last executing test programs:

2.368556918s ago: executing program 3 (id=222):
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, 0x0)
setpriority(0x3, 0x0, 0xfffffffd)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, 0x0, &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x14010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ff, &(0x7f0000000d80)="$eJzs3E+LW1UYB+C342inGeePWqstiIe60c2lmYUb3QwyRWlAaTtCKwi3zh0Nc01CbhiIiNWVW935GcSlO0FcupmNn8HdbFx2IV4xydhGU1RkmjI8zyYvnPPjPYdA4IR7z+GrX3y4t1tlu/kgFk6dioVeRLqTIsVCHPk0Xnpl+cfnrt24eWWz1dq6mtLlzevNl1NKq89//87H31z8YbD89rer352Og/V3D3/Z+Png3MH5w9+uf9CuUrtKne4g5elWtzvIb5VF2mlXe1lKb5VFXhWp3amK/tT4btnt9YYp7+ysNHr9oqpS3hk294phGnTToD9M+ft5u5OyLEsrjeD/2P76Tl3XEXX9aDwWdV3XZ6IRy/F4rMRqrMV6PBFPxlNxNp6Oc/FMPBvnR7PmvW4AAAAAAAAAAAAAAAAAAAA4Wbz/DwAAAAAAAAAAAAAAAAAAAPN37cbNK5ut1tbVlJYiys/3t/e3x5/j8c3daEcZRVyKtfg1ov5qdAHA5NaAur78RmvrUhpZj8/K25P87f3tR6bzzdF1AkfhqXxznE/T+dPRuDe/EWtxdnZ+Y2Z+KV584Z58Fmvx03vRjTJ24o/s3fwnzZRee7P1l/yF0TwAAAA4CbL0p5nn9yy73/g4/7f/B2aczxeOmk3lF+PC4ty2zUQ1/GgvL8uifzxFY9LmGFv8Q7E01+7/vliMh2IZCsW4mPMPEw/E3S993isBAAAAAAAAAADgvzjepwi7X158/T6NzzzgjQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zg4cCwAAAAAI87dOo2MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKkAAAD//yqty1M=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)

2.2208073s ago: executing program 4 (id=223):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000047c0)=ANY=[@ANYBLOB="140000003a00010100000000000204000a"], 0x14}}, 0x0)
recvmmsg(r2, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=""/4085, 0xff5}], 0x1}}], 0x4000000000001a3, 0x140, 0x0)

2.22052013s ago: executing program 1 (id=224):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wg1\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0xf41, 0x4)
sendto$packet(r0, &(0x7f0000000240)='\x00', 0x1, 0x40800, &(0x7f0000000280)={0x11, 0xf5, r1, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xfe}}, 0x14)

2.189975552s ago: executing program 2 (id=225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002000)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)

2.120356738s ago: executing program 4 (id=226):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0/file0\x00', 0x400, &(0x7f0000000180)=ANY=[], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x2000000}, 0x8d5)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0))
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
ptrace$getregset(0x4205, r0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
syz_clone(0x623f, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
ioprio_set$pid(0x2, 0x0, 0x0)

2.072843222s ago: executing program 1 (id=227):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x503, 0x8d, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000003}, @IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x4}]}}}]}, 0x48}}, 0x0)

2.029927895s ago: executing program 1 (id=228):
socket(0x28, 0x5, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r3, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)

1.950538932s ago: executing program 1 (id=230):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x4}, 0x18)
connect$vsock_stream(r0, &(0x7f00000003c0)={0x28, 0x0, 0x1ffffd8ef, @my=0x0}, 0x10)
connect$vsock_stream(r0, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10)

1.837001101s ago: executing program 1 (id=231):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180200000020702500000000002020207b1af8ff00000000bfa100000000000007010000dbffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x38, r2, 0xc4fc9e906872338b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc, 0x99, {0x40}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x4}]}]}]}, 0x38}}, 0x0)

1.698981102s ago: executing program 1 (id=233):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000400)={0xa})
syz_usb_connect(0x4, 0x24, 0x0, 0x0)
epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)

1.544007635s ago: executing program 2 (id=234):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001180)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x247ecded, 0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0xd2e, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xb, 0x37, 0x4, 0x0, 0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x41000, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x80000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xb, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xf566, 0x100000, 0x0, 0xfffffff1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x5, 0x0, 0x0, 0xffffffff, 0x9, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10000004a56}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x0, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0xfea7, 0x1, 0xffff8000, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0xff, 0x5, 0x3, 0x1ff, 0xe5, 0x2d, 0xd, 0x3, 0xa, 0x3, 0x1, 0x9, 0x11, 0x188, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0001, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0x1, 0x8fc, 0xbf0, 0x9, 0x3, 0x9, 0x7ffffffd, 0x2, 0x0, 0x8, 0x800, 0x9, 0x4, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x401, 0x1, 0x7f, 0x0, 0x8, 0x2, 0x7f, 0x0, 0x2, 0x4, 0x0, 0x1000004, 0x8000, 0x0, 0x9, 0x80, 0x7, 0x5, 0x1, 0x0, 0x2000007, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x3, 0x10000, 0x3, 0x1, 0x0, 0x2, 0x6, 0x5, 0x6, 0xe5a, 0x4, 0x2, 0x81, 0xd44, 0x9, 0x6, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x2, 0x89, 0x2, 0x6, 0x6, 0x9, 0xffffa3e0, 0x86b9, 0x40ff, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x3, 0x7eb6, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xff, 0xa, 0x6, 0x7, 0x100, 0x1, 0x8001, 0x100, 0xffff9c71, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0xfffffffd, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0xfffffffe, 0x0, 0x5, 0x2, 0x65, 0x40, 0xfffffa0c, 0x3, 0x0, 0x2, 0x4, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x0, 0x6, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0xffffffff, 0x1, 0x723, 0x0, 0x9, 0x9, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x2, 0x7f, 0x2, 0x80000002, 0x0, 0x9, 0x1ff, 0xfffffffe, 0x928, 0x4, 0xffffffff, 0x5, 0x6042, 0xb85, 0x6, 0x8d8d, 0x55, 0x101, 0x3, 0x64e8, 0x8, 0x82f, 0x772, 0x80a, 0xffe, 0x6, 0x3f7, 0x4, 0x8, 0x8, 0x1, 0x5d, 0x9, 0xd, 0x80]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x3}}}}]}]}, 0x898}, 0x1, 0x0, 0x0, 0x50}, 0x0)

1.496843729s ago: executing program 4 (id=235):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_enter\x00', r1}, 0x18)
pause()

1.395409597s ago: executing program 2 (id=237):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000940)=0x2, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500), &(0x7f0000000240)=0x5d)

1.35609874s ago: executing program 2 (id=238):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0x20}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x0, 0x0, 0x9}, 0x20)

1.008955358s ago: executing program 3 (id=243):
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

936.620274ms ago: executing program 0 (id=244):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x20000}, 0x18)
geteuid()

880.681918ms ago: executing program 0 (id=245):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)

849.900031ms ago: executing program 0 (id=246):
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x1}, &(0x7f0000000700)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, &(0x7f0000000080))

772.994227ms ago: executing program 3 (id=247):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'macvlan1\x00', <r3=>0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x8, '\x00', r3, 0xffffffffffffffff, 0x1, 0x4}, 0x50)

772.708517ms ago: executing program 0 (id=248):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1000000000000}, 0x18)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r2, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)

772.528117ms ago: executing program 3 (id=249):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)

697.633943ms ago: executing program 3 (id=250):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000100)={0x14, 0x17, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}}, 0x14}}, 0x200040d0)

624.804349ms ago: executing program 3 (id=251):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x1}, 0x18)
mknod$loop(0x0, 0x6000, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
setitimer(0x1, 0x0, 0x0)
unshare(0x62040200)

508.990428ms ago: executing program 4 (id=252):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x4, 0x0, 0x7ffc1ffb}]})
setresuid(0x0, 0x0, 0x0)

196.662454ms ago: executing program 4 (id=253):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x1000040, &(0x7f0000000000)={[{@errors_remount}]}, 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x0)
getdents(r0, &(0x7f0000000380)=""/107, 0x6b)
getdents64(r0, 0x0, 0x0)

126.145159ms ago: executing program 2 (id=254):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0)

55.884645ms ago: executing program 0 (id=255):
r0 = socket$inet(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20040044)

52.014485ms ago: executing program 0 (id=256):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffd, 0x400, 0x1, 0x6, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

14.456818ms ago: executing program 4 (id=257):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000003c0)="ae", 0x1, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', r2})

0s ago: executing program 2 (id=258):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x9, &(0x7f0000000000)={[{@barrier}, {@jqfmt_vfsv0}, {@abort}, {}, {@noquota}, {@usrjquota, 0x2e}], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")

kernel console output (not intermixed with test programs):



syzkaller
syzkaller login: [   17.320101][   T24] kauditd_printk_skb: 47 callbacks suppressed
[   17.320134][   T24] audit: type=1400 audit(1754981581.110:59): avc:  denied  { transition } for  pid=216 comm="sshd-session" path="/bin/sh" dev="sda1" ino=90 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   17.333294][   T24] audit: type=1400 audit(1754981581.110:60): avc:  denied  { noatsecure } for  pid=216 comm="sshd-session" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   17.344572][   T24] audit: type=1400 audit(1754981581.120:61): avc:  denied  { write } for  pid=216 comm="sh" path="pipe:[663]" dev="pipefs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   17.390903][   T24] audit: type=1400 audit(1754981581.120:62): avc:  denied  { rlimitinh } for  pid=216 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   17.410156][   T24] audit: type=1400 audit(1754981581.120:63): avc:  denied  { siginh } for  pid=216 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.0.74' (ED25519) to the list of known hosts.
[   28.341767][   T24] audit: type=1400 audit(1754981592.130:64): avc:  denied  { mounton } for  pid=267 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   28.344495][  T267] cgroup: Unknown subsys name 'net'
[   28.364513][   T24] audit: type=1400 audit(1754981592.130:65): avc:  denied  { mount } for  pid=267 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.393420][   T24] audit: type=1400 audit(1754981592.180:66): avc:  denied  { unmount } for  pid=267 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.393801][  T267] cgroup: Unknown subsys name 'devices'
[   28.630682][  T267] cgroup: Unknown subsys name 'hugetlb'
[   28.636379][  T267] cgroup: Unknown subsys name 'rlimit'
[   28.836509][   T24] audit: type=1400 audit(1754981592.620:67): avc:  denied  { setattr } for  pid=267 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   28.859894][   T24] audit: type=1400 audit(1754981592.630:68): avc:  denied  { mounton } for  pid=267 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   28.870740][  T269] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   28.884710][   T24] audit: type=1400 audit(1754981592.630:69): avc:  denied  { mount } for  pid=267 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   28.917023][   T24] audit: type=1400 audit(1754981592.680:70): avc:  denied  { relabelto } for  pid=269 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   28.918026][  T267] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   28.942536][   T24] audit: type=1400 audit(1754981592.680:71): avc:  denied  { write } for  pid=269 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   28.976976][   T24] audit: type=1400 audit(1754981592.700:72): avc:  denied  { read } for  pid=267 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   29.002590][   T24] audit: type=1400 audit(1754981592.700:73): avc:  denied  { open } for  pid=267 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   30.435333][  T277] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.442562][  T277] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.450589][  T277] device bridge_slave_0 entered promiscuous mode
[   30.468126][  T277] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.475223][  T277] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.483248][  T277] device bridge_slave_1 entered promiscuous mode
[   30.549160][  T279] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.556268][  T279] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.564299][  T279] device bridge_slave_0 entered promiscuous mode
[   30.600057][  T276] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.607230][  T276] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.615077][  T276] device bridge_slave_0 entered promiscuous mode
[   30.622326][  T279] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.629507][  T279] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.637713][  T279] device bridge_slave_1 entered promiscuous mode
[   30.650253][  T280] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.657406][  T280] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.665266][  T280] device bridge_slave_0 entered promiscuous mode
[   30.676376][  T276] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.683507][  T276] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.691551][  T276] device bridge_slave_1 entered promiscuous mode
[   30.712389][  T280] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.719642][  T280] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.727715][  T280] device bridge_slave_1 entered promiscuous mode
[   30.810401][  T278] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.817779][  T278] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.825608][  T278] device bridge_slave_0 entered promiscuous mode
[   30.873804][  T278] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.881092][  T278] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.889151][  T278] device bridge_slave_1 entered promiscuous mode
[   31.152444][  T279] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.159579][  T279] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.167025][  T279] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.174103][  T279] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.205904][  T276] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.213032][  T276] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.220469][  T276] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.227570][  T276] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.252448][  T277] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.259566][  T277] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.266977][  T277] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.274059][  T277] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.339707][  T280] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.346824][  T280] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.354221][  T280] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.361363][  T280] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.403226][  T278] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.410447][  T278] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.417851][  T278] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.424935][  T278] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.453926][  T112] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.461546][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.469823][  T112] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.477476][  T112] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.484831][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.494614][  T112] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.502350][  T112] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.509738][  T112] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.517381][  T112] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.525240][  T112] bridge0: port 1(bridge_slave_0) entered disabled state
[   31.532848][  T112] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.569162][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.576924][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.584557][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.593911][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.602274][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.610967][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.619306][  T112] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.626347][  T112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.633946][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.642863][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.651346][  T112] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.658460][  T112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.665913][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.674602][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.683155][  T112] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.690389][  T112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.704147][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.713074][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.721647][  T112] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.728718][  T112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.760300][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.769704][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.780125][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.789024][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.830162][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.838226][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.846181][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   31.855221][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   31.864661][  T112] bridge0: port 2(bridge_slave_1) entered blocking state
[   31.871749][  T112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   31.879758][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   31.887876][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   31.919632][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.928829][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   31.938316][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   31.946534][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   31.955271][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   31.965086][  T112] bridge0: port 1(bridge_slave_0) entered blocking state
[   31.972182][  T112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   31.980042][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   31.988723][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   31.996980][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   32.005567][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   32.014091][  T112] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.021158][  T112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.048930][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   32.057554][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   32.065873][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   32.075363][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   32.102696][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   32.111168][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   32.119852][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   32.128773][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   32.137462][  T112] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.144505][  T112] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.152568][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   32.161347][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   32.170458][  T112] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.177539][  T112] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.185158][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   32.193955][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.202686][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.211701][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.219578][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.239463][  T277] device veth0_vlan entered promiscuous mode
[   32.251253][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   32.260102][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   32.285373][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   32.293766][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.307990][  T279] device veth0_vlan entered promiscuous mode
[   32.316213][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.324046][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.352413][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.365920][  T278] device veth0_vlan entered promiscuous mode
[   32.377918][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.386726][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.411295][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.421430][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.430265][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.438371][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.448604][  T279] device veth1_macvtap entered promiscuous mode
[   32.462888][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   32.471648][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.483946][  T277] device veth1_macvtap entered promiscuous mode
[   32.496066][  T276] device veth0_vlan entered promiscuous mode
[   32.502852][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.511051][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.533892][  T278] device veth1_macvtap entered promiscuous mode
[   32.542582][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.551520][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.561523][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.570135][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.579160][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.589139][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.597861][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.621936][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.630514][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.639514][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   32.649042][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   32.672558][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.681352][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.690746][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   32.700193][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   32.709371][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.718136][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.727231][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   32.735159][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   32.754351][  T276] device veth1_macvtap entered promiscuous mode
[   32.762143][  T280] device veth0_vlan entered promiscuous mode
[   32.776469][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.785848][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.794798][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   32.803382][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.812135][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.852614][  T279] request_module fs-gadgetfs succeeded, but still no fs?
[   32.868193][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   32.877374][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   32.886072][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   32.895972][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   32.915359][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   32.915863][  T277] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[   32.934570][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   32.959840][  T280] device veth1_macvtap entered promiscuous mode
[   32.987847][  T300] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2'.
[   33.021821][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   33.036250][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   33.053245][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   33.070114][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   33.087507][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   33.156259][  T311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   33.267763][  T309] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[   33.339612][  T323] rtc_cmos 00:00: Alarms can be up to one day in the future
[   33.388050][   T24] kauditd_printk_skb: 47 callbacks suppressed
[   33.388082][   T24] audit: type=1400 audit(1754981597.180:121): avc:  denied  { mounton } for  pid=317 comm="syz.0.8" path="/1/file0" dev="tmpfs" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   33.422242][  T322] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   33.453189][  T322] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   33.453660][  T328] capability: warning: `syz.3.10' uses 32-bit capabilities (legacy support in use)
[   33.464502][  T322] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[   33.486012][  T322] EXT4-fs error (device loop0): ext4_get_journal_inode:5243: inode #17: comm syz.0.8: iget: bad i_size value: 4398046511204
[   33.499631][  T322] EXT4-fs (loop0): no journal found
[   33.513549][  T329] 9pnet: p9_fd_create_tcp (329): problem connecting socket to 127.0.0.1
[   33.522429][   T24] audit: type=1400 audit(1754981597.300:122): avc:  denied  { mounton } for  pid=327 comm="syz.3.10" path="/syzcgroup/cpu/syz3/cgroup.procs" dev="cgroup" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   33.778050][   T24] audit: type=1400 audit(1754981597.570:123): avc:  denied  { create } for  pid=334 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.779589][  T336] tipc: Started in network mode
[   33.803689][  T336] tipc: Own node identity f65ea59fe779, cluster identity 4711
[   33.812005][  T336] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   33.816895][   T24] audit: type=1400 audit(1754981597.570:124): avc:  denied  { write } for  pid=334 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.835933][  T336] device syzkaller0 entered promiscuous mode
[   33.856945][   T24] audit: type=1400 audit(1754981597.570:125): avc:  denied  { read } for  pid=334 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.878708][  T335] tipc: Resetting bearer <eth:syzkaller0>
[   33.888214][  T334] tipc: Resetting bearer <eth:syzkaller0>
[   33.888682][   T24] audit: type=1400 audit(1754981597.610:126): avc:  denied  { ioctl } for  pid=334 comm="syz.3.12" path="socket:[15825]" dev="sockfs" ino=15825 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   33.919742][   T24] audit: type=1400 audit(1754981597.650:127): avc:  denied  { create } for  pid=334 comm="syz.3.12" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   33.940202][  T334] tipc: Disabling bearer <eth:syzkaller0>
[   34.143258][   T24] audit: type=1400 audit(1754981597.930:128): avc:  denied  { prog_run } for  pid=339 comm="syz.4.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   34.231171][   T24] audit: type=1400 audit(1754981598.020:129): avc:  denied  { read write } for  pid=348 comm="syz.0.18" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   34.270892][  T346] EXT4-fs (loop3): Ignoring removed orlov option
[   34.309383][   T24] audit: type=1400 audit(1754981598.050:130): avc:  denied  { open } for  pid=348 comm="syz.0.18" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   34.364591][  T346] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,auto_da_alloc,sysvgroups,norecovery,jqfmt=vfsv0,orlov,nogrpid,noauto_da_alloc,user_xattr,,errors=continue
[   34.451907][  T363] tipc: Started in network mode
[   34.464523][  T353] EXT4-fs (loop1): Ignoring removed orlov option
[   34.484126][  T363] tipc: Own node identity 127d0ef33d25, cluster identity 4711
[   34.503384][  T353] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[   34.515221][  T363] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   34.549274][  T368] device syzkaller0 entered promiscuous mode
[   34.582216][  T361] tipc: Resetting bearer <eth:syzkaller0>
[   34.601642][  T360] tipc: Resetting bearer <eth:syzkaller0>
[   34.609011][  T360] tipc: Disabling bearer <eth:syzkaller0>
[   34.756281][  T381] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=381 comm=syz.3.28
[   34.917891][  T391] ======================================================
[   34.917891][  T391] WARNING: the mand mount option is being deprecated and
[   34.917891][  T391]          will be removed in v5.15!
[   34.917891][  T391] ======================================================
[   35.000737][  T398] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,auto_da_alloc=0x0000000000000007,nodioread_nolock,
[   35.024651][  T398] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.076975][  T391] EXT4-fs (loop0): Unrecognized mount option "mb_optimize_scan=0x0000000000000001" or missing value
[   35.087160][  T398] EXT4-fs error (device loop4): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 98 vs 96 free clusters
[   35.118379][  T405] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=405 comm=syz.3.38
[   35.131192][  T405] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=405 comm=syz.3.38
[   35.143496][  T398] EXT4-fs (loop4): Remounting filesystem read-only
[   35.152498][  T398] EXT4-fs error (device loop4) in ext4_evict_inode:258: Readonly filesystem
[   35.338367][  T415] process 'syz.0.42' launched './file0' with NULL argv: empty string added
[   35.548882][  T424] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   35.558196][  T424] EXT4-fs (loop2): orphan cleanup on readonly fs
[   35.565321][  T424] EXT4-fs error (device loop2): ext4_orphan_get:1395: inode #16: comm syz.2.47: casefold flag without casefold feature
[   35.578601][  T424] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.47: couldn't read orphan inode 16 (err -117)
[   35.591890][  T424] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   35.741718][  T422] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[   35.800939][  T422] EXT4-fs error (device loop3) in ext4_do_update_inode:5336: error 27
[   35.829367][  T422] EXT4-fs error (device loop3): ext4_dirty_inode:6143: inode #15: comm syz.3.46: mark_inode_dirty error
[   35.848920][  T422] EXT4-fs error (device loop3) in ext4_do_update_inode:5336: error 27
[   35.858560][  T422] EXT4-fs error (device loop3): __ext4_ext_dirty:182: inode #15: comm syz.3.46: mark_inode_dirty error
[   35.860979][  T438] EXT4-fs error (device loop2): ext4_map_blocks:740: inode #3: block 1: comm syz.2.51: lblock 1 mapped to illegal pblock 1 (length 1)
[   35.870818][  T422] EXT4-fs error (device loop3) in ext4_do_update_inode:5336: error 27
[   35.884580][  T438] EXT4-fs error (device loop2): ext4_acquire_dquot:6226: comm syz.2.51: Failed to acquire dquot type 0
[   35.892447][  T422] EXT4-fs error (device loop3): __ext4_ext_dirty:182: inode #15: comm syz.3.46: mark_inode_dirty error
[   35.904171][  T438] EXT4-fs error (device loop2): ext4_free_blocks:5685: comm syz.2.51: Freeing blocks not in datazone - block = 0, count = 4096
[   35.915537][  T422] EXT4-fs error (device loop3) in ext4_do_update_inode:5336: error 27
[   35.930442][  T438] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.51: Invalid inode bitmap blk 0 in block_group 0
[   35.936968][  T305] EXT4-fs error (device loop2): ext4_map_blocks:630: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[   35.948643][  T438] EXT4-fs error (device loop2) in ext4_free_inode:360: Corrupt filesystem
[   35.971621][  T422] EXT4-fs error (device loop3): ext4_truncate:4390: inode #15: comm syz.3.46: mark_inode_dirty error
[   35.992163][  T438] EXT4-fs (loop2): 1 orphan inode deleted
[   36.017263][  T438] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; ,errors=continue
[   36.049219][  T305] EXT4-fs error (device loop2): ext4_release_dquot:6262: comm kworker/u4:3: Failed to release dquot type 0
[   36.087774][  T422] EXT4-fs error (device loop3) in ext4_setattr:5707: error 27
[   36.121846][  T443] EXT4-fs error (device loop3) in ext4_do_update_inode:5336: error 27
[   36.123336][  T438] EXT4-fs error (device loop2): ext4_search_dir:1521: inode #2: block 16: comm syz.2.51: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   36.158354][  T438] EXT4-fs error (device loop2): ext4_search_dir:1521: inode #2: block 16: comm syz.2.51: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   36.285520][  T462] netlink: 'syz.0.61': attribute type 13 has an invalid length.
[   36.338937][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[   36.347664][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   36.356220][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[   36.394205][  T466] mmap: syz.1.62 (466) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[   36.421266][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   36.435731][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   36.445342][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   36.454836][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   36.500254][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   36.578255][  T475] syz.3.66 uses obsolete (PF_INET,SOCK_PACKET)
[   36.824090][  T483] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   36.834695][  T483] EXT4-fs (loop3): failed to open journal device unknown-block(128,1) -6
[   36.994576][  T496] syz.1.73 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   37.200403][  T502] SELinux:  policydb string length 0 does not match expected length 8
[   37.237013][  T502] SELinux: failed to load policy
[   37.669200][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.684630][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.728135][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.745850][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.774570][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.805073][  T513] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,bsddf,grpquota,nobarrier,debug_want_extra_isize=0x0000000000000080,nodelalloc,nogrpid,noauto_da_alloc,stripe=0x0000000000000002,,errors=continue
[   37.831918][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.856895][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.883174][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.916875][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.947909][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.975699][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   37.995884][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.026292][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.034997][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.056887][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.064379][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.072233][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.079923][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.089158][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.096697][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.104539][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.112320][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.120378][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.128442][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.135919][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.143857][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.151519][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.159186][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.166646][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.174803][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.182725][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.190432][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.198149][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.205618][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.213467][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.220955][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.228484][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.235942][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.243429][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.251476][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.259013][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.266466][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.273993][   T25] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   38.288492][   T25] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v8.00 Device [syz1] on syz0
[   38.299182][  T536] netlink: 96 bytes leftover after parsing attributes in process `syz.4.94'.
[   38.484850][  T547] fido_id[547]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   38.512690][  T542] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,user_xattr,grpquota,nobarrier,debug_want_extra_isize=0x0000000000000080,nodelalloc,nogrpid,barrier=0x0000000000000b82,stripe=0x0000000000000002,,errors=continue
[   38.664594][  T559] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   38.682908][  T559] device syzkaller0 entered promiscuous mode
[   38.727234][  T559] tipc: Resetting bearer <eth:syzkaller0>
[   38.764384][  T554] tipc: Resetting bearer <eth:syzkaller0>
[   38.774410][  T554] tipc: Disabling bearer <eth:syzkaller0>
[   38.856517][  T566] device wireguard0 entered promiscuous mode
[   38.999053][   T24] kauditd_printk_skb: 84 callbacks suppressed
[   38.999196][   T24] audit: type=1400 audit(1754981602.750:210): avc:  denied  { create } for  pid=555 comm="syz.4.98" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   39.048248][   T24] audit: type=1400 audit(1754981602.770:211): avc:  denied  { write } for  pid=555 comm="syz.4.98" name="001" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   39.790857][  T575] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   39.821210][   T24] audit: type=1400 audit(1754981603.610:212): avc:  denied  { mount } for  pid=574 comm="syz.2.104" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   39.885909][  T586] tipc: Started in network mode
[   39.897241][  T586] tipc: Own node identity a2fc4f1774b5, cluster identity 4711
[   39.907643][  T586] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   39.907933][   T24] audit: type=1400 audit(1754981603.700:213): avc:  denied  { unmount } for  pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   39.915034][  T586] device syzkaller0 entered promiscuous mode
[   39.966367][  T586] tipc: Resetting bearer <eth:syzkaller0>
[   39.977067][   T24] audit: type=1400 audit(1754981603.760:214): avc:  denied  { map } for  pid=584 comm="syz.4.110" path="/dev/bus/usb/008/001" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   39.982820][  T590] EXT4-fs (loop1): too many log groups per flexible block group
[   40.009028][  T590] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   40.016459][  T590] EXT4-fs (loop1): mount failed
[   40.022462][  T584] tipc: Resetting bearer <eth:syzkaller0>
[   40.049371][  T584] tipc: Disabling bearer <eth:syzkaller0>
[   40.176341][   T24] audit: type=1400 audit(1754981603.960:215): avc:  denied  { write } for  pid=604 comm="syz.3.117" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   40.247874][  T609] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   40.277276][  T609] device syzkaller0 entered promiscuous mode
[   40.324943][  T609] tipc: Resetting bearer <eth:syzkaller0>
[   40.379424][  T608] tipc: Resetting bearer <eth:syzkaller0>
[   40.394963][  T608] tipc: Disabling bearer <eth:syzkaller0>
[   40.519576][  T627] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   40.552061][   T24] audit: type=1400 audit(1754981604.340:216): avc:  denied  { append } for  pid=634 comm="syz.3.132" name="001" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   40.585355][  T627] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   40.611031][  T627] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[   40.626737][  T627] System zones: 1-12
[   40.640336][  T627] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #11: comm syz.1.128: iget: bogus i_mode (700)
[   40.660662][  T627] EXT4-fs (loop1): Remounting filesystem read-only
[   40.669800][  T627] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.128: error while reading EA inode 11 err=-117
[   40.684717][   T24] audit: type=1400 audit(1754981604.470:217): avc:  denied  { wake_alarm } for  pid=642 comm="syz.4.136" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   40.689398][  T627] EXT4-fs (loop1): 1 orphan inode deleted
[   40.711972][  T627] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,user_xattr,max_dir_size_kb=0x0000000000000402,inode_readahead_blks=0x0000000000010000,init_itable=0x0000000000000080,minixdf,errors=remount-ro,
[   40.766851][   T24] audit: type=1326 audit(1754981604.550:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=641 comm="syz.0.134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc53e009be9 code=0x0
[   40.973222][  T650] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   40.984832][  T650] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   40.997344][   T24] audit: type=1400 audit(1754981604.790:219): avc:  denied  { write } for  pid=658 comm="syz.3.140" name="vlan0" dev="proc" ino=4026532883 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   41.054125][  T650] JBD2: no valid journal superblock found
[   41.060286][  T650] EXT4-fs (loop0): error loading journal
[   42.446033][  T701] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   42.649343][  T717] EXT4-fs (loop1): Ignoring removed bh option
[   42.681973][  T717] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 2: comm syz.1.162: lblock 2 mapped to illegal pblock 2 (length 1)
[   42.696719][  T717] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 48: comm syz.1.162: lblock 0 mapped to illegal pblock 48 (length 1)
[   42.711257][  T717] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.162: Failed to acquire dquot type 0
[   42.723836][  T717] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[   42.733795][  T717] EXT4-fs error (device loop1): ext4_evict_inode:283: inode #11: comm syz.1.162: mark_inode_dirty error
[   42.745436][  T717] EXT4-fs warning (device loop1): ext4_evict_inode:286: couldn't mark inode dirty (err -117)
[   42.755744][  T717] EXT4-fs (loop1): 1 orphan inode deleted
[   42.761574][  T717] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,noblock_validity,bh,max_batch_time=0x0000000000000001,nodelalloc,inlinecrypt,,errors=continue
[   42.781767][  T519] EXT4-fs error (device loop1): ext4_map_blocks:630: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1)
[   42.808310][  T716] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   42.825800][  T712] device syzkaller0 entered promiscuous mode
[   42.830708][  T519] EXT4-fs error (device loop1): ext4_release_dquot:6262: comm kworker/u4:4: Failed to release dquot type 0
[   42.905683][  T712] tipc: Resetting bearer <eth:syzkaller0>
[   42.919318][  T711] tipc: Resetting bearer <eth:syzkaller0>
[   42.929103][  T711] tipc: Disabling bearer <eth:syzkaller0>
[   44.642508][   T24] kauditd_printk_skb: 35 callbacks suppressed
[   44.642541][   T24] audit: type=1326 audit(1754981608.430:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=742 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   44.803487][   T24] audit: type=1400 audit(1754981608.470:253): avc:  denied  { read } for  pid=738 comm="syz.2.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   44.872404][   T24] audit: type=1326 audit(1754981608.500:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=742 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   44.921906][   T24] audit: type=1326 audit(1754981608.500:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=742 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   44.946165][   T24] audit: type=1326 audit(1754981608.640:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   44.970754][   T24] audit: type=1326 audit(1754981608.640:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   44.997848][   T24] audit: type=1326 audit(1754981608.640:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   45.021559][   T24] audit: type=1326 audit(1754981608.640:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   45.045356][   T24] audit: type=1326 audit(1754981608.640:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   45.069200][   T24] audit: type=1326 audit(1754981608.640:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=749 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0705702be9 code=0x7ffc0000
[   45.400663][  T277] EXT4-fs error (device loop1): __ext4_get_inode_loc:4438: comm syz-executor: Invalid inode table block 1 in block_group 0
[   45.442373][  T277] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[   45.474846][  T277] EXT4-fs error (device loop1): ext4_quota_off:6545: inode #3: comm syz-executor: mark_inode_dirty error
[   45.652215][  T776] tipc: Started in network mode
[   45.677302][  T776] tipc: Own node identity 3a1266a43587, cluster identity 4711
[   45.697557][  T776] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   45.713599][  T782] device syzkaller0 entered promiscuous mode
[   45.725709][  T776] tipc: Resetting bearer <eth:syzkaller0>
[   45.783666][  T783] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[   45.798161][  T768] tipc: Resetting bearer <eth:syzkaller0>
[   45.805647][  T768] tipc: Disabling bearer <eth:syzkaller0>
[   45.811768][  T783] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,noauto_da_alloc,quota,stripe=0x0000000000000000,jqfmt=vfsold,,errors=continue
[   45.811885][  T783] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   45.907271][  T790] device veth0_to_team entered promiscuous mode
[   46.291730][  T808] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.299211][  T808] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.317740][  T813] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[   46.349417][  T813] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[   46.425556][  T813] EXT4-fs (loop0): Unrecognized mount option "mb_optimize_scan=0x0000000000000001" or missing value
[   46.694519][  T825] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[   46.720161][  T825] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.077858][  T853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=853 comm=syz.1.221
[   47.157731][  T848] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   47.213233][  T850]  loop0: p3 < > p4 < >
[   47.245303][  T850] loop0: partition table partially beyond EOD, truncated
[   47.259581][  T850] loop0: p3 start 4284289 is beyond EOD, truncated
[   47.852636][  T332] udevd[332]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   48.314258][  T903] syz.2.238[903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.314410][  T903] syz.2.238[903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   48.681190][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.700765][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.708684][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.716161][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.723995][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.731729][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.739439][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.747795][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.755789][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.764217][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.771936][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.779908][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.796856][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.804498][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.812488][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.820455][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.828569][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.836034][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.974984][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.982519][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.990087][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   48.997815][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.005264][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.012800][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.020307][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.027804][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.035258][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.042766][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.050517][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.058075][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.065567][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.073130][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.080879][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.088503][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.096317][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.103919][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.111465][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.119012][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.126517][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.134060][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.141850][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.149468][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.157059][   T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   49.166295][   T25] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   49.381209][  T933] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,
[   49.392879][  T933] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.453893][  T940] fido_id[940]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   49.456762][  T943] syz.0.256[943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.474178][  T943] syz.0.256[943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   49.555057][  T943] ==================================================================
[   49.574393][  T943] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x842/0x3280
[   49.582604][  T943] Read of size 8 at addr ffff88810f62d3c0 by task syz.0.256/943
[   49.590276][  T943] 
[   49.592677][  T943] CPU: 0 PID: 943 Comm: syz.0.256 Not tainted 5.10.240-syzkaller #0
[   49.600717][  T943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   49.611443][  T943] Call Trace:
[   49.614802][  T943]  __dump_stack+0x21/0x24
[   49.619191][  T943]  dump_stack_lvl+0x169/0x1d8
[   49.623941][  T943]  ? show_regs_print_info+0x18/0x18
[   49.629204][  T943]  ? thaw_kernel_threads+0x220/0x220
[   49.634561][  T943]  print_address_description+0x7f/0x2c0
[   49.640170][  T943]  ? tc_setup_flow_action+0x842/0x3280
[   49.645700][  T943]  kasan_report+0xe2/0x130
[   49.650186][  T943]  ? flow_action_cookie_create+0x28/0x90
[   49.655899][  T943]  ? tc_setup_flow_action+0x842/0x3280
[   49.661437][  T943]  __asan_report_load8_noabort+0x14/0x20
[   49.667138][  T943]  tc_setup_flow_action+0x842/0x3280
[   49.672484][  T943]  ? __kmalloc+0x1a7/0x330
[   49.676966][  T943]  ? flow_rule_alloc+0x32/0x2c0
[   49.681861][  T943]  mall_replace_hw_filter+0x293/0x810
[   49.687286][  T943]  ? pcpu_block_update_hint_alloc+0x8bc/0xc50
[   49.693434][  T943]  ? mall_set_parms+0x410/0x410
[   49.698337][  T943]  ? tcf_exts_destroy+0xb0/0xb0
[   49.703378][  T943]  ? pcpu_alloc+0xf8a/0x16b0
[   49.708088][  T943]  ? mall_set_parms+0x19d/0x410
[   49.713005][  T943]  mall_change+0x528/0x750
[   49.717476][  T943]  ? __kasan_check_write+0x14/0x20
[   49.722636][  T943]  ? mall_get+0xa0/0xa0
[   49.726866][  T943]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[   49.732927][  T943]  ? nla_strcmp+0xf4/0x140
[   49.737421][  T943]  tc_new_tfilter+0x13f6/0x1a10
[   49.742343][  T943]  ? mall_get+0xa0/0xa0
[   49.746678][  T943]  ? tcf_gate_entry_destructor+0x20/0x20
[   49.752382][  T943]  ? security_capable+0x87/0xb0
[   49.757307][  T943]  ? ns_capable+0x8c/0xf0
[   49.761698][  T943]  ? netlink_net_capable+0x125/0x160
[   49.767052][  T943]  ? tcf_gate_entry_destructor+0x20/0x20
[   49.772740][  T943]  rtnetlink_rcv_msg+0x800/0xb90
[   49.777748][  T943]  ? rtnetlink_bind+0x80/0x80
[   49.782486][  T943]  ? arch_stack_walk+0xee/0x140
[   49.787417][  T943]  ? stack_trace_save+0x98/0xe0
[   49.792324][  T943]  ? stack_trace_snprint+0xf0/0xf0
[   49.797503][  T943]  ? memcpy+0x56/0x70
[   49.801545][  T943]  ? avc_has_perm+0x234/0x360
[   49.806318][  T943]  ? __kasan_slab_alloc+0xbd/0xf0
[   49.811425][  T943]  ? slab_post_alloc_hook+0x5d/0x2f0
[   49.816772][  T943]  ? ___sys_sendmsg+0x1f0/0x260
[   49.821693][  T943]  ? avc_has_perm_noaudit+0x240/0x240
[   49.827129][  T943]  ? selinux_nlmsg_lookup+0x3fb/0x4a0
[   49.832571][  T943]  netlink_rcv_skb+0x1e0/0x430
[   49.837397][  T943]  ? rtnetlink_bind+0x80/0x80
[   49.842152][  T943]  ? netlink_ack+0xb80/0xb80
[   49.846813][  T943]  ? __netlink_lookup+0x387/0x3b0
[   49.851904][  T943]  rtnetlink_rcv+0x1c/0x20
[   49.856391][  T943]  netlink_unicast+0x876/0xa40
[   49.861242][  T943]  netlink_sendmsg+0x88d/0xb30
[   49.866193][  T943]  ? netlink_getsockopt+0x530/0x530
[   49.871475][  T943]  ? security_socket_sendmsg+0x82/0xa0
[   49.877016][  T943]  ? netlink_getsockopt+0x530/0x530
[   49.882286][  T943]  ____sys_sendmsg+0x5a2/0x8c0
[   49.887124][  T943]  ? __sys_sendmsg_sock+0x40/0x40
[   49.892217][  T943]  ? import_iovec+0x7c/0xb0
[   49.896800][  T943]  ___sys_sendmsg+0x1f0/0x260
[   49.901560][  T943]  ? __sys_sendmsg+0x250/0x250
[   49.906397][  T943]  ? __fdget+0x1a1/0x230
[   49.910720][  T943]  __x64_sys_sendmsg+0x1e2/0x2a0
[   49.915718][  T943]  ? ___sys_sendmsg+0x260/0x260
[   49.920649][  T943]  ? switch_fpu_return+0x197/0x340
[   49.925831][  T943]  do_syscall_64+0x31/0x40
[   49.930318][  T943]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   49.936258][  T943] RIP: 0033:0x7fc53e009be9
[   49.940747][  T943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.960415][  T943] RSP: 002b:00007fc53ca72038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.968898][  T943] RAX: ffffffffffffffda RBX: 00007fc53e230fa0 RCX: 00007fc53e009be9
[   49.976921][  T943] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[   49.984944][  T943] RBP: 00007fc53e08ce19 R08: 0000000000000000 R09: 0000000000000000
[   49.992962][  T943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   50.000995][  T943] R13: 00007fc53e231038 R14: 00007fc53e230fa0 R15: 00007ffc661317c8
[   50.009012][  T943] 
[   50.011385][  T943] Allocated by task 943:
[   50.015687][  T943]  __kasan_kmalloc+0xda/0x110
[   50.020467][  T943]  __kmalloc+0x1a7/0x330
[   50.024772][  T943]  tcf_idr_create+0x5f/0x790
[   50.029428][  T943]  tcf_idr_create_from_flags+0x61/0x70
[   50.034931][  T943]  tcf_gact_init+0x2b4/0x520
[   50.039577][  T943]  tcf_action_init_1+0x3e1/0x670
[   50.044559][  T943]  tcf_action_init+0x1e6/0x700
[   50.049371][  T943]  tcf_exts_validate+0x215/0x510
[   50.054400][  T943]  mall_set_parms+0x4b/0x410
[   50.059047][  T943]  mall_change+0x45c/0x750
[   50.063517][  T943]  tc_new_tfilter+0x13f6/0x1a10
[   50.068425][  T943]  rtnetlink_rcv_msg+0x800/0xb90
[   50.073439][  T943]  netlink_rcv_skb+0x1e0/0x430
[   50.078261][  T943]  rtnetlink_rcv+0x1c/0x20
[   50.082773][  T943]  netlink_unicast+0x876/0xa40
[   50.087594][  T943]  netlink_sendmsg+0x88d/0xb30
[   50.092425][  T943]  ____sys_sendmsg+0x5a2/0x8c0
[   50.097242][  T943]  ___sys_sendmsg+0x1f0/0x260
[   50.101975][  T943]  __x64_sys_sendmsg+0x1e2/0x2a0
[   50.106957][  T943]  do_syscall_64+0x31/0x40
[   50.111432][  T943]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   50.117355][  T943] 
[   50.119742][  T943] The buggy address belongs to the object at ffff88810f62d300
[   50.119742][  T943]  which belongs to the cache kmalloc-192 of size 192
[   50.133851][  T943] The buggy address is located 0 bytes to the right of
[   50.133851][  T943]  192-byte region [ffff88810f62d300, ffff88810f62d3c0)
[   50.147518][  T943] The buggy address belongs to the page:
[   50.153232][  T943] page:ffffea00043d8b40 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88810f62db00 pfn:0x10f62d
[   50.164829][  T943] flags: 0x4000000000000200(slab)
[   50.169926][  T943] raw: 4000000000000200 ffffea00043ba7c0 0000000200000002 ffff888100043380
[   50.178581][  T943] raw: ffff88810f62db00 000000008010000e 00000001ffffffff 0000000000000000
[   50.187204][  T943] page dumped because: kasan: bad access detected
[   50.193924][  T943] page_owner tracks the page as allocated
[   50.199712][  T943] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 95, ts 8449991584, free_ts 8449940471
[   50.215474][  T943]  prep_new_page+0x179/0x180
[   50.220124][  T943]  get_page_from_freelist+0x2235/0x23d0
[   50.225731][  T943]  __alloc_pages_nodemask+0x268/0x5f0
[   50.231165][  T943]  new_slab+0x84/0x3f0
[   50.235290][  T943]  ___slab_alloc+0x2a6/0x450
[   50.239932][  T943]  __slab_alloc+0x63/0xa0
[   50.244309][  T943]  kmem_cache_alloc_trace+0x1b3/0x2e0
[   50.249733][  T943]  kernfs_fop_open+0x343/0xb30
[   50.254539][  T943]  do_dentry_open+0x793/0x1090
[   50.259352][  T943]  vfs_open+0x73/0x80
[   50.263405][  T943]  path_openat+0x27ad/0x3160
[   50.268057][  T943]  do_filp_open+0x1b3/0x3e0
[   50.272604][  T943]  do_sys_openat2+0x14c/0x6d0
[   50.277330][  T943]  __x64_sys_openat+0x136/0x160
[   50.282224][  T943]  do_syscall_64+0x31/0x40
[   50.286696][  T943]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   50.292620][  T943] page last free stack trace:
[   50.297343][  T943]  free_unref_page_prepare+0x2b7/0x2d0
[   50.302852][  T943]  __free_pages+0x14b/0x380
[   50.307417][  T943]  free_pages+0x82/0x90
[   50.311628][  T943]  selinux_genfs_get_sid+0x20b/0x250
[   50.316962][  T943]  inode_doinit_with_dentry+0x86d/0xd70
[   50.322563][  T943]  selinux_d_instantiate+0x27/0x40
[   50.327723][  T943]  security_d_instantiate+0x9e/0xf0
[   50.332970][  T943]  d_splice_alias+0x6d/0x390
[   50.337611][  T943]  kernfs_iop_lookup+0x2c5/0x310
[   50.342588][  T943]  path_openat+0x1127/0x3160
[   50.347247][  T943]  do_filp_open+0x1b3/0x3e0
[   50.351795][  T943]  do_sys_openat2+0x14c/0x6d0
[   50.356519][  T943]  __x64_sys_openat+0x136/0x160
[   50.361449][  T943]  do_syscall_64+0x31/0x40
[   50.365923][  T943]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   50.371845][  T943] 
[   50.374213][  T943] Memory state around the buggy address:
[   50.379896][  T943]  ffff88810f62d280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   50.388006][  T943]  ffff88810f62d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.396114][  T943] >ffff88810f62d380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   50.404207][  T943]                                            ^
[   50.410403][  T943]  ffff88810f62d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   50.418519][  T943]  ffff88810f62d480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[   50.426618][  T943] ==================================================================
[   50.434725][  T943] Disabling lock debugging due to kernel taint
[   50.461386][   T24] kauditd_printk_skb: 144 callbacks suppressed
[   50.461425][   T24] audit: type=1400 audit(1754981614.250:406): avc:  denied  { read } for  pid=76 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   50.495442][   T24] audit: type=1400 audit(1754981614.280:407): avc:  denied  { search } for  pid=76 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   50.517122][   T24] audit: type=1400 audit(1754981614.280:408): avc:  denied  { write } for  pid=76 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   50.538849][   T24] audit: type=1400 audit(1754981614.280:409): avc:  denied  { add_name } for  pid=76 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   50.571331][  T945] EXT4-fs (loop2): orphan cleanup on readonly fs
[   50.580051][  T945] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[   50.592696][   T24] audit: type=1400 audit(1754981614.280:410): avc:  denied  { create } for  pid=76 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   50.593058][  T945] EXT4-fs error (device loop2): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   50.613688][   T24] audit: type=1400 audit(1754981614.280:411): avc:  denied  { append open } for  pid=76 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   50.650550][   T24] audit: type=1400 audit(1754981614.280:412): avc:  denied  { getattr } for  pid=76 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   50.677277][  T945] EXT4-fs error (device loop2): ext4_clear_blocks:880: inode #13: comm syz.2.258: attempt to clear invalid blocks 2 len 1
[   50.745527][  T945] EXT4-fs error (device loop2): ext4_free_branches:1026: inode #13: comm syz.2.258: invalid indirect mapped block 1819239214 (level 0)
[   50.759952][  T945] EXT4-fs error (device loop2): ext4_free_branches:1026: inode #13: comm syz.2.258: invalid indirect mapped block 1819239214 (level 1)
[   50.785183][  T945] EXT4-fs (loop2): 1 truncate cleaned up
[   50.790993][  T945] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,jqfmt=vfsv0,abort,bsddf,noquota,usrjquota=..,errors=continue