[  177.923610][T11407] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  177.963430][T11407] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1888: corrupted inode contents
[  177.982713][T11407] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #13: comm syz.5.1888: mark_inode_dirty error
[  177.996111][T11407] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1888: corrupted inode contents
[  178.009519][T11407] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #13: comm syz.5.1888: mark_inode_dirty error
[  178.035314][T11422] loop1: detected capacity change from 0 to 1024
[  178.071548][T11407] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1888: corrupted inode contents
[  178.085294][T11407] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  178.101753][T11407] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #13: comm syz.5.1888: corrupted inode contents
[  178.133162][T11407] EXT4-fs error (device loop5): ext4_truncate:4597: inode #13: comm syz.5.1888: mark_inode_dirty error
[  178.144538][T11407] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  178.155456][T11407] EXT4-fs (loop5): 1 truncate cleaned up
[  178.173390][T11407] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  178.312812][T11436] loop4: detected capacity change from 0 to 1024
[  178.320101][T11436] EXT4-fs: Ignoring removed nobh option
[  178.367176][T11436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.418739][ T6657] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.430384][T11436] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1898: Allocating blocks 385-513 which overlap fs metadata
[  178.454600][T11436] EXT4-fs (loop4): pa ffff888106a24540: logic 16, phys. 129, len 24
[  178.462705][T11436] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  178.519206][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.656088][T11455] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1905'.
[  178.748372][T11463] loop3: detected capacity change from 0 to 1024
[  178.849356][T11463] EXT4-fs (loop3): orphan cleanup on readonly fs
[  178.924012][T11463] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1906: Failed to acquire dquot type 0
[  178.979023][T11463] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  179.006737][T11473] program syz.0.1909 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  179.031668][T11463] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1906: corrupted inode contents
[  179.032523][T11477] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11477 comm=syz.5.1910
[  179.045371][T11463] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #13: comm syz.3.1906: mark_inode_dirty error
[  179.068945][T11463] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1906: corrupted inode contents
[  179.073572][T11475] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1908'.
[  179.093255][T11469] bond11: (slave dummy0): Releasing active interface
[  179.094204][T11463] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.1906: mark_inode_dirty error
[  179.119515][T11463] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1906: corrupted inode contents
[  179.132978][T11463] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  179.141907][T11463] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.1906: corrupted inode contents
[  179.145790][T11469] dummy0: left promiscuous mode
[  179.155423][T11463] EXT4-fs error (device loop3): ext4_truncate:4597: inode #13: comm syz.3.1906: mark_inode_dirty error
[  179.170165][T11463] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  179.181097][T11463] EXT4-fs (loop3): 1 truncate cleaned up
[  179.187331][T11463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  179.200268][T11469] bond11: (slave veth25): Releasing active interface
[  179.310063][T11487] program syz.1.1914 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  179.333080][T11487] loop1: detected capacity change from 0 to 1024
[  179.362425][T11487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.371510][T11493] FAULT_INJECTION: forcing a failure.
[  179.371510][T11493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.387850][T11493] CPU: 1 UID: 0 PID: 11493 Comm: syz.0.1916 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  179.387886][T11493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  179.387973][T11493] Call Trace:
[  179.387979][T11493]  <TASK>
[  179.387987][T11493]  __dump_stack+0x1d/0x30
[  179.388009][T11493]  dump_stack_lvl+0xe8/0x140
[  179.388033][T11493]  dump_stack+0x15/0x1b
[  179.388055][T11493]  should_fail_ex+0x265/0x280
[  179.388117][T11493]  should_fail+0xb/0x20
[  179.388159][T11493]  should_fail_usercopy+0x1a/0x20
[  179.388346][T11493]  copy_fpstate_to_sigframe+0x628/0x7d0
[  179.388380][T11493]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  179.388419][T11493]  ? x86_task_fpu+0x36/0x60
[  179.388483][T11493]  get_sigframe+0x34d/0x490
[  179.388569][T11493]  ? get_signal+0xdc8/0xf70
[  179.388610][T11493]  x64_setup_rt_frame+0xa8/0x580
[  179.388638][T11493]  arch_do_signal_or_restart+0x27c/0x480
[  179.388666][T11493]  exit_to_user_mode_loop+0x7a/0x100
[  179.388752][T11493]  do_syscall_64+0x1d6/0x200
[  179.388788][T11493]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  179.388870][T11493]  ? clear_bhb_loop+0x40/0x90
[  179.388902][T11493]  ? clear_bhb_loop+0x40/0x90
[  179.388924][T11493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.388996][T11493] RIP: 0033:0x7f094677e927
[  179.389015][T11493] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  179.389054][T11493] RSP: 002b:00007f0944de7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  179.389074][T11493] RAX: 0000000000000013 RBX: 00007f09469a5fa0 RCX: 00007f094677e929
[  179.389133][T11493] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  179.389157][T11493] RBP: 00007f0944de7090 R08: 0000000000000000 R09: 0000000000000000
[  179.389173][T11493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  179.389189][T11493] R13: 0000000000000000 R14: 00007f09469a5fa0 R15: 00007ffff76ca8f8
[  179.389210][T11493]  </TASK>
[  179.611503][T11487] EXT4-fs (loop1): shut down requested (2)
[  179.617585][T11487] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  179.628576][T11487] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  179.643546][T11499] pim6reg: entered allmulticast mode
[  179.654681][T11499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11499 comm=syz.0.1919
[  179.667365][T11499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11499 comm=syz.0.1919
[  179.671606][T11497] loop5: detected capacity change from 0 to 2048
[  179.697415][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.726644][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.749750][T11497] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.774638][T11497] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.808967][T11513] netlink: 'syz.1.1922': attribute type 1 has an invalid length.
[  179.823186][T11513] 8021q: adding VLAN 0 to HW filter on device bond8
[  179.852295][T11519] loop5: detected capacity change from 0 to 128
[  179.864603][T11519] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  179.872541][T11519] FAT-fs (loop5): Filesystem has been set read-only
[  179.890087][T11519] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  179.898170][T11519] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  179.955109][T11526] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1926'.
[  179.969079][T11531] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1928'.
[  179.998325][T11533] loop1: detected capacity change from 0 to 1024
[  180.037075][T11533] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.062981][T11533] EXT4-fs (loop1): shut down requested (2)
[  180.079148][T11533] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  180.088090][T11533] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop1 ino=12
[  180.090393][T11539] loop4: detected capacity change from 0 to 1024
[  180.111867][T11539] EXT4-fs: Ignoring removed nobh option
[  180.135315][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.152018][T11539] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.166503][T11545] program syz.0.1933 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  180.186857][T11539] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.1932: Allocating blocks 385-513 which overlap fs metadata
[  180.229969][T11539] EXT4-fs (loop4): pa ffff888106a245b0: logic 16, phys. 129, len 24
[  180.238089][T11539] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  180.288031][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.291273][T11519] bio_check_eod: 25004 callbacks suppressed
[  180.291293][T11519] syz.5.1925: attempt to access beyond end of device
[  180.291293][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.320996][T11519] syz.5.1925: attempt to access beyond end of device
[  180.320996][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.334640][T11519] syz.5.1925: attempt to access beyond end of device
[  180.334640][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.348052][T11519] syz.5.1925: attempt to access beyond end of device
[  180.348052][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.361795][T11519] syz.5.1925: attempt to access beyond end of device
[  180.361795][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.375469][T11519] syz.5.1925: attempt to access beyond end of device
[  180.375469][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.389361][T11519] syz.5.1925: attempt to access beyond end of device
[  180.389361][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.402764][T11519] syz.5.1925: attempt to access beyond end of device
[  180.402764][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.416349][T11519] syz.5.1925: attempt to access beyond end of device
[  180.416349][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.429973][T11519] syz.5.1925: attempt to access beyond end of device
[  180.429973][T11519] loop5: rw=0, sector=2065, nr_sectors = 8 limit=128
[  180.744908][T11561] loop5: detected capacity change from 0 to 1024
[  180.784510][T11563] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1941'.
[  180.897906][T11569] loop3: detected capacity change from 0 to 2048
[  180.917605][T11569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.941309][T11569] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.948227][T11575] loop4: detected capacity change from 0 to 128
[  180.975053][T11575] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  180.983099][T11575] FAT-fs (loop4): Filesystem has been set read-only
[  180.990902][T11575] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  180.998864][T11575] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  181.080805][T11580] loop1: detected capacity change from 0 to 2048
[  181.115726][T11580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.121620][T11578] loop3: detected capacity change from 0 to 1024
[  181.139852][T11580] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.251129][T11588] netlink: 'syz.1.1949': attribute type 1 has an invalid length.
[  181.296871][T11588] 8021q: adding VLAN 0 to HW filter on device bond9
[  181.419091][T11595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1952'.
[  181.490843][T11600] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1953'.
[  181.526347][T11606] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1954'.
[  182.130558][T11626] loop3: detected capacity change from 0 to 1024
[  182.447954][T11633] loop5: detected capacity change from 0 to 128
[  182.456729][T11633] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  182.464794][T11633] FAT-fs (loop5): Filesystem has been set read-only
[  182.472350][T11633] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  182.480271][T11633] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  182.506169][T11635] loop4: detected capacity change from 0 to 1024
[  182.529566][   T29] kauditd_printk_skb: 331 callbacks suppressed
[  182.529585][   T29] audit: type=1400 audit(1751523705.521:7938): avc:  denied  { create } for  pid=11638 comm="syz.3.1964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  182.557751][   T29] audit: type=1400 audit(1751523705.521:7939): avc:  denied  { create } for  pid=11638 comm="syz.3.1964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  182.577747][   T29] audit: type=1400 audit(1751523705.521:7940): avc:  denied  { ioctl } for  pid=11638 comm="syz.3.1964" path="socket:[30528]" dev="sockfs" ino=30528 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  182.602901][   T29] audit: type=1400 audit(1751523705.521:7941): avc:  denied  { read write } for  pid=11638 comm="syz.3.1964" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  182.627500][   T29] audit: type=1400 audit(1751523705.521:7942): avc:  denied  { open } for  pid=11638 comm="syz.3.1964" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  182.652765][   T29] audit: type=1400 audit(1751523705.521:7943): avc:  denied  { read write } for  pid=11638 comm="syz.3.1964" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  182.677515][   T29] audit: type=1400 audit(1751523705.521:7944): avc:  denied  { open } for  pid=11638 comm="syz.3.1964" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  182.702290][   T29] audit: type=1400 audit(1751523705.521:7945): avc:  denied  { write } for  pid=11638 comm="syz.3.1964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  182.722114][   T29] audit: type=1400 audit(1751523705.521:7946): avc:  denied  { ioctl } for  pid=11638 comm="syz.3.1964" path="socket:[30527]" dev="sockfs" ino=30527 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  182.765947][   T29] audit: type=1326 audit(1751523705.761:7947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11641 comm="syz.3.1965" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd9f39e929 code=0x7ffc0000
[  182.805027][T11642] loop3: detected capacity change from 0 to 1024
[  182.853803][T11635] EXT4-fs (loop4): shut down requested (2)
[  182.859860][T11635] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  182.881245][T11635] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  182.901668][T11650] __nla_validate_parse: 1 callbacks suppressed
[  182.901688][T11650] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1967'.
[  183.022392][T11654] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1966'.
[  183.033917][T11656] loop4: detected capacity change from 0 to 128
[  183.056980][T11656] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  183.065006][T11656] FAT-fs (loop4): Filesystem has been set read-only
[  183.076898][T11656] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  183.084821][T11656] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  183.167551][T11664] program syz.1.1970 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  183.355582][T11669] loop3: detected capacity change from 0 to 2048
[  183.397327][T11672] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1973'.
[  183.416102][T11674] program syz.1.1974 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  184.340682][T11694] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1979'.
[  184.352203][T11695] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11695 comm=syz.0.1980
[  184.376428][T11697] loop1: detected capacity change from 0 to 1024
[  184.377340][T11699] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1982'.
[  184.422487][T11701] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1983'.
[  184.639542][T11722] netlink: 'syz.0.1991': attribute type 1 has an invalid length.
[  184.718273][T11732] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1992'.
[  184.734296][T11728] loop4: detected capacity change from 0 to 1024
[  184.839164][T11746] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1997'.
[  184.896387][T11751] openvswitch: netlink: Message has 6 unknown bytes.
[  185.094482][T11767] netlink: 'syz.1.2006': attribute type 1 has an invalid length.
[  185.102301][T11764] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2005'.
[  185.173380][T11775] FAULT_INJECTION: forcing a failure.
[  185.173380][T11775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.186674][T11775] CPU: 1 UID: 0 PID: 11775 Comm: syz.4.2010 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  185.186747][T11775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.186772][T11775] Call Trace:
[  185.186779][T11775]  <TASK>
[  185.186788][T11775]  __dump_stack+0x1d/0x30
[  185.186822][T11775]  dump_stack_lvl+0xe8/0x140
[  185.186847][T11775]  dump_stack+0x15/0x1b
[  185.186947][T11775]  should_fail_ex+0x265/0x280
[  185.186989][T11775]  should_fail+0xb/0x20
[  185.187026][T11775]  should_fail_usercopy+0x1a/0x20
[  185.187070][T11775]  _copy_from_user+0x1c/0xb0
[  185.187116][T11775]  ___sys_sendmsg+0xc1/0x1d0
[  185.187173][T11775]  __x64_sys_sendmsg+0xd4/0x160
[  185.187220][T11775]  x64_sys_call+0x2999/0x2fb0
[  185.187249][T11775]  do_syscall_64+0xd2/0x200
[  185.187308][T11775]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  185.187336][T11775]  ? clear_bhb_loop+0x40/0x90
[  185.187442][T11775]  ? clear_bhb_loop+0x40/0x90
[  185.187520][T11775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.187556][T11775] RIP: 0033:0x7fd54207e929
[  185.187574][T11775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.187597][T11775] RSP: 002b:00007fd5406e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.187619][T11775] RAX: ffffffffffffffda RBX: 00007fd5422a5fa0 RCX: 00007fd54207e929
[  185.187631][T11775] RDX: 0000000004008000 RSI: 0000200000000240 RDI: 0000000000000003
[  185.187693][T11775] RBP: 00007fd5406e7090 R08: 0000000000000000 R09: 0000000000000000
[  185.187748][T11775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.187764][T11775] R13: 0000000000000000 R14: 00007fd5422a5fa0 R15: 00007ffd6ba5f3c8
[  185.187823][T11775]  </TASK>
[  185.403141][T11781] futex_wake_op: syz.5.2013 tries to shift op by 144; fix this program
[  185.463446][T11784] loop4: detected capacity change from 0 to 1024
[  185.493986][T11790] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2015'.
[  185.533578][T11791] wg2: left promiscuous mode
[  185.538338][T11791] wg2: left allmulticast mode
[  185.630706][T11788] wg2: entered promiscuous mode
[  185.636936][T11788] wg2: entered allmulticast mode
[  185.845392][T11820] futex_wake_op: syz.5.2026 tries to shift op by 144; fix this program
[  185.914883][T11822] loop4: detected capacity change from 0 to 128
[  185.925383][T11822] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  185.933303][T11822] FAT-fs (loop4): Filesystem has been set read-only
[  186.111468][T11822] bio_check_eod: 53654 callbacks suppressed
[  186.111488][T11822] syz.4.2025: attempt to access beyond end of device
[  186.111488][T11822] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  186.151078][T11822] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  186.159182][T11822] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  186.175025][T11822] syz.4.2025: attempt to access beyond end of device
[  186.175025][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.200059][T11822] syz.4.2025: attempt to access beyond end of device
[  186.200059][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.214844][T11822] syz.4.2025: attempt to access beyond end of device
[  186.214844][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.228382][T11826] syz.4.2025: attempt to access beyond end of device
[  186.228382][T11826] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.242929][T11822] syz.4.2025: attempt to access beyond end of device
[  186.242929][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.267548][T11834] loop3: detected capacity change from 0 to 1024
[  186.277368][T11822] syz.4.2025: attempt to access beyond end of device
[  186.277368][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.298974][T11822] syz.4.2025: attempt to access beyond end of device
[  186.298974][T11822] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.312944][T11826] syz.4.2025: attempt to access beyond end of device
[  186.312944][T11826] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  186.376847][T11826] syz.4.2025: attempt to access beyond end of device
[  186.376847][T11826] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  187.093737][T11870] loop4: detected capacity change from 0 to 1024
[  187.100805][T11870] EXT4-fs: Ignoring removed nobh option
[  187.211936][T11870] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.2041: Allocating blocks 385-513 which overlap fs metadata
[  187.292013][T11879] EXT4-fs (loop4): pa ffff888106a70ee0: logic 16, phys. 129, len 24
[  187.300087][T11879] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  188.032683][   T29] kauditd_printk_skb: 384 callbacks suppressed
[  188.032701][   T29] audit: type=1326 audit(1751523711.031:8332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.065902][   T29] audit: type=1326 audit(1751523711.061:8333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.089534][   T29] audit: type=1326 audit(1751523711.061:8334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.113159][   T29] audit: type=1326 audit(1751523711.061:8335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.136724][   T29] audit: type=1326 audit(1751523711.061:8336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.160431][   T29] audit: type=1326 audit(1751523711.061:8337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.183997][   T29] audit: type=1326 audit(1751523711.061:8338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.276730][   T29] audit: type=1326 audit(1751523711.271:8339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.305785][   T29] audit: type=1326 audit(1751523711.271:8340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11993 comm="syz.0.2048" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f094677e929 code=0x7ffc0000
[  188.461625][   T29] audit: type=1400 audit(1751523711.461:8341): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  188.523169][T12026] __nla_validate_parse: 4 callbacks suppressed
[  188.523185][T12026] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2051'.
[  188.577664][T12034] hub 6-0:1.0: USB hub found
[  188.582388][T12034] hub 6-0:1.0: 8 ports detected
[  188.594507][T12030] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2052'.
[  188.627260][T12039] program syz.0.2055 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  188.679880][T12047] futex_wake_op: syz.0.2056 tries to shift op by 144; fix this program
[  188.780105][T12066] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2058'.
[  188.879582][T12082] loop5: detected capacity change from 0 to 1024
[  188.904660][T12082] EXT4-fs: Ignoring removed nobh option
[  189.210955][T12082] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.2062: Allocating blocks 385-513 which overlap fs metadata
[  189.350127][T12124] EXT4-fs (loop5): pa ffff888106a24540: logic 16, phys. 129, len 24
[  189.358306][T12124] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  189.579103][T12134] loop4: detected capacity change from 0 to 1024
[  189.804700][T12141] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2066'.
[  189.994013][T12145] syz.4.2067 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  190.025590][T12152] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2068'.
[  190.100710][T12165] futex_wake_op: syz.4.2069 tries to shift op by 144; fix this program
[  190.235532][T12179] loop4: detected capacity change from 0 to 1024
[  190.453641][T12218] loop4: detected capacity change from 0 to 1024
[  190.484486][T12220] netlink: 'syz.5.2077': attribute type 4 has an invalid length.
[  190.492051][T12218] EXT4-fs (loop4): shut down requested (2)
[  190.494919][T12220] netlink: 'syz.5.2077': attribute type 4 has an invalid length.
[  190.499448][T12218] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  190.522145][T12218] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=12
[  190.555424][T12225] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2078'.
[  190.699320][T12235] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2082'.
[  190.729013][T12233] wg2: left promiscuous mode
[  190.734663][T12233] wg2: left allmulticast mode
[  190.803116][T12238] wg2: entered promiscuous mode
[  190.808071][T12238] wg2: entered allmulticast mode
[  190.873580][T12239] wg2: left promiscuous mode
[  190.878632][T12239] wg2: left allmulticast mode
[  190.921460][T12239] wg2: entered promiscuous mode
[  190.926988][T12239] wg2: entered allmulticast mode
[  191.069299][T12248] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2076'.
[  191.089785][T12242] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2084'.
[  191.118321][T12249] loop1: detected capacity change from 0 to 128
[  191.140116][T12249] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  191.148123][T12249] FAT-fs (loop1): Filesystem has been set read-only
[  191.247222][T12249] bio_check_eod: 2614 callbacks suppressed
[  191.247241][T12249] syz.1.2085: attempt to access beyond end of device
[  191.247241][T12249] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  191.301338][T12249] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  191.309282][T12249] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100)
[  191.331318][T12250] syz.1.2085: attempt to access beyond end of device
[  191.331318][T12250] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.381986][T12249] syz.1.2085: attempt to access beyond end of device
[  191.381986][T12249] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.435045][T12256] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2087'.
[  191.509037][T12260] FAULT_INJECTION: forcing a failure.
[  191.509037][T12260] name failslab, interval 1, probability 0, space 0, times 0
[  191.521898][T12260] CPU: 0 UID: 0 PID: 12260 Comm: syz.4.2089 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  191.521926][T12260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.521939][T12260] Call Trace:
[  191.521948][T12260]  <TASK>
[  191.521962][T12260]  __dump_stack+0x1d/0x30
[  191.521994][T12260]  dump_stack_lvl+0xe8/0x140
[  191.522014][T12260]  dump_stack+0x15/0x1b
[  191.522110][T12260]  should_fail_ex+0x265/0x280
[  191.522147][T12260]  should_failslab+0x8c/0xb0
[  191.522229][T12260]  __kmalloc_noprof+0xa5/0x3e0
[  191.522288][T12260]  ? sock_kmalloc+0x85/0xc0
[  191.522306][T12260]  ? iovec_from_user+0x179/0x210
[  191.522335][T12260]  sock_kmalloc+0x85/0xc0
[  191.522359][T12260]  ____sys_sendmsg+0xf8/0x4e0
[  191.522469][T12260]  ___sys_sendmsg+0x17b/0x1d0
[  191.522516][T12260]  __x64_sys_sendmsg+0xd4/0x160
[  191.522622][T12260]  x64_sys_call+0x2999/0x2fb0
[  191.522649][T12260]  do_syscall_64+0xd2/0x200
[  191.522672][T12260]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  191.522706][T12260]  ? clear_bhb_loop+0x40/0x90
[  191.522733][T12260]  ? clear_bhb_loop+0x40/0x90
[  191.522821][T12260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.522849][T12260] RIP: 0033:0x7fd54207e929
[  191.522869][T12260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.522892][T12260] RSP: 002b:00007fd5406e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.522990][T12260] RAX: ffffffffffffffda RBX: 00007fd5422a5fa0 RCX: 00007fd54207e929
[  191.523064][T12260] RDX: 0000000020000080 RSI: 0000200000000600 RDI: 0000000000000003
[  191.523077][T12260] RBP: 00007fd5406e7090 R08: 0000000000000000 R09: 0000000000000000
[  191.523089][T12260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.523100][T12260] R13: 0000000000000000 R14: 00007fd5422a5fa0 R15: 00007ffd6ba5f3c8
[  191.523119][T12260]  </TASK>
[  191.722956][T12250] syz.1.2085: attempt to access beyond end of device
[  191.722956][T12250] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.736382][T12249] syz.1.2085: attempt to access beyond end of device
[  191.736382][T12249] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.760470][T12250] syz.1.2085: attempt to access beyond end of device
[  191.760470][T12250] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.784352][T12249] syz.1.2085: attempt to access beyond end of device
[  191.784352][T12249] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.828487][T12250] syz.1.2085: attempt to access beyond end of device
[  191.828487][T12250] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.880543][T12249] syz.1.2085: attempt to access beyond end of device
[  191.880543][T12249] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  191.920668][T12273] loop4: detected capacity change from 0 to 2048
[  191.953819][T12275] loop3: detected capacity change from 0 to 1024
[  192.027886][T12282] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12282 comm=syz.1.2097
[  192.073132][T12275] EXT4-fs (loop3): shut down requested (2)
[  192.090225][T12284] loop4: detected capacity change from 0 to 128
[  192.094500][T12275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  192.105663][T12275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=12
[  192.136477][T12284] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  192.144401][T12284] FAT-fs (loop4): Filesystem has been set read-only
[  192.152222][T12284] syz.4.2098: attempt to access beyond end of device
[  192.152222][T12284] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  192.168261][T12284] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  192.176253][T12284] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  192.259720][T12307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.269661][T12307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.362528][T12315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.372784][T12315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.596404][T12343] bridge0: port 1(veth0_to_hsr) entered blocking state
[  192.603529][T12343] bridge0: port 1(veth0_to_hsr) entered disabled state
[  192.619224][T12345] 9pnet_fd: p9_fd_create_tcp (12345): problem binding to privport
[  192.620143][T12343] veth0_to_hsr: entered allmulticast mode
[  192.634906][T12343] veth0_to_hsr: entered promiscuous mode
[  192.645967][T12315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.670314][T12315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.745414][T12354] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.755509][T12354] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.815513][T12359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  192.828943][T12359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  192.949213][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.956757][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.964222][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.971796][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.979208][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.986769][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  192.994227][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.001836][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.009328][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.016758][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.024251][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.031736][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.039154][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.046687][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.054222][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.061753][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.069223][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.076654][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.084086][ T3414] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  193.139412][ T3414] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID vffffff.fd Device [syz0] on syz1
[  193.355566][T12398] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  193.362917][T12398] IPv6: NLM_F_CREATE should be set when creating new route
[  193.370158][T12398] IPv6: NLM_F_CREATE should be set when creating new route
[  193.386186][   T29] kauditd_printk_skb: 322 callbacks suppressed
[  193.386202][   T29] audit: type=1400 audit(1751523716.381:8664): avc:  denied  { write } for  pid=12403 comm="syz.3.2146" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.426535][   T29] audit: type=1400 audit(1751523716.421:8665): avc:  denied  { name_bind } for  pid=12406 comm="syz.4.2149" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  193.432597][T12408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.474603][T12408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.487109][   T29] audit: type=1400 audit(1751523716.421:8666): avc:  denied  { node_bind } for  pid=12406 comm="syz.4.2149" saddr=224.0.0.1 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  193.509625][   T29] audit: type=1400 audit(1751523716.471:8667): avc:  denied  { connect } for  pid=12410 comm="syz.3.2151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  193.543507][   T29] audit: type=1400 audit(1751523716.541:8668): avc:  denied  { read } for  pid=12419 comm="syz.3.2154" path="socket:[31688]" dev="sockfs" ino=31688 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  193.586315][   T29] audit: type=1400 audit(1751523716.581:8669): avc:  denied  { connect } for  pid=12424 comm="syz.0.2156" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.704933][   T29] audit: type=1400 audit(1751523716.701:8670): avc:  denied  { write } for  pid=12436 comm="syz.1.2161" name="udp6" dev="proc" ino=4026532589 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  193.753514][   T29] audit: type=1400 audit(1751523716.751:8671): avc:  denied  { write } for  pid=12442 comm="syz.0.2163" name="001" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  193.792467][   T29] audit: type=1400 audit(1751523716.771:8672): avc:  denied  { map } for  pid=12442 comm="syz.0.2163" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  193.839694][   T29] audit: type=1400 audit(1751523716.831:8673): avc:  denied  { mount } for  pid=12452 comm="syz.0.2167" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  193.988267][T12471] syzkaller0: entered promiscuous mode
[  193.994028][T12471] syzkaller0: entered allmulticast mode
[  194.153341][T12500] __nla_validate_parse: 4 callbacks suppressed
[  194.153446][T12500] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2189'.
[  194.233322][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.246722][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.256983][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.269410][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.292910][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.306211][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.315164][T12526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.324325][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.334976][T12526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.344525][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.466849][T12547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.475409][T12547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.559611][T12516] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.568150][T12516] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.858925][T12550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.867464][T12550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.014706][T12554] SELinux:  Context system_u:object_r:logrotate_var_lib_t:s0 is not valid (left unmapped).
[  195.088117][T12562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.096798][T12562] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.393533][T12587] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.405251][T12587] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.519311][T12603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.527901][T12603] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.701051][T12634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.710012][T12634] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.739484][T12640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.748121][T12640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  196.003672][T12645] 8021q: adding VLAN 0 to HW filter on device team0
[  196.012251][T12645] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  197.179004][T12675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.629049][T12675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.651403][T12681] loop5: detected capacity change from 0 to 128
[  197.802719][T12681] EXT4-fs: Ignoring removed nobh option
[  197.827737][T12681] EXT4-fs mount: 14 callbacks suppressed
[  197.827753][T12681] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.845929][T12681] ext4 filesystem being mounted at /358/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  198.305677][ T6657] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.318461][T12691] serio: Serial port ttyS3
[  200.472774][T12723] loop0: detected capacity change from 0 to 1024
[  200.496459][T12723] EXT4-fs: Ignoring removed bh option
[  200.502106][T12723] EXT4-fs: Ignoring removed nomblk_io_submit option
[  200.533906][   T29] kauditd_printk_skb: 50 callbacks suppressed
[  200.533923][   T29] audit: type=1400 audit(1751523724.538:8724): avc:  denied  { create } for  pid=12730 comm="syz.4.2290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  200.560658][T12731] @: renamed from vlan0
[  200.565026][   T29] audit: type=1400 audit(1751523724.558:8725): avc:  denied  { ioctl } for  pid=12730 comm="syz.4.2290" path="socket:[33154]" dev="sockfs" ino=33154 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  200.590807][   T29] audit: type=1400 audit(1751523724.588:8726): avc:  denied  { write } for  pid=12725 comm="syz.5.2288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  200.619417][T12723] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.653976][T12739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.655716][   T29] audit: type=1400 audit(1751523724.648:8727): avc:  denied  { read open } for  pid=12722 comm="syz.0.2287" path="/515/bus/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  200.662981][T12739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.685369][   T29] audit: type=1400 audit(1751523724.648:8728): avc:  denied  { write } for  pid=12722 comm="syz.0.2287" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  200.721091][T12739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.729690][T12739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  200.773043][T12744] loop3: detected capacity change from 0 to 256
[  200.791741][T12744] FAT-fs (loop3): IO charset iso8859-2 not found
[  200.811047][   T29] audit: type=1400 audit(1751523724.808:8729): avc:  denied  { ioctl } for  pid=12745 comm="syz.5.2295" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  200.842477][T12750] vhci_hcd: invalid port number 96
[  200.847750][T12750] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  200.881006][T12753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  200.889611][T12753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  201.140924][T12741] ==================================================================
[  201.149075][T12741] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[  201.156238][T12741] 
[  201.158570][T12741] write to 0xffff888106bbfb04 of 4 bytes by task 12723 on cpu 0:
[  201.166304][T12741]  xas_set_mark+0x12b/0x140
[  201.170906][T12741]  __folio_start_writeback+0x1dd/0x440
[  201.176419][T12741]  ext4_bio_write_folio+0x5ad/0x9f0
[  201.181649][T12741]  mpage_submit_folio+0xe4/0x170
[  201.186636][T12741]  mpage_process_page_bufs+0x39b/0x4a0
[  201.192159][T12741]  mpage_prepare_extent_to_map+0x741/0xaa0
[  201.198023][T12741]  ext4_do_writepages+0xa1a/0x21c0
[  201.203166][T12741]  ext4_writepages+0x176/0x300
[  201.207979][T12741]  do_writepages+0x1c6/0x310
[  201.212618][T12741]  file_write_and_wait_range+0x156/0x2c0
[  201.218299][T12741]  generic_buffers_fsync_noflush+0x45/0x120
[  201.224246][T12741]  ext4_sync_file+0x1ab/0x690
[  201.228961][T12741]  vfs_fsync_range+0x10a/0x130
[  201.233785][T12741]  ext4_buffered_write_iter+0x34f/0x3c0
[  201.239367][T12741]  ext4_file_write_iter+0x383/0xf00
[  201.244595][T12741]  iter_file_splice_write+0x5ef/0x970
[  201.250014][T12741]  direct_splice_actor+0x153/0x2a0
[  201.255191][T12741]  splice_direct_to_actor+0x30f/0x680
[  201.260617][T12741]  do_splice_direct+0xda/0x150
[  201.265428][T12741]  do_sendfile+0x380/0x650
[  201.269880][T12741]  __x64_sys_sendfile64+0x105/0x150
[  201.275115][T12741]  x64_sys_call+0xb39/0x2fb0
[  201.279738][T12741]  do_syscall_64+0xd2/0x200
[  201.284269][T12741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.290183][T12741] 
[  201.292563][T12741] read to 0xffff888106bbfb04 of 4 bytes by task 12741 on cpu 1:
[  201.300224][T12741]  xas_find_marked+0x5dc/0x620
[  201.305012][T12741]  find_get_entry+0x5d/0x380
[  201.309648][T12741]  filemap_get_folios_tag+0x92/0x210
[  201.314983][T12741]  mpage_prepare_extent_to_map+0x320/0xaa0
[  201.320826][T12741]  ext4_do_writepages+0x6ea/0x21c0
[  201.325972][T12741]  ext4_writepages+0x176/0x300
[  201.330798][T12741]  do_writepages+0x1c6/0x310
[  201.335426][T12741]  file_write_and_wait_range+0x156/0x2c0
[  201.341108][T12741]  generic_buffers_fsync_noflush+0x45/0x120
[  201.347057][T12741]  ext4_sync_file+0x1ab/0x690
[  201.351773][T12741]  vfs_fsync_range+0x10a/0x130
[  201.356580][T12741]  ext4_buffered_write_iter+0x34f/0x3c0
[  201.362154][T12741]  ext4_file_write_iter+0x383/0xf00
[  201.367401][T12741]  iter_file_splice_write+0x5ef/0x970
[  201.372810][T12741]  direct_splice_actor+0x153/0x2a0
[  201.377991][T12741]  splice_direct_to_actor+0x30f/0x680
[  201.383411][T12741]  do_splice_direct+0xda/0x150
[  201.388226][T12741]  do_sendfile+0x380/0x650
[  201.392685][T12741]  __x64_sys_sendfile64+0x105/0x150
[  201.397929][T12741]  x64_sys_call+0xb39/0x2fb0
[  201.402567][T12741]  do_syscall_64+0xd2/0x200
[  201.407103][T12741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.413029][T12741] 
[  201.415370][T12741] value changed: 0x0a000021 -> 0x04000021
[  201.421100][T12741] 
[  201.423441][T12741] Reported by Kernel Concurrency Sanitizer on:
[  201.429613][T12741] CPU: 1 UID: 0 PID: 12741 Comm: syz.0.2287 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(voluntary) 
[  201.442146][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  201.452229][T12741] ==================================================================
[  201.569670][ T3310] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.