last executing test programs:

3m29.174077663s ago: executing program 32 (id=129):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x5b, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000980)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)

3m1.619692283s ago: executing program 33 (id=1392):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0xfffd, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)

2m32.785523413s ago: executing program 34 (id=2789):
io_setup(0x2278, &(0x7f0000000180)=<r0=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r0, 0x2, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="bc", 0x1, 0x0, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x0, r1, 0x0, 0x0, 0x1000000, 0x0, 0x2}])
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

2m20.057025286s ago: executing program 35 (id=3226):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a80016002000024006000200035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc", 0xd8}], 0x1}, 0x0)

2m14.622783302s ago: executing program 36 (id=3441):
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000680)={[{@delalloc}, {@data_err_abort}, {@barrier}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nombcache}, {@user_xattr}, {@delalloc}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x19)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)

1m47.899453849s ago: executing program 6 (id=4527):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
mbind(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, &(0x7f0000000000)=0x5, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)

1m47.688803442s ago: executing program 8 (id=4535):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[], 0xd4}}, 0x0)
r1 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r1, 0x409, 0xb)

1m47.406119687s ago: executing program 8 (id=4537):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0xa86, 0x0)

1m47.401520377s ago: executing program 8 (id=4538):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000001108000440000008090900010073797a30000000000900020073797a32"], 0x78}}, 0x0)

1m47.279752289s ago: executing program 8 (id=4539):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000003980)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket(0x1, 0x1, 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000500)={0x60000004})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000001c0)={0x80000002})

1m47.264189209s ago: executing program 8 (id=4541):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000001900)=@NCI_OP_RF_INTF_ACTIVATED_NTF={0x1, 0x1, 0x3, 0x5, 0x5, @f={0xf1, 0x3, 0x2, 0x2, 0x6, 0xe, 0x3, {0x3, 0x2, 'f:'}, 0x1, 0x56, 0x3, 0x8, 0x2, '/*'}}, 0x15)

1m46.996757633s ago: executing program 6 (id=4552):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000001108000440000008090900010073797a30000000000900020073797a32"], 0x78}}, 0x0)

1m46.977876344s ago: executing program 6 (id=4553):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800)

1m46.961924814s ago: executing program 6 (id=4554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x402, 0x6, 0xae0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&')

1m46.949846514s ago: executing program 9 (id=4555):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0xc000)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)

1m46.938967984s ago: executing program 9 (id=4557):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = syz_pidfd_open(r0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x2, 0x0)

1m46.911185195s ago: executing program 6 (id=4559):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000001880)={'wg1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)={0x40, r3, 0xa29, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r2}, @WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000200)={0x0, 0x3f00, &(0x7f00000001c0)={&(0x7f0000000300)={0x40, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x40}}, 0x0)

1m46.885870015s ago: executing program 9 (id=4562):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xa, 0x1000, 0x3fd, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f00000000c0)='./file0/file0\x00', r1}, 0x18)

1m46.879381475s ago: executing program 0 (id=4564):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000005c0)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000021)
close(r2)

1m46.857355765s ago: executing program 9 (id=4565):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000)

1m46.847386056s ago: executing program 0 (id=4566):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={<r1=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r1, 0x1}}, 0x18)

1m46.812101396s ago: executing program 0 (id=4568):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040), 0xc)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_aout(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000002680)="1e", 0x1}], 0x1)

1m46.811619106s ago: executing program 0 (id=4570):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
ioctl$SG_GET_VERSION_NUM(r1, 0x2284, &(0x7f0000000080))

1m46.750147467s ago: executing program 0 (id=4572):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
close(0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}, 0x1, 0x0, 0x0, 0x40801}, 0x8040)

1m46.639590089s ago: executing program 0 (id=4573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000e47f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1, 0x0, 0x20000000}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000001000000001"], 0x24}}, 0x0)

1m46.626123089s ago: executing program 37 (id=4573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000e47f000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1, 0x0, 0x20000000}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000001000000001"], 0x24}}, 0x0)

1m46.103713368s ago: executing program 9 (id=4575):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010103}]}, &(0x7f0000000380)=0x10)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000002180)={0x88}, 0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000001c0)={0x87}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1, 0x1}, &(0x7f00000000c0)=0x8)

1m46.102785598s ago: executing program 8 (id=4576):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
msgsnd(r0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgsnd(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ff"], 0x8, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x1000)
msgctl$IPC_RMID(r0, 0x0)

1m46.102549878s ago: executing program 38 (id=4576):
r0 = msgget$private(0x0, 0x790)
msgsnd(r0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
msgsnd(r0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
msgsnd(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ff"], 0x8, 0x0)
msgrcv(r0, 0x0, 0x0, 0x0, 0x1000)
msgctl$IPC_RMID(r0, 0x0)

1m46.101162718s ago: executing program 6 (id=4577):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

1m46.100922288s ago: executing program 39 (id=4577):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r2, 0x0, 0xfffffffffffffffd}, 0x18)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

1m44.876627067s ago: executing program 9 (id=4586):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x6, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000440)=""/173)

1m44.876486997s ago: executing program 40 (id=4586):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x6, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000440)=""/173)

12.465606871s ago: executing program 1 (id=7711):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r1, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a07760760beeab11e88509de7f1939e8abfe0055acc8ef039a5be42200000000000000000100", 0x38}, 0x60)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r2, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a07760760beeab11e88509de7f1939e8abfe0055acc8ef039a5be42200000000000000000100", 0x38}, 0x60)

12.441345812s ago: executing program 1 (id=7712):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x7, 0x7, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_getoverrun(r2)

12.418342702s ago: executing program 1 (id=7714):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000040)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x7, @mcast1, 0x4}, 0x1c)

12.358141753s ago: executing program 1 (id=7717):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x167)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x10000, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$9p_rdma(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x100000, 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00')

12.329982093s ago: executing program 1 (id=7718):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r1, 0x0, 0x2}, 0x18)
readv(r0, &(0x7f0000001340)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/215, 0xd7}], 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

12.165286116s ago: executing program 1 (id=7728):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x20570, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x0, 0x8, 0x20205, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

12.130878267s ago: executing program 41 (id=7728):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x54, 0x1, 0x0, 0x0, 0x0, 0x7, 0x20570, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0xd}, 0x10000, 0x10000, 0x0, 0x0, 0x8, 0x20205, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

1.055584803s ago: executing program 5 (id=8182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000440)={[{@usrquota}, {@noquota}, {@grpid}]}, 0x1, 0x4c4, &(0x7f0000000a40)="$eJzs3ctrW1caAPBPku3YjmfymGFIMjAJZCDzIJYfDLFnZjOrmVkEhgl000Lq2oqbWraMJaexCdRpd1l0UVpaKF1037+gm2bVUChdt/vSRUlpUxfaQkHlXkmJrViuKI7V+P5+cJNzH9J3jsV3OPfoXt0AMutM8k8uYiQiPoqII43V7Qecafy3ee/GbLLkol6/9GUuPS5Zbx3aet3hiNiIiMGI+P+/I57JPRy3ura+MFMul1aa68Xa4nKxurZ+/urizHxpvrQ0PnVhenpqbHJies/aeuvl525dfPe/A+98+9LdO6+8/15SrZHmvq3t2EuNpvfHsS3b+iLin48iWA8Umu0Z6nVF+FmSz+83EXE2zf8jUUg/TSAL6vV6/Yf6oU67N+rAgZVPx8C5/GhENMr5/OhoYwz/2xjOlyvV2l+vVFaX5hpj5aPRn79ytVwaa54rHI3+XLI+npYfrE+0rU9GpGPgVwtD6frobKU8t79dHdDmcFv+f1No5D+QEU75IbvkP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h0z638WLyVJv3f8+d21tdaFy7fxcqbowurg6OzpbWVkena9U5tN7dhZ/6v3Klcry+N9i9XqxVqrWitW19cuLldWl2uX0vv7Lpf59aRXQjWOnb3+Si4iNvw+lS2KguU+uwsFWr+ei1/cgA71R6HUHBPSMqT/ILuf4QPtP9LaPCwY7vXD5wXwh8HjJ97oCQM+cO+n7P8gq8/+QXeb/IbuM8YEdHtG3zW7z/8Djyfw/ZNtOz//61ZZnd41FxK8j4uNC/6HWs76AgyD/ea45/j935I8j7XsHct+lXxEMRMTzb156/fpMrbYynmz/6v722hvN7RNbXtjxhAHolVaetvIYAMiuzXs3ZlvLfsb94l+NixAejt/XnJscTL+jHN7MbbtWIbdH1y5s3IyIEzvFzzWfd944kRneLDyI90Ij/vFmPXKNt0jr25c+N/0Rx2/GPLkl/h+2xD+1B38XyILbSf8ztlP+5dOcjvv5t73/Gdmjayc693/5+/1foUP/d7rLGM++9eJnHePfjDi1Y/xWvME0Vnv8pG7nuox/96knftdpX/3txvvsFL8lKRVri8vF6tr6+fR35OZLS+NTF6anp8YmJ6aL6Rx1sTVT/bB/nPjwzm7tH+4Qf7f2J9v+3GX7v//9B0+e2SX+n87u/Pkf3yX+UET8pcv4X098+nSnfUn8uQ7tz+8SP9k22WX86mv/OdTloQDAPqiurS/M9EVpJS2UywoKCvtbuPnLqEZbodc9E/CoVdeSU/Mk6XtdEwAAAAAAAAAAAKBb+3E5ca/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwEPwYAAD//yvJ1G8=")
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1400000053040c"], 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000050)

951.641705ms ago: executing program 5 (id=8187):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)=@newqdisc={0x98, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r3, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100], [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x9, 0x4, 0x0, 0x0, 0x4]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x98}}, 0x0)

945.342765ms ago: executing program 3 (id=8188):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x6, @f={0x4b, 0x5, 0x2, 0x81, {0x81, 0x1, "ce"}, 0x2}}, 0xb)

935.740925ms ago: executing program 5 (id=8189):
unshare(0x24020400)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x34, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
setgid(0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x80000)

882.164036ms ago: executing program 5 (id=8190):
socket$nl_route(0x10, 0x3, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
read(r1, &(0x7f00000019c0)=""/4097, 0x1001)

546.980031ms ago: executing program 2 (id=8198):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000440)={[{@usrquota}, {@noquota}, {@grpid}]}, 0x1, 0x4c4, &(0x7f0000000a40)="$eJzs3ctrW1caAPBPku3YjmfymGFIMjAJZCDzIJYfDLFnZjOrmVkEhgl000Lq2oqbWraMJaexCdRpd1l0UVpaKF1037+gm2bVUChdt/vSRUlpUxfaQkHlXkmJrViuKI7V+P5+cJNzH9J3jsV3OPfoXt0AMutM8k8uYiQiPoqII43V7Qecafy3ee/GbLLkol6/9GUuPS5Zbx3aet3hiNiIiMGI+P+/I57JPRy3ura+MFMul1aa68Xa4nKxurZ+/urizHxpvrQ0PnVhenpqbHJies/aeuvl525dfPe/A+98+9LdO6+8/15SrZHmvq3t2EuNpvfHsS3b+iLin48iWA8Umu0Z6nVF+FmSz+83EXE2zf8jUUg/TSAL6vV6/Yf6oU67N+rAgZVPx8C5/GhENMr5/OhoYwz/2xjOlyvV2l+vVFaX5hpj5aPRn79ytVwaa54rHI3+XLI+npYfrE+0rU9GpGPgVwtD6frobKU8t79dHdDmcFv+f1No5D+QEU75IbvkP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h0z638WLyVJv3f8+d21tdaFy7fxcqbowurg6OzpbWVkena9U5tN7dhZ/6v3Klcry+N9i9XqxVqrWitW19cuLldWl2uX0vv7Lpf59aRXQjWOnb3+Si4iNvw+lS2KguU+uwsFWr+ei1/cgA71R6HUHBPSMqT/ILuf4QPtP9LaPCwY7vXD5wXwh8HjJ97oCQM+cO+n7P8gq8/+QXeb/IbuM8YEdHtG3zW7z/8Djyfw/ZNtOz//61ZZnd41FxK8j4uNC/6HWs76AgyD/ea45/j935I8j7XsHct+lXxEMRMTzb156/fpMrbYynmz/6v722hvN7RNbXtjxhAHolVaetvIYAMiuzXs3ZlvLfsb94l+NixAejt/XnJscTL+jHN7MbbtWIbdH1y5s3IyIEzvFzzWfd944kRneLDyI90Ij/vFmPXKNt0jr25c+N/0Rx2/GPLkl/h+2xD+1B38XyILbSf8ztlP+5dOcjvv5t73/Gdmjayc693/5+/1foUP/d7rLGM++9eJnHePfjDi1Y/xWvME0Vnv8pG7nuox/96knftdpX/3txvvsFL8lKRVri8vF6tr6+fR35OZLS+NTF6anp8YmJ6aL6Rx1sTVT/bB/nPjwzm7tH+4Qf7f2J9v+3GX7v//9B0+e2SX+n87u/Pkf3yX+UET8pcv4X098+nSnfUn8uQ7tz+8SP9k22WX86mv/OdTloQDAPqiurS/M9EVpJS2UywoKCvtbuPnLqEZbodc9E/CoVdeSU/Mk6XtdEwAAAAAAAAAAAKBb+3E5ca/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwEPwYAAD//yvJ1G8=")
r2 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1400000053040c"], 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000050)

546.286631ms ago: executing program 3 (id=8199):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f0000000180), 0x1, 0x451, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn78dKuJvi6NPJlY7+GS12ufqyrWrKZ0Ml9gQ1iUbA1l3jdTG/1gMRaPzxuK1T0ttHLChqrkuhy9WgbtYEmW3AChH8UGf3f8W2+bNPsp39eX6DVAW9/V8qx8ZjjQvM9J2f9tPExFx7OK/X2VbbMxzCACAFt9n859nO83/0nigqdw9+drQeL6Wsjsi7ouIPRFxf0St7IMR8dA6629fJLl5/pNe6SmwNcrmfy/la1ut879i9hfjQ3luVy3+keT4ycriofw1mYyRrVl+ZpU6fnj1ty+6HWue/2VbVn8xF8zbcWV4a+s5C3Mrc7cTc7Orn0TsG+4Uf3JjJSCJiL0Rsa/HOk4+/c2BbsduHf8q+rDOVP064ql6/1+MtvgLyerrk9PborJ4aLq4Km72y6+X3upW/23F3wdZ/2/veP3fiH88aV6vXV5/HZf++LzrPc1UT9d/Y8eW/O+HcysrZ2citiRv1BvdvH+2cW6RL8pn8U8e7Dz+d0fjldgfEdlF/HBEPBIRj+Z991hEPB4RB9viar6//umVJ97rFv+d0P8Lbf0/3lqkrf8biS3RvqdzYujUj9+1/o+N5Nre/47UUpP5nrW8/62lXb1dzQAAAPD/k0bEzkjSqRvp0XRqqv4d/j2xPa0sLa88c3zpgzML9d8IjMdIWjzpGmt6HjqT39YX+dm2/OH8ufGXQ6O1/NT8UmWh7OBhwO24afyntfGf+XOo7NYBG87vtWBwNY3/pMx2AJvP5z8MLuMfBleH8T9aRjuAzdfp8//jEtoBbL628W/ZDwaI+38YXMY/DK7m8e8LADAwlkfj1j+S75TYFr2cJXHXJCK9I5rRn0TS4yhYa2Jn2QGuP1H2OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB//BcAAP//pgHvrg==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x9, 0x2, 0x56d, 0x3, 0x2, 0xffffffffffffffff, 0x4}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001f80), 0xfffffffb, r1}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000004c0), 0x1000, r1}, 0x38)

530.004702ms ago: executing program 7 (id=8200):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0x3}, 0x1c)
connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e27, 0x10000000, @local, 0x5}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

462.605423ms ago: executing program 7 (id=8202):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
lchown(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

368.825404ms ago: executing program 7 (id=8204):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001e00)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf, 0x9}, {}, {0xb, 0xe}}, [@filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_IIF={0x8, 0x4, r2}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x47}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x20000040)

315.344805ms ago: executing program 7 (id=8206):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000005304"], 0x14}, 0x1, 0x0, 0x0, 0x24000841}, 0x4008840)

283.735386ms ago: executing program 7 (id=8207):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={0x2c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {0x24}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x2c}}, 0x4)

279.882906ms ago: executing program 2 (id=8208):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x800000000}, 0x18)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x35, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20)

210.168247ms ago: executing program 7 (id=8209):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)

209.875217ms ago: executing program 2 (id=8210):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000000000001"], 0x30}}, 0x44)

209.687247ms ago: executing program 4 (id=8211):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, &(0x7f0000000340)=ANY=[@ANYBLOB="5266000001"])

196.331007ms ago: executing program 4 (id=8212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x5f45, &(0x7f00000001c0)={0x0, 0x0, 0x2})
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

182.520618ms ago: executing program 2 (id=8213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x18)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000400), 0x141140, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})

165.331978ms ago: executing program 4 (id=8214):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757818"], 0x65)

156.368918ms ago: executing program 2 (id=8215):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000400)='ns\x00')
readlinkat(r2, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3)

122.187899ms ago: executing program 3 (id=8216):
rt_sigprocmask(0x2, &(0x7f0000000040)={[0x6d285c1d]}, 0x0, 0x8)
r0 = gettid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg(r1, &(0x7f000000c2c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)
tkill(r0, 0x1f)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180)={&(0x7f0000000140)={[0x2e]}, 0x8})

111.981549ms ago: executing program 4 (id=8217):
perf_event_open(&(0x7f0000000d00)={0x2, 0x80, 0x6a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0xa44, 0x2, 0x0, 0x9, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)

94.561188ms ago: executing program 2 (id=8218):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xff0f}], 0x1, 0x0, 0xffffffffffffff7d}, 0x40004220)

94.304819ms ago: executing program 3 (id=8219):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f00000016c0)={0x10, 0x0, 0x25dfdbfb, 0x40000044}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400008000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x4e, &(0x7f0000000a40)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, "000e00", 0x18, 0x6, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], {{0x4e24, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x6, 0x18, 0x3, 0x0, 0x7, {[@fastopen={0x22, 0x2}]}}}}}}}}, 0x0)

79.163609ms ago: executing program 4 (id=8220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffff8}, 0x18)
move_mount(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x30)

61.703349ms ago: executing program 4 (id=8221):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r1=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x200, {0x1d, 0x1, 0x8}, [@CGW_DST_IF={0x8, 0xa, r1}, @CGW_SRC_IF={0x8, 0x9, r2}]}, 0x24}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1, 0x6}, {0xffff, 0xc}, {0x1, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

41.804749ms ago: executing program 3 (id=8222):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000140)=0x2, 0x4)

18.16975ms ago: executing program 3 (id=8223):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400038008000500", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)

17.80518ms ago: executing program 5 (id=8224):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a050000000000000000000a0000070900020073797a31000000000900010073797a3100000000200003801c000080080003400000000210000780090001006c6173740000000014000000110001"], 0xb0}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
close_range(r2, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=8225):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xb2, &(0x7f0000000300)={@random="b931b2d41475", @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x7c, 0x3c, 0x0, @private0, @mcast2, {[@srh={0x2, 0x2, 0x4, 0x1, 0x2, 0x28, 0x7, [@private1={0xfc, 0x1, '\x00', 0x1}]}], {0x0, 0x0, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x1, "0d21213f484c1a771311b60c4edbe8c4063c9eddc969a56dfc0935aa4513c3be", "84a047f948b6d565e070d31eef1a0933", {"bea46353b091ff1f647532d1a8471c1a", "b9a8d13c3a3e74518cfbc46e2972101b"}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

__ext4_ext_dirty:206: inode #3: comm syz.3.5977: mark_inode_dirty error
[  174.684283][T17597] random: crng reseeded on system resumption
[  174.724437][T17581] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.5977: Failed to acquire dquot type 0
[  174.743495][T17581] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.5977: corrupted inode contents
[  174.767293][T17581] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.5977: mark_inode_dirty error
[  174.789315][T17581] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.5977: corrupted inode contents
[  174.802313][T17581] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.5977: mark_inode_dirty error
[  174.840855][T17581] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.5977: corrupted inode contents
[  174.856073][T17581] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  174.874683][T17581] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.5977: corrupted inode contents
[  174.898175][T17581] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.5977: mark_inode_dirty error
[  174.918437][T17581] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  174.950375][T17581] EXT4-fs (loop3): 1 truncate cleaned up
[  174.956588][T17581] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.012340][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.374135][T17665] veth3: entered promiscuous mode
[  175.465436][T17680] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17680 comm=syz.7.6023
[  175.670974][T17691] program syz.3.6028 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  175.761806][T17728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17728 comm=syz.7.6045
[  175.857647][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  175.940499][T17752] batadv_slave_0: entered promiscuous mode
[  176.023558][T17751] batadv_slave_0: left promiscuous mode
[  176.124565][T17767] xt_hashlimit: max too large, truncated to 1048576
[  176.289892][T17795] loop3: detected capacity change from 0 to 512
[  176.297317][T17791] netlink: 'syz.2.6074': attribute type 1 has an invalid length.
[  176.311555][T17795] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.327748][T17795] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  176.351563][T17800] netlink: 'syz.2.6078': attribute type 4 has an invalid length.
[  176.357062][T17795] EXT4-fs (loop3): 1 truncate cleaned up
[  176.372488][T17795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.401721][T17800] netlink: 'syz.2.6078': attribute type 4 has an invalid length.
[  176.461345][T17810] vhci_hcd: invalid port number 23
[  176.493697][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.530176][T17816] vhci_hcd: invalid port number 0
[  176.550509][T17818] lo speed is unknown, defaulting to 1000
[  176.594055][T17824] netlink: 'syz.3.6088': attribute type 3 has an invalid length.
[  176.601820][T17824] netlink: 'syz.3.6088': attribute type 4 has an invalid length.
[  176.804519][T17842] loop2: detected capacity change from 0 to 1024
[  176.816080][T17842] EXT4-fs: Ignoring removed orlov option
[  176.846254][T17842] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.127484][T17855] lo speed is unknown, defaulting to 1000
[  177.149986][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.163629][   T29] kauditd_printk_skb: 317 callbacks suppressed
[  177.163640][   T29] audit: type=1400 audit(174.326:6376): avc:  denied  { write } for  pid=17856 comm="syz.7.6097" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  177.232209][T17859] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.239428][T17859] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.267194][   T29] audit: type=1400 audit(174.419:6377): avc:  denied  { write } for  pid=17868 comm="syz.7.6106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  177.307390][T17859] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  177.317935][T17859] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  177.344856][T17859] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.353728][T17859] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.362683][T17859] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.371586][T17859] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  177.384621][T17859] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  177.393661][T17859] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  177.402726][T17859] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  177.411691][T17859] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  177.421669][T17859] veth3: left promiscuous mode
[  177.443920][T17872] team0: Port device team_slave_0 removed
[  177.469254][T17876] bridge_slave_0: left allmulticast mode
[  177.474966][T17876] bridge_slave_0: left promiscuous mode
[  177.480768][T17876] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.493423][   T29] audit: type=1400 audit(174.625:6378): avc:  denied  { create } for  pid=17880 comm="syz.1.6111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  177.513125][   T29] audit: type=1400 audit(174.634:6379): avc:  denied  { connect } for  pid=17880 comm="syz.1.6111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  177.513316][T17876] bond0: (slave bridge_slave_1): Releasing backup interface
[  177.532486][   T29] audit: type=1400 audit(174.634:6380): avc:  denied  { bind } for  pid=17880 comm="syz.1.6111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  177.559689][T17876] bridge_slave_1: left promiscuous mode
[  177.565315][T17876] bridge_slave_1: left allmulticast mode
[  177.573005][T17876] bond0: (slave bond_slave_0): Releasing backup interface
[  177.580762][T17876] bond_slave_0: left promiscuous mode
[  177.586152][T17876] bond_slave_0: left allmulticast mode
[  177.593199][T17876] bond0: (slave bond_slave_1): Releasing backup interface
[  177.601390][T17876] bond_slave_1: left promiscuous mode
[  177.606779][T17876] bond_slave_1: left allmulticast mode
[  177.615232][T17876] team0: Port device team_slave_0 removed
[  177.623436][T17876] team0: Port device team_slave_1 removed
[  177.639111][T17876] bond1: (slave veth3): Releasing backup interface
[  177.645942][T17876] veth3: left promiscuous mode
[  177.709485][T17882] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  177.760967][T17893] netlink: 'syz.2.6116': attribute type 10 has an invalid length.
[  177.773116][T17893] veth1_vlan: entered allmulticast mode
[  177.781533][T17893] team0: Device veth1_vlan failed to register rx_handler
[  177.800307][   T29] audit: type=1400 audit(174.915:6381): avc:  denied  { getopt } for  pid=17890 comm="syz.4.6115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  177.904337][T17914] loop2: detected capacity change from 0 to 512
[  177.942856][T17916] loop3: detected capacity change from 0 to 8192
[  177.950525][   T29] audit: type=1400 audit(175.055:6382): avc:  denied  { mount } for  pid=17915 comm="syz.3.6127" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  178.011624][   T29] audit: type=1400 audit(175.083:6383): avc:  denied  { unmount } for  pid=14180 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  178.060954][T17914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.089401][   T29] audit: type=1326 audit(175.177:6384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17919 comm="syz.7.6129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd07f6ce9a9 code=0x7ffc0000
[  178.112299][   T29] audit: type=1326 audit(175.177:6385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17919 comm="syz.7.6129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd07f6ce9a9 code=0x7ffc0000
[  178.175826][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.233505][T17934] wireguard0: entered promiscuous mode
[  178.264173][T17939] __nla_validate_parse: 4 callbacks suppressed
[  178.264187][T17939] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6136'.
[  178.279227][T17939] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6136'.
[  178.293425][T17939] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6136'.
[  178.302430][T17939] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6136'.
[  178.387921][T17950] loop2: detected capacity change from 0 to 164
[  178.398592][T17950] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  178.413697][T17950] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  178.447375][T17950] Symlink component flag not implemented
[  178.453021][T17950] Symlink component flag not implemented
[  178.456396][T17961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6146'.
[  178.467689][T17961] netlink: 120 bytes leftover after parsing attributes in process `syz.3.6146'.
[  178.477042][T17950] Symlink component flag not implemented (7)
[  178.477346][T17961] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6146'.
[  178.483006][T17950] Symlink component flag not implemented (116)
[  178.532800][T17966] loop3: detected capacity change from 0 to 512
[  178.541767][T17964] lo speed is unknown, defaulting to 1000
[  178.574096][T17966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.642990][T17979] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6154'.
[  178.644577][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.659453][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.667021][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.674533][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.682096][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.689534][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.696962][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.704427][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.711904][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.719420][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.726790][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.734156][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.741508][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.748883][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.756317][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.763690][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.771100][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.778501][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.785887][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.793343][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.800745][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.808126][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.815541][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.822942][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.830362][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.832839][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.837729][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.854133][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.861619][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.869001][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.876498][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.883885][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.891442][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.898850][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.906324][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.913704][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.921113][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.928574][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.936013][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.943477][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.950895][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.958296][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.965679][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.973079][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.980552][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.987985][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  178.995379][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.002804][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.010180][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.017633][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.025042][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.032443][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.039837][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.047280][ T3388] hid-generic 0008:0006:0007.0010: unknown main item tag 0x0
[  179.056966][ T3388] hid-generic 0008:0006:0007.0010: hidraw0: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  179.127155][T17997] loop3: detected capacity change from 0 to 764
[  179.184588][T17999] Falling back ldisc for ttyS3.
[  179.422228][   T23] kernel read not supported for file /vga_arbiter (pid: 23 comm: kworker/1:0)
[  179.452882][T18027] loop2: detected capacity change from 0 to 1024
[  179.473743][T18027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.541339][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.561508][T18045] SELinux: security_context_str_to_sid () failed with errno=-22
[  179.584204][T18047] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  179.594639][T18047] SELinux: failed to load policy
[  179.836285][T18075] netlink: 830 bytes leftover after parsing attributes in process `syz.1.6196'.
[  179.916176][T18086] SET target dimension over the limit!
[  179.925768][T18088] team0: Port device team_slave_0 removed
[  180.879090][T18140] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18140 comm=syz.7.6223
[  180.891743][T18140] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=18140 comm=syz.7.6223
[  180.985312][T18144] bond3: (slave veth0_to_bond): Releasing backup interface
[  180.997482][T18144] bond0: (slave bond_slave_0): Releasing backup interface
[  181.007102][T18146] openvswitch: netlink: Message has 6 unknown bytes.
[  181.014485][T18144] bond0: (slave bond_slave_1): Releasing backup interface
[  181.045947][T18144] team0: Port device team_slave_1 removed
[  181.145038][T18155] netlink: 96 bytes leftover after parsing attributes in process `syz.7.6228'.
[  181.217532][T18170] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  181.239480][T18169] loop2: detected capacity change from 0 to 1024
[  181.260343][T18169] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  181.271404][T18169] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  181.301469][T18169] JBD2: no valid journal superblock found
[  181.307222][T18169] EXT4-fs (loop2): Could not load journal inode
[  181.322946][T18185] wireguard0: entered promiscuous mode
[  181.397818][T18193] loop2: detected capacity change from 0 to 512
[  181.419434][T18193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.440234][T18198] bridge_slave_0: left allmulticast mode
[  181.445898][T18198] bridge_slave_0: left promiscuous mode
[  181.451677][T18198] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.509740][T18200] loop3: detected capacity change from 0 to 128
[  181.527311][T18198] bridge_slave_1: left allmulticast mode
[  181.532970][T18198] bridge_slave_1: left promiscuous mode
[  181.538670][T18198] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.547538][T18198] bond0: (slave bond_slave_0): Releasing backup interface
[  181.566757][T18198] bond0: (slave bond_slave_1): Releasing backup interface
[  181.574814][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.599712][T18198] team0: Port device team_slave_1 removed
[  181.609616][T18198] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.621303][T18198] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.772344][T18229] lo speed is unknown, defaulting to 1000
[  181.858592][T18239] lo speed is unknown, defaulting to 1000
[  182.188670][T18261] bridge_slave_0: left allmulticast mode
[  182.194445][T18261] bridge_slave_0: left promiscuous mode
[  182.200154][T18261] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.216451][T18261] bridge_slave_1: left allmulticast mode
[  182.222156][T18261] bridge_slave_1: left promiscuous mode
[  182.227863][T18261] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.250277][T18261] bond0: (slave bond_slave_0): Releasing backup interface
[  182.294113][T18261] bond0: (slave bond_slave_1): Releasing backup interface
[  182.327746][T18261] team0: Port device team_slave_0 removed
[  182.354002][T18261] team0: Port device team_slave_1 removed
[  182.362093][ T5094] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  182.372608][T18261] bond0: (slave geneve1): Releasing backup interface
[  182.512813][T18290] SELinux: failed to load policy
[  182.542051][   T29] kauditd_printk_skb: 121 callbacks suppressed
[  182.542066][   T29] audit: type=1400 audit(179.358:6507): avc:  denied  { create } for  pid=18293 comm="syz.7.6287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  182.581391][   T29] audit: type=1400 audit(179.377:6508): avc:  denied  { bind } for  pid=18293 comm="syz.7.6287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  182.585512][T18298] loop3: detected capacity change from 0 to 8192
[  182.635873][   T29] audit: type=1400 audit(179.433:6509): avc:  denied  { bind } for  pid=18302 comm="syz.7.6290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  182.654911][   T29] audit: type=1400 audit(179.433:6510): avc:  denied  { name_bind } for  pid=18302 comm="syz.7.6290" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  182.675431][   T29] audit: type=1400 audit(179.433:6511): avc:  denied  { node_bind } for  pid=18302 comm="syz.7.6290" saddr=ff01::1 src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  182.756501][T18315] loop3: detected capacity change from 0 to 1024
[  182.776562][T18315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.792841][T18315] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  182.808221][T18315] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  182.820628][T18315] EXT4-fs (loop3): This should not happen!! Data will be lost
[  182.820628][T18315] 
[  182.830318][T18315] EXT4-fs (loop3): Total free blocks count 0
[  182.836285][T18315] EXT4-fs (loop3): Free/Dirty block details
[  182.842260][T18315] EXT4-fs (loop3): free_blocks=4293918720
[  182.847961][T18315] EXT4-fs (loop3): dirty_blocks=64
[  182.853119][T18315] EXT4-fs (loop3): Block reservation details
[  182.859189][T18315] EXT4-fs (loop3): i_reserved_data_blocks=4
[  182.877086][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.207977][T18323] wireguard0: entered promiscuous mode
[  183.213849][T18329] loop3: detected capacity change from 0 to 512
[  183.227568][T18329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.247487][T18330] veth3: entered promiscuous mode
[  183.264496][   T29] audit: type=1400 audit(180.022:6512): avc:  denied  { map } for  pid=18326 comm="syz.3.6301" path="/369/bus/pids.current" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  183.295843][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.381419][T18344] sd 0:0:1:0: device reset
[  183.386634][   T29] audit: type=1326 audit(180.135:6513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18342 comm="syz.1.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  183.409680][   T29] audit: type=1326 audit(180.135:6514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18342 comm="syz.1.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  183.432762][   T29] audit: type=1326 audit(180.135:6515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18342 comm="syz.1.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f84c655d310 code=0x7ffc0000
[  183.455699][   T29] audit: type=1326 audit(180.135:6516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18342 comm="syz.1.6307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  183.479085][T18341] loop2: detected capacity change from 0 to 8192
[  183.530081][T18352] openvswitch: netlink: Message has 6 unknown bytes.
[  183.596158][T18365] netlink: 'syz.7.6318': attribute type 21 has an invalid length.
[  183.606562][T18367] netlink: 'syz.4.6319': attribute type 10 has an invalid length.
[  183.614556][T18367] veth1_vlan: entered allmulticast mode
[  183.629044][T18367] team0: Device veth1_vlan failed to register rx_handler
[  183.641311][T18365] netlink: 132 bytes leftover after parsing attributes in process `syz.7.6318'.
[  183.657397][T18371] binfmt_misc: register: failed to install interpreter file ./file2
[  183.669405][T18375] veth3: entered promiscuous mode
[  183.718823][T18383] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6324'.
[  183.732389][T18389] loop2: detected capacity change from 0 to 512
[  183.746339][T18389] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  183.761080][T18389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.815347][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.832155][T18394] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  183.839773][T18394] batman_adv: batadv0: Removing interface: batadv_slave_0
[  183.863948][T18394] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.871559][T18394] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.916421][T18418] loop3: detected capacity change from 0 to 512
[  183.923047][T18418] EXT4-fs: Ignoring removed nobh option
[  183.945791][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.6340: corrupted inode contents
[  183.960288][T18418] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #3: comm syz.3.6340: mark_inode_dirty error
[  183.987190][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #3: comm syz.3.6340: corrupted inode contents
[  184.000315][T18418] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.6340: mark_inode_dirty error
[  184.025729][T18418] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.6340: Failed to acquire dquot type 0
[  184.043327][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.6340: corrupted inode contents
[  184.072883][T18418] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #16: comm syz.3.6340: mark_inode_dirty error
[  184.103470][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.6340: corrupted inode contents
[  184.118779][T18418] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.6340: mark_inode_dirty error
[  184.130447][T18437] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6348'.
[  184.140214][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.6340: corrupted inode contents
[  184.156655][T18437] bridge0: port 4(macvlan3) entered blocking state
[  184.158073][T18418] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  184.163194][T18437] bridge0: port 4(macvlan3) entered disabled state
[  184.172677][T18435] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  184.178612][T18437] macvlan3: entered allmulticast mode
[  184.193217][T18437] bridge0: entered allmulticast mode
[  184.199455][T18418] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.6340: corrupted inode contents
[  184.211468][T18437] macvlan3: left allmulticast mode
[  184.216600][T18437] bridge0: left allmulticast mode
[  184.225411][T18418] EXT4-fs error (device loop3): ext4_truncate:4597: inode #16: comm syz.3.6340: mark_inode_dirty error
[  184.240145][T18418] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  184.261469][T18418] EXT4-fs (loop3): 1 truncate cleaned up
[  184.268073][T18418] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.292639][T18443] futex_wake_op: syz.7.6352 tries to shift op by -1; fix this program
[  184.364567][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.396453][T18460] loop2: detected capacity change from 0 to 1024
[  184.403457][T18460] EXT4-fs: Ignoring removed orlov option
[  184.411600][T18460] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.459022][T18468] vlan2: entered allmulticast mode
[  184.631106][T18482] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  184.656951][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.352365][T18544] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[  185.478312][T18551] lo speed is unknown, defaulting to 1000
[  185.633702][ T5094] nci: nci_extract_activation_params_nfc_dep: unsupported activation_rf_tech_and_mode 0x6
[  185.738133][T18585] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6414'.
[  185.759388][T18585] bridge0: port 1(macvlan2) entered blocking state
[  185.766132][T18585] bridge0: port 1(macvlan2) entered disabled state
[  185.773492][T18585] macvlan2: entered allmulticast mode
[  185.778956][T18585] bridge0: entered allmulticast mode
[  185.785456][T18585] macvlan2: left allmulticast mode
[  185.790686][T18585] bridge0: left allmulticast mode
[  185.796252][T18589] netlink: 'syz.7.6417': attribute type 10 has an invalid length.
[  185.807235][T18587] O3�c��: renamed from bridge_slave_0
[  185.816501][T18589] team0: Device veth1_vlan failed to register rx_handler
[  186.087271][T18611] netlink: 48 bytes leftover after parsing attributes in process `syz.3.6426'.
[  186.161464][T18615] lo speed is unknown, defaulting to 1000
[  186.267256][T18628] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6433'.
[  186.431012][T18655] netlink: 'syz.4.6443': attribute type 10 has an invalid length.
[  186.440674][T18655] team0: Device hsr_slave_0 failed to register rx_handler
[  186.475840][ T5094] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  187.071376][T18687] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=18687 comm=syz.3.6455
[  187.350404][T18698] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6460'.
[  187.367348][T18698] bridge0: port 1(macvlan2) entered blocking state
[  187.373974][T18698] bridge0: port 1(macvlan2) entered disabled state
[  187.382429][T18698] macvlan2: entered allmulticast mode
[  187.387958][T18698] bridge0: entered allmulticast mode
[  187.393689][T18704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6465'.
[  187.414625][T18698] macvlan2: left allmulticast mode
[  187.414859][T18708] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6467'.
[  187.419753][T18698] bridge0: left allmulticast mode
[  187.455328][T18708] bridge0: entered promiscuous mode
[  187.467456][T18708] bridge0: port 4(macvlan3) entered blocking state
[  187.474039][T18708] bridge0: port 4(macvlan3) entered disabled state
[  187.482844][T18708] macvlan3: entered allmulticast mode
[  187.488319][T18708] bridge0: entered allmulticast mode
[  187.495004][T18708] macvlan3: left allmulticast mode
[  187.500144][T18708] bridge0: left allmulticast mode
[  187.505483][T18708] bridge0: left promiscuous mode
[  187.543213][T18716] netlink: 'syz.3.6472': attribute type 4 has an invalid length.
[  187.575508][T18716] netlink: 'syz.3.6472': attribute type 4 has an invalid length.
[  187.765149][T18745] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  187.789523][T18749] xt_hashlimit: max too large, truncated to 1048576
[  187.850366][T18759] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  187.871929][T18761] loop2: detected capacity change from 0 to 164
[  187.902481][T18761] syz.2.6492: attempt to access beyond end of device
[  187.902481][T18761] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  187.918550][T18761] syz.2.6492: attempt to access beyond end of device
[  187.918550][T18761] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[  187.960901][   T29] kauditd_printk_skb: 142 callbacks suppressed
[  187.960916][   T29] audit: type=1326 audit(184.428:6657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  187.998797][   T29] audit: type=1326 audit(184.428:6658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.021867][   T29] audit: type=1326 audit(184.456:6659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.044710][   T29] audit: type=1326 audit(184.456:6660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.067587][   T29] audit: type=1326 audit(184.456:6661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.090551][   T29] audit: type=1326 audit(184.456:6662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.113424][   T29] audit: type=1326 audit(184.456:6663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.136363][   T29] audit: type=1326 audit(184.456:6664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18771 comm="syz.1.6497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  188.178500][   T29] audit: type=1400 audit(184.624:6665): avc:  denied  { read write } for  pid=14205 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  188.202209][   T29] audit: type=1400 audit(184.624:6666): avc:  denied  { open } for  pid=14205 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  188.285788][T18793] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  188.316266][T18789] lo speed is unknown, defaulting to 1000
[  188.582057][ T3472] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  188.589485][ T3472] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  188.597033][ T3472] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  188.607458][ T3472] hid-generic 0003:0004:0000.0011: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  188.623748][T18830] pim6reg: entered allmulticast mode
[  188.631046][T18830] pim6reg: left allmulticast mode
[  188.732224][T18844] bridge0: port 1(macvlan2) entered blocking state
[  188.738902][T18844] bridge0: port 1(macvlan2) entered disabled state
[  188.746095][T18844] macvlan2: entered allmulticast mode
[  188.751574][T18844] bridge0: entered allmulticast mode
[  188.760143][T18844] macvlan2: left allmulticast mode
[  188.765303][T18844] bridge0: left allmulticast mode
[  188.871322][T18869] loop3: detected capacity change from 0 to 512
[  188.879986][T18869] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  188.894247][T18869] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.6540: bg 0: block 435: padding at end of block bitmap is not set
[  188.909391][T18869] EXT4-fs (loop3): 1 truncate cleaned up
[  188.915565][T18869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.951128][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.995818][T18882] syzkaller1: entered promiscuous mode
[  189.001433][T18882] syzkaller1: entered allmulticast mode
[  189.018358][T18884] __nla_validate_parse: 5 callbacks suppressed
[  189.018372][T18884] netlink: 104 bytes leftover after parsing attributes in process `syz.1.6546'.
[  189.110214][T18894] ip6gre1: entered allmulticast mode
[  189.183752][T18907] Invalid ELF header magic: != ELF
[  189.200858][T18899] ALSA: seq fatal error: cannot create timer (-19)
[  189.382809][T18936] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  189.389358][T18936] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  189.396951][T18936] vhci_hcd vhci_hcd.0: Device attached
[  189.411634][T18938] vhci_hcd: connection closed
[  189.411741][ T5110] vhci_hcd: stop threads
[  189.420694][ T5110] vhci_hcd: release socket
[  189.425127][ T5110] vhci_hcd: disconnect device
[  189.492605][T18958] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6579'.
[  189.507876][T18962] loop3: detected capacity change from 0 to 1024
[  189.508653][T18958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6579'.
[  189.523854][T18962] EXT4-fs: Ignoring removed orlov option
[  189.535682][T18962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.607221][T18974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6587'.
[  189.626224][T18976] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6585'.
[  189.635333][T18976] netlink: 'syz.7.6585': attribute type 15 has an invalid length.
[  189.651887][T18978] sd 0:0:1:0: device reset
[  189.738784][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.753643][    T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:0)
[  189.979290][T19009] netlink: 'syz.3.6613': attribute type 21 has an invalid length.
[  189.988199][T19009] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6613'.
[  190.027568][T19014] loop2: detected capacity change from 0 to 512
[  190.034637][T19014] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  190.048543][T19014] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.6605: bg 0: block 435: padding at end of block bitmap is not set
[  190.065580][T19014] EXT4-fs (loop2): 1 truncate cleaned up
[  190.071651][T19014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.098542][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.874197][T19075] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6631'.
[  191.036314][T19090] pim6reg1: entered promiscuous mode
[  191.041789][T19090] pim6reg1: entered allmulticast mode
[  191.165757][T19100] loop3: detected capacity change from 0 to 1024
[  191.177130][T19102] netlink: 96 bytes leftover after parsing attributes in process `syz.7.6644'.
[  191.212972][T19100] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.6643: Failed to acquire dquot type 0
[  191.231377][T19107] netlink: 'syz.2.6647': attribute type 2 has an invalid length.
[  191.239170][T19107] netlink: 'syz.2.6647': attribute type 1 has an invalid length.
[  191.247005][T19107] netlink: 199820 bytes leftover after parsing attributes in process `syz.2.6647'.
[  191.259958][T19100] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  191.275606][T19100] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.6643: corrupted inode contents
[  191.295006][T19100] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #13: comm syz.3.6643: mark_inode_dirty error
[  191.310552][T19100] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.6643: corrupted inode contents
[  191.325125][T19100] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.6643: mark_inode_dirty error
[  191.336559][T19100] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.6643: corrupted inode contents
[  191.348939][T19100] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  191.357576][T19100] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #13: comm syz.3.6643: corrupted inode contents
[  191.369544][T19100] EXT4-fs error (device loop3): ext4_truncate:4597: inode #13: comm syz.3.6643: mark_inode_dirty error
[  191.391008][T19100] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  191.402705][T19100] EXT4-fs (loop3): 1 truncate cleaned up
[  191.422387][T19100] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  191.502641][T19139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6661'.
[  191.574463][T19151] IPv6: NLM_F_CREATE should be specified when creating new route
[  191.624908][T19158] program syz.3.6669 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  191.634411][T19158] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  191.948713][T19189] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  191.955311][T19189] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  191.962796][T19189] vhci_hcd vhci_hcd.0: Device attached
[  191.970692][T19190] vhci_hcd: connection closed
[  191.970870][ T5110] vhci_hcd: stop threads
[  191.979863][ T5110] vhci_hcd: release socket
[  191.984267][ T5110] vhci_hcd: disconnect device
[  192.195163][T19214] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  192.195163][T19214]    program syz.4.6690 not setting count and/or reply_len properly
[  192.611835][T19274] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=19274 comm=syz.3.6720
[  192.624405][T19274] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=19274 comm=syz.3.6720
[  192.822147][T19295] program syz.3.6730 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  192.973267][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  193.252890][T19256] cgroup: fork rejected by pids controller in /syz4
[  193.359635][   T29] kauditd_printk_skb: 284 callbacks suppressed
[  193.359647][   T29] audit: type=1400 audit(702.473:6949): avc:  denied  { sqpoll } for  pid=19335 comm="syz.1.6737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  193.406845][   T29] audit: type=1400 audit(702.502:6950): avc:  denied  { bind } for  pid=19336 comm="syz.3.6736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  193.425780][   T29] audit: type=1400 audit(702.502:6951): avc:  denied  { name_bind } for  pid=19336 comm="syz.3.6736" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  193.447219][   T29] audit: type=1400 audit(702.502:6952): avc:  denied  { node_bind } for  pid=19336 comm="syz.3.6736" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  193.468441][   T29] audit: type=1400 audit(702.502:6953): avc:  denied  { shutdown } for  pid=19336 comm="syz.3.6736" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  193.533049][T19342] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  193.629557][   T29] audit: type=1400 audit(702.726:6954): avc:  denied  { connect } for  pid=19343 comm="syz.7.6739" lport=248 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.704652][   T29] audit: type=1400 audit(702.782:6955): avc:  denied  { bind } for  pid=19350 comm="syz.3.6743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  193.994302][   T29] audit: type=1400 audit(703.063:6956): avc:  denied  { name_bind } for  pid=19369 comm="syz.7.6750" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  194.225643][T19379] netem: change failed
[  194.343275][   T29] audit: type=1400 audit(703.381:6957): avc:  denied  { setcheckreqprot } for  pid=19382 comm="syz.2.6756" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  194.453012][   T29] audit: type=1400 audit(703.493:6958): avc:  denied  { mount } for  pid=19394 comm="syz.2.6762" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  194.524370][T19397] __nla_validate_parse: 2 callbacks suppressed
[  194.524385][T19397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6763'.
[  194.554205][T19401] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6765'.
[  194.563296][T19401] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6765'.
[  194.574114][T19397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6763'.
[  194.978249][T19435] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6780'.
[  195.025988][T19435] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6780'.
[  195.159584][T19445] loop2: detected capacity change from 0 to 512
[  195.176361][T19445] EXT4-fs: journaled quota format not specified
[  195.513637][T19463] hub 9-0:1.0: USB hub found
[  195.518380][T19463] hub 9-0:1.0: 8 ports detected
[  195.542286][T19465] loop3: detected capacity change from 0 to 512
[  195.548895][T19465] EXT4-fs: Ignoring removed oldalloc option
[  195.554850][T19465] journal_path: Lookup failure for './bus'
[  195.560687][T19465] EXT4-fs: error: could not find journal device path
[  195.815753][T19488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6804'.
[  195.913710][T19496] netem: change failed
[  196.183992][T19505] netlink: 'syz.7.6812': attribute type 1 has an invalid length.
[  196.194780][T19507] lo speed is unknown, defaulting to 1000
[  196.236377][T19507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  196.247660][T19507] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.070868][T19552] loop2: detected capacity change from 0 to 1024
[  197.112656][T19552] EXT4-fs mount: 2 callbacks suppressed
[  197.112726][T19552] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.142198][T19552] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  197.157694][T19552] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[  197.170116][T19552] EXT4-fs (loop2): This should not happen!! Data will be lost
[  197.170116][T19552] 
[  197.179861][T19552] EXT4-fs (loop2): Total free blocks count 0
[  197.185892][T19552] EXT4-fs (loop2): Free/Dirty block details
[  197.191849][T19552] EXT4-fs (loop2): free_blocks=4293918720
[  197.197601][T19552] EXT4-fs (loop2): dirty_blocks=16
[  197.202720][T19552] EXT4-fs (loop2): Block reservation details
[  197.208823][T19552] EXT4-fs (loop2): i_reserved_data_blocks=1
[  197.289995][ T5095] EXT4-fs error (device loop2): ext4_map_blocks:816: inode #15: block 1: comm kworker/u8:32: lblock 1 mapped to illegal pblock 1 (length 3)
[  197.319218][ T5095] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 3 with error 117
[  197.424293][T19575] loop2: detected capacity change from 0 to 2048
[  197.444055][T19575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.459230][T19575] EXT4-fs (loop2): shut down requested (0)
[  197.476982][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.495703][T19585] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  197.575756][T19598] netlink: 'syz.7.6851': attribute type 1 has an invalid length.
[  197.638485][T19606] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  197.640383][T19608] loop2: detected capacity change from 0 to 512
[  197.659914][T19608] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  197.683088][T19608] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00dc018, mo2=0002]
[  197.699833][T19608] System zones: 1-12
[  197.705549][T19608] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm +}[@: bg 0: block 337: padding at end of block bitmap is not set
[  197.708985][T19615] rdma_op ffff88812ad1e180 conn xmit_rdma 0000000000000000
[  197.734509][T19608] EXT4-fs (loop2): 1 truncate cleaned up
[  197.737264][T19610] hsr0: entered promiscuous mode
[  197.740595][T19608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.775908][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.901441][T19636] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  198.043008][T19659] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6879'.
[  198.182462][T19675] loop3: detected capacity change from 0 to 128
[  198.278369][T19679] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6889'.
[  198.442190][T19690] serio: Serial port ptm0
[  198.526587][T19693] loop2: detected capacity change from 0 to 1024
[  198.533488][T19693] EXT4-fs: Ignoring removed bh option
[  198.538996][T19693] EXT4-fs: inline encryption not supported
[  198.545462][T19693] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  198.556454][T19693] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  198.565668][T19693] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.6895: lblock 2 mapped to illegal pblock 2 (length 1)
[  198.580268][T19693] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.6895: lblock 0 mapped to illegal pblock 48 (length 1)
[  198.594893][T19693] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.6895: Failed to acquire dquot type 0
[  198.606415][T19693] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem
[  198.616080][T19693] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.6895: mark_inode_dirty error
[  198.627599][T19693] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  198.637884][T19693] EXT4-fs (loop2): 1 orphan inode deleted
[  198.644284][T19693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.656874][ T5106] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:40: lblock 1 mapped to illegal pblock 1 (length 1)
[  198.692993][ T5106] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:40: Failed to release dquot type 0
[  198.714502][T19693] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.6895: lblock 0 mapped to illegal pblock 48 (length 1)
[  198.729055][T19693] __quota_error: 162 callbacks suppressed
[  198.729065][T19693] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=-117
[  198.756244][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.817112][T19697] bridge0: port 1(batadv0) entered blocking state
[  198.823671][T19697] bridge0: port 1(batadv0) entered disabled state
[  198.836423][T19697] batadv0: entered allmulticast mode
[  198.842954][T19697] batadv0: entered promiscuous mode
[  198.899486][T19705] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6900'.
[  199.004209][   T29] audit: type=1326 audit(707.758:7118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19718 comm="syz.2.6908" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa882e6e9a9 code=0x0
[  199.152269][   T29] audit: type=1400 audit(707.889:7119): avc:  denied  { setopt } for  pid=19733 comm="syz.4.6914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  199.207916][T19740] loop3: detected capacity change from 0 to 1024
[  199.229082][T19740] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.260758][T19740] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4113: comm syz.3.6917: Allocating blocks 449-513 which overlap fs metadata
[  199.282729][T19739] EXT4-fs (loop3): pa ffff888106e3d8c0: logic 48, phys. 177, len 21
[  199.290747][T19739] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  199.324452][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.341697][   T29] audit: type=1400 audit(708.067:7120): avc:  denied  { create } for  pid=19747 comm="syz.1.6921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  199.362331][ T5087] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  199.371586][ T5087] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  199.405408][   T29] audit: type=1400 audit(708.105:7121): avc:  denied  { write } for  pid=19747 comm="syz.1.6921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  199.442837][T19751] loop3: detected capacity change from 0 to 2048
[  199.462059][T19751] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.462166][ T3388] Process accounting resumed
[  199.477116][T19751] EXT4-fs (loop3): shut down requested (0)
[  199.493800][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.506575][   T29] audit: type=1326 audit(708.226:7122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19760 comm="syz.1.6935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  199.529559][   T29] audit: type=1326 audit(708.226:7123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19760 comm="syz.1.6935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  199.553948][   T29] audit: type=1326 audit(708.226:7124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19760 comm="syz.1.6935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  199.576985][   T29] audit: type=1326 audit(708.226:7125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19760 comm="syz.1.6935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  199.600083][   T29] audit: type=1326 audit(708.226:7126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19760 comm="syz.1.6935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  199.695098][T19775] vlan2: entered allmulticast mode
[  199.705704][T19775] dummy0: entered allmulticast mode
[  200.156852][T19804] loop2: detected capacity change from 0 to 512
[  200.190530][T19804] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  200.243182][T19804] EXT4-fs (loop2): 1 truncate cleaned up
[  200.255464][T19804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.283985][T19804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.346381][T19809] loop2: detected capacity change from 0 to 2048
[  200.425276][T19809]  loop2: p1 < > p4
[  200.430022][T19809] loop2: p4 size 8388608 extends beyond EOD, truncated
[  200.675360][T19820] loop2: detected capacity change from 0 to 1024
[  200.787930][T19827] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  200.811335][T19829] __nla_validate_parse: 6 callbacks suppressed
[  200.811347][T19829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6955'.
[  200.841299][T19833] loop3: detected capacity change from 0 to 512
[  200.853424][T19833] EXT4-fs: Ignoring removed oldalloc option
[  200.860197][T19833] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  200.882718][T19833] EXT4-fs (loop3): 1 truncate cleaned up
[  200.893835][T19833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.949848][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.011826][T19851] loop3: detected capacity change from 0 to 512
[  201.036663][T19856] 9pnet_fd: Insufficient options for proto=fd
[  201.047456][T19851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.073585][T19860] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  201.118680][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.193928][T19873] loop2: detected capacity change from 0 to 512
[  201.200609][T19873] EXT4-fs: Ignoring removed oldalloc option
[  201.207782][T19873] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  201.227279][T19873] EXT4-fs (loop2): 1 truncate cleaned up
[  201.230329][T19880] netlink: 'syz.7.6976': attribute type 1 has an invalid length.
[  201.233470][T19873] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.245913][T19880] bond2: entered promiscuous mode
[  201.258738][T19880] 8021q: adding VLAN 0 to HW filter on device bond2
[  201.287199][T19880] 8021q: adding VLAN 0 to HW filter on device bond2
[  201.294377][T19880] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  201.304645][T19880] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  201.314668][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.316293][T19880] bond2: (slave ip6gre1): making interface the new active one
[  201.331158][T19880] ip6gre1: entered promiscuous mode
[  201.338513][T19880] bond2: (slave ip6gre1): Enslaving as an active interface with an up link
[  201.500088][T19894] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6982'.
[  201.524933][T19894] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6982'.
[  201.996743][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x4
[  202.004440][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x2
[  202.013376][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.021176][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.028843][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.036475][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.044187][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.051853][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.059584][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.067429][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.075098][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.082825][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.090606][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.098260][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.106015][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.113745][ T3472] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0
[  202.130613][ T3472] hid-generic 0000:3000000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  202.141147][T19942] lo speed is unknown, defaulting to 1000
[  202.179176][T19949] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.188870][T19949] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.394168][T19973] tipc: Started in network mode
[  202.399229][T19973] tipc: Node identity ac14140f, cluster identity 4711
[  202.407301][T19973] tipc: New replicast peer: 255.255.255.255
[  202.413389][T19973] tipc: Enabled bearer <udp:syz2>, priority 10
[  202.521270][T19990] loop2: detected capacity change from 0 to 2048
[  202.543314][T19990] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.635899][T19990] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.7028: bg 0: block 408: padding at end of block bitmap is not set
[  202.662972][T19999] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7031'.
[  202.672687][T19990] EXT4-fs (loop2): Remounting filesystem read-only
[  202.738710][T19999] 8021q: adding VLAN 0 to HW filter on device bond1
[  202.755137][T19999] bond1: (slave batadv0): Opening slave failed
[  202.811690][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.029789][T20029] syzkaller0: entered promiscuous mode
[  203.035365][T20029] syzkaller0: entered allmulticast mode
[  203.131538][T20032] loop2: detected capacity change from 0 to 128
[  203.145357][T20034] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  203.194170][T20032] syz.2.7046: attempt to access beyond end of device
[  203.194170][T20032] loop2: rw=0, sector=121, nr_sectors = 120 limit=128
[  203.248058][ T5087] kworker/u8:25: attempt to access beyond end of device
[  203.248058][ T5087] loop2: rw=1, sector=241, nr_sectors = 800 limit=128
[  203.503555][   T10] tipc: Node number set to 2886997007
[  203.737774][T20064] netlink: 'syz.4.7062': attribute type 1 has an invalid length.
[  203.766464][T20064] bond2: entered promiscuous mode
[  203.781507][T20064] 8021q: adding VLAN 0 to HW filter on device bond2
[  203.798713][T20064] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.806828][T20064] bond2: (slave batadv0): making interface the new active one
[  203.814315][T20064] batadv0: entered promiscuous mode
[  203.820869][T20064] bond2: (slave batadv0): Enslaving as an active interface with an up link
[  204.083136][   T29] kauditd_printk_skb: 102 callbacks suppressed
[  204.083149][   T29] audit: type=1326 audit(712.501:7229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.161781][   T29] audit: type=1326 audit(712.548:7230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.168264][T20047] cgroup: fork rejected by pids controller in /syz2
[  204.184798][   T29] audit: type=1326 audit(712.548:7231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.214351][   T29] audit: type=1326 audit(712.548:7232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.237264][   T29] audit: type=1326 audit(712.548:7233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.260295][   T29] audit: type=1326 audit(712.548:7234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.283221][   T29] audit: type=1326 audit(712.548:7235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.306237][   T29] audit: type=1326 audit(712.548:7236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.308160][T20108] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  204.329113][   T29] audit: type=1326 audit(712.548:7237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.329146][   T29] audit: type=1326 audit(712.548:7238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20068 comm="syz.1.7064" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84c655e9a9 code=0x7ffc0000
[  204.491177][T20116] loop3: detected capacity change from 0 to 128
[  204.610375][T20124] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  204.646068][T20127] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7074'.
[  204.737004][T20138] 9pnet_rdma: rdma_create_trans (20138): problem binding to privport: 13
[  204.825138][T20150] loop2: detected capacity change from 0 to 512
[  204.851787][T20150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  204.889815][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  204.908965][T20162] netlink: 3 bytes leftover after parsing attributes in process `syz.3.7090'.
[  204.928923][T20162] batadv0: entered promiscuous mode
[  204.934180][T20162] batadv0: entered allmulticast mode
[  205.042162][T20173] lo speed is unknown, defaulting to 1000
[  205.131868][T20176] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7097'.
[  205.176625][T20182] lo speed is unknown, defaulting to 1000
[  205.235212][T20187] SELinux: failed to load policy
[  205.249016][T20194] netlink: 61967 bytes leftover after parsing attributes in process `syz.4.7104'.
[  205.317613][T20202] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  205.317613][T20202]    program syz.1.7105 not setting count and/or reply_len properly
[  205.564203][T20235] netlink: 'syz.7.7124': attribute type 1 has an invalid length.
[  205.601334][T20235] 8021q: adding VLAN 0 to HW filter on device bond3
[  205.619395][T20235] bond3: (slave geneve2): making interface the new active one
[  205.630044][T20235] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  205.665060][T20253] netlink: 'syz.7.7132': attribute type 12 has an invalid length.
[  205.711731][T20261] loop2: detected capacity change from 0 to 1024
[  205.723157][T20260] lo speed is unknown, defaulting to 1000
[  205.740109][T20261] EXT4-fs: inline encryption not supported
[  205.746069][T20261] EXT4-fs: Ignoring removed bh option
[  205.772675][T20261] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e856c018, mo2=0002]
[  205.790565][T20261] System zones: 1-12
[  205.794989][T20261] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.814246][T20242] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.828067][T20242] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.876634][T20271] lo speed is unknown, defaulting to 1000
[  206.234761][T20282] loop3: detected capacity change from 0 to 512
[  206.243020][T20282] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.249881][T20282] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  206.261280][T20282] EXT4-fs (loop3): 1 truncate cleaned up
[  206.268439][T20282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.305917][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.420269][T20294] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7147'.
[  206.588478][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.628185][T20274] syz.4.7139 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  206.642347][T20274] CPU: 0 UID: 0 PID: 20274 Comm: syz.4.7139 Tainted: G        W           6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(voluntary) 
[  206.642379][T20274] Tainted: [W]=WARN
[  206.642459][T20274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.642473][T20274] Call Trace:
[  206.642480][T20274]  <TASK>
[  206.642488][T20274]  __dump_stack+0x1d/0x30
[  206.642511][T20274]  dump_stack_lvl+0xe8/0x140
[  206.642607][T20274]  dump_stack+0x15/0x1b
[  206.642621][T20274]  dump_header+0x81/0x220
[  206.642659][T20274]  oom_kill_process+0x334/0x3f0
[  206.642691][T20274]  out_of_memory+0x979/0xb80
[  206.642797][T20274]  try_charge_memcg+0x5e6/0x9e0
[  206.642835][T20274]  obj_cgroup_charge_pages+0xa6/0x150
[  206.642867][T20274]  __memcg_kmem_charge_page+0x9f/0x170
[  206.642896][T20274]  __alloc_frozen_pages_noprof+0x188/0x360
[  206.642978][T20274]  alloc_pages_mpol+0xb3/0x250
[  206.643031][T20274]  alloc_pages_noprof+0x90/0x130
[  206.643067][T20274]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  206.643150][T20274]  __kvmalloc_node_noprof+0x30f/0x4e0
[  206.643175][T20274]  ? ip_set_alloc+0x1f/0x30
[  206.643200][T20274]  ? ip_set_alloc+0x1f/0x30
[  206.643224][T20274]  ? __kmalloc_cache_noprof+0x189/0x320
[  206.643313][T20274]  ip_set_alloc+0x1f/0x30
[  206.643343][T20274]  hash_netiface_create+0x282/0x740
[  206.643378][T20274]  ? __pfx_hash_netiface_create+0x10/0x10
[  206.643489][T20274]  ip_set_create+0x3cc/0x960
[  206.643548][T20274]  ? __nla_parse+0x40/0x60
[  206.643567][T20274]  nfnetlink_rcv_msg+0x4c3/0x590
[  206.643605][T20274]  ? selinux_capable+0x1f9/0x270
[  206.643660][T20274]  netlink_rcv_skb+0x120/0x220
[  206.643744][T20274]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  206.643774][T20274]  nfnetlink_rcv+0x16b/0x1690
[  206.643836][T20274]  ? __kfree_skb+0x109/0x150
[  206.643861][T20274]  ? nlmon_xmit+0x4f/0x60
[  206.643911][T20274]  ? consume_skb+0x49/0x150
[  206.643962][T20274]  ? nlmon_xmit+0x4f/0x60
[  206.643984][T20274]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  206.644016][T20274]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  206.644059][T20274]  ? __dev_queue_xmit+0x182/0x1fb0
[  206.644163][T20274]  ? ref_tracker_free+0x37d/0x3e0
[  206.644258][T20274]  ? __netlink_deliver_tap+0x4dc/0x500
[  206.644291][T20274]  netlink_unicast+0x5a5/0x680
[  206.644318][T20274]  netlink_sendmsg+0x58b/0x6b0
[  206.644387][T20274]  ? __pfx_netlink_sendmsg+0x10/0x10
[  206.644403][T20274]  __sock_sendmsg+0x142/0x180
[  206.644430][T20274]  ____sys_sendmsg+0x31e/0x4e0
[  206.644466][T20274]  ___sys_sendmsg+0x17b/0x1d0
[  206.644563][T20274]  __x64_sys_sendmsg+0xd4/0x160
[  206.644598][T20274]  x64_sys_call+0x2999/0x2fb0
[  206.644619][T20274]  do_syscall_64+0xd2/0x200
[  206.644697][T20274]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  206.644722][T20274]  ? clear_bhb_loop+0x40/0x90
[  206.644808][T20274]  ? clear_bhb_loop+0x40/0x90
[  206.644828][T20274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.644847][T20274] RIP: 0033:0x7f72e554e9a9
[  206.644887][T20274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.644904][T20274] RSP: 002b:00007f72e3b8e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.644985][T20274] RAX: ffffffffffffffda RBX: 00007f72e5776080 RCX: 00007f72e554e9a9
[  206.644998][T20274] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000005
[  206.645010][T20274] RBP: 00007f72e55d0d69 R08: 0000000000000000 R09: 0000000000000000
[  206.645020][T20274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  206.645032][T20274] R13: 0000000000000000 R14: 00007f72e5776080 R15: 00007ffdf689cba8
[  206.645057][T20274]  </TASK>
[  206.645064][T20274] memory: usage 307200kB, limit 307200kB, failcnt 220
[  207.002832][T20274] memory+swap: usage 308092kB, limit 9007199254740988kB, failcnt 0
[  207.010743][T20274] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[  207.018077][T20274] Memory cgroup stats for /syz4:
[  207.018548][T20274] cache 8192
[  207.018951][T20304] netlink: 'syz.7.7152': attribute type 1 has an invalid length.
[  207.023559][T20274] rss 4096
[  207.023569][T20274] shmem 0
[  207.023575][T20274] mapped_file 0
[  207.044017][T20274] dirty 0
[  207.046954][T20274] writeback 0
[  207.050232][T20274] workingset_refault_anon 2831
[  207.055001][T20274] workingset_refault_file 0
[  207.059505][T20274] swap 913408
[  207.062782][T20274] swapcached 4096
[  207.066431][T20274] pgpgin 142878
[  207.069894][T20274] pgpgout 142875
[  207.073432][T20274] pgfault 139898
[  207.076987][T20274] pgmajfault 376
[  207.080524][T20274] inactive_anon 0
[  207.084149][T20274] active_anon 4096
[  207.087956][T20274] inactive_file 0
[  207.091602][T20274] active_file 8192
[  207.095321][T20274] unevictable 0
[  207.098804][T20274] hierarchical_memory_limit 314572800
[  207.104165][T20274] hierarchical_memsw_limit 9223372036854771712
[  207.110349][T20274] total_cache 8192
[  207.114065][T20274] total_rss 4096
[  207.117621][T20274] total_shmem 0
[  207.121122][T20274] total_mapped_file 0
[  207.125097][T20274] total_dirty 0
[  207.128554][T20274] total_writeback 0
[  207.132387][T20274] total_workingset_refault_anon 2831
[  207.137656][T20274] total_workingset_refault_file 0
[  207.142679][T20274] total_swap 913408
[  207.146465][T20274] total_swapcached 4096
[  207.150654][T20274] total_pgpgin 142878
[  207.154625][T20274] total_pgpgout 142875
[  207.158672][T20274] total_pgfault 139898
[  207.162810][T20274] total_pgmajfault 376
[  207.166852][T20274] total_inactive_anon 0
[  207.171056][T20274] total_active_anon 4096
[  207.175279][T20274] total_inactive_file 0
[  207.179495][T20274] total_active_file 8192
[  207.183731][T20274] total_unevictable 0
[  207.187832][T20274] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.7139,pid=20272,uid=0
[  207.202582][T20274] Memory cgroup out of memory: Killed process 20272 (syz.4.7139) total-vm:95808kB, anon-rss:1072kB, file-rss:22312kB, shmem-rss:128kB, UID:0 pgtables:148kB oom_score_adj:1000
[  207.261241][T20273] syz.4.7139 (20273) used greatest stack depth: 8616 bytes left
[  207.278647][T20323] netlink: 9 bytes leftover after parsing attributes in process `syz.7.7158'.
[  207.298721][T20323] 0�: renamed from hsr0 (while UP)
[  207.301112][T20327] loop3: detected capacity change from 0 to 164
[  207.312267][T20327] Unable to read rock-ridge attributes
[  207.316185][T20323] 0�: entered allmulticast mode
[  207.322678][T20323] hsr_slave_0: entered allmulticast mode
[  207.328339][T20323] hsr_slave_1: entered allmulticast mode
[  207.341822][T20323] A link change request failed with some changes committed already. Interface 
70� may have been left with an inconsistent configuration, please check.
[  207.350036][T20327] Unable to read rock-ridge attributes
[  207.433595][T20337] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7166'.
[  207.495672][T20274] syz.4.7139 (20274) used greatest stack depth: 7000 bytes left
[  207.542515][T20347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7170'.
[  207.737820][T20381] sd 0:0:1:0: device reset
[  207.829830][T20403] netlink: 60 bytes leftover after parsing attributes in process `syz.7.7197'.
[  207.839276][T20403] unsupported nlmsg_type 40
[  207.909092][T20419] openvswitch: netlink: Message has 6 unknown bytes.
[  207.926308][T20421] loop2: detected capacity change from 0 to 764
[  207.949115][T20421] rock: directory entry would overflow storage
[  207.955450][T20421] rock: sig=0x4654, size=5, remaining=4
[  207.966132][T20429] pim6reg: entered allmulticast mode
[  207.966150][T20431] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7210'.
[  207.974451][T20429] pim6reg: left allmulticast mode
[  208.023982][T20435] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7214'.
[  208.027878][T20437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7213'.
[  208.045843][T20439] hub 9-0:1.0: USB hub found
[  208.051618][T20439] hub 9-0:1.0: 8 ports detected
[  208.146468][T20453] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20453 comm=syz.2.7223
[  208.295796][T20480] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7235'.
[  208.362849][T20489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7237'.
[  208.410739][T20491] loop2: detected capacity change from 0 to 512
[  208.427598][T20491] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  208.440316][T20491] EXT4-fs (loop2): failed to initialize system zone (-117)
[  208.449556][T20491] EXT4-fs (loop2): mount failed
[  208.457174][T20494] macvlan1: entered promiscuous mode
[  208.463419][T20494] ipvlan0: entered promiscuous mode
[  208.469100][T20494] ipvlan0: left promiscuous mode
[  208.474237][T20494] macvlan1: left promiscuous mode
[  208.696452][T20509] atomic_op ffff888111d40928 conn xmit_atomic 0000000000000000
[  209.367227][T20548] vlan2: entered allmulticast mode
[  209.372405][T20548] syz_tun: entered allmulticast mode
[  209.484020][T20561] loop2: detected capacity change from 0 to 1024
[  209.521810][T20561] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  209.532783][T20561] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  209.555778][T20561] JBD2: no valid journal superblock found
[  209.561650][T20561] EXT4-fs (loop2): Could not load journal inode
[  209.577574][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  209.577585][   T29] audit: type=1400 audit(717.646:7306): avc:  denied  { nlmsg_read } for  pid=20557 comm="syz.2.7269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  209.604081][T20575] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  209.621783][T20575] vhci_hcd: default hub control req: 2314 v0008 i0002 l0
[  209.687986][   T29] audit: type=1326 audit(717.749:7307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.711111][   T29] audit: type=1326 audit(717.749:7308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.734148][   T29] audit: type=1326 audit(717.758:7309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.757634][   T29] audit: type=1326 audit(717.758:7310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.780884][   T29] audit: type=1326 audit(717.758:7311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.804422][   T29] audit: type=1326 audit(717.758:7312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.827321][   T29] audit: type=1326 audit(717.758:7313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.850979][   T29] audit: type=1326 audit(717.758:7314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  209.873849][   T29] audit: type=1326 audit(717.758:7315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20585 comm="syz.3.7282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  210.152088][T20638] loop3: detected capacity change from 0 to 512
[  210.158965][T20638] EXT4-fs: Ignoring removed bh option
[  210.164763][T20638] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  210.173937][T20638] EXT4-fs (loop3): 1 truncate cleaned up
[  210.180019][T20638] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.207975][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.638383][T20666] SELinux: failed to load policy
[  210.661568][T20668] lo speed is unknown, defaulting to 1000
[  210.690668][T20668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.699477][T20668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  210.831252][T20674] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  210.837779][T20674] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  210.845380][T20674] vhci_hcd vhci_hcd.0: Device attached
[  210.852772][T20675] vhci_hcd: connection closed
[  210.853321][ T5095] vhci_hcd: stop threads
[  210.862686][ T5095] vhci_hcd: release socket
[  210.867181][ T5095] vhci_hcd: disconnect device
[  211.297209][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.304661][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.312084][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.319676][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.327106][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.334480][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.341929][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.349298][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.356789][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.364179][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.371563][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.379019][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.386417][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.393808][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.401178][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.408586][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.416006][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.423511][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.431002][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.438521][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.445935][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.453460][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.460858][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.468320][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.475722][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.483231][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.490694][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.498238][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.505772][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.513216][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.520590][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.527996][ T3408] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[  211.537947][ T3408] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  211.580126][T20707] ip6gre2: entered allmulticast mode
[  211.609514][T20715] loop2: detected capacity change from 0 to 128
[  211.641738][T20722] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  211.672110][T20726] syz_tun: entered allmulticast mode
[  211.684228][T20728] loop2: detected capacity change from 0 to 128
[  211.693193][T20728] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  211.701157][T20728] FAT-fs (loop2): Filesystem has been set read-only
[  211.708886][T20726] syz_tun (unregistering): left allmulticast mode
[  211.716398][T20728] syz.2.7341: attempt to access beyond end of device
[  211.716398][T20728] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  211.730606][T20728] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  211.739185][T20728] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  211.748887][T20728] syz.2.7341: attempt to access beyond end of device
[  211.748887][T20728] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  212.074323][T20776] veth1_to_bridge: entered allmulticast mode
[  212.082147][T20776] veth1_to_bridge: left allmulticast mode
[  212.095531][T20774] ALSA: seq fatal error: cannot create timer (-19)
[  212.316739][T20793] loop2: detected capacity change from 0 to 128
[  212.323445][T20793] EXT4-fs: Ignoring removed nobh option
[  212.334493][T20793] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  212.391300][T14217] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  212.449252][T20838] netlink: 'syz.4.7393': attribute type 10 has an invalid length.
[  212.453144][T20839] lo speed is unknown, defaulting to 1000
[  212.457244][T20838] __nla_validate_parse: 10 callbacks suppressed
[  212.457274][T20838] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7393'.
[  212.482654][T20838] dummy0: entered promiscuous mode
[  212.535891][T20844] loop2: detected capacity change from 0 to 4096
[  212.709641][T20869] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7407'.
[  212.805950][T20877] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  212.816800][T20877] tipc: Disabling bearer <eth:syzkaller0>
[  212.919437][T20896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7418'.
[  212.928396][T20896] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7418'.
[  212.937439][T20896] netlink: 'syz.2.7418': attribute type 20 has an invalid length.
[  212.948082][T20896] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  212.956816][T20896] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  212.965576][T20896] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  212.974277][T20896] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  212.984008][T20896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7418'.
[  212.993027][T20896] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7418'.
[  213.002093][T20896] netlink: 'syz.2.7418': attribute type 20 has an invalid length.
[  213.024863][T20910] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7419'.
[  213.329798][T20975] team0: Device is already in use.
[  213.356591][T20983] veth1_to_bridge: entered promiscuous mode
[  213.362969][T20983] veth1_to_bridge: left promiscuous mode
[  213.390718][T20987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7434'.
[  213.429733][T20995] loop3: detected capacity change from 0 to 1024
[  213.436745][T20995] EXT4-fs: Ignoring removed nobh option
[  213.449688][T20995] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  213.498780][T21008] SELinux:  policydb version 0 does not match my version range 15-34
[  213.507769][T21008] SELinux: failed to load policy
[  213.558970][T21019] netlink: 96 bytes leftover after parsing attributes in process `syz.3.7441'.
[  213.589676][T21025] program syz.4.7442 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  213.608075][T21030] netlink: 'syz.3.7443': attribute type 21 has an invalid length.
[  213.627016][T21030] netlink: 'syz.3.7443': attribute type 1 has an invalid length.
[  213.634863][T21030] netlink: 144 bytes leftover after parsing attributes in process `syz.3.7443'.
[  213.887379][T21066] netlink: 'syz.3.7449': attribute type 1 has an invalid length.
[  214.425749][T21066] 8021q: adding VLAN 0 to HW filter on device bond2
[  214.914093][T21273] bond2: (slave geneve2): making interface the new active one
[  215.772974][T21273] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  217.989818][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  217.989834][   T29] audit: type=1400 audit(725.503:7462): avc:  denied  { module_request } for  pid=20888 comm="syz.1.7416" kmod="net-pf-6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  218.017010][   T29] audit: type=1400 audit(725.503:7463): avc:  denied  { create } for  pid=20888 comm="syz.1.7416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  218.730812][T22429] lo speed is unknown, defaulting to 1000
[  219.027977][T22520] __nla_validate_parse: 1 callbacks suppressed
[  219.027991][T22520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7468'.
[  219.427222][   T29] audit: type=1400 audit(725.643:7464): avc:  denied  { prog_load } for  pid=22185 comm="syz.4.7465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  219.446497][   T29] audit: type=1400 audit(725.643:7465): avc:  denied  { bpf } for  pid=22185 comm="syz.4.7465" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  219.466529][   T29] audit: type=1400 audit(725.681:7466): avc:  denied  { read write } for  pid=14180 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.490919][   T29] audit: type=1400 audit(725.681:7467): avc:  denied  { open } for  pid=14180 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.514514][   T29] audit: type=1400 audit(725.681:7468): avc:  denied  { ioctl } for  pid=14180 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.540350][   T29] audit: type=1400 audit(725.746:7469): avc:  denied  { perfmon } for  pid=22279 comm="syz.2.7466" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  219.560772][   T29] audit: type=1400 audit(725.746:7470): avc:  denied  { prog_run } for  pid=22279 comm="syz.2.7466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  219.579334][   T29] audit: type=1400 audit(725.802:7471): avc:  denied  { read } for  pid=22279 comm="syz.2.7466" dev="nsfs" ino=4026533886 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  221.717361][T23012] lo speed is unknown, defaulting to 1000
[  222.378635][T23495] loop3: detected capacity change from 0 to 764
[  222.934059][T23582] loop2: detected capacity change from 0 to 2048
[  223.380013][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  223.380029][   T29] audit: type=1400 audit(730.554:7493): avc:  denied  { write } for  pid=23740 comm="syz.7.7483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  223.405090][   T29] audit: type=1400 audit(730.554:7494): avc:  denied  { connect } for  pid=23740 comm="syz.7.7483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  223.424214][   T29] audit: type=1400 audit(730.554:7495): avc:  denied  { name_connect } for  pid=23740 comm="syz.7.7483" dest=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  225.873029][   T29] audit: type=1400 audit(730.900:7496): avc:  denied  { shutdown } for  pid=23740 comm="syz.7.7483" lport=40168 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  225.893321][   T29] audit: type=1400 audit(730.984:7497): avc:  denied  { getopt } for  pid=23740 comm="syz.7.7483" lport=40168 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  226.158822][T23582] EXT4-fs warning (device loop2): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop2.
[  226.159638][   T29] audit: type=1400 audit(733.108:7498): avc:  denied  { mount } for  pid=23490 comm="syz.3.7479" name="/" dev="loop3" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  226.201258][   T29] audit: type=1400 audit(733.192:7499): avc:  denied  { unmount } for  pid=14180 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  226.220862][   T29] audit: type=1400 audit(733.192:7500): avc:  denied  { read write } for  pid=25080 comm="syz.1.7485" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  226.244383][   T29] audit: type=1400 audit(733.192:7501): avc:  denied  { open } for  pid=25080 comm="syz.1.7485" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  226.275822][   T29] audit: type=1400 audit(733.257:7502): avc:  denied  { read } for  pid=25082 comm="syz.3.7486" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  226.673657][T25150] SELinux: syz.1.7512 (25150) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  226.730763][T25155] SET target dimension over the limit!
[  227.025275][T25189] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  227.044105][T25191] loop2: detected capacity change from 0 to 512
[  227.063669][T25191] EXT4-fs: inline encryption not supported
[  227.079214][T25191] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  227.090414][T25191] EXT4-fs (loop2): 1 truncate cleaned up
[  227.096446][T25191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.127587][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.736440][T25255] loop3: detected capacity change from 0 to 128
[  227.746759][T25255] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  227.780799][T14180] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  227.793635][T25264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7562'.
[  227.805248][T25265] netlink: 165 bytes leftover after parsing attributes in process `syz.1.7564'.
[  227.823411][T25265] netlink: 277 bytes leftover after parsing attributes in process `syz.1.7564'.
[  227.897832][T25275] hub 9-0:1.0: USB hub found
[  227.902872][T25275] hub 9-0:1.0: 8 ports detected
[  227.974051][T25289] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7574'.
[  227.994859][T25293] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7576'.
[  228.073070][T25292] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0
[  228.108574][T25308] lo speed is unknown, defaulting to 1000
[  228.226776][T25322] netlink: 'syz.4.7588': attribute type 3 has an invalid length.
[  228.226912][T25328] loop2: detected capacity change from 0 to 1024
[  228.241613][T25328] EXT4-fs: Ignoring removed nomblk_io_submit option
[  228.251020][T25330] netlink: 'syz.3.7592': attribute type 1 has an invalid length.
[  228.275806][T25328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.321013][T25328] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.7591: Abort forced by user
[  228.332915][T25328] EXT4-fs (loop2): Remounting filesystem read-only
[  228.339487][T25328] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[  228.366427][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.402452][T25346] 9pnet: Could not find request transport: 0xffffffffffffffff
[  228.486734][T25359] pim6reg: entered allmulticast mode
[  228.504011][T25359] pim6reg: left allmulticast mode
[  228.540984][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  228.702709][T25376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7610'.
[  228.711661][T25376] netlink: 'syz.3.7610': attribute type 15 has an invalid length.
[  228.719554][T25376] netlink: 'syz.3.7610': attribute type 18 has an invalid length.
[  228.731980][T25376] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  228.740791][T25376] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  228.749753][T25376] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  228.758484][T25376] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  228.768347][   T29] kauditd_printk_skb: 270 callbacks suppressed
[  228.768360][   T29] audit: type=1400 audit(735.577:7773): avc:  denied  { connect } for  pid=25381 comm="syz.2.7616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  228.794469][T25376] vxlan0: entered promiscuous mode
[  228.808296][T25384] loop2: detected capacity change from 0 to 512
[  228.820857][T25384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.835394][T25384] netlink: 'syz.2.7617': attribute type 4 has an invalid length.
[  228.843478][T25384] netlink: 152 bytes leftover after parsing attributes in process `syz.2.7617'.
[  228.854647][T25384] : renamed from bond0 (while UP)
[  228.880397][T25388] lo speed is unknown, defaulting to 1000
[  228.957453][T14217] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.988657][T25390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7619'.
[  228.999807][T25390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7619'.
[  229.334105][   T29] audit: type=1400 audit(736.129:7774): avc:  denied  { setopt } for  pid=25420 comm="syz.4.7633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  229.353087][   T29] audit: type=1400 audit(736.129:7775): avc:  denied  { bind } for  pid=25420 comm="syz.4.7633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  229.372044][   T29] audit: type=1400 audit(736.129:7776): avc:  denied  { name_bind } for  pid=25420 comm="syz.4.7633" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  229.393707][   T29] audit: type=1400 audit(736.129:7777): avc:  denied  { node_bind } for  pid=25420 comm="syz.4.7633" saddr=127.0.0.1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  229.415904][   T29] audit: type=1400 audit(736.148:7778): avc:  denied  { create } for  pid=25423 comm="syz.2.7634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.434942][   T29] audit: type=1400 audit(736.148:7779): avc:  denied  { write } for  pid=25423 comm="syz.2.7634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.453964][   T29] audit: type=1400 audit(736.148:7780): avc:  denied  { write } for  pid=25423 comm="syz.2.7634" name="icmp6" dev="proc" ino=4026533970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  229.522835][   T29] audit: type=1400 audit(736.298:7781): avc:  denied  { mount } for  pid=25429 comm="syz.7.7637" name="/" dev="ramfs" ino=68862 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  229.623840][T25438] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7642'.
[  229.640089][T25438] wireguard0: entered promiscuous mode
[  229.645614][T25438] wireguard0: entered allmulticast mode
[  229.684161][   T29] audit: type=1400 audit(736.447:7782): avc:  denied  { load_policy } for  pid=25439 comm="syz.2.7641" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  229.685706][T25440] SELinux: failed to load policy
[  229.722536][T25447] bond4: entered allmulticast mode
[  229.728930][T25447] 8021q: adding VLAN 0 to HW filter on device bond4
[  229.736743][T25447] bridge0: port 1(bond4) entered blocking state
[  229.743583][T25447] bridge0: port 1(bond4) entered disabled state
[  229.751752][T25447] bond4: entered promiscuous mode
[  229.757209][T25447] bridge0: port 1(bond4) entered blocking state
[  229.763650][T25447] bridge0: port 1(bond4) entered forwarding state
[  229.771898][T23457] bridge0: port 1(bond4) entered disabled state
[  230.007480][T25476] IPv6: Can't replace route, no match found
[  230.313378][T25508] netlink: 'syz.2.7673': attribute type 4 has an invalid length.
[  230.325333][T25508] netlink: 'syz.2.7673': attribute type 4 has an invalid length.
[  230.434967][T25523] 9pnet: Could not find request transport: 0xffffffffffffffff
[  231.152662][T25559] loop3: detected capacity change from 0 to 2048
[  231.183282][T25559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.230585][T25559] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  231.230739][T25559] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  231.230761][T25559] EXT4-fs (loop3): This should not happen!! Data will be lost
[  231.230761][T25559] 
[  231.230772][T25559] EXT4-fs (loop3): Total free blocks count 0
[  231.230782][T25559] EXT4-fs (loop3): Free/Dirty block details
[  231.230791][T25559] EXT4-fs (loop3): free_blocks=66060288
[  231.230867][T25559] EXT4-fs (loop3): dirty_blocks=32
[  231.230877][T25559] EXT4-fs (loop3): Block reservation details
[  231.230917][T25559] EXT4-fs (loop3): i_reserved_data_blocks=2
[  231.296401][ T5074] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  231.551036][ T3472] IPVS: starting estimator thread 0...
[  231.594993][T25603] netlink: 'syz.2.7713': attribute type 7 has an invalid length.
[  231.602812][T25603] netlink: 'syz.2.7713': attribute type 8 has an invalid length.
[  231.652456][T25597] IPVS: using max 2832 ests per chain, 141600 per kthread
[  231.715151][T25611] SELinux:  unknown common r
[  231.720640][T25611] SELinux: failed to load policy
[  231.797748][T25622] netlink: 'syz.4.7724': attribute type 10 has an invalid length.
[  231.805985][T25622] team0: Device hsr_slave_0 failed to register rx_handler
[  231.915062][T25642] rdma_op ffff888111d40980 conn xmit_rdma 0000000000000000
[  231.932572][T25636] vhci_hcd: invalid port number 96
[  231.937728][T25636] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  231.970226][T25651] xt_hashlimit: size too large, truncated to 1048576
[  231.995374][T25639] lo speed is unknown, defaulting to 1000
[  232.079401][T25639] chnl_net:caif_netlink_parms(): no params data found
[  232.184263][T23457] batadv0: left allmulticast mode
[  232.190040][T23457] batadv0: left promiscuous mode
[  232.195134][T23457] bridge0: port 1(batadv0) entered disabled state
[  232.333374][T23457] bond0 (unregistering): Released all slaves
[  232.407072][T25639] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.414293][T25639] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.423137][T25639] bridge_slave_0: entered allmulticast mode
[  232.429532][T25639] bridge_slave_0: entered promiscuous mode
[  232.480617][T23457] hsr_slave_0: left promiscuous mode
[  232.502816][T23457] hsr_slave_1: left promiscuous mode
[  232.566863][T25639] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.574744][T25639] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.583496][T25639] bridge_slave_1: entered allmulticast mode
[  232.589947][T25639] bridge_slave_1: entered promiscuous mode
[  232.614555][T25639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.629677][T25639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.652733][T25639] team0: Port device team_slave_0 added
[  232.670909][T25639] team0: Port device team_slave_1 added
[  232.734024][T25639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.740999][T25639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.767776][T25639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.779005][T25639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.786296][T25639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.812598][T25639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.841836][T23457] IPVS: stop unused estimator thread 0...
[  232.850591][T25639] hsr_slave_0: entered promiscuous mode
[  232.859247][T25639] hsr_slave_1: entered promiscuous mode
[  233.133876][T25639] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  233.143320][T25639] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  233.152176][T25639] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  233.162591][T25639] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  233.193352][T25639] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.204687][T25639] 8021q: adding VLAN 0 to HW filter on device team0
[  233.213766][T21168] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.220804][T21168] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.230997][T23356] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.238122][T23356] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.292891][T25639] 8021q: adding VLAN 0 to HW filter on device batadv0
[  233.381765][T25639] veth0_vlan: entered promiscuous mode
[  233.389666][T25639] veth1_vlan: entered promiscuous mode
[  233.404672][T25639] veth0_macvtap: entered promiscuous mode
[  233.412688][T25639] veth1_macvtap: entered promiscuous mode
[  233.423402][T25639] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.435399][T25639] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.445135][T25639] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.454569][T25639] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.463393][T25639] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.472507][T25639] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.731861][T25784] __nla_validate_parse: 7 callbacks suppressed
[  233.731917][T25784] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7782'.
[  234.125226][   T29] kauditd_printk_skb: 251 callbacks suppressed
[  234.125239][   T29] audit: type=1400 audit(740.600:8034): avc:  denied  { read write } for  pid=25869 comm="syz.3.7823" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  234.155774][   T29] audit: type=1400 audit(740.600:8035): avc:  denied  { open } for  pid=25869 comm="syz.3.7823" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  234.199202][   T29] audit: type=1400 audit(740.675:8036): avc:  denied  { read } for  pid=25873 comm="syz.5.7824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  234.221923][   T29] audit: type=1326 audit(740.694:8037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.338000][   T29] audit: type=1326 audit(740.694:8038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.361466][   T29] audit: type=1326 audit(740.694:8039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.385030][   T29] audit: type=1326 audit(740.694:8040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.408477][   T29] audit: type=1326 audit(740.694:8041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.432074][   T29] audit: type=1326 audit(740.694:8042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.455566][   T29] audit: type=1326 audit(740.694:8043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25875 comm="syz.4.7825" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f72e554e9a9 code=0x7ffc0000
[  234.856333][T25924] hub 9-0:1.0: USB hub found
[  234.894173][T25924] hub 9-0:1.0: 8 ports detected
[  235.302988][T25963] netlink: 268 bytes leftover after parsing attributes in process `syz.4.7860'.
[  235.563325][T25991] loop2: detected capacity change from 0 to 128
[  235.582728][T25990] bond3: entered promiscuous mode
[  235.588414][T25990] bond3: entered allmulticast mode
[  235.596859][T25990] 8021q: adding VLAN 0 to HW filter on device bond3
[  235.623614][T25990] bond3 (unregistering): Released all slaves
[  235.648312][T25995] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7875'.
[  235.674101][T25997] ALSA: seq fatal error: cannot create timer (-19)
[  235.745695][T26008] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=26008 comm=syz.4.7881
[  235.758256][T26008] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=26008 comm=syz.4.7881
[  235.803329][T26016] loop5: detected capacity change from 0 to 512
[  235.809944][T26018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7886'.
[  235.829170][T26016] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  235.859986][T26016] EXT4-fs (loop5): 1 truncate cleaned up
[  235.866379][T26016] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.908903][T25639] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.000745][T26052] IPv6: Can't replace route, no match found
[  236.032257][T26059] loop5: detected capacity change from 0 to 128
[  236.051149][T26059] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  236.111285][T25639] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  236.208848][T26076] validate_nla: 1 callbacks suppressed
[  236.208863][T26076] netlink: 'syz.2.7911': attribute type 10 has an invalid length.
[  236.240489][T26076] team0: Device hsr_slave_0 failed to register rx_handler
[  236.434782][T26094] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7919'.
[  236.475372][T26094] hsr_slave_0 (unregistering): left promiscuous mode
[  236.514497][T26102] netlink: 'syz.2.7923': attribute type 298 has an invalid length.
[  237.079689][T26156] loop3: detected capacity change from 0 to 1024
[  237.095625][T26156] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.113886][T26156] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  237.129731][T26156] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  237.142119][T26156] EXT4-fs (loop3): This should not happen!! Data will be lost
[  237.142119][T26156] 
[  237.151789][T26156] EXT4-fs (loop3): Total free blocks count 0
[  237.157791][T26156] EXT4-fs (loop3): Free/Dirty block details
[  237.163685][T26156] EXT4-fs (loop3): free_blocks=4293918720
[  237.169501][T26156] EXT4-fs (loop3): dirty_blocks=64
[  237.174614][T26156] EXT4-fs (loop3): Block reservation details
[  237.180717][T26156] EXT4-fs (loop3): i_reserved_data_blocks=4
[  237.198394][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.219417][T26164] netlink: 'syz.3.7951': attribute type 1 has an invalid length.
[  237.341987][T26179] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7958'.
[  237.351037][T26179] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7958'.
[  237.372932][T26181] batadv_slave_1: entered promiscuous mode
[  237.379522][T26180] batadv_slave_1: left promiscuous mode
[  237.686962][T26217] infiniband syz!: set active
[  237.691651][T26217] infiniband syz!: added team_slave_0
[  237.701593][T26217] RDS/IB: syz!: added
[  237.705602][T26217] smc: adding ib device syz! with port count 1
[  237.711743][T26217] smc:    ib device syz! port 1 has pnetid 
[  238.293074][T26235] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7983'.
[  238.416317][T26242] loop3: detected capacity change from 0 to 8192
[  238.710784][T26262] netlink: 'syz.7.7995': attribute type 1 has an invalid length.
[  238.752357][T26267] lo speed is unknown, defaulting to 1000
[  239.126473][T26288] xt_hashlimit: size too large, truncated to 1048576
[  239.450252][T26298] netlink: 'syz.3.8008': attribute type 3 has an invalid length.
[  239.523377][T26302] pim6reg: entered allmulticast mode
[  239.530538][T26302] pim6reg: left allmulticast mode
[  239.582332][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  239.582346][   T29] audit: type=1400 audit(745.708:8175): avc:  denied  { ioctl } for  pid=26305 comm="syz.5.8012" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.625561][T26313] 9pnet: p9_errstr2errno: server reported unknown error ��p��A���
��;

[  239.690679][   T29] audit: type=1326 audit(745.801:8176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.713662][   T29] audit: type=1326 audit(745.801:8177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.738655][   T29] audit: type=1326 audit(745.857:8178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.762237][   T29] audit: type=1326 audit(745.857:8179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.785180][   T29] audit: type=1326 audit(745.857:8180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.808514][   T29] audit: type=1326 audit(745.857:8181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.809001][T26331] rdma_op ffff88810651f180 conn xmit_rdma 0000000000000000
[  239.832340][   T29] audit: type=1326 audit(745.857:8182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.862441][   T29] audit: type=1326 audit(745.857:8183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.886126][   T29] audit: type=1326 audit(745.857:8184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26328 comm="syz.3.8022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9a6d8e9a9 code=0x7ffc0000
[  239.982469][T26345] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8030'.
[  240.053912][T26352] SELinux: syz.3.8034 (26352) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  240.128328][T26367] Invalid ELF header magic: != ELF
[  240.351652][T26385] loop3: detected capacity change from 0 to 8192
[  240.397020][T26385]  loop3: p1 p2 p3 p4
[  240.401259][T26385] loop3: p1 size 65536 extends beyond EOD, truncated
[  240.409552][T26385] loop3: p2 start 861536256 is beyond EOD, truncated
[  240.416340][T26385] loop3: p3 start 51183616 is beyond EOD, truncated
[  240.423042][T26385] loop3: p4 size 65536 extends beyond EOD, truncated
[  240.480299][T26396] netlink: 292 bytes leftover after parsing attributes in process `syz.3.8054'.
[  240.504845][T26401] veth0: entered promiscuous mode
[  240.510275][T26401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8056'.
[  240.582977][T26413] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8061'.
[  240.807335][T26438] �: port 1(vlan1) entered blocking state
[  240.813180][T26438] �: port 1(vlan1) entered disabled state
[  240.819721][T26438] vlan1: entered allmulticast mode
[  240.825430][T26438] vlan1: entered promiscuous mode
[  241.234694][T26491] random: crng reseeded on system resumption
[  241.397860][T26510] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8108'.
[  241.711649][T26539] netlink: 104 bytes leftover after parsing attributes in process `syz.5.8121'.
[  241.888353][T26560] loop3: detected capacity change from 0 to 256
[  241.909556][T26560] FAT-fs (loop3): Directory bread(block 64) failed
[  241.926962][T26560] FAT-fs (loop3): Directory bread(block 65) failed
[  241.933658][T26560] FAT-fs (loop3): Directory bread(block 66) failed
[  241.941219][T26560] FAT-fs (loop3): Directory bread(block 67) failed
[  241.948373][T26560] FAT-fs (loop3): Directory bread(block 68) failed
[  241.968079][T26560] FAT-fs (loop3): Directory bread(block 69) failed
[  241.982369][T26560] FAT-fs (loop3): Directory bread(block 70) failed
[  241.998101][T26560] FAT-fs (loop3): Directory bread(block 71) failed
[  242.017394][T26560] FAT-fs (loop3): Directory bread(block 72) failed
[  242.035841][T26560] FAT-fs (loop3): Directory bread(block 73) failed
[  242.086702][T26560] syz.3.8131: attempt to access beyond end of device
[  242.086702][T26560] loop3: rw=524288, sector=1800, nr_sectors = 20 limit=256
[  242.111447][T26560] syz.3.8131: attempt to access beyond end of device
[  242.111447][T26560] loop3: rw=0, sector=1800, nr_sectors = 8 limit=256
[  242.133716][T26583] loop5: detected capacity change from 0 to 736
[  242.239074][T26605] netlink: 268 bytes leftover after parsing attributes in process `syz.2.8149'.
[  242.298336][T26615] SELinux: failed to load policy
[  242.304894][T26617] Cannot find del_set index 0 as target
[  242.342735][T26623] loop5: detected capacity change from 0 to 512
[  242.350501][T26623] EXT4-fs (loop5): orphan cleanup on readonly fs
[  242.357012][T26623] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.8158: corrupted in-inode xattr: overlapping e_value 
[  242.384435][T26623] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.8158: couldn't read orphan inode 15 (err -117)
[  242.400019][T26623] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  242.430206][T26623] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz.5.8158: path /71/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0
[  242.470635][T25639] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.556350][T26645] bridge0: entered promiscuous mode
[  242.563322][T26645] macsec1: entered promiscuous mode
[  242.569584][T26645] bridge0: port 3(macsec1) entered blocking state
[  242.576051][T26645] bridge0: port 3(macsec1) entered disabled state
[  242.582576][T26645] macsec1: entered allmulticast mode
[  242.588031][T26645] bridge0: entered allmulticast mode
[  242.593937][T26645] macsec1: left allmulticast mode
[  242.599057][T26645] bridge0: left allmulticast mode
[  242.605595][T26645] bridge0: left promiscuous mode
[  242.678035][T26655] 9p: Unknown access argument 00000000000000000000T��k�j�l�����7d-�����S�~��I�~|��Q�?$|x����&���Z�B�BO�kя�Tio��x_���0^kP�ug��^%Fh�-d�-�(sϻ>i: -22
[  242.799043][T26668] loop5: detected capacity change from 0 to 1024
[  242.819801][T26668] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.838186][T26677] �: port 1(vlan1) entered blocking state
[  242.843964][T26677] �: port 1(vlan1) entered disabled state
[  242.848645][T26668] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.8176: Allocating blocks 497-513 which overlap fs metadata
[  242.863938][T26677] vlan1: entered allmulticast mode
[  242.869764][T26677] veth0_vlan: entered allmulticast mode
[  242.872964][T26667] EXT4-fs (loop5): pa ffff888106e3d8c0: logic 304, phys. 449, len 4
[  242.876120][T26677] vlan1: entered promiscuous mode
[  242.883449][T26667] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[  242.908243][T25639] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.926114][T26679] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8181'.
[  242.956603][T26685] loop5: detected capacity change from 0 to 512
[  242.963118][T26679] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8181'.
[  242.975912][T26685] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.8182: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  242.997136][T26685] EXT4-fs error (device loop5): ext4_quota_enable:7127: comm syz.5.8182: Bad quota inode: 3, type: 0
[  243.008400][T26685] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  243.024687][T26685] EXT4-fs (loop5): mount failed
[  243.243731][T26709] �: port 1(vlan1) entered blocking state
[  243.249587][T26709] �: port 1(vlan1) entered disabled state
[  243.256124][T26709] vlan1: entered allmulticast mode
[  243.261239][T26709] veth0_vlan: entered allmulticast mode
[  243.267278][T26709] vlan1: entered promiscuous mode
[  243.463863][T26723] loop2: detected capacity change from 0 to 512
[  243.478227][T26725] loop3: detected capacity change from 0 to 512
[  243.479536][T26723] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.8198: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  243.502369][T26725] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  243.513980][T26725] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.8199: invalid indirect mapped block 4294967295 (level 0)
[  243.544732][T26723] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.8198: Bad quota inode: 3, type: 0
[  243.558728][T26725] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.8199: invalid indirect mapped block 4294967295 (level 1)
[  243.560702][T26723] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  243.575698][T26725] EXT4-fs (loop3): 1 orphan inode deleted
[  243.594181][T26725] EXT4-fs (loop3): 1 truncate cleaned up
[  243.610962][T26723] EXT4-fs (loop2): mount failed
[  243.611613][T26725] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.770424][T26754] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8210'.
[  243.854116][T26763] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  243.863799][T26763] SELinux: failed to load policy
[  243.864649][T14180] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.004571][T26752] ==================================================================
[  244.012661][T26752] BUG: KCSAN: data-race in do_sys_poll / pollwake
[  244.019054][T26752] 
[  244.021358][T26752] write to 0xffffc90003dbfbc0 of 4 bytes by interrupt on cpu 1:
[  244.028965][T26752]  pollwake+0xb6/0x100
[  244.033030][T26752]  __wake_up+0x66/0xb0
[  244.037101][T26752]  bpf_ringbuf_notify+0x22/0x30
[  244.041953][T26752]  irq_work_run+0xe2/0x2d0
[  244.046367][T26752]  __sysvec_irq_work+0x22/0x170
[  244.051206][T26752]  sysvec_irq_work+0x66/0x80
[  244.055791][T26752]  asm_sysvec_irq_work+0x1a/0x20
[  244.060721][T26752]  native_apic_msr_write+0x3d/0x60
[  244.065836][T26752]  x2apic_send_IPI_self+0x10/0x20
[  244.070860][T26752]  arch_irq_work_raise+0x46/0x50
[  244.075799][T26752]  __irq_work_queue_local+0x10f/0x2c0
[  244.081169][T26752]  irq_work_queue+0x70/0x100
[  244.085756][T26752]  bpf_ringbuf_discard+0xd3/0xf0
[  244.090692][T26752]  bpf_prog_fe0ed97373b08409+0x4b/0x4f
[  244.096141][T26752]  bpf_trace_run3+0x10f/0x1d0
[  244.100811][T26752]  __traceiter_kmem_cache_free+0x35/0x60
[  244.106435][T26752]  kmem_cache_free+0x257/0x300
[  244.111193][T26752]  do_symlinkat+0x2a5/0x3c0
[  244.115694][T26752]  __x64_sys_symlinkat+0x5a/0x70
[  244.120632][T26752]  x64_sys_call+0x1558/0x2fb0
[  244.125301][T26752]  do_syscall_64+0xd2/0x200
[  244.129797][T26752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.135684][T26752] 
[  244.137995][T26752] read to 0xffffc90003dbfbc0 of 4 bytes by task 26752 on cpu 0:
[  244.145610][T26752]  do_sys_poll+0x99c/0xbd0
[  244.150017][T26752]  __se_sys_ppoll+0x1b9/0x200
[  244.154694][T26752]  __x64_sys_ppoll+0x67/0x80
[  244.159284][T26752]  x64_sys_call+0x2de5/0x2fb0
[  244.163952][T26752]  do_syscall_64+0xd2/0x200
[  244.168444][T26752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.174337][T26752] 
[  244.176651][T26752] value changed: 0x00000000 -> 0x00000001
[  244.182362][T26752] 
[  244.184680][T26752] Reported by Kernel Concurrency Sanitizer on:
[  244.190824][T26752] CPU: 0 UID: 0 PID: 26752 Comm: syz.7.8209 Tainted: G        W           6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(voluntary) 
[  244.204896][T26752] Tainted: [W]=WARN
[  244.208687][T26752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.218732][T26752] ==================================================================