last executing test programs:

46.671244533s ago: executing program 0 (id=429):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x51}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x2)

46.579020503s ago: executing program 0 (id=435):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x25dfdbfb, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x10, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0x0, 0x20, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)

46.534496523s ago: executing program 0 (id=439):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0xf3, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x550, 0xfffffffffffffc75}, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='cpu<=0||!')

46.484806364s ago: executing program 0 (id=442):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r1 = memfd_secret(0x80000)
fchownat(r1, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x1000)

46.459995524s ago: executing program 0 (id=446):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143041, 0x0)

46.394675695s ago: executing program 0 (id=450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')

36.904955917s ago: executing program 4 (id=707):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=@delchain={0x1dc, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x1a0, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x17c, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_simple={0x58, 0x1e, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x21, 0x6, "2369c2c4cea330102e688fe12213d2bf7dae04880a34e7bf7750101284"}, {0xc, 0x7, {0x0, 0x79d0f023c2b305dd}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_connmark={0xf0, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0xbd, 0x6, "0ef6a460a5bbda16e826eafe044d3376872c48b74ae60f057b238fb15e2207986c5639bfbc3d91ee00b5a433e95b6b3527d9711d16abc0abaea927bcdffe4d3ec14fb6fca0407429934982873a3f054bcbf1e53f85fe7aee4ccd90229e6ba2b45bd165ebd7929c21abcdf0b8d47ff6a950009bf4b1ef96863b19aaa1c52a12b02f39c0816b2c6136341ed251c3b6f6af9385e3d242e39802d1054758f1fecd4810c086a3ef4c0b3354522333a981535fdda66a4dc5f04533ed"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_ACT={0x4}]}}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x5c}, 0x1, 0x0, 0x0, 0x40044}, 0x4000010)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

36.862868328s ago: executing program 4 (id=709):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r0, 0x0, 0x9}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x600, 0x0, 0x0, 0x6}, [@IFLA_ADDRESS={0xa, 0x3, @random="08e7eebc872f"}, @IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x44}}, 0x0)

36.813670588s ago: executing program 4 (id=710):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9af7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000030601020000ffffffff00000a0000010500018007"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

36.772024358s ago: executing program 4 (id=712):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xca)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00')

36.668691859s ago: executing program 4 (id=713):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000003c0)={0x28, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}]}, 0x28}}, 0xd94a0f9e5456b942)

36.374137351s ago: executing program 4 (id=719):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10000000)

36.373994571s ago: executing program 32 (id=719):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x5c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10000000)

31.373946574s ago: executing program 33 (id=450):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')

18.689699977s ago: executing program 5 (id=1430):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
fstat(0xffffffffffffffff, 0x0)

18.637806538s ago: executing program 5 (id=1434):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000001040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01030000000000000000010000000800010014000000080003"], 0x30}}, 0x44)

18.539712058s ago: executing program 5 (id=1436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
syz_usbip_server_init(0x1)

18.216837521s ago: executing program 2 (id=1443):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
modify_ldt$write(0x1, &(0x7f0000000040)={0xd35, 0x1000, 0x4000}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

18.078711502s ago: executing program 2 (id=1454):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000000042f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

17.958140242s ago: executing program 2 (id=1459):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r1, 0x0, 0x27, 0x400ed80, &(0x7f0000000040)={0xa, 0x4e22, 0x10000, @local}, 0x1c)

17.928542693s ago: executing program 2 (id=1462):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000080)='./file0/file0\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0xc, 0x0, {r0}}, 0x20)

17.887607693s ago: executing program 2 (id=1464):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300))

17.743089983s ago: executing program 5 (id=1475):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000080)='./file0/file0\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0xc, 0x0, {r0}}, 0x20)

17.722343343s ago: executing program 5 (id=1477):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
utimes(&(0x7f0000000380)='./file0\x00', 0x0)

17.707310484s ago: executing program 2 (id=1479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_clone3(&(0x7f0000000a00)={0x4000000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0x0], 0x1}, 0x58)

17.690994094s ago: executing program 34 (id=1479):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff47}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_clone3(&(0x7f0000000a00)={0x4000000, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0x0], 0x1}, 0x58)

17.474676436s ago: executing program 5 (id=1493):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x8, 0x3, 0x1f0, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x250)

17.419148826s ago: executing program 35 (id=1493):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0x8, 0x3, 0x1f0, 0x340, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x250)

1.094619114s ago: executing program 6 (id=2314):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

1.036973254s ago: executing program 6 (id=2319):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000280), &(0x7f0000000600)=r1}, 0x20)
r2 = timerfd_create(0x8, 0x0)
timerfd_settime(r2, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

974.107604ms ago: executing program 6 (id=2321):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)

945.618814ms ago: executing program 6 (id=2322):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe5, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xfffd}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x4000000, 0x20000001, 0x4, 0x2}, 0x1, r2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x4}}]}, 0x90}}, 0x0)

871.410955ms ago: executing program 6 (id=2328):
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x87, 0x2, 0x7}, 0x0})
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000100)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0xc0085508, &(0x7f0000000500)=0x1d)

686.444106ms ago: executing program 1 (id=2345):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001940), 0x100000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r2}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000001980)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x5}}, './file0\x00'})

653.630066ms ago: executing program 1 (id=2347):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x800000, &(0x7f0000000b40)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c756e695f786c6174653d302c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c7379735f696d6d757461626c652c757466383d302c002e39a45aa9edcfe08671a816cb673d99851079b41e699eacf742"], 0x1, 0x373, &(0x7f00000006c0)="$eJzs3U9rXFUUAPDTsfmr6WQhgop4qRvdDEn8Ag3SghhQYkeqC+HVTHTINBPmDZEpot259XMUl+4E8QtkoXt37rJx2UXpk8yfJpOOKSVOHtXfD8I9yT0nc+883uNuHufw1g93drbz2nbWjcq1FJWIqDyIWO5HA5eGY6Ufz8ZJ9+Kd6q0/3vj4088+WN/YuL6Z0o31m++upZSuvPnL19/8ePXX7ouf/HTl57k4WP788K+1Pw9eOXj18NHNr5p5auZpt91NWbrdbnez261G2mrmO7WUPmo1sryRmrt5ozM2v91q7+31Ura7tbS412nkecp2e2mn0Uvddup2ein7MmvuplqtlpYWg6ep39/czNYH8fwZedcuakFMQaeznh3dw3NPzNTvl7IgAKBU5z3/z/6r5/+ZcP6/SCfP//xXHZ3/Z4f37zjnfwAAAAAAAAAAAAAAeB48KIpqURTV0ViMXhIe/l7y8piyJ67/qZ+y18d0nXhxbz6i9f1+fb8+GAfz69vRjFY0YiWq8fDosTAyiG+8v3F9JfUtx9Kd7/r1V3+LqL8wXr8a1VieXL86qE+P6+NonInFk/VrUY2XJ9evTayfjbffOlFfi2r8/kW0oxVb/cfbcf23qym99+HGqfq5fh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/w+1NPJ6DPre79cjFmJ/2L+/dpywPN4ff1D/uL/+SlTj4eT+/CsT+/Nfjtcul7t3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjJe3d3slar0bmoYNTzv/+X2VHwz1WXBun3Tk0txHjy3NP+zzmDyjNVLQw3OWHqUVEU01rq/MVeyvMEMxFxRk4x/ALP/1kvRcQZOXMRMf0tV8r/wp85KONpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOU6bvpd9koAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoU967u5O1Wo3OFIOy9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA8+TsAAP//S+oM3w==")
r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2)
pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0)
r1 = open(&(0x7f0000000200)='./bus\x00', 0x44000, 0x0)
dup3(r1, r0, 0x0)
finit_module(r1, 0x0, 0x0)

614.737087ms ago: executing program 1 (id=2349):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x3c05922b3f90fb1b, 0xfffeffff, 0xca147bc31ed1a88b, "28f5c9ea1f1ae4be4111ab18d2da69bde50800000000000000aac11c2e16bd5bba7623c435aff90493ddd7aae07ef35f0700000000000000ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})

571.389217ms ago: executing program 8 (id=2350):
socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000038c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000003900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d65746100000000140002800800014000000012080002"], 0xc4}}, 0x40)

553.475937ms ago: executing program 7 (id=2351):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0x9, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000280)=@IORING_OP_STATX={0x15, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x100, 0x6000})
io_uring_enter(r1, 0x1b96, 0x106a, 0x22, 0x0, 0x0)

477.903648ms ago: executing program 8 (id=2352):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x3c}, 0x2, @in=@local, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)

440.995978ms ago: executing program 8 (id=2355):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f0000000600)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000001c0)=[{{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

413.773298ms ago: executing program 8 (id=2357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000000)=0x3)
write$ppp(r2, &(0x7f0000000300)="5af9", 0x2)

372.659158ms ago: executing program 7 (id=2358):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x8000, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x2, 0x3, 0x0, 0x3, 0x11, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x4, @mcast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc, 0x1}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x9, @empty, 0x6}}]}, 0x88}, 0x1, 0x7}, 0x0)

372.368438ms ago: executing program 7 (id=2359):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f0000000100)='./file1\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)

342.888468ms ago: executing program 3 (id=2361):
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x6, 0x80500, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_config_ext={0xa60b, 0x11dd}, 0x0, 0x6, 0x0, 0x5, 0x8, 0x20009, 0x1, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fchdir(0xffffffffffffffff)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/211, 0xd3)

342.476788ms ago: executing program 1 (id=2362):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x200, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x10c000)
r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0519, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x3}, 0x6025, 0x4005, 0xb, 0x3, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, @perf_config_ext={0x8, 0xffffffffffffbfff}, 0x120, 0x10000, 0x33f8, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r1, 0x2)
syz_clone(0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0)

323.475089ms ago: executing program 8 (id=2363):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='timer_start\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

295.096319ms ago: executing program 8 (id=2364):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1, 0x0, 0x1}, 0x18)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

294.391179ms ago: executing program 7 (id=2365):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000000), &(0x7f0000000180)=r1}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)

272.418189ms ago: executing program 3 (id=2366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000003c0)={[{@acl}, {@jqfmt_vfsv0}], [{@seclabel}]}, 0x1, 0x456, &(0x7f00000014c0)="$eJzs28tvG8UfAPDvbuL0l19bEkp59AEUCiLikTRtgR44AAKJQ5GQ4ADHKEmrUrdBTZBoVUGKUDkhhMQdceRf4AQXhDghcYU7qlShXtoiDkZr7ya2a7uNY9el/nykTWb24ZmvZ8ee3fEGMLT2ZX+SiG0R8XtETNSyjTvsq/27duX8/PUr5+eTqFTe/iup7nf1yvn5YtfiuK15ZiqNSD9LYk+LcpfPnjs5Vy4vnsnzMyunPphZPnvuuROn5o4vHl88ffDIkcOHZl984eDzDcelXcaZ1enq7o+X9u56472v3jz6RUP8TXFs2njDS7f0ZKXSs+LuBNvr0snoACvChoxERNZcpWr/n4iRWG+8iXj904FWDuirSqVS2dp+82oFuIsl0ZjX5WFYFF/02fVvsTQPAl7u3/Bj4C6/UrsAyuK+li+1LaNr9xpKTde3vbQvIt5d/fubbIle34cAAGjhh2z882yr8V8aD9Ttd08+NzQZEfdGxI6IuC8idkbE/RHVfR+MiIc2WH7zJMmN45/0UleB3aJs/PdSPrfVOP5bm2maHMlz26vxl5JjJ8qLB/L3ZCpKW7L8bIcyfnztty/bbasf/2VLVn4xFszrcWl0S+MxC3Mrc5uJud7lCxG7R1vFn6zNBCQRsSsidndZxomnv9vbbtvN4++gB/NMlW8jnqq1/2o0xV9IOs9PzvwvyosHZoqz4ka//HrxrXblbyr+Hsja//8tz/+1+CeT+vna5Y2XcfGPz9te03R7/o8l71TTY/m6j+ZWVs7MRowlR2uVrl9/cP3YIl/sn8U/tb91/98R6+/EnojITuKHI+KRiHg0r/tjEfF4ROzvEP/Prz7xfvfx91cW/8KG2n89MRbNa1onRk7+9H1DoZM3xH+9c/sfrqam8jW38vl3K/Xq7mwGAACA/540IrZFkk6vpdN0err2e/mdEWl5aXnlmWNLH55eqD0jMBmltLjTNVF3P3Q2v6yv5S9ERO2nBcX2Q/l9469Hxqv56fml8sKgg4cht7VN/8/8OTLo2gF953ktGF4b7//Jal8qAtx2vv9heOn/MLxa9P/xQdQDuP1aff9/MoB6ALdfU/837QdDxPU/DC/9H4aX/g9DaXk8bv6QfMdE8UpdHn7XJqJ0R1Sjc+KfTbR7OujKS/QzMdjPJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF75NwAA///jh+H0")

222.224679ms ago: executing program 7 (id=2367):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0xa00, 0x81, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x318}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

211.185099ms ago: executing program 3 (id=2368):
r0 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', <r1=>0x0})
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000240)={0x4, 0x0, 0x0, r1}, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0xd76}, 0x18)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f00000002c0)=0xd, 0x4)

102.68738ms ago: executing program 6 (id=2369):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22052, r2, 0x0)

102.5506ms ago: executing program 3 (id=2370):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'hsr0\x00', 0x4}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f00000003c0)={0x1, 'batadv_slave_0\x00', 0x2}, 0x18)

79.48003ms ago: executing program 1 (id=2371):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "2d432d74c04f228a", "d71d9a1e03558545115509e1c34caab9", "59f7766d", "5e33931677e0f2d7"}, 0x28)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, 0x0})

22.243321ms ago: executing program 3 (id=2372):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r2)
sendmsg$TIPC_CMD_SHOW_PORTS(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r3, 0xe01, 0x70bd2d, 0x25dfdbfc}, 0x1c}}, 0x24048800)

21.84206ms ago: executing program 3 (id=2373):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x3c05922b3f90fb1b, 0xfffeffff, 0xca147bc31ed1a88b, "28f5c9ea1f1ae4be4111ab18d2da69bde50800000000000000aac11c2e16bd5bba7623c435aff90493ddd7aae07ef35f0700000000000000ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})

20.44434ms ago: executing program 1 (id=2382):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}]}, @NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tunnel={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_KEY={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_TUNNEL_DREG={0x8, 0x2, 0x1, 0x0, 0x9}]}}}, {0x28, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_FWD_NFPROTO={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xec}}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x0, 0x0, 0x28, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x0, 0x700}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0xfd6c)

0s ago: executing program 7 (id=2374):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
process_mrelease(0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

header+0x81/0x220
[   41.373288][ T4631]  oom_kill_process+0x342/0x400
[   41.373356][ T4631]  out_of_memory+0x979/0xb80
[   41.373434][ T4631]  try_charge_memcg+0x610/0xa10
[   41.373532][ T4631]  obj_cgroup_charge_pages+0xa6/0x150
[   41.373553][ T4631]  __memcg_kmem_charge_page+0x9f/0x170
[   41.373578][ T4631]  __alloc_frozen_pages_noprof+0x188/0x360
[   41.373603][ T4631]  alloc_pages_mpol+0xb3/0x260
[   41.373623][ T4631]  alloc_pages_noprof+0x90/0x130
[   41.373664][ T4631]  __vmalloc_node_range_noprof+0x7a5/0xed0
[   41.373717][ T4631]  __kvmalloc_node_noprof+0x483/0x670
[   41.373759][ T4631]  ? ip_set_alloc+0x24/0x30
[   41.373794][ T4631]  ? ip_set_alloc+0x24/0x30
[   41.373873][ T4631]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   41.373907][ T4631]  ip_set_alloc+0x24/0x30
[   41.373949][ T4631]  hash_netiface_create+0x282/0x740
[   41.373982][ T4631]  ? __pfx_hash_netiface_create+0x10/0x10
[   41.374045][ T4631]  ip_set_create+0x3cc/0x970
[   41.374124][ T4631]  ? __nla_parse+0x40/0x60
[   41.374149][ T4631]  nfnetlink_rcv_msg+0x4c6/0x590
[   41.374197][ T4631]  netlink_rcv_skb+0x123/0x220
[   41.374234][ T4631]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   41.374278][ T4631]  nfnetlink_rcv+0x167/0x16c0
[   41.374381][ T4631]  ? kmem_cache_free+0xe4/0x3d0
[   41.374423][ T4631]  ? __kfree_skb+0x109/0x150
[   41.374521][ T4631]  ? nlmon_xmit+0x4f/0x60
[   41.374543][ T4631]  ? consume_skb+0x49/0x150
[   41.374572][ T4631]  ? nlmon_xmit+0x4f/0x60
[   41.374638][ T4631]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   41.374677][ T4631]  ? __dev_queue_xmit+0x1200/0x2000
[   41.374788][ T4631]  ? __dev_queue_xmit+0x182/0x2000
[   41.374824][ T4631]  ? do_user_addr_fault+0xd9e/0x1080
[   41.374850][ T4631]  ? ref_tracker_free+0x37d/0x3e0
[   41.374893][ T4631]  ? __netlink_deliver_tap+0x4dc/0x500
[   41.374977][ T4631]  netlink_unicast+0x5c0/0x690
[   41.375013][ T4631]  netlink_sendmsg+0x58b/0x6b0
[   41.375036][ T4631]  ? __pfx_netlink_sendmsg+0x10/0x10
[   41.375158][ T4631]  __sock_sendmsg+0x145/0x180
[   41.375185][ T4631]  ____sys_sendmsg+0x31e/0x4e0
[   41.375217][ T4631]  ___sys_sendmsg+0x17b/0x1d0
[   41.375258][ T4631]  __x64_sys_sendmsg+0xd4/0x160
[   41.375283][ T4631]  x64_sys_call+0x191e/0x3000
[   41.375309][ T4631]  do_syscall_64+0xd2/0x200
[   41.375348][ T4631]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.375420][ T4631]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   41.375454][ T4631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.375540][ T4631] RIP: 0033:0x7f02a71eefc9
[   41.375555][ T4631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.375571][ T4631] RSP: 002b:00007f02a5c4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   41.375589][ T4631] RAX: ffffffffffffffda RBX: 00007f02a7445fa0 RCX: 00007f02a71eefc9
[   41.375603][ T4631] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   41.375617][ T4631] RBP: 00007f02a7271f91 R08: 0000000000000000 R09: 0000000000000000
[   41.375673][ T4631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   41.375686][ T4631] R13: 00007f02a7446038 R14: 00007f02a7445fa0 R15: 00007fffa67bf668
[   41.375720][ T4631]  </TASK>
[   41.375728][ T4631] memory: usage 307200kB, limit 307200kB, failcnt 426
[   41.731573][ T4631] memory+swap: usage 307380kB, limit 9007199254740988kB, failcnt 0
[   41.739500][ T4631] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[   41.747219][ T4631] Memory cgroup stats for /syz2:
[   41.750952][ T4631] cache 24576
[   41.759901][ T4631] rss 4096
[   41.763046][ T4631] shmem 0
[   41.766010][ T4631] mapped_file 0
[   41.769453][ T4631] dirty 0
[   41.772460][ T4631] writeback 0
[   41.775753][ T4631] workingset_refault_anon 83
[   41.780351][ T4631] workingset_refault_file 478
[   41.785654][ T4631] swap 188416
[   41.788933][ T4631] swapcached 4096
[   41.792923][ T4631] pgpgin 11930
[   41.796288][ T4631] pgpgout 11923
[   41.799789][ T4631] pgfault 18899
[   41.803264][ T4631] pgmajfault 71
[   41.806989][ T4631] inactive_anon 0
[   41.810605][ T4631] active_anon 4096
[   41.814327][ T4631] inactive_file 0
[   41.817949][ T4631] active_file 24576
[   41.821823][ T4631] unevictable 0
[   41.825309][ T4631] hierarchical_memory_limit 314572800
[   41.830664][ T4631] hierarchical_memsw_limit 9223372036854771712
[   41.837265][ T4631] total_cache 24576
[   41.841501][ T4631] total_rss 4096
[   41.845077][ T4631] total_shmem 0
[   41.848530][ T4631] total_mapped_file 0
[   41.852542][ T4631] total_dirty 0
[   41.856066][ T4631] total_writeback 0
[   41.859913][ T4631] total_workingset_refault_anon 83
[   41.865175][ T4631] total_workingset_refault_file 478
[   41.870371][ T4631] total_swap 188416
[   41.874187][ T4631] total_swapcached 4096
[   41.878371][ T4631] total_pgpgin 11930
[   41.882258][ T4631] total_pgpgout 11923
[   41.886255][ T4631] total_pgfault 18899
[   41.890314][ T4631] total_pgmajfault 71
[   41.894361][ T4631] total_inactive_anon 0
[   41.898519][ T4631] total_active_anon 4096
[   41.902817][ T4631] total_inactive_file 0
[   41.906960][ T4631] total_active_file 24576
[   41.911279][ T4631] total_unevictable 0
[   41.916913][ T4631] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.452,pid=4627,uid=0
[   41.932342][ T4631] Memory cgroup out of memory: Killed process 4627 (syz.2.452) total-vm:95872kB, anon-rss:1216kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   41.963491][ T4683] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   41.980911][ T4684] netlink: 136 bytes leftover after parsing attributes in process `syz.4.474'.
[   41.990622][ T4684] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   42.044355][ T4686] syz.3.475 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   42.136694][ T4698] loop4: detected capacity change from 0 to 512
[   42.186968][ T4703] loop1: detected capacity change from 0 to 512
[   42.223833][ T4698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.242567][ T4698] ext4 filesystem being mounted at /91/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.295743][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.310642][ T4703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.332121][ T4631] syz.2.452 (4631) used greatest stack depth: 7240 bytes left
[   42.340305][ T4703] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.465385][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.595623][ T4718] macvtap0: entered promiscuous mode
[   42.601589][ T4718] macvtap0: left promiscuous mode
[   42.752495][ T4705] TCP: TCP_TX_DELAY enabled
[   42.782424][ T4728] SELinux: failed to load policy
[   42.856485][ T4740] netlink: 'syz.2.499': attribute type 12 has an invalid length.
[   42.935097][ T4744] loop4: detected capacity change from 0 to 2048
[   43.008480][ T4744] Alternate GPT is invalid, using primary GPT.
[   43.014822][ T4744]  loop4: p1 p2 p3
[   43.018579][ T4744] loop4: partition table partially beyond EOD, truncated
[   43.139947][ T4767] netlink: 'syz.2.510': attribute type 3 has an invalid length.
[   43.163898][ T4769] loop4: detected capacity change from 0 to 512
[   43.185658][ T4769] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.511: couldn't read orphan inode 26 (err -116)
[   43.222619][ T4769] EXT4-fs (loop4): Remounting filesystem read-only
[   43.229633][ T4769] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.288088][ T4769] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.298747][ T4778] netlink: 28 bytes leftover after parsing attributes in process `syz.2.514'.
[   43.355192][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.396091][ T4780] syzkaller1: entered promiscuous mode
[   43.401698][ T4780] syzkaller1: entered allmulticast mode
[   43.470318][ T4786] x_tables: unsorted entry at hook 2
[   43.494754][ T4788] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   43.662356][ T4802] loop4: detected capacity change from 0 to 1024
[   43.669346][ T4802] EXT4-fs: Ignoring removed nomblk_io_submit option
[   43.696476][ T4802] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.738872][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.919777][ T4818] SELinux:  policydb version 0 does not match my version range 15-35
[   43.928148][ T4818] SELinux: failed to load policy
[   44.173641][    T9] IPVS: starting estimator thread 0...
[   44.182389][ T4840] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[   44.262390][ T4846] IPVS: using max 2688 ests per chain, 134400 per kthread
[   44.388757][ T4865] netlink: 16 bytes leftover after parsing attributes in process `syz.2.553'.
[   44.399666][ T4866] loop3: detected capacity change from 0 to 2048
[   44.461436][ T4866] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.593952][   T29] kauditd_printk_skb: 70 callbacks suppressed
[   44.593968][   T29] audit: type=1326 audit(1762117325.176:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4875 comm="syz.2.557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02a71eefc9 code=0x7ffc0000
[   44.623290][   T29] audit: type=1326 audit(1762117325.176:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4875 comm="syz.2.557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02a71eefc9 code=0x7ffc0000
[   44.646727][   T29] audit: type=1326 audit(1762117325.176:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4875 comm="syz.2.557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7f02a71eefc9 code=0x7ffc0000
[   44.669959][   T29] audit: type=1326 audit(1762117325.176:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4875 comm="syz.2.557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02a71eefc9 code=0x7ffc0000
[   44.719416][   T29] audit: type=1400 audit(1762117325.276:587): avc:  denied  { bind } for  pid=4877 comm="syz.1.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   44.739720][   T29] audit: type=1326 audit(1762117325.286:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4875 comm="syz.2.557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02a71eefc9 code=0x7ffc0000
[   44.892603][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.953076][ T4896] binfmt_misc: register: failed to install interpreter file ./file2
[   44.987939][ T4894] loop2: detected capacity change from 0 to 8192
[   44.999102][ T4894] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   45.071051][ T4894] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[   45.080124][ T4894] FAT-fs (loop2): Filesystem has been set read-only
[   45.095251][ T4894] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[   45.104433][ T4894] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[   45.135200][   T29] audit: type=1326 audit(1762117325.716:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4902 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   45.174535][   T29] audit: type=1326 audit(1762117325.736:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4902 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   45.197924][   T29] audit: type=1326 audit(1762117325.736:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4902 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   45.221212][   T29] audit: type=1326 audit(1762117325.736:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4902 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   45.472676][ T4925] loop3: detected capacity change from 0 to 512
[   45.479534][ T4925] EXT4-fs: Ignoring removed bh option
[   45.486640][ T4925] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   45.495754][ T4925] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   45.504683][ T4925] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   45.515354][ T4925] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   45.524290][ T4925] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.540202][ T4925] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.579: bg 0: block 353: padding at end of block bitmap is not set
[   45.566324][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.634441][ T4935] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   45.720369][ T4945] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   45.774928][ T4948] ieee802154 phy0 wpan0: encryption failed: -22
[   45.796996][ T4950] loop1: detected capacity change from 0 to 512
[   45.835365][ T3317] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[   45.875542][ T4950] SELinux: security_context_str_to_sid (re) failed with errno=-22
[   46.123373][ T4965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.596'.
[   46.370748][ T4988] loop3: detected capacity change from 0 to 512
[   46.433711][ T4988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.460262][ T4988] ext4 filesystem being mounted at /144/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.516905][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.809802][ T5014] SELinux: failed to load policy
[   46.953189][ T5019] xt_TPROXY: Can be used only with -p tcp or -p udp
[   48.069058][ T5071] loop2: detected capacity change from 0 to 512
[   48.110826][ T5071] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.643: inode has both inline data and extents flags
[   48.162505][ T5071] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.643: couldn't read orphan inode 15 (err -117)
[   48.213031][ T5071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.298639][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.836290][ T1038] IPVS: starting estimator thread 0...
[   48.900815][ T5153] loop1: detected capacity change from 0 to 1024
[   48.922483][ T5147] IPVS: using max 2592 ests per chain, 129600 per kthread
[   48.922644][ T5153] EXT4-fs: Ignoring removed orlov option
[   48.998853][ T5153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.173176][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.265027][ T5162] loop3: detected capacity change from 0 to 512
[   49.275436][ T5165] loop4: detected capacity change from 0 to 512
[   49.283899][ T5163] 9pnet: Unknown protocol version 9
[   49.293852][ T5165] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   49.305028][ T5162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.322525][ T5162] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.352810][ T5165] EXT4-fs (loop4): 1 truncate cleaned up
[   49.359319][ T5165] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.382959][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.460332][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.507530][ T5188] loop4: detected capacity change from 0 to 1024
[   49.518190][ T5188] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[   49.528080][ T5188] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (4096), stripe is disabled
[   49.568445][ T5188] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   49.577518][ T5188] EXT4-fs (loop4): orphan cleanup on readonly fs
[   49.585041][ T5188] EXT4-fs error (device loop4): ext4_read_inode_bitmap:167: comm syz.4.693: Inode bitmap for bg 0 marked uninitialized
[   49.598202][ T5188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.613627][   T29] kauditd_printk_skb: 158 callbacks suppressed
[   49.613641][   T29] audit: type=1400 audit(1762117330.196:751): avc:  denied  { remount } for  pid=5186 comm="syz.4.693" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   49.642589][ T5188] EXT4-fs (loop4): ext4_remount: Checksum for group 0 failed (32298!=35945)
[   49.682564][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.697583][   T29] audit: type=1400 audit(1762117330.276:752): avc:  denied  { setopt } for  pid=5199 comm="syz.1.699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   49.718039][ T5200] netlink: 8 bytes leftover after parsing attributes in process `syz.1.699'.
[   49.745399][   T29] audit: type=1400 audit(1762117330.326:753): avc:  denied  { sqpoll } for  pid=5201 comm="syz.1.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   49.786817][ T5205] netlink: 268 bytes leftover after parsing attributes in process `syz.4.700'.
[   49.812872][   T29] audit: type=1400 audit(1762117330.396:754): avc:  denied  { read } for  pid=5208 comm="syz.4.703" path="socket:[9743]" dev="sockfs" ino=9743 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   49.875095][ T5213] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   50.043852][   T29] audit: type=1326 audit(1762117330.626:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   50.067163][   T29] audit: type=1326 audit(1762117330.626:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   50.091832][   T29] audit: type=1400 audit(1762117330.626:757): avc:  denied  { mount } for  pid=5226 comm="syz.4.712" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   50.114532][   T29] audit: type=1326 audit(1762117330.626:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   50.138181][   T29] audit: type=1326 audit(1762117330.626:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   50.161639][   T29] audit: type=1326 audit(1762117330.626:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5228 comm="syz.1.711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   50.262057][ T5231] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   50.291235][ T5233] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.316216][ T5235] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   50.323743][ T5235] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   50.331138][ T5235] vhci_hcd: default hub control req: 230f v0004 i0000 l3
[   50.399046][   T31] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.467790][ T5244] netlink: 12 bytes leftover after parsing attributes in process `syz.2.721'.
[   50.505265][   T31] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.575218][   T31] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.576770][ T5255] loop1: detected capacity change from 0 to 512
[   50.598353][ T5255] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.724: bg 0: block 5: invalid block bitmap
[   50.611385][ T5255] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   50.627345][ T5255] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.724: invalid indirect mapped block 3 (level 2)
[   50.642682][ T5255] EXT4-fs (loop1): 2 truncates cleaned up
[   50.653223][ T5255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.698390][   T31] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.763319][ T5261] Falling back ldisc for ttyS3.
[   50.784608][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.849256][   T31] bridge_slave_1: left allmulticast mode
[   50.854993][   T31] bridge_slave_1: left promiscuous mode
[   50.860731][   T31] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.865871][ T5265] program syz.1.726 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   50.891662][   T31] bridge_slave_0: left allmulticast mode
[   50.897395][   T31] bridge_slave_0: left promiscuous mode
[   50.903148][   T31] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.017583][   T31] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   51.034927][   T31] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   51.053316][   T31] bond0 (unregistering): Released all slaves
[   51.068268][ T5245] chnl_net:caif_netlink_parms(): no params data found
[   51.107709][   T31] hsr_slave_0: left promiscuous mode
[   51.118202][   T31] hsr_slave_1: left promiscuous mode
[   51.123972][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   51.131454][   T31] batman_adv: batadv0: Removing interface: batadv_slave_0
[   51.285620][   T31] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   51.293167][   T31] batman_adv: batadv0: Removing interface: batadv_slave_1
[   51.306129][   T31] veth1_macvtap: left promiscuous mode
[   51.311848][   T31] veth0_macvtap: left promiscuous mode
[   51.317708][   T31] veth1_vlan: left promiscuous mode
[   51.323076][   T31] veth0_vlan: left promiscuous mode
[   51.397688][   T31] team0 (unregistering): Port device team_slave_1 removed
[   51.409135][   T31] team0 (unregistering): Port device team_slave_0 removed
[   51.480051][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.487228][ T5245] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.516042][ T5292] loop2: detected capacity change from 0 to 512
[   51.523043][ T5245] bridge_slave_0: entered allmulticast mode
[   51.529882][ T5292] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   51.540215][ T5245] bridge_slave_0: entered promiscuous mode
[   51.560505][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.567946][ T5245] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.593838][ T5292] EXT4-fs (loop2): 1 truncate cleaned up
[   51.599925][ T5292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.612630][ T5245] bridge_slave_1: entered allmulticast mode
[   51.619171][ T5245] bridge_slave_1: entered promiscuous mode
[   51.648186][ T5245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.669296][ T5245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.716078][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.727149][ T5245] team0: Port device team_slave_0 added
[   51.734162][ T5245] team0: Port device team_slave_1 added
[   51.785850][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.792844][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   51.818745][ T5245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.831985][ T5245] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.833648][ T5303] loop2: detected capacity change from 0 to 512
[   51.839182][ T5245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   51.871386][ T5245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.903293][ T5245] hsr_slave_0: entered promiscuous mode
[   51.909796][ T5303] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.942739][ T5245] hsr_slave_1: entered promiscuous mode
[   51.948856][ T5245] debugfs: 'hsr0' already exists in 'hsr'
[   51.954656][ T5245] Cannot create hsr debugfs directory
[   52.055809][ T5303] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   52.127763][ T3317] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[   52.171192][ T5318] loop3: detected capacity change from 0 to 2048
[   52.178578][ T5245] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   52.194774][ T5318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.195851][ T5245] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   52.215398][ T5318] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.228705][ T5245] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   52.238990][ T5245] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   52.267332][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.274430][ T5245] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.281841][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.288943][ T5245] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.321791][ T5333] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.748: bg 0: block 345: padding at end of block bitmap is not set
[   52.340870][ T5245] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.348532][ T5333] EXT4-fs (loop3): Remounting filesystem read-only
[   52.358485][ T1463] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.366045][   T41] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   52.389029][ T1463] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.412125][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.423061][ T5245] 8021q: adding VLAN 0 to HW filter on device team0
[   52.442982][ T1463] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.450084][ T1463] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.473185][ T5245] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   52.483583][ T5245] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   52.511931][ T1463] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.519071][ T1463] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.585704][ T5349] sctp: [Deprecated]: syz.3.753 (pid 5349) Use of struct sctp_assoc_value in delayed_ack socket option.
[   52.585704][ T5349] Use struct sctp_sack_info instead
[   52.607603][ T5245] 8021q: adding VLAN 0 to HW filter on device batadv0
[   52.794001][ T5245] veth0_vlan: entered promiscuous mode
[   52.806983][ T5245] veth1_vlan: entered promiscuous mode
[   52.834030][ T5245] veth0_macvtap: entered promiscuous mode
[   52.845156][ T5245] veth1_macvtap: entered promiscuous mode
[   52.861907][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_0
[   52.875196][ T5245] batman_adv: batadv0: Interface activated: batadv_slave_1
[   52.886446][ T1463] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   52.896221][ T1463] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   52.908689][ T1463] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   52.938733][ T1463] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.474047][ T5416] loop5: detected capacity change from 0 to 164
[   53.499053][ T5416] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   53.516516][ T5416] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   53.542771][ T5416] Symlink component flag not implemented
[   53.548454][ T5416] Symlink component flag not implemented
[   53.566256][ T5416] Symlink component flag not implemented (7)
[   53.572286][ T5416] Symlink component flag not implemented (116)
[   53.870286][ T1463] Bluetooth: hci0: Frame reassembly failed (-84)
[   54.189231][ T5464] netlink: 131740 bytes leftover after parsing attributes in process `syz.3.799'.
[   54.222507][ T5464] netlink: zone id is out of range
[   54.227731][ T5464] netlink: zone id is out of range
[   54.252577][ T5464] netlink: zone id is out of range
[   54.262365][ T5464] netlink: del zone limit has 8 unknown bytes
[   54.590423][ T5480] netlink: 16 bytes leftover after parsing attributes in process `syz.3.807'.
[   54.599380][ T5480] netlink: 20 bytes leftover after parsing attributes in process `syz.3.807'.
[   54.663105][   T29] kauditd_printk_skb: 131 callbacks suppressed
[   54.663118][   T29] audit: type=1326 audit(1762117591.251:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5481 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   54.721484][   T29] audit: type=1326 audit(1762117591.281:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5481 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   54.744200][   T29] audit: type=1326 audit(1762117591.281:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5481 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   54.767978][   T29] audit: type=1326 audit(1762117591.281:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5481 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   55.051723][ T5508] loop1: detected capacity change from 0 to 1024
[   55.058854][ T5508] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.072695][ T5508] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   55.091056][ T5508] EXT4-fs (loop1): orphan cleanup on readonly fs
[   55.101373][ T5508] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.820: Invalid inode table block 0 in block_group 0
[   55.115502][ T5508] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   55.125108][ T5508] EXT4-fs error (device loop1): ext4_quota_write:7334: inode #3: comm syz.1.820: mark_inode_dirty error
[   55.136948][ T5508] Quota error (device loop1): write_blk: dquota write failed
[   55.144424][ T5508] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   55.154355][ T5508] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.820: Failed to acquire dquot type 0
[   55.165765][ T5508] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.820: Invalid inode table block 0 in block_group 0
[   55.178729][ T5508] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   55.188305][ T5508] EXT4-fs error (device loop1): ext4_ext_truncate:4475: inode #15: comm syz.1.820: mark_inode_dirty error
[   55.201031][ T5508] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.820: Invalid inode table block 0 in block_group 0
[   55.214455][ T5508] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   55.226424][ T5508] EXT4-fs error (device loop1) in ext4_orphan_del:301: Corrupt filesystem
[   55.235188][ T5508] EXT4-fs error (device loop1): __ext4_get_inode_loc:4832: comm syz.1.820: Invalid inode table block 0 in block_group 0
[   55.248787][ T5508] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6313: Corrupt filesystem
[   55.258374][ T5508] EXT4-fs error (device loop1): ext4_truncate:4637: inode #15: comm syz.1.820: mark_inode_dirty error
[   55.269509][ T5508] EXT4-fs error (device loop1) in ext4_process_orphan:343: Corrupt filesystem
[   55.286824][ T5515] netlink: 8 bytes leftover after parsing attributes in process `syz.5.823'.
[   55.290714][ T5508] EXT4-fs (loop1): 1 truncate cleaned up
[   55.302035][ T5508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   55.406512][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.424945][ T5519] loop5: detected capacity change from 0 to 1024
[   55.443943][ T5519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.475085][ T5519] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.824: Allocating blocks 449-513 which overlap fs metadata
[   55.496447][   T29] audit: type=1400 audit(1762117592.081:895): avc:  denied  { map } for  pid=5526 comm="syz.1.827" path="socket:[11822]" dev="sockfs" ino=11822 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   55.534958][   T29] audit: type=1400 audit(1762117592.081:896): avc:  denied  { accept } for  pid=5526 comm="syz.1.827" path="socket:[11822]" dev="sockfs" ino=11822 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   55.583468][ T5245] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.624060][   T29] audit: type=1326 audit(1762117592.211:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5535 comm="syz.5.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff08232efc9 code=0x7ffc0000
[   55.647492][   T29] audit: type=1326 audit(1762117592.211:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5535 comm="syz.5.828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff08232efc9 code=0x7ffc0000
[   55.673125][ T1463] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.729353][ T5546] geneve2: entered promiscuous mode
[   55.734752][ T5546] geneve2: entered allmulticast mode
[   55.749922][ T1463] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.809553][ T5528] chnl_net:caif_netlink_parms(): no params data found
[   55.809773][ T5556] mmap: syz.3.835 (5556): VmData 167477248 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[   55.852558][ T1463] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.909612][ T5528] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.912471][ T3828] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   55.916757][ T5528] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.922887][ T5452] Bluetooth: hci0: command 0x1003 tx timeout
[   55.955592][ T5528] bridge_slave_0: entered allmulticast mode
[   55.965750][ T5528] bridge_slave_0: entered promiscuous mode
[   55.972622][ T5528] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.979748][ T5528] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.995472][ T5579] SELinux:  policydb version 788 does not match my version range 15-35
[   55.997193][ T5528] bridge_slave_1: entered allmulticast mode
[   56.003935][ T5579] SELinux: failed to load policy
[   56.015742][ T5528] bridge_slave_1: entered promiscuous mode
[   56.025234][ T1463] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.036887][ T5575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.843'.
[   56.082915][ T5528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.095834][ T5528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.114825][ T5591] loop2: detected capacity change from 0 to 1024
[   56.121795][ T5591] EXT4-fs: Ignoring removed orlov option
[   56.134249][ T5528] team0: Port device team_slave_0 added
[   56.144103][ T5591] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.145353][ T5528] team0: Port device team_slave_1 added
[   56.188532][ T5528] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.195611][ T5528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   56.221564][ T5528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.237279][ T5528] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.244363][ T5528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   56.270467][ T5528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.291306][ T1463] bridge_slave_1: left allmulticast mode
[   56.297192][ T1463] bridge_slave_1: left promiscuous mode
[   56.303110][ T1463] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.311409][ T1463] bridge_slave_0: left allmulticast mode
[   56.317115][ T1463] bridge_slave_0: left promiscuous mode
[   56.322778][ T1463] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.332143][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.349952][ T5608] loop1: detected capacity change from 0 to 512
[   56.377364][ T5608] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.422479][ T5608] ext4 filesystem being mounted at /191/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.494847][ T1463] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   56.518108][ T1463] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   56.541064][ T5630] netlink: 4 bytes leftover after parsing attributes in process `syz.5.868'.
[   56.550354][ T5630] netlink: 16 bytes leftover after parsing attributes in process `syz.5.868'.
[   56.561295][ T1463] bond0 (unregistering): Released all slaves
[   56.607897][ T5528] hsr_slave_0: entered promiscuous mode
[   56.621998][ T5528] hsr_slave_1: entered promiscuous mode
[   56.633247][ T5528] debugfs: 'hsr0' already exists in 'hsr'
[   56.639074][ T5528] Cannot create hsr debugfs directory
[   56.650004][ T1463] hsr_slave_0: left promiscuous mode
[   56.659129][ T1463] hsr_slave_1: left promiscuous mode
[   56.667331][ T1463] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.674804][ T1463] batman_adv: batadv0: Removing interface: batadv_slave_0
[   56.696673][ T1463] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   56.704158][ T1463] batman_adv: batadv0: Removing interface: batadv_slave_1
[   56.711768][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.722041][ T1463] veth1_macvtap: left promiscuous mode
[   56.727905][ T1463] veth0_macvtap: left promiscuous mode
[   56.733820][ T1463] veth1_vlan: left promiscuous mode
[   56.739117][ T1463] veth0_vlan: left promiscuous mode
[   56.742986][ T5640] loop1: detected capacity change from 0 to 512
[   56.751085][ T5640] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   56.823714][ T1463] team0 (unregistering): Port device team_slave_1 removed
[   56.844674][ T1463] team0 (unregistering): Port device team_slave_0 removed
[   56.883781][ T5655] loop1: detected capacity change from 0 to 128
[   56.891759][ T5655] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   56.905486][ T5655] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   56.971731][ T3312] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   57.073349][ T5528] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   57.074551][ T5669] netlink: 80 bytes leftover after parsing attributes in process `syz.3.885'.
[   57.090822][ T5528] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   57.104777][ T5528] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   57.137861][ T5528] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   57.187163][ T5691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.202109][ T5691] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.220256][ T5528] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.239676][ T1463] IPVS: stop unused estimator thread 0...
[   57.251896][ T5697] loop3: detected capacity change from 0 to 128
[   57.261554][ T5528] 8021q: adding VLAN 0 to HW filter on device team0
[   57.269033][ T5697] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   57.289543][ T3332] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.296721][ T3332] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.326544][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.333639][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.384778][ T5707] loop2: detected capacity change from 0 to 512
[   57.395447][ T5707] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   57.416618][ T5707] EXT4-fs (loop2): 1 truncate cleaned up
[   57.432696][ T5707] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.444983][ T5528] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.465961][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.631041][ T5528] veth0_vlan: entered promiscuous mode
[   57.639236][ T5528] veth1_vlan: entered promiscuous mode
[   57.654662][ T5528] veth0_macvtap: entered promiscuous mode
[   57.671121][ T5528] veth1_macvtap: entered promiscuous mode
[   57.691224][ T5528] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.699943][ T5528] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.738071][   T52] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.781321][   T52] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.813657][   T52] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.826402][   T52] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.853192][ T5749] loop5: detected capacity change from 0 to 256
[   57.942809][ T5752] netlink: 28 bytes leftover after parsing attributes in process `syz.5.912'.
[   57.952005][ T5752] netlink: 28 bytes leftover after parsing attributes in process `syz.5.912'.
[   58.124470][ T5781] x_tables: duplicate underflow at hook 1
[   58.235140][ T5807] loop6: detected capacity change from 0 to 512
[   58.243750][ T5807] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   58.268445][ T5807] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.937: iget: bad i_size value: 38620345925642
[   58.282212][ T5807] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.937: couldn't read orphan inode 15 (err -117)
[   58.301976][ T5807] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.937: bg 0: block 5: invalid block bitmap
[   58.316844][ T5807] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28
[   58.329430][ T5807] EXT4-fs (loop6): This should not happen!! Data will be lost
[   58.329430][ T5807] 
[   58.339184][ T5807] EXT4-fs (loop6): Total free blocks count 0
[   58.345791][ T5807] EXT4-fs (loop6): Free/Dirty block details
[   58.352005][ T5807] EXT4-fs (loop6): free_blocks=0
[   58.356982][ T5807] EXT4-fs (loop6): dirty_blocks=5
[   58.362016][ T5807] EXT4-fs (loop6): Block reservation details
[   58.368025][ T5807] EXT4-fs (loop6): i_reserved_data_blocks=5
[   58.396195][ T5824] netlink: 8 bytes leftover after parsing attributes in process `syz.6.943'.
[   58.726107][ T5866] xt_TCPMSS: Only works on TCP SYN packets
[   58.857684][ T5877] netlink: 24 bytes leftover after parsing attributes in process `syz.3.965'.
[   58.867061][ T5878] netlink: 'syz.5.966': attribute type 10 has an invalid length.
[   58.949653][ T5895] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5895 comm=syz.1.974
[   58.962184][ T5895] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5895 comm=syz.1.974
[   58.975508][ T5892] loop3: detected capacity change from 0 to 2048
[   59.019172][ T5905] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   59.038025][ T5907] syzkaller1: entered promiscuous mode
[   59.043913][ T5907] syzkaller1: entered allmulticast mode
[   59.166587][ T5926] netlink: 16 bytes leftover after parsing attributes in process `syz.2.987'.
[   59.306171][ T5950] SELinux:  Context system_u:object is not valid (left unmapped).
[   59.319902][ T5956] loop5: detected capacity change from 0 to 512
[   59.340775][ T5956] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.367610][ T5956] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.1000: iget: bad i_size value: 38620345925642
[   59.381126][ T5956] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1000: couldn't read orphan inode 15 (err -117)
[   59.399087][ T5956] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.1000: bg 0: block 5: invalid block bitmap
[   59.399726][ T5965] can0: slcan on ptm0.
[   59.423040][ T5956] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28
[   59.435558][ T5956] EXT4-fs (loop5): This should not happen!! Data will be lost
[   59.435558][ T5956] 
[   59.445401][ T5956] EXT4-fs (loop5): Total free blocks count 0
[   59.451398][ T5956] EXT4-fs (loop5): Free/Dirty block details
[   59.457426][ T5956] EXT4-fs (loop5): free_blocks=0
[   59.462439][ T5956] EXT4-fs (loop5): dirty_blocks=5
[   59.467470][ T5956] EXT4-fs (loop5): Block reservation details
[   59.473609][ T5956] EXT4-fs (loop5): i_reserved_data_blocks=5
[   59.515762][ T5965] can0 (unregistered): slcan off ptm0.
[   59.526465][ T5965] Falling back ldisc for ptm0.
[   59.545009][ T5982] loop2: detected capacity change from 0 to 512
[   59.582536][ T5982] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   59.615395][ T5982] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1013: corrupted xattr block 6: invalid header
[   59.652622][ T5982] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[   59.661341][ T5991] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   59.664281][ T5982] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.1013: corrupted xattr block 6: invalid header
[   59.670359][ T3407] IPVS: starting estimator thread 0...
[   59.683236][ T5982] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[   59.697254][   T29] kauditd_printk_skb: 120 callbacks suppressed
[   59.697268][   T29] audit: type=1400 audit(1762117597.285:1019): avc:  denied  { setattr } for  pid=5981 comm="syz.2.1013" name="file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   59.729480][ T5982] EXT4-fs error (device loop2): ext4_xattr_block_find:1874: inode #12: comm syz.2.1013: corrupted xattr block 6: invalid header
[   59.782551][ T5996] IPVS: using max 2448 ests per chain, 122400 per kthread
[   59.799432][   T29] audit: type=1400 audit(1762117597.355:1020): avc:  denied  { bpf } for  pid=6007 comm="syz.2.1021" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   59.820109][   T29] audit: type=1400 audit(1762117597.355:1021): avc:  denied  { perfmon } for  pid=6007 comm="syz.2.1021" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   59.842179][   T29] audit: type=1400 audit(1762117597.355:1022): avc:  denied  { map_create } for  pid=6003 comm="syz.5.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   59.876084][   T29] audit: type=1400 audit(1762117597.445:1023): avc:  denied  { prog_run } for  pid=6007 comm="syz.2.1021" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   59.895260][   T29] audit: type=1400 audit(1762117597.455:1024): avc:  denied  { read write } for  pid=3317 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   59.919520][   T29] audit: type=1400 audit(1762117597.455:1025): avc:  denied  { open } for  pid=3317 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   59.943760][   T29] audit: type=1400 audit(1762117597.455:1026): avc:  denied  { ioctl } for  pid=3317 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   59.990630][   T29] audit: type=1400 audit(1762117597.565:1027): avc:  denied  { open } for  pid=6009 comm="syz.1.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   60.009960][   T29] audit: type=1400 audit(1762117597.565:1028): avc:  denied  { kernel } for  pid=6009 comm="syz.1.1024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   60.116200][ T6035] netlink: 'syz.1.1035': attribute type 10 has an invalid length.
[   60.128351][ T6035] ipvlan0: entered allmulticast mode
[   60.133735][ T6035] veth0_vlan: entered allmulticast mode
[   60.142173][ T6035] team0: Device ipvlan0 failed to register rx_handler
[   60.227850][ T6053] pim6reg1: entered promiscuous mode
[   60.233460][ T6053] pim6reg1: entered allmulticast mode
[   60.303637][ T6068] __nla_validate_parse: 6 callbacks suppressed
[   60.303653][ T6068] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1051'.
[   60.318976][ T6068] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1051'.
[   60.459066][ T6093] netlink: 35 bytes leftover after parsing attributes in process `syz.6.1062'.
[   60.468156][ T6093] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1062'.
[   60.551828][ T6108] 9pnet: Could not find request transport: t
[   60.595348][ T6118] loop5: detected capacity change from 0 to 512
[   60.604133][ T6120] atomic_op ffff888119e5ed28 conn xmit_atomic 0000000000000000
[   60.634477][ T6126] loop6: detected capacity change from 0 to 512
[   60.656278][ T6126] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.675588][ T6126] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.1078: corrupted inode contents
[   60.688381][ T6126] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.1078: mark_inode_dirty error
[   60.700131][ T6126] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.1078: corrupted inode contents
[   60.724872][ T6126] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.1078: corrupted inode contents
[   60.741144][ T6126] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.1078: mark_inode_dirty error
[   60.745697][ T6141] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1082'.
[   60.755733][ T6126] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.1078: corrupted inode contents
[   60.783927][ T6126] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.1078: mark_inode_dirty error
[   60.795988][ T6126] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.1078: corrupted inode contents
[   60.809801][ T6126] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.1078: mark_inode_dirty error
[   60.811910][ T6144] netlink: 'syz.3.1084': attribute type 13 has an invalid length.
[   60.870626][ T6144] gretap0: refused to change device tx_queue_len
[   60.877075][ T6144] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   60.956797][ T6158] loop6: detected capacity change from 0 to 1024
[   60.976570][ T6158] EXT4-fs: Ignoring removed nobh option
[   60.982184][ T6158] EXT4-fs: Ignoring removed bh option
[   60.992509][ T6158] EXT4-fs (loop6): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   61.030310][ T6158] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.1089: Allocating blocks 385-513 which overlap fs metadata
[   61.050034][ T6158] EXT4-fs (loop6): pa ffff8881007d1620: logic 16, phys. 129, len 24
[   61.058235][ T6158] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[   61.081903][ T6158] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 15: block 337:freeing already freed block (bit 21); block bitmap corrupt.
[   61.395650][    T9] kernel read not supported for file /513/net/netstat (pid: 9 comm: kworker/0:0)
[   61.471479][ T6224] bridge: RTM_NEWNEIGH with invalid ether address
[   61.478694][ T6224] bridge: RTM_NEWNEIGH with invalid ether address
[   61.502091][ T6227] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1119'.
[   61.515565][ T6227] 0ªX¹¦À: renamed from caif0
[   61.524381][ T6227] 0ªX¹¦À: entered allmulticast mode
[   61.529751][ T6227] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   61.699975][ T6252] loop3: detected capacity change from 0 to 512
[   61.718034][ T6252] ext4 filesystem being mounted at /279/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.754855][ T6261] SELinux: failed to load policy
[   61.768306][ T6252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1134: corrupted inode contents
[   61.791590][ T6252] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.1134: mark_inode_dirty error
[   61.813093][ T6267] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1140'.
[   61.824632][ T6252] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1134: corrupted inode contents
[   61.855164][ T6270] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1134: corrupted inode contents
[   61.895239][ T6270] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.1134: mark_inode_dirty error
[   61.909410][ T6270] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1134: corrupted inode contents
[   61.922707][ T6270] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1134: mark_inode_dirty error
[   61.935316][ T6270] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1134: corrupted inode contents
[   61.947742][ T6270] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.1134: mark_inode_dirty error
[   61.977417][ T6283] can0: slcan on ttyS3.
[   62.032491][ T6283] can0 (unregistered): slcan off ttyS3.
[   62.272831][ T6329] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[   62.396658][ T6346] netlink: 'syz.2.1177': attribute type 6 has an invalid length.
[   62.492697][ T6359] bridge0: entered promiscuous mode
[   62.499152][ T6359] bridge0: port 3(macsec2) entered blocking state
[   62.505641][ T6359] bridge0: port 3(macsec2) entered disabled state
[   62.512278][ T6359] macsec2: entered allmulticast mode
[   62.517706][ T6359] bridge0: entered allmulticast mode
[   62.523758][ T6359] macsec2: left allmulticast mode
[   62.528892][ T6359] bridge0: left allmulticast mode
[   62.534361][ T6359] bridge0: left promiscuous mode
[   62.821168][ T6395] loop6: detected capacity change from 0 to 512
[   62.828321][ T6395] EXT4-fs: Ignoring removed bh option
[   62.834495][ T6395] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[   62.844583][ T6395] EXT4-fs (loop6): 1 truncate cleaned up
[   62.854821][ T6395] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[   62.863856][ T6395] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[   63.064654][ T6421] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1209'.
[   63.073733][ T6421] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1209'.
[   63.082769][ T6421] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1209'.
[   63.198895][ T6429] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 1216)
[   63.209239][ T6429] SELinux: failed to load policy
[   63.463934][ T6465] loop2: detected capacity change from 0 to 4096
[   63.514813][ T6456] loop3: detected capacity change from 0 to 32768
[   63.583155][ T6473] dummy0: entered promiscuous mode
[   63.588778][ T6456]  loop3: p1 p2 p3 < p5 p6 p7 >
[   63.589194][ T6473] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   63.601996][ T6473] hsr1: entered allmulticast mode
[   63.607311][ T6473] dummy0: entered allmulticast mode
[   63.609388][ T6456] loop3: p2 size 16775168 extends beyond EOD, 
[   63.612592][ T6473] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[   63.626194][ T6456] truncated
[   63.652419][ T6456] loop3: p5 start 4294970168 is beyond EOD, truncated
[   63.768264][ T6487] loop3: detected capacity change from 0 to 512
[   63.792843][ T6487] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.869964][ T6503] loop3: detected capacity change from 0 to 1024
[   63.883047][ T6503] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   63.894075][ T6503] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   63.921256][ T6503] JBD2: no valid journal superblock found
[   63.927333][ T6503] EXT4-fs (loop3): Could not load journal inode
[   63.959792][ T6513] netlink: 'syz.2.1251': attribute type 3 has an invalid length.
[   64.017479][ T6519] xt_CT: You must specify a L4 protocol and not use inversions on it
[   64.096512][ T6531] bond1: entered promiscuous mode
[   64.101659][ T6531] bond1: entered allmulticast mode
[   64.107271][ T6531] 8021q: adding VLAN 0 to HW filter on device bond1
[   64.126608][ T6531] bond1 (unregistering): Released all slaves
[   64.282634][ T6557] loop3: detected capacity change from 0 to 256
[   64.289671][ T6558] loop5: detected capacity change from 0 to 4096
[   64.413517][ T6582] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   64.506088][ T6604] netlink: 'syz.5.1295': attribute type 1 has an invalid length.
[   64.538589][ T6610] loop3: detected capacity change from 0 to 128
[   64.553300][ T6610] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   64.569791][ T6610] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   64.727566][   T29] kauditd_printk_skb: 362 callbacks suppressed
[   64.727582][   T29] audit: type=1400 audit(1762117602.305:1391): avc:  denied  { read write } for  pid=6648 comm="syz.5.1317" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   64.758841][   T29] audit: type=1400 audit(1762117602.305:1392): avc:  denied  { open } for  pid=6648 comm="syz.5.1317" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   64.767146][ T6655] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   64.783558][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4
[   64.797334][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2
[   64.805749][    T9] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x3
[   64.806352][ T6655] batman_adv: batadv0: Removing interface: batadv_slave_1
[   64.814581][    T9] hid-generic 0000:3000000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   64.831300][   T29] audit: type=1400 audit(1762117602.405:1393): avc:  denied  { write } for  pid=6649 comm="syz.3.1318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   64.935610][   T29] audit: type=1326 audit(1762117602.515:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   64.960211][   T29] audit: type=1326 audit(1762117602.515:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   64.983519][   T29] audit: type=1326 audit(1762117602.515:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   65.008265][   T29] audit: type=1326 audit(1762117602.515:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   65.032398][   T29] audit: type=1326 audit(1762117602.515:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   65.057503][   T29] audit: type=1326 audit(1762117602.515:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   65.081137][   T29] audit: type=1326 audit(1762117602.515:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.1.1328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   65.642118][ T6722] loop3: detected capacity change from 0 to 512
[   65.656833][ T6724] loop5: detected capacity change from 0 to 512
[   65.672736][ T6722] EXT4-fs: Ignoring removed nobh option
[   65.683180][ T6724] ------------[ cut here ]------------
[   65.688686][ T6724] EA inode 11 i_nlink=2
[   65.688896][ T6724] WARNING: CPU: 1 PID: 6724 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x36a/0x380
[   65.703220][ T6724] Modules linked in:
[   65.707174][ T6724] CPU: 1 UID: 0 PID: 6724 Comm: syz.5.1350 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.712022][ T6722] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1349: iget: bad i_size value: 38620345925642
[   65.716987][ T6724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.717009][ T6724] RIP: 0010:ext4_xattr_inode_update_ref+0x36a/0x380
[   65.746567][ T6724] Code: 90 49 8d 7e 40 e8 76 fd b8 ff 4d 8b 6e 40 4c 89 e7 e8 8a f8 b8 ff 41 8b 56 48 48 c7 c7 fa cc 55 86 4c 89 ee e8 07 fa 67 ff 90 <0f> 0b 90 90 e9 ff fe ff ff e8 88 e7 b5 03 0f 1f 84 00 00 00 00 00
[   65.766458][ T6724] RSP: 0018:ffffc900031075a0 EFLAGS: 00010246
[   65.767824][ T6722] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1349: couldn't read orphan inode 15 (err -117)
[   65.772668][ T6724] RAX: c893c95ff4fa0c00 RBX: ffff88811a56dbb8 RCX: 0000000000080000
[   65.772686][ T6724] RDX: ffffc9000ffd8000 RSI: 00000000000042d6 RDI: 00000000000042d7
[   65.798046][ T6722] EXT4-fs mount: 24 callbacks suppressed
[   65.798064][ T6722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.800467][ T6724] RBP: 0000000000000002 R08: 0001c90003107427 R09: 0000000000000000
[   65.800531][ T6724] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88811a56db68
[   65.834572][ T6724] R13: 000000000000000b R14: ffff88811a56db20 R15: 0000000000000001
[   65.842576][ T6724] FS:  00007ff080d976c0(0000) GS:ffff8882aef13000(0000) knlGS:0000000000000000
[   65.851587][ T6724] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.858345][ T6724] CR2: 000020000021e000 CR3: 000000012c8cc000 CR4: 00000000003506f0
[   65.866358][ T6724] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.874438][ T6724] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   65.880826][ T6722] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1349: bg 0: block 5: invalid block bitmap
[   65.882454][ T6724] Call Trace:
[   65.882463][ T6724]  <TASK>
[   65.882473][ T6724]  ext4_xattr_set_entry+0x77f/0x1020
[   65.900689][ T6722] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 21 with max blocks 44 with error 28
[   65.900959][ T6724]  ext4_xattr_ibody_set+0x184/0x3c0
[   65.906255][ T6722] EXT4-fs (loop3): This should not happen!! Data will be lost
[   65.906255][ T6722] 
[   65.906270][ T6722] EXT4-fs (loop3): Total free blocks count 0
[   65.918626][ T6724]  ext4_expand_extra_isize_ea+0xcbb/0x11f0
[   65.923841][ T6722] EXT4-fs (loop3): Free/Dirty block details
[   65.933475][ T6724]  __ext4_expand_extra_isize+0x246/0x280
[   65.939429][ T6722] EXT4-fs (loop3): free_blocks=0
[   65.945263][ T6724]  __ext4_mark_inode_dirty+0x29d/0x3f0
[   65.951139][ T6722] EXT4-fs (loop3): dirty_blocks=44
[   65.956775][ T6724]  ext4_evict_inode+0x80e/0xd90
[   65.956811][ T6724]  ? __pfx_ext4_evict_inode+0x10/0x10
[   65.962206][ T6722] EXT4-fs (loop3): Block reservation details
[   65.967662][ T6724]  evict+0x2e3/0x550
[   65.967682][ T6724]  ? __dquot_initialize+0x146/0x7c0
[   65.972820][ T6722] EXT4-fs (loop3): i_reserved_data_blocks=44
[   65.977656][ T6724]  iput+0x4ed/0x650
[   66.008008][ T6724]  ext4_process_orphan+0x1a9/0x1c0
[   66.013283][ T6724]  ext4_orphan_cleanup+0x6a8/0xa00
[   66.018429][ T6724]  ext4_fill_super+0x3483/0x3810
[   66.023454][ T6724]  ? snprintf+0x86/0xb0
[   66.027678][ T6724]  ? set_blocksize+0x1a8/0x310
[   66.032463][ T6724]  ? sb_set_blocksize+0xe3/0x100
[   66.037562][ T6724]  ? setup_bdev_super+0x30e/0x370
[   66.042626][ T6724]  ? __pfx_ext4_fill_super+0x10/0x10
[   66.047918][ T6724]  get_tree_bdev_flags+0x291/0x300
[   66.053077][ T6724]  ? __pfx_ext4_fill_super+0x10/0x10
[   66.058371][ T6724]  get_tree_bdev+0x1f/0x30
[   66.062851][ T6724]  ext4_get_tree+0x1c/0x30
[   66.067592][ T6724]  vfs_get_tree+0x57/0x1d0
[   66.072245][ T6724]  do_new_mount+0x24d/0x660
[   66.076840][ T6724]  path_mount+0x4a5/0xb70
[   66.081299][ T6724]  ? user_path_at+0x109/0x130
[   66.086033][ T6724]  __se_sys_mount+0x28c/0x2e0
[   66.090738][ T6724]  __x64_sys_mount+0x67/0x80
[   66.095393][ T6724]  x64_sys_call+0x2b51/0x3000
[   66.100082][ T6724]  do_syscall_64+0xd2/0x200
[   66.104620][ T6724]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.105582][ T6735] __nla_validate_parse: 5 callbacks suppressed
[   66.105593][ T6735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1352'.
[   66.110693][ T6724]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.131683][ T6724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.137758][ T6724] RIP: 0033:0x7ff08233076a
[   66.142195][ T6724] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.161910][ T6724] RSP: 002b:00007ff080d96e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.170438][ T6724] RAX: ffffffffffffffda RBX: 00007ff080d96ef0 RCX: 00007ff08233076a
[   66.178527][ T6724] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007ff080d96eb0
[   66.186560][ T6724] RBP: 0000200000000180 R08: 00007ff080d96ef0 R09: 0000000000800700
[   66.194550][ T6724] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[   66.202550][ T6724] R13: 00007ff080d96eb0 R14: 000000000000046f R15: 000000000000002c
[   66.210721][ T6724]  </TASK>
[   66.213793][ T6724] ---[ end trace 0000000000000000 ]---
[   66.220302][ T6724] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.1350: iget: bad extra_isize 90 (inode size 256)
[   66.235053][ T6724] EXT4-fs (loop5): Remounting filesystem read-only
[   66.241839][ T6724] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -30)
[   66.252883][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.265608][ T6739] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1355'.
[   66.302378][ T6724] EXT4-fs (loop5): 1 orphan inode deleted
[   66.308653][ T6724] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.321994][ T6724] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.364579][ T6747] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   66.376903][ T6747] SELinux: failed to load policy
[   66.454491][ T6761] geneve0: entered allmulticast mode
[   66.605455][ T6778] SELinux: failed to load policy
[   66.672339][ T6796] geneve0: entered allmulticast mode
[   66.708783][ T6799] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   66.709993][ T6803] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[   66.862739][ T6813] atomic_op ffff888103c79528 conn xmit_atomic 0000000000000000
[   66.947555][ T6824] loop3: detected capacity change from 0 to 764
[   66.986603][ T6824] Symlink component flag not implemented
[   66.992585][ T6824] Symlink component flag not implemented (129)
[   67.055897][ T6824] rock: directory entry would overflow storage
[   67.062090][ T6824] rock: sig=0x4f50, size=4, remaining=3
[   67.067729][ T6824] iso9660: Corrupted directory entry in block 6 of inode 1792
[   67.370957][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.378477][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.385905][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.393351][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.400747][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.408570][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.416243][ T3408] hid-generic 0003:0003:0000.0002: unknown main item tag 0x0
[   67.427741][ T3408] hid-generic 0003:0003:0000.0002: hidraw0: USB HID v0.00 Device [syz0] on syz1
[   67.447638][ T6909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1406'.
[   68.181656][ T6972] loop6: detected capacity change from 0 to 512
[   68.196606][ T6973] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1434'.
[   68.210092][ T6972] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: inode #18: comm syz.6.1433: iget: bad extra_isize 90 (inode size 256)
[   68.234031][ T6972] EXT4-fs (loop6): Remounting filesystem read-only
[   68.240701][ T6972] EXT4-fs warning (device loop6): ext4_evict_inode:274: xattr delete (err -30)
[   68.258922][ T6972] EXT4-fs (loop6): 1 orphan inode deleted
[   68.265520][ T6972] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.278700][ T6972] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.330386][ T6982] loop2: detected capacity change from 0 to 512
[   68.337516][ T6980] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[   68.344084][ T6980] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   68.351617][ T6980] vhci_hcd vhci_hcd.0: Device attached
[   68.374031][ T6982] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #18: comm syz.2.1437: iget: bad extra_isize 90 (inode size 256)
[   68.374360][ T6983] vhci_hcd: connection closed
[   68.396543][ T6982] EXT4-fs (loop2): Remounting filesystem read-only
[   68.412464][ T6982] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -30)
[   68.462351][ T6982] EXT4-fs (loop2): 1 orphan inode deleted
[   68.468363][ T3332] vhci_hcd: stop threads
[   68.472724][ T3332] vhci_hcd: release socket
[   68.477183][ T3332] vhci_hcd: disconnect device
[   68.495856][ T6982] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.543273][    T9] vhci_hcd: vhci_device speed not set
[   68.554825][ T6991] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1440'.
[   68.586689][ T3317] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.596951][ T6993] loop6: detected capacity change from 0 to 128
[   68.726424][ T7015] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1451'.
[   68.730517][ T7019] loop3: detected capacity change from 0 to 1024
[   68.744162][ T7019] EXT4-fs: Ignoring removed nomblk_io_submit option
[   68.754380][ T7019] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003]
[   68.763683][ T7019] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.797450][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.800776][ T7026] pim6reg1: entered promiscuous mode
[   68.811829][ T7026] pim6reg1: entered allmulticast mode
[   68.877896][ T7036] loop6: detected capacity change from 0 to 128
[   68.885735][ T7035] serio: Serial port ptm0
[   68.982536][ T7045] 9pnet: Could not find request transport: f
[   69.100990][ T6882] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.176857][ T6882] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.203180][ T7074] SELinux: failed to load policy
[   69.281963][ T6882] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.362695][ T6882] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[   69.375963][ T7109] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   69.384481][ T6882] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.449194][ T7118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.467777][ T7118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.514059][ T6882] bridge_slave_1: left allmulticast mode
[   69.519846][ T6882] bridge_slave_1: left promiscuous mode
[   69.525566][ T6882] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.535234][ T6882] bridge_slave_0: left allmulticast mode
[   69.540958][ T6882] bridge_slave_0: left promiscuous mode
[   69.546697][ T6882] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.645892][ T6882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   69.655913][ T6882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   69.665530][ T6882] bond0 (unregistering): Released all slaves
[   69.676246][ T7077] chnl_net:caif_netlink_parms(): no params data found
[   69.692997][ T7120] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.701466][ T7120] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.722462][ T6882] dummy0: left promiscuous mode
[   69.730068][ T6882] hsr_slave_0: left promiscuous mode
[   69.735492][   T29] kauditd_printk_skb: 178 callbacks suppressed
[   69.735504][   T29] audit: type=1107 audit(1762117607.305:1579): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='ä'
[   69.757107][ T6882] hsr_slave_1: left promiscuous mode
[   69.763075][ T6882] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.770451][ T6882] batman_adv: batadv0: Removing interface: batadv_slave_0
[   69.780086][ T6882] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.787547][ T6882] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.798401][ T6882] veth1_macvtap: left promiscuous mode
[   69.804016][ T6882] veth0_macvtap: left promiscuous mode
[   69.809565][ T6882] veth1_vlan: left promiscuous mode
[   69.814883][ T6882] veth0_vlan: left promiscuous mode
[   69.899090][ T6882] team0 (unregistering): Port device team_slave_1 removed
[   69.908903][ T6882] team0 (unregistering): Port device team_slave_0 removed
[   69.974794][    T9] infiniband syz1: ib_query_port failed (-19)
[   70.000996][ T7077] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.008203][ T7077] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.015509][ T7077] bridge_slave_0: entered allmulticast mode
[   70.022091][ T7077] bridge_slave_0: entered promiscuous mode
[   70.036779][ T7077] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.043980][ T7077] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.051521][ T7077] bridge_slave_1: entered allmulticast mode
[   70.059146][ T7077] bridge_slave_1: entered promiscuous mode
[   70.104437][ T7077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.169009][ T7077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.219373][ T7077] team0: Port device team_slave_0 added
[   70.239498][ T7077] team0: Port device team_slave_1 added
[   70.279928][ T7158] loop6: detected capacity change from 0 to 8192
[   70.292725][   T29] audit: type=1400 audit(1762117607.875:1580): avc:  denied  { ioctl } for  pid=7157 comm="syz.6.1511" path="/dev/input/event3" dev="devtmpfs" ino=256 ioctlcmd=0x4508 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   70.358816][   T29] audit: type=1400 audit(1762117607.935:1581): avc:  denied  { append } for  pid=7162 comm="syz.1.1513" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   70.395175][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.402198][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.428230][ T7077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.441571][   T29] audit: type=1400 audit(1762117608.015:1582): avc:  denied  { write } for  pid=7164 comm="syz.6.1514" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   70.441727][ T7122] chnl_net:caif_netlink_parms(): no params data found
[   70.501175][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.508185][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   70.534166][ T7077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.552834][ T7165] hub 8-0:1.0: USB hub found
[   70.560206][ T7165] hub 8-0:1.0: 8 ports detected
[   70.656686][ T6882] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.691010][ T7077] hsr_slave_0: entered promiscuous mode
[   70.703059][ T7077] hsr_slave_1: entered promiscuous mode
[   70.714360][ T7077] debugfs: 'hsr0' already exists in 'hsr'
[   70.720141][ T7077] Cannot create hsr debugfs directory
[   70.750280][ T6882] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.816977][ T7122] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.824296][ T7122] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.833642][ T7122] bridge_slave_0: entered allmulticast mode
[   70.840270][ T7122] bridge_slave_0: entered promiscuous mode
[   70.849572][ T6882] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.871936][ T7122] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.879155][ T7122] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.887588][ T7122] bridge_slave_1: entered allmulticast mode
[   70.894266][ T7122] bridge_slave_1: entered promiscuous mode
[   70.924760][ T6882] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.945830][ T7200] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[   70.955442][ T7196] IPVS: stopping master sync thread 7200 ...
[   70.983757][ T7122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.003745][ T7122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.066595][ T7122] team0: Port device team_slave_0 added
[   71.072276][   T29] audit: type=1326 audit(1762117608.645:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7211 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   71.095764][   T29] audit: type=1326 audit(1762117608.645:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7211 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   71.106278][ T7122] team0: Port device team_slave_1 added
[   71.119277][   T29] audit: type=1326 audit(1762117608.645:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7211 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   71.148267][   T29] audit: type=1326 audit(1762117608.645:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7211 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   71.171825][   T29] audit: type=1326 audit(1762117608.655:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7211 comm="syz.3.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc14d83efc9 code=0x7ffc0000
[   71.206466][ T6882] bridge_slave_1: left allmulticast mode
[   71.212210][ T6882] bridge_slave_1: left promiscuous mode
[   71.217950][ T6882] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.225985][ T6882] bridge_slave_0: left allmulticast mode
[   71.226071][ T6882] bridge_slave_0: left promiscuous mode
[   71.226228][ T6882] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.344340][ T6882] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   71.354896][ T6882] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   71.363790][ T7222] IPv6: Can't replace route, no match found
[   71.364814][ T6882] bond0 (unregistering): Released all slaves
[   71.384165][ T7122] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.391136][ T7122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   71.417165][ T7122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.427883][ T7220] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1538'.
[   71.463435][   T29] audit: type=1326 audit(1762117609.045:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7228 comm="syz.1.1542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   71.493703][ T7122] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.500699][ T7122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   71.526643][ T7122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.552536][ T7077] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   71.561786][ T7227] macvtap0: refused to change device tx_queue_len
[   71.573971][ T6882] hsr_slave_0: left promiscuous mode
[   71.581061][ T6882] hsr_slave_1: left promiscuous mode
[   71.587000][ T6882] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.594490][ T6882] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.608525][ T6882] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.615942][ T6882] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.623487][ T7234] loop3: detected capacity change from 0 to 512
[   71.634650][ T6882] veth1_macvtap: left promiscuous mode
[   71.634998][ T7234] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.640258][ T6882] veth0_macvtap: left promiscuous mode
[   71.652842][ T7234] ext4 filesystem being mounted at /378/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.658202][ T6882] veth1_vlan: left promiscuous mode
[   71.692220][ T6882] veth0_vlan: left promiscuous mode
[   71.769696][ T6882] team0 (unregistering): Port device team_slave_1 removed
[   71.780578][ T6882] team0 (unregistering): Port device team_slave_0 removed
[   71.819317][ T7077] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   71.830902][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.846932][ T7077] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   71.869568][ T7077] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   71.877969][ T7254] hub 9-0:1.0: USB hub found
[   71.883537][ T7254] hub 9-0:1.0: 8 ports detected
[   71.907547][ T7122] hsr_slave_0: entered promiscuous mode
[   71.915801][ T7122] hsr_slave_1: entered promiscuous mode
[   71.921705][ T7122] debugfs: 'hsr0' already exists in 'hsr'
[   71.927554][ T7122] Cannot create hsr debugfs directory
[   71.948112][ T7264] loop3: detected capacity change from 0 to 2048
[   71.993685][ T7264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.055876][ T7077] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.084234][ T6882] IPVS: stop unused estimator thread 0...
[   72.094162][ T7077] 8021q: adding VLAN 0 to HW filter on device team0
[   72.113274][ T6879] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.120380][ T6879] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.132398][ T7122] netdevsim netdevsim8 netdevsim0: renamed from eth0
[   72.157512][ T7077] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   72.167992][ T7077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.184849][ T6879] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.191956][ T6879] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.225668][ T7281] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1561'.
[   72.272856][ T7122] netdevsim netdevsim8 netdevsim1: renamed from eth1
[   72.332549][ T7122] netdevsim netdevsim8 netdevsim2: renamed from eth2
[   72.381706][ T7077] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.395815][ T7122] netdevsim netdevsim8 netdevsim3: renamed from eth3
[   72.407777][ T7304] loop6: detected capacity change from 0 to 128
[   72.423693][ T7304] FAT-fs (loop6): Directory bread(block 414) failed
[   72.448364][ T7304] FAT-fs (loop6): Directory bread(block 415) failed
[   72.455436][ T7304] FAT-fs (loop6): Directory bread(block 416) failed
[   72.462276][ T7304] FAT-fs (loop6): Directory bread(block 417) failed
[   72.469006][ T7304] FAT-fs (loop6): Directory bread(block 418) failed
[   72.477586][ T7304] FAT-fs (loop6): Directory bread(block 419) failed
[   72.486061][ T7304] FAT-fs (loop6): Directory bread(block 420) failed
[   72.492865][ T7304] FAT-fs (loop6): Directory bread(block 421) failed
[   72.494004][ T6870] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   72.526420][ T7122] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.544499][ T6870] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   72.557138][ T6870] EXT4-fs (loop3): This should not happen!! Data will be lost
[   72.557138][ T6870] 
[   72.566782][ T6870] EXT4-fs (loop3): Total free blocks count 0
[   72.572902][ T6870] EXT4-fs (loop3): Free/Dirty block details
[   72.576339][ T7304] FAT-fs (loop6): FAT read failed (blocknr 128)
[   72.578789][ T6870] EXT4-fs (loop3): free_blocks=2415919104
[   72.578804][ T6870] EXT4-fs (loop3): dirty_blocks=8192
[   72.596086][ T6870] EXT4-fs (loop3): Block reservation details
[   72.598472][ T7122] 8021q: adding VLAN 0 to HW filter on device team0
[   72.602119][ T6870] EXT4-fs (loop3): i_reserved_data_blocks=512
[   72.628080][ T6882] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.635173][ T6882] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.647758][ T7145] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   72.669947][ T6870] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.677163][ T6870] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.690134][ T7325] netdevsim netdevsim6: Direct firmware load for þ failed with error -2
[   72.698272][ T7122] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   72.708963][ T7122] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.758477][ T7330] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1576'.
[   72.775082][ T7077] veth0_vlan: entered promiscuous mode
[   72.811289][ T7077] veth1_vlan: entered promiscuous mode
[   72.838817][ T7122] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.840145][ T7344] loop6: detected capacity change from 0 to 1024
[   72.852973][ T7344] EXT4-fs: Ignoring removed orlov option
[   72.868279][ T7344] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.869577][ T7077] veth0_macvtap: entered promiscuous mode
[   72.893730][ T7077] veth1_macvtap: entered promiscuous mode
[   72.904503][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.913362][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.929579][ T6874] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.942062][ T6874] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.963982][ T6874] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.994402][ T6874] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.107292][ T7122] veth0_vlan: entered promiscuous mode
[   73.127399][ T7122] veth1_vlan: entered promiscuous mode
[   73.155537][ T7122] veth0_macvtap: entered promiscuous mode
[   73.164754][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1585'.
[   73.173806][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1585'.
[   73.174959][ T7122] veth1_macvtap: entered promiscuous mode
[   73.182770][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1585'.
[   73.205758][ T7122] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.214620][ T7122] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.229104][ T6874] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.252827][ T7377] netlink: 'syz.3.1586': attribute type 1 has an invalid length.
[   73.273593][ T6874] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.273971][ T5528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.282837][ T6874] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.322541][ T6874] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.412113][ T7398] loop8: detected capacity change from 0 to 128
[   73.479612][ T7412] hub 9-0:1.0: USB hub found
[   73.484887][ T7412] hub 9-0:1.0: 8 ports detected
[   73.618917][ T7438] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[   73.683178][ T7443] hub 9-0:1.0: USB hub found
[   73.690542][ T7443] hub 9-0:1.0: 8 ports detected
[   73.843543][ T7459] loop7: detected capacity change from 0 to 2048
[   73.868788][ T7459] EXT4-fs (loop7): failed to initialize system zone (-117)
[   73.882833][ T7459] EXT4-fs (loop7): mount failed
[   73.998613][ T7488] netdevsim netdevsim8: Direct firmware load for ./file0/file1 failed with error -2
[   74.010305][ T7490] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1637'.
[   74.113096][ T7512] loop7: detected capacity change from 0 to 1024
[   74.121297][ T7512] EXT4-fs: inline encryption not supported
[   74.135738][ T7512] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.170903][ T7512] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   74.218169][ T7077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.250568][ T7535] loop6: detected capacity change from 0 to 256
[   74.266131][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.275066][ T7535] FAT-fs (loop6): Filesystem has been set read-only
[   74.282460][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.291969][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.301519][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.310723][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.321594][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.330680][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.336723][ T7546] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1664'.
[   74.339802][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.358119][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.367018][ T7535] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[   74.368631][ T7544] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1663'.
[   74.384903][ T7544] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1663'.
[   74.399713][ T7546] bond1: Invalid ad_actor_system MAC address.
[   74.405947][ T7546] bond1: option ad_actor_system: invalid value (1)
[   74.414740][ T7546] bond1 (unregistering): Released all slaves
[   74.543719][ T7562] netlink: 'syz.8.1670': attribute type 1 has an invalid length.
[   74.630205][ T7572] loop7: detected capacity change from 0 to 1024
[   74.649725][ T7572] EXT4-fs: inline encryption not supported
[   74.671811][ T7572] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.677624][ T7578] loop8: detected capacity change from 0 to 1024
[   74.694761][ T7578] EXT4-fs (loop8): orphan cleanup on readonly fs
[   74.711997][ T7578] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.1677: Failed to acquire dquot type 0
[   74.729702][ T7077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.742888][ T7578] EXT4-fs (loop8): 1 truncate cleaned up
[   74.752743][ T7578] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   74.767854][   T29] kauditd_printk_skb: 201 callbacks suppressed
[   74.767891][   T29] audit: type=1400 audit(1762117612.345:1788): avc:  denied  { create } for  pid=7580 comm="syz.7.1678" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   74.858687][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.886991][   T29] audit: type=1326 audit(1762117612.415:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.8.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f922bdaefc9 code=0x7ffc0000
[   74.910498][   T29] audit: type=1326 audit(1762117612.415:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.8.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f922bdaefc9 code=0x7ffc0000
[   74.933929][   T29] audit: type=1326 audit(1762117612.415:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.8.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7f922bdaefc9 code=0x7ffc0000
[   74.957764][   T29] audit: type=1326 audit(1762117612.415:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.8.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f922bdaefc9 code=0x7ffc0000
[   74.981211][   T29] audit: type=1326 audit(1762117612.415:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7575 comm="syz.8.1677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f922bdaefc9 code=0x7ffc0000
[   75.115864][   T29] audit: type=1400 audit(1762117612.695:1794): avc:  denied  { bind } for  pid=7600 comm="syz.3.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   75.135758][   T29] audit: type=1400 audit(1762117612.695:1795): avc:  denied  { node_bind } for  pid=7600 comm="syz.3.1688" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   75.155759][   T29] audit: type=1400 audit(1762117612.695:1796): avc:  denied  { getopt } for  pid=7600 comm="syz.3.1688" laddr=fe80::12 faddr=fe80::aa scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   75.203439][ T7611] loop8: detected capacity change from 0 to 1024
[   75.211915][ T7611] EXT4-fs: Ignoring removed bh option
[   75.241128][   T29] audit: type=1400 audit(1762117612.805:1797): avc:  denied  { execmem } for  pid=7614 comm="syz.6.1694" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   75.264092][ T7611] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.285113][ T7611] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4193: comm syz.8.1693: Allocating blocks 385-513 which overlap fs metadata
[   75.325253][ T7610] EXT4-fs (loop8): pa ffff8881007d1690: logic 16, phys. 129, len 24
[   75.333461][ T7610] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[   75.348345][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.515567][ T7659] 1ªX¹¦À: renamed from 
60ªX¹¦À
[   75.523316][ T7663] loop3: detected capacity change from 0 to 512
[   75.536966][ T7659] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[   75.563825][ T7663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.595609][ T7663] ext4 filesystem being mounted at /404/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.645610][ T7671] IPv6: Can't replace route, no match found
[   75.645818][ T7663] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.725276][ T7682] loop7: detected capacity change from 0 to 512
[   75.742073][ T7682] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   75.761254][ T7682] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   75.802061][ T7682] EXT4-fs (loop7): 1 truncate cleaned up
[   75.811489][ T7682] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.862863][ T7077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.916715][ T7718] loop3: detected capacity change from 0 to 128
[   75.939445][ T7718] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   75.953318][ T7718] ext4 filesystem being mounted at /408/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   76.041325][ T3318] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   76.062408][ T7731] IPVS: Error connecting to the multicast addr
[   76.394561][ T7793] netlink: 'syz.1.1775': attribute type 1 has an invalid length.
[   76.489299][ T7811] IPv6: Can't replace route, no match found
[   76.691592][ T7839] loop8: detected capacity change from 0 to 1024
[   76.698800][ T7839] EXT4-fs: inline encryption not supported
[   76.704761][ T7839] EXT4-fs: Ignoring removed nobh option
[   76.710707][ T7839] EXT4-fs: Ignoring removed bh option
[   76.724442][ T7839] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.751447][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.768064][ T7849] loop8: detected capacity change from 0 to 512
[   76.793966][ T7849] EXT4-fs warning (device loop8): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   76.809038][ T7849] EXT4-fs (loop8): mount failed
[   76.816610][ T7849] __nla_validate_parse: 15 callbacks suppressed
[   76.816622][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1798'.
[   76.832236][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1798'.
[   76.866837][ T7855] loop8: detected capacity change from 0 to 1024
[   76.873891][ T7855] EXT4-fs: Ignoring removed orlov option
[   76.885415][ T7855] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.901790][ T7861] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1801'.
[   76.943615][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.188382][ T7902] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[   77.227252][ T7908] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1826'.
[   77.236374][ T7908] netlink: 108 bytes leftover after parsing attributes in process `syz.8.1826'.
[   77.249277][ T7908] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1826'.
[   77.260370][ T7908] netlink: 108 bytes leftover after parsing attributes in process `syz.8.1826'.
[   77.269534][ T7908] netlink: 84 bytes leftover after parsing attributes in process `syz.8.1826'.
[   77.280467][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1828'.
[   77.302841][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1828'.
[   77.413004][ T7932] xt_TPROXY: Can be used only with -p tcp or -p udp
[   77.472785][ T7944] loop3: detected capacity change from 0 to 512
[   77.494999][ T7944] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.512825][ T7953] veth1_to_batadv: entered promiscuous mode
[   77.520232][ T7953] batadv_slave_0: entered promiscuous mode
[   77.526440][ T7953] batadv_slave_0: left promiscuous mode
[   77.529022][ T7944] ext4 filesystem being mounted at /428/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.543695][ T7953] veth1_to_batadv: left promiscuous mode
[   77.549212][ T7944] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1842: corrupted inode contents
[   77.561336][ T7944] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #2: comm syz.3.1842: mark_inode_dirty error
[   77.573645][ T7944] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #2: comm syz.3.1842: corrupted inode contents
[   77.585984][ T7944] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1842: mark_inode_dirty error
[   77.614141][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.919951][ T8007] sd 0:0:1:0: device reset
[   77.921403][ T8009] loop6: detected capacity change from 0 to 512
[   77.935708][ T8011] netlink: 'syz.3.1873': attribute type 4 has an invalid length.
[   77.972946][ T8011] .`: renamed from bond0 (while UP)
[   77.994084][ T8009] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.011396][ T8009] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.060673][ T5528] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.084632][ T8023] netlink: 'syz.3.1879': attribute type 1 has an invalid length.
[   78.105467][ T8027] binfmt_misc: register: failed to install interpreter file ./file0
[   78.456317][ T8082] loop7: detected capacity change from 0 to 2048
[   78.486399][ T8082] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   78.517766][ T8082] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   78.534799][ T8082] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   78.547341][ T8082] EXT4-fs (loop7): This should not happen!! Data will be lost
[   78.547341][ T8082] 
[   78.557117][ T8082] EXT4-fs (loop7): Total free blocks count 0
[   78.563233][ T8082] EXT4-fs (loop7): Free/Dirty block details
[   78.569185][ T8082] EXT4-fs (loop7): free_blocks=2415919104
[   78.574948][ T8082] EXT4-fs (loop7): dirty_blocks=16
[   78.580056][ T8082] EXT4-fs (loop7): Block reservation details
[   78.586304][ T8082] EXT4-fs (loop7): i_reserved_data_blocks=1
[   78.596918][ T8086] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[   78.773603][ T8123] syzkaller1: entered promiscuous mode
[   78.779102][ T8123] syzkaller1: entered allmulticast mode
[   79.315649][ T8212] SELinux:  Context system_u: is not valid (left unmapped).
[   79.492857][ T8244] pim6reg0: tun_chr_ioctl cmd 35108
[   79.745339][ T8293] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   79.781470][   T29] kauditd_printk_skb: 449 callbacks suppressed
[   79.781483][   T29] audit: type=1400 audit(1762117617.355:2246): avc:  denied  { write } for  pid=8298 comm="syz.6.2005" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[   79.848839][   T29] audit: type=1400 audit(1762117617.425:2247): avc:  denied  { unlink } for  pid=3318 comm="syz-executor" name="file0" dev="tmpfs" ino=2393 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   79.890551][   T29] audit: type=1400 audit(1762117617.465:2248): avc:  denied  { create } for  pid=8300 comm="syz.3.2006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   79.944626][   T29] audit: type=1400 audit(1762117617.465:2249): avc:  denied  { write } for  pid=8300 comm="syz.3.2006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   79.964181][   T29] audit: type=1400 audit(1762117617.515:2250): avc:  denied  { kexec_image_load } for  pid=8306 comm="syz.1.2009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   80.011516][   T29] audit: type=1400 audit(1762117617.585:2251): avc:  denied  { bind } for  pid=8314 comm="syz.7.2013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   80.030917][   T29] audit: type=1400 audit(1762117617.585:2252): avc:  denied  { name_bind } for  pid=8314 comm="syz.7.2013" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   80.052721][   T29] audit: type=1400 audit(1762117617.585:2253): avc:  denied  { node_bind } for  pid=8314 comm="syz.7.2013" saddr=172.20.20.170 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   80.095678][   T29] audit: type=1400 audit(1762117617.665:2254): avc:  denied  { write } for  pid=8314 comm="syz.7.2013" laddr=172.20.20.170 lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   80.118034][   T29] audit: type=1400 audit(1762117617.665:2255): avc:  denied  { name_connect } for  pid=8314 comm="syz.7.2013" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   80.237372][ T8332] loop3: detected capacity change from 0 to 1024
[   80.244620][ T8332] EXT4-fs: Ignoring removed nobh option
[   80.250314][ T8332] EXT4-fs: Ignoring removed bh option
[   80.264541][ T8332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.293465][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.331339][ T8342] batadv_slave_1: entered promiscuous mode
[   80.338497][ T8341] batadv_slave_1: left promiscuous mode
[   80.645584][ T8376] SELinux: failed to load policy
[   80.958669][ T8427] loop6: detected capacity change from 0 to 512
[   80.984778][ T8427] EXT4-fs (loop6): too many log groups per flexible block group
[   80.999506][ T8427] EXT4-fs (loop6): failed to initialize mballoc (-12)
[   81.007100][ T8427] EXT4-fs (loop6): mount failed
[   81.171246][ T8461] netlink: 'syz.6.2078': attribute type 1 has an invalid length.
[   81.457827][ T8494] loop8: detected capacity change from 0 to 512
[   81.468962][ T8494] EXT4-fs error (device loop8): ext4_iget_extra_inode:5075: inode #15: comm syz.8.2093: corrupted in-inode xattr: invalid ea_ino
[   81.487066][ T8499] loop6: detected capacity change from 0 to 512
[   81.496359][ T8494] EXT4-fs error (device loop8): ext4_orphan_get:1397: comm syz.8.2093: couldn't read orphan inode 15 (err -117)
[   81.519113][ T8494] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.565628][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.007637][ T3387] IPVS: starting estimator thread 0...
[   82.054941][ T8589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.065638][ T8591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.074293][ T8589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.082166][ T8591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.112364][ T8581] IPVS: using max 3024 ests per chain, 151200 per kthread
[   82.238487][ T8613] 9pnet_fd: Insufficient options for proto=fd
[   82.270478][ T8619] __nla_validate_parse: 6 callbacks suppressed
[   82.270495][ T8619] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2150'.
[   82.285778][ T8619] netlink: 108 bytes leftover after parsing attributes in process `syz.8.2150'.
[   82.294986][ T8619] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2150'.
[   82.304155][ T8619] netlink: 108 bytes leftover after parsing attributes in process `syz.8.2150'.
[   82.313248][ T8619] netlink: 84 bytes leftover after parsing attributes in process `syz.8.2150'.
[   82.355659][ T8638] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   82.396662][ T8642] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2157'.
[   82.460649][ T8657] SELinux: failed to load policy
[   82.545643][ T8669] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2170'.
[   82.719264][ T8705] loop7: detected capacity change from 0 to 128
[   82.730045][ T8705] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   82.737964][ T8705] FAT-fs (loop7): Filesystem has been set read-only
[   82.743664][ T8706] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   82.743664][ T8706] The task syz.6.2184 (8706) triggered the difference, watch for misbehavior.
[   82.744691][ T8705] bio_check_eod: 17725 callbacks suppressed
[   82.744704][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.744704][ T8705] loop7: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   82.782200][ T8705] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   82.790052][ T8705] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[   82.798508][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.798508][ T8705] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.811951][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.811951][ T8705] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.825320][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.825320][ T8705] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.838749][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.838749][ T8705] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.852271][ T8705] syz.7.2187: attempt to access beyond end of device
[   82.852271][ T8705] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[   82.865638][ T8707] syz.7.2187: attempt to access beyond end of device
[   82.865638][ T8707] loop7: rw=0, sector=2065, nr_sectors = 1 limit=128
[   82.879168][ T8707] Buffer I/O error on dev loop7, logical block 2065, async page read
[   82.888877][ T8707] syz.7.2187: attempt to access beyond end of device
[   82.888877][ T8707] loop7: rw=0, sector=2066, nr_sectors = 1 limit=128
[   82.902144][ T8707] Buffer I/O error on dev loop7, logical block 2066, async page read
[   82.910370][ T8707] syz.7.2187: attempt to access beyond end of device
[   82.910370][ T8707] loop7: rw=0, sector=2067, nr_sectors = 1 limit=128
[   82.923706][ T8707] Buffer I/O error on dev loop7, logical block 2067, async page read
[   82.931809][ T8707] syz.7.2187: attempt to access beyond end of device
[   82.931809][ T8707] loop7: rw=0, sector=2068, nr_sectors = 1 limit=128
[   82.945120][ T8707] Buffer I/O error on dev loop7, logical block 2068, async page read
[   82.955517][ T8707] Buffer I/O error on dev loop7, logical block 2069, async page read
[   82.962359][ T8711] smc: net device bond0 applied user defined pnetid S
[   82.963745][ T8707] Buffer I/O error on dev loop7, logical block 2070, async page read
[   82.978674][ T8707] Buffer I/O error on dev loop7, logical block 2071, async page read
[   82.986856][ T8711] smc: net device bond0 erased user defined pnetid S
[   83.009789][ T8707] Buffer I/O error on dev loop7, logical block 2072, async page read
[   83.018311][ T8707] Buffer I/O error on dev loop7, logical block 2065, async page read
[   83.026635][ T8707] Buffer I/O error on dev loop7, logical block 2066, async page read
[   83.312104][ T8738] infiniband syz!: set active
[   83.316896][ T8738] infiniband syz!: added team_slave_0
[   83.328391][ T8738] RDS/IB: syz!: added
[   83.332631][ T8738] smc: adding ib device syz! with port count 1
[   83.338836][ T8738] smc:    ib device syz! port 1 has no pnetid
[   83.589380][ T8746] sctp: [Deprecated]: syz.1.2200 (pid 8746) Use of int in max_burst socket option deprecated.
[   83.589380][ T8746] Use struct sctp_assoc_value instead
[   83.619476][ T8750] SELinux:  policydb version 1500455552 does not match my version range 15-35
[   83.628524][ T8750] SELinux: failed to load policy
[   83.717089][ T8764] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2211'.
[   83.803854][ T8774] SELinux: failed to load policy
[   83.829902][ T8782] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2220'.
[   83.897126][ T8794] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   83.921251][ T8796] loop6: detected capacity change from 0 to 128
[   83.929426][ T8796] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   83.941965][ T8796] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.984646][ T5528] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   84.015702][ T8804] IPVS: Error connecting to the multicast addr
[   84.147021][ T8831] loop8: detected capacity change from 0 to 512
[   84.154683][ T8831] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   84.198476][ T8831] Invalid ELF header magic: != ELF
[   84.342648][ T8857] loop8: detected capacity change from 0 to 1024
[   84.350606][ T8857] EXT4-fs: Ignoring removed orlov option
[   84.358090][ T8859] loop7: detected capacity change from 0 to 16384
[   84.383059][ T8857] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.456819][ T7122] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.559110][ T8869] loop8: detected capacity change from 0 to 8192
[   84.563182][ T8862] loop7: detected capacity change from 16384 to 0
[   84.565896][ T8869] vfat: Unknown parameter '‡±¿í§¾XfÙ…Cê'
[   84.578299][    C0] I/O error, dev loop7, sector 15488 op 0x0:(READ) flags 0x80700 phys_seg 15 prio class 2
[   84.709793][ T8889] loop7: detected capacity change from 0 to 512
[   84.719256][ T8889] EXT4-fs error (device loop7): ext4_xattr_inode_iget:441: inode #18: comm syz.7.2267: iget: bad extra_isize 90 (inode size 256)
[   84.733863][ T8889] EXT4-fs (loop7): Remounting filesystem read-only
[   84.740505][ T8889] EXT4-fs warning (device loop7): ext4_evict_inode:274: xattr delete (err -30)
[   84.750760][ T8889] EXT4-fs (loop7): 1 orphan inode deleted
[   84.757121][ T8889] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.800611][ T7077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.813483][   T29] kauditd_printk_skb: 312 callbacks suppressed
[   84.813499][   T29] audit: type=1400 audit(1762117622.395:2568): avc:  denied  { setopt } for  pid=8894 comm="syz.1.2271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   84.883349][   T29] audit: type=1400 audit(1762117622.465:2569): avc:  denied  { read } for  pid=8903 comm="syz.7.2274" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   84.906589][   T29] audit: type=1400 audit(1762117622.465:2570): avc:  denied  { open } for  pid=8903 comm="syz.7.2274" path="/dev/input/event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   84.950916][   T29] audit: type=1326 audit(1762117622.525:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8905 comm="syz.1.2275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   84.988337][   T29] audit: type=1326 audit(1762117622.525:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8905 comm="syz.1.2275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   85.011851][   T29] audit: type=1326 audit(1762117622.525:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8905 comm="syz.1.2275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   85.035328][   T29] audit: type=1326 audit(1762117622.525:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8905 comm="syz.1.2275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   85.060390][ T8897] loop8: detected capacity change from 0 to 32768
[   85.070057][ T8908] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[   85.090273][   T29] audit: type=1400 audit(1762117622.675:2575): avc:  denied  { mounton } for  pid=8896 comm="syz.8.2272" path="/proc/307/task" dev="proc" ino=23480 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   85.113019][   T29] audit: type=1400 audit(1762117622.675:2576): avc:  denied  { mount } for  pid=8896 comm="syz.8.2272" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   85.135317][   T29] audit: type=1326 audit(1762117622.695:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8914 comm="syz.1.2279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fada994efc9 code=0x7ffc0000
[   85.135640][ T8904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.167867][ T8904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.182661][ T8897]  loop8: p1 p3 < >
[   85.486994][ T8950] xt_hashlimit: max too large, truncated to 1048576
[   85.503682][ T8947] SELinux: ebitmap: truncated map
[   85.519857][ T8947] SELinux: failed to load policy
[   85.781839][ T9000] loop7: detected capacity change from 0 to 128
[   85.792938][ T9002] loop6: detected capacity change from 0 to 128
[   86.079894][ T9044] loop7: detected capacity change from 0 to 164
[   86.095840][ T9044] iso9660: Corrupted directory entry in block 2 of inode 1792
[   86.115809][ T9041] loop3: detected capacity change from 0 to 8192
[   86.123967][ T9041] vfat: Unknown parameter '‡±¿í§¾XfÙ…Cê'
[   86.140815][ T9048] netlink: 'syz.8.2344': attribute type 3 has an invalid length.
[   86.152074][ T9020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.161942][ T9020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.172993][ T9055] Invalid ELF header magic: != ELF
[   86.189246][ T9057] geneve2: entered promiscuous mode
[   86.194584][ T9059] loop7: detected capacity change from 0 to 16384
[   86.201044][ T9057] geneve2: entered allmulticast mode
[   86.333343][ T9062] loop7: detected capacity change from 16384 to 0
[   86.442799][ T9081] loop7: detected capacity change from 0 to 512
[   86.467029][ T9081] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.479814][ T9081] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.509355][ T7077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.540686][ T9098] loop3: detected capacity change from 0 to 512
[   86.547581][ T9098] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   86.559311][ T9098] EXT4-fs (loop3): 1 truncate cleaned up
[   86.565455][ T9098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.592196][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.631468][ T9103] vcan0: entered allmulticast mode
[   86.646973][ T9103] vcan0: left allmulticast mode
[   86.713334][ T9111] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[   86.722931][ T9108] IPVS: stopping master sync thread 9111 ...
[   86.758142][ T9117] loop7: detected capacity change from 0 to 16384
[   86.821964][ T9121] ==================================================================
[   86.830069][ T9121] BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked
[   86.837351][ T9121] 
[   86.839673][ T9121] read-write to 0xffff88811a5b1b50 of 8 bytes by task 7077 on cpu 0:
[   86.847721][ T9121]  xas_clear_mark+0x91/0x180
[   86.852303][ T9121]  __folio_start_writeback+0x24a/0x390
[   86.857767][ T9121]  __block_write_full_folio+0x53a/0x8f0
[   86.863316][ T9121]  block_write_full_folio+0x2c2/0x2e0
[   86.868690][ T9121]  blkdev_writepages+0x88/0x100
[   86.873537][ T9121]  do_writepages+0x1c6/0x310
[   86.878118][ T9121]  filemap_write_and_wait_range+0x144/0x340
[   86.884023][ T9121]  sync_blockdev+0x35/0x50
[   86.888429][ T9121]  bdev_disk_changed+0xdb/0xcb0
[   86.893286][ T9121]  blkdev_get_whole+0x1f5/0x2d0
[   86.898129][ T9121]  bdev_open+0x280/0x7e0
[   86.902362][ T9121]  blkdev_open+0x259/0x290
[   86.906776][ T9121]  do_dentry_open+0x649/0xa20
[   86.911441][ T9121]  vfs_open+0x37/0x1e0
[   86.915500][ T9121]  path_openat+0x1c5e/0x2170
[   86.920085][ T9121]  do_filp_open+0x109/0x230
[   86.924583][ T9121]  do_sys_openat2+0xa6/0x110
[   86.929164][ T9121]  __x64_sys_openat+0xf2/0x120
[   86.933917][ T9121]  x64_sys_call+0x2eab/0x3000
[   86.938593][ T9121]  do_syscall_64+0xd2/0x200
[   86.943176][ T9121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.949062][ T9121] 
[   86.951379][ T9121] read to 0xffff88811a5b1b50 of 8 bytes by task 9121 on cpu 1:
[   86.958922][ T9121]  xas_find_marked+0x218/0x620
[   86.963693][ T9121]  find_get_entry+0x5d/0x380
[   86.968290][ T9121]  filemap_get_folios_tag+0x13b/0x210
[   86.973675][ T9121]  writeback_iter+0x4bb/0x820
[   86.978376][ T9121]  blkdev_writepages+0x69/0x100
[   86.983243][ T9121]  do_writepages+0x1c6/0x310
[   86.987837][ T9121]  filemap_write_and_wait_range+0x144/0x340
[   86.993732][ T9121]  sync_blockdev+0x35/0x50
[   86.998142][ T9121]  loop_set_status+0x122/0x6a0
[   87.002914][ T9121]  lo_ioctl+0x71b/0x12b0
[   87.007155][ T9121]  blkdev_ioctl+0x356/0x440
[   87.011652][ T9121]  __se_sys_ioctl+0xce/0x140
[   87.016274][ T9121]  __x64_sys_ioctl+0x43/0x50
[   87.020858][ T9121]  x64_sys_call+0x1816/0x3000
[   87.025537][ T9121]  do_syscall_64+0xd2/0x200
[   87.030033][ T9121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.035923][ T9121] 
[   87.038231][ T9121] value changed: 0xfffffffffffff800 -> 0xffffffffffff8000
[   87.045332][ T9121] 
[   87.047658][ T9121] Reported by Kernel Concurrency Sanitizer on:
[   87.053798][ T9121] CPU: 1 UID: 0 PID: 9121 Comm: syz.3.2373 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   87.065078][ T9121] Tainted: [W]=WARN
[   87.068867][ T9121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   87.078934][ T9121] ==================================================================
[   87.142400][ T9121] loop7: detected capacity change from 16384 to 0
[   87.142845][    C0] I/O error, dev loop7, sector 9344 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2