last executing test programs:

3m13.578416213s ago: executing program 1 (id=602):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

3m12.895217951s ago: executing program 1 (id=610):
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1d19cb307b3472ab9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x0, 0x0, 0xb928}, {0x6, 0x37, 0x0, 0x9}]}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3m12.588641322s ago: executing program 1 (id=618):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="11000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r4, r1, 0x25, 0x4, @val=@tcx}, 0x1c)
syz_emit_ethernet(0xda, &(0x7f0000000a40)={@empty, @random="a6dde6557137", @val={@val={0x88a8, 0x5, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @udp={0x1, 0x6, "ab279c", 0x9c, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[], {0x4e20, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "5604b2fba1c99a83ca0a6deb3367da5f707840bec378d6763c8811b668338e1b", "29844e6475616d87fb68673176440e17b08ad6f4269bdfe98aa6022ad49d93a79568c0727a0799faad31163518b6ebdd", "fb69b16b4b33fd1bfff1dbf186588002601a722c4a17c985360676f6", {"6a141fa58c1ee23c0dc721aaa9e0876a", "38d3d06b4f51003751d66972433b7d74"}}}}}}}}, 0x0)

3m12.555307955s ago: executing program 1 (id=620):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
creat(&(0x7f0000000380)='./bus\x00', 0x4)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40403, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x402, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x5]})
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53048fc)

3m12.243444857s ago: executing program 1 (id=629):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
r2 = epoll_create(0x3ff)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)={0xa0000000})

3m11.941152907s ago: executing program 1 (id=634):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x4, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r0}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

3m11.883385163s ago: executing program 32 (id=634):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x4c58, 0x4, 0x0, 0x0, 0x8, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r0}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

4.88816413s ago: executing program 3 (id=6385):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f00000002c0)=0xffff, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000d00)=ANY=[@ANYBLOB="0180c2004000ffffffffffff86dd60000000009c1100fe8000000000000000000000000000bbff02000000000000000000000000000100000e22009c90"], 0x0)

4.846216934s ago: executing program 3 (id=6387):
prlimit64(0x0, 0x0, &(0x7f0000000300)={0x42, 0x80}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d40)={&(0x7f0000000080)='signal_generate\x00', r1}, 0x10)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
setrlimit(0xf, &(0x7f00000000c0)={0x0, 0x3})
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)

4.695633329s ago: executing program 3 (id=6394):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x100000}, 0x20)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount(0x0, &(0x7f00000002c0)='.\x00', 0x0, 0x1160025, 0x0)

4.605898538s ago: executing program 3 (id=6400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000004100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f00000003c0)="131c8701feaa16bca4ac74ab821d", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)

3.950121454s ago: executing program 3 (id=6407):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

1.984454361s ago: executing program 0 (id=6426):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.387648021s ago: executing program 0 (id=6443):
r0 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000300)='./file0\x00', 0x40)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r2, &(0x7f00000000c0)=""/55, 0x37)
lseek(r2, 0x1, 0x0)

1.336688296s ago: executing program 0 (id=6446):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x55, 0x2000, @fd_index=0xd, 0x7, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.264019154s ago: executing program 0 (id=6449):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r1, 0x40047452, 0x0)

1.227266717s ago: executing program 5 (id=6451):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000340), &(0x7f0000000300)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0xff, 0x7ffc1ffd}]})
getpgid(0x0)

1.149948805s ago: executing program 5 (id=6453):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(0x3)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "08328ac34a4ad2ba", "e8582491a003908dde1ca00d56542a9b6880010000000000003967d2daa45b46", "61241765", "890000fd00"}, 0x38)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x8000)

1.057592364s ago: executing program 5 (id=6455):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newtfilter={0x70, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x8}, {0xfff2}, {0xfff1, 0x10}}, [@filter_kind_options=@f_bpf={{0x8}, {0x44, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0x70}}, 0x0)

865.704424ms ago: executing program 5 (id=6460):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x1000, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x6, @multicast2}, 0x2, 0x0, 0x1}}, 0x26)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

860.571614ms ago: executing program 2 (id=6461):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r1}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)="aa", 0x1}], 0x1, 0x0, 0x0, 0x40044}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="06", 0x1}], 0x1, 0x0, 0x0, 0x4004}}], 0x2, 0x4)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x4)
splice(r2, 0x0, r5, 0x0, 0x39000, 0x0)

805.18693ms ago: executing program 2 (id=6462):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x10000, 0x4}, 0x50)

789.423071ms ago: executing program 5 (id=6463):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_open_dev$usbfs(0x0, 0x76, 0x103381)
listen(r0, 0x3)

715.895529ms ago: executing program 5 (id=6465):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="ac020000", @ANYRES16=r1, @ANYBLOB="bf4400000000000000000c0000008000058014000280080001000000000008000100090000002c0002800800020001000000080004005fbe0000080001001b0000"], 0x2ac}}, 0x0)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f00000001c0)='m', 0xfffffdfc}])
fcntl$setpipe(r2, 0x407, 0x9602)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})

627.874538ms ago: executing program 2 (id=6468):
prlimit64(0x0, 0x9, &(0x7f0000000d80)={0x3, 0x1c88000000}, 0x0)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000002200)={[&(0x7f0000000340)='^-%-\\x\\$})\'!&}*', &(0x7f0000000440)='syz0']}, 0x0)

570.084073ms ago: executing program 2 (id=6470):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001600)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f00000014c0)='\x00', 0x0, 0x0, 0x1000)

474.697633ms ago: executing program 3 (id=6407):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

451.146095ms ago: executing program 2 (id=6472):
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0, 0x0, 0x6}, 0x18)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r2 = fsopen(&(0x7f0000000080)='rpc_pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

381.824762ms ago: executing program 2 (id=6474):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x24, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r0], 0x0)
ioctl$EVIOCRMFF(r0, 0x40095505, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)

367.038454ms ago: executing program 4 (id=6475):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x4)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
sendmmsg(r1, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f00000022c0)=[{&(0x7f0000000940)="07e3348dbbfb", 0x6}], 0x1, &(0x7f0000002340)=ANY=[], 0x120}}], 0x1, 0x40010)

331.504147ms ago: executing program 4 (id=6476):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000200), &(0x7f0000000240)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

329.282018ms ago: executing program 0 (id=6477):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

287.124782ms ago: executing program 4 (id=6478):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r2, 0x0, 0x400000000000000, 0x2)

265.888844ms ago: executing program 4 (id=6479):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000900000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000400000085000000060000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000500)='9p_client_req\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

61.860604ms ago: executing program 4 (id=6480):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000024c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@abs={0x1, 0x30}, 0x6e, 0x0}}], 0x2, 0xe0)

61.099014ms ago: executing program 0 (id=6481):
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x891, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0x2, 0xbfdffdfc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
write(r5, &(0x7f0000000380)='f', 0x1)
tee(r4, r0, 0x3, 0x0)

0s ago: executing program 4 (id=6482):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
connect$vsock_stream(r2, &(0x7f0000000400)={0x28, 0x0, 0x2710, @host}, 0x10)

kernel console output (not intermixed with test programs):

 kauditd_printk_skb: 75 callbacks suppressed
[  154.918558][   T29] audit: type=1326 audit(923.905:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  154.954814][   T29] audit: type=1326 audit(923.945:3529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  154.977820][   T29] audit: type=1326 audit(923.945:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13257 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14646c1f85 code=0x7ffc0000
[  155.000787][   T29] audit: type=1326 audit(923.945:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.023957][   T29] audit: type=1326 audit(923.945:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.047091][   T29] audit: type=1326 audit(923.945:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.117240][   T29] audit: type=1326 audit(924.095:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13257 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.140166][   T29] audit: type=1326 audit(924.105:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.163169][   T29] audit: type=1326 audit(924.105:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  155.505634][   T29] audit: type=1400 audit(924.485:3537): avc:  denied  { bpf } for  pid=13298 comm="syz.0.3863" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  155.846210][T13323] loop5: detected capacity change from 0 to 1024
[  155.899259][T13323] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.012766][T13323] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.3874: Allocating blocks 449-513 which overlap fs metadata
[  156.065267][T13322] EXT4-fs (loop5): pa ffff88810725e1c0: logic 48, phys. 177, len 21
[  156.073497][T13322] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  156.101462][T13341] 9pnet_fd: Insufficient options for proto=fd
[  156.137902][ T5074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.328708][T13354] netlink: 'syz.4.3885': attribute type 1 has an invalid length.
[  156.361751][T13358] IPVS: Error connecting to the multicast addr
[  156.443044][T13365] infiniband syz!: set down
[  156.447646][T13365] infiniband syz!: added team_slave_0
[  156.469401][T13365] RDS/IB: syz!: added
[  156.473707][T13365] smc: adding ib device syz! with port count 1
[  156.480893][T13365] smc:    ib device syz! port 1 has no pnetid
[  157.002774][T13385] loop3: detected capacity change from 0 to 1024
[  157.043890][T13385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.230793][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.270488][T13403] loop5: detected capacity change from 0 to 164
[  157.277716][T13403] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  157.299494][T13403] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  157.478032][T13421] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[  157.561190][T13425] sit0: entered allmulticast mode
[  158.499777][T13489] loop3: detected capacity change from 0 to 512
[  158.523582][T13489] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  158.605541][T13497] netlink: 'syz.5.3949': attribute type 1 has an invalid length.
[  158.613478][T13497] netlink: 'syz.5.3949': attribute type 4 has an invalid length.
[  158.621363][T13497] __nla_validate_parse: 5 callbacks suppressed
[  158.621376][T13497] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.3949'.
[  158.638209][T13497] netlink: 'syz.5.3949': attribute type 1 has an invalid length.
[  158.646055][T13497] netlink: 'syz.5.3949': attribute type 4 has an invalid length.
[  158.653920][T13497] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.3949'.
[  158.849251][T13515] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13515 comm=syz.3.3957
[  158.911017][T13526] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3961'.
[  158.989561][T13526] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3961'.
[  159.034518][T13535] netlink: 'syz.4.3966': attribute type 12 has an invalid length.
[  159.074378][T13538] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3967'.
[  159.197867][T13555] sch_tbf: burst 19869 is lower than device lo mtu (65550) !
[  159.363983][T13563] loop3: detected capacity change from 0 to 1024
[  159.383155][T13563] EXT4-fs: Ignoring removed bh option
[  159.388708][T13563] EXT4-fs: inline encryption not supported
[  159.395825][T13563] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  159.448985][T13563] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  159.480687][T13563] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.3978: lblock 2 mapped to illegal pblock 2 (length 1)
[  159.506364][T13563] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3978: lblock 0 mapped to illegal pblock 48 (length 1)
[  159.520976][T13563] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3978: Failed to acquire dquot type 0
[  159.532909][T13563] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  159.543122][T13563] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3978: mark_inode_dirty error
[  159.555038][T13563] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  159.566129][T13563] EXT4-fs (loop3): 1 orphan inode deleted
[  159.572511][T13563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.585172][ T4342] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:54: lblock 1 mapped to illegal pblock 1 (length 1)
[  159.600199][ T4342] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u8:54: Failed to release dquot type 0
[  159.618001][T13584] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3987'.
[  159.644091][T13563] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.3978: lblock 0 mapped to illegal pblock 48 (length 1)
[  159.667195][T13582] sch_fq: defrate 4294967295 ignored.
[  159.668691][T13563] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  159.706360][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.816898][T13600] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  159.832996][T13600] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[  159.989682][   T29] kauditd_printk_skb: 158 callbacks suppressed
[  159.989697][   T29] audit: type=1400 audit(2000000003.621:3692): avc:  denied  { execute } for  pid=13603 comm="syz.5.3995" dev="tmpfs" ino=1208 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  160.018050][   T29] audit: type=1400 audit(2000000003.641:3693): avc:  denied  { execute_no_trans } for  pid=13603 comm="syz.5.3995" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1208 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  160.108965][   T29] audit: type=1400 audit(2000000003.731:3694): avc:  denied  { connect } for  pid=13616 comm="syz.4.4001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  160.203485][T13626] netlink: 'syz.3.4007': attribute type 10 has an invalid length.
[  160.211454][T13626] netlink: 'syz.3.4007': attribute type 11 has an invalid length.
[  160.219431][T13626] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4007'.
[  160.268606][T13633] loop5: detected capacity change from 0 to 128
[  160.279341][T13633] syz.5.4008: attempt to access beyond end of device
[  160.279341][T13633] loop5: rw=2049, sector=154, nr_sectors = 6 limit=128
[  160.293299][T13634] loop3: detected capacity change from 0 to 256
[  160.293404][T13633] syz.5.4008: attempt to access beyond end of device
[  160.293404][T13633] loop5: rw=2049, sector=158, nr_sectors = 2 limit=128
[  160.313460][T13633] Buffer I/O error on dev loop5, logical block 79, lost async page write
[  160.322824][   T29] audit: type=1400 audit(2000000003.941:3695): avc:  denied  { remount } for  pid=13632 comm="syz.3.4009" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  160.345075][T13633] syz.5.4008: attempt to access beyond end of device
[  160.345075][T13633] loop5: rw=2049, sector=160, nr_sectors = 2 limit=128
[  160.358517][T13633] Buffer I/O error on dev loop5, logical block 80, lost async page write
[  160.376534][T13636] ip6gre1: entered allmulticast mode
[  160.379827][T13633] syz.5.4008: attempt to access beyond end of device
[  160.379827][T13633] loop5: rw=2049, sector=162, nr_sectors = 6 limit=128
[  160.404274][T13633] syz.5.4008: attempt to access beyond end of device
[  160.404274][T13633] loop5: rw=2049, sector=166, nr_sectors = 2 limit=128
[  160.417905][T13633] Buffer I/O error on dev loop5, logical block 83, lost async page write
[  160.439929][T13633] syz.5.4008: attempt to access beyond end of device
[  160.439929][T13633] loop5: rw=2049, sector=168, nr_sectors = 2 limit=128
[  160.453435][T13633] Buffer I/O error on dev loop5, logical block 84, lost async page write
[  160.463077][T13633] syz.5.4008: attempt to access beyond end of device
[  160.463077][T13633] loop5: rw=2049, sector=186, nr_sectors = 6 limit=128
[  160.477171][T13633] syz.5.4008: attempt to access beyond end of device
[  160.477171][T13633] loop5: rw=2049, sector=190, nr_sectors = 2 limit=128
[  160.490677][T13633] Buffer I/O error on dev loop5, logical block 95, lost async page write
[  160.503567][T13633] syz.5.4008: attempt to access beyond end of device
[  160.503567][T13633] loop5: rw=2049, sector=192, nr_sectors = 2 limit=128
[  160.517091][T13633] Buffer I/O error on dev loop5, logical block 96, lost async page write
[  160.527188][T13633] syz.5.4008: attempt to access beyond end of device
[  160.527188][T13633] loop5: rw=2049, sector=194, nr_sectors = 6 limit=128
[  160.541430][T13633] Buffer I/O error on dev loop5, logical block 99, lost async page write
[  160.551514][T13633] Buffer I/O error on dev loop5, logical block 100, lost async page write
[  160.561000][T13633] Buffer I/O error on dev loop5, logical block 111, lost async page write
[  160.570320][T13633] Buffer I/O error on dev loop5, logical block 112, lost async page write
[  160.591491][T13640] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4011'.
[  160.636596][T13645] ipvlan2: entered promiscuous mode
[  160.674276][T13645] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  160.742114][   T29] audit: type=1400 audit(2000000004.372:3696): avc:  denied  { read write } for  pid=13650 comm="syz.3.4017" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.742908][T13651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.775349][T13651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.787636][   T29] audit: type=1400 audit(2000000004.372:3697): avc:  denied  { open } for  pid=13650 comm="syz.3.4017" path="/dev/raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.811241][   T29] audit: type=1400 audit(2000000004.372:3698): avc:  denied  { ioctl } for  pid=13650 comm="syz.3.4017" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  160.848585][T13653] loop5: detected capacity change from 0 to 512
[  160.858090][   T29] audit: type=1400 audit(2000000004.482:3699): avc:  denied  { setopt } for  pid=13655 comm="syz.0.4019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  160.877972][   T29] audit: type=1400 audit(2000000004.482:3700): avc:  denied  { bind } for  pid=13655 comm="syz.0.4019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  160.897590][   T29] audit: type=1400 audit(2000000004.482:3701): avc:  denied  { name_bind } for  pid=13655 comm="syz.0.4019" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  160.976093][T13653] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e002e028, mo2=0002]
[  160.984651][T13653] System zones: 0-2, 18-18, 34-34
[  160.999990][T13653] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters
[  161.016518][T13653] EXT4-fs (loop5): Remounting filesystem read-only
[  161.024581][T13653] EXT4-fs (loop5): 1 truncate cleaned up
[  161.031215][T13653] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.043859][ T4294] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.044183][T13653] ext4 filesystem being mounted at /766/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.054574][ T4294] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  161.076332][ T4294] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  161.140223][ T5074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.200582][T13691] loop5: detected capacity change from 0 to 1024
[  161.207781][T13691] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  161.218870][T13691] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  161.238696][T13691] JBD2: no valid journal superblock found
[  161.244508][T13691] EXT4-fs (loop5): Could not load journal inode
[  161.256334][T13691] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  161.642473][T13756] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  161.649069][T13756] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  161.656711][T13756] vhci_hcd vhci_hcd.0: Device attached
[  161.665749][T13761] vhci_hcd: cannot find the pending unlink 1023
[  161.673734][T13761] vhci_hcd: connection closed
[  161.673937][ T4294] vhci_hcd: stop threads
[  161.683080][ T4294] vhci_hcd: release socket
[  161.687603][ T4294] vhci_hcd: disconnect device
[  161.703341][T13770] ip6tnl2: entered promiscuous mode
[  161.708938][T13770] ip6tnl2: entered allmulticast mode
[  161.852782][T13786] ip6gre1: entered promiscuous mode
[  162.289638][T13857] loop3: detected capacity change from 0 to 128
[  162.300632][T13857] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.321782][T13857] ext4 filesystem being mounted at /746/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  162.519077][ T3322] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  162.559431][T13845] Set syz1 is full, maxelem 65536 reached
[  162.727476][T13892] tipc: New replicast peer: 255.255.255.255
[  162.733875][T13892] tipc: Enabled bearer <udp:syz2>, priority 10
[  162.788134][T13894] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.810979][T13894] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.016725][T13917] netlink: zone id is out of range
[  163.021919][T13917] netlink: zone id is out of range
[  163.027274][T13917] netlink: zone id is out of range
[  163.032496][T13917] netlink: zone id is out of range
[  163.037899][T13917] netlink: zone id is out of range
[  163.043014][T13917] netlink: zone id is out of range
[  163.048169][T13917] netlink: zone id is out of range
[  163.053293][T13917] netlink: zone id is out of range
[  163.058440][T13917] netlink: zone id is out of range
[  164.176595][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  164.391109][T14088] __nla_validate_parse: 5 callbacks suppressed
[  164.391131][T14088] netlink: 176 bytes leftover after parsing attributes in process `syz.5.4100'.
[  164.822444][T14137] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4114'.
[  164.850987][T14141] xt_hashlimit: max too large, truncated to 1048576
[  165.001627][   T29] kauditd_printk_skb: 148 callbacks suppressed
[  165.001645][   T29] audit: type=1400 audit(2000000008.634:3842): avc:  denied  { watch watch_reads } for  pid=14149 comm="syz.0.4121" path="/808" dev="tmpfs" ino=4174 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  165.069032][T14152] loop5: detected capacity change from 0 to 4096
[  165.097148][T14152] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.427365][ T5074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.545849][   T29] audit: type=1326 audit(2000000009.114:3843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.569525][   T29] audit: type=1326 audit(2000000009.114:3844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.593141][   T29] audit: type=1326 audit(2000000009.114:3845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.616704][   T29] audit: type=1326 audit(2000000009.114:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.640338][   T29] audit: type=1326 audit(2000000009.114:3847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.663885][   T29] audit: type=1326 audit(2000000009.114:3848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.687433][   T29] audit: type=1326 audit(2000000009.114:3849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.711096][   T29] audit: type=1326 audit(2000000009.114:3850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.734785][   T29] audit: type=1326 audit(2000000009.114:3851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14168 comm="syz.4.4128" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  165.758774][T14176] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4129'.
[  165.971317][T14198] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4140'.
[  166.303630][T14223] loop3: detected capacity change from 0 to 4096
[  166.346844][T14223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.533870][T14240] bond2: entered promiscuous mode
[  166.538989][T14240] bond2: entered allmulticast mode
[  166.579536][T14240] 8021q: adding VLAN 0 to HW filter on device bond2
[  166.664982][T14240] bond2 (unregistering): Released all slaves
[  166.760645][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.934094][T14255] netlink: 360 bytes leftover after parsing attributes in process `syz.2.4159'.
[  167.066076][T14265] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4163'.
[  167.259944][T14289] ------------[ cut here ]------------
[  167.265645][T14289] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x4000000, 0x0] s64=[0x4000000, 0x0] u32=[0x4000000, 0x0] s32=[0x4000000, 0x0] var_off=(0x0, 0x0)
[  167.283817][T14289] WARNING: CPU: 1 PID: 14289 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680
[  167.294465][T14289] Modules linked in:
[  167.298667][T14289] CPU: 1 UID: 0 PID: 14289 Comm: syz.4.4172 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  167.310339][T14289] Tainted: [W]=WARN
[  167.314248][T14289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  167.324437][T14289] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[  167.330926][T14289] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 12 f7 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[  167.350682][T14289] RSP: 0018:ffffc9000432f408 EFLAGS: 00010282
[  167.356882][T14289] RAX: 11fc8b03fa30a300 RBX: ffff88814a9dbae0 RCX: 0000000000080000
[  167.364982][T14289] RDX: ffffc90002bc9000 RSI: 00000000000047dd RDI: 00000000000047de
[  167.373198][T14289] RBP: 0000000000000000 R08: 0001c9000432f257 R09: 0000000000000000
[  167.382863][T14289] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff88814a9dbaa0
[  167.391534][T14289] R13: ffff88813f0b8000 R14: ffff88813f0b8000 R15: ffff88814a9dbad8
[  167.399748][T14289] FS:  00007fe4cc9576c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000
[  167.408844][T14289] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  167.415605][T14289] CR2: 0000000100000000 CR3: 0000000122070000 CR4: 00000000003506f0
[  167.423945][T14289] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  167.432090][T14289] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  167.440266][T14289] Call Trace:
[  167.443682][T14289]  <TASK>
[  167.446732][T14289]  reg_set_min_max+0x215/0x260
[  167.451862][T14289]  check_cond_jmp_op+0x130d/0x19e0
[  167.457173][T14289]  do_check+0x3363/0x8460
[  167.461645][T14289]  do_check_common+0xc5e/0x12b0
[  167.466671][T14289]  bpf_check+0xaaae/0xd9d0
[  167.471244][T14289]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  167.477513][T14289]  ? alloc_pages_bulk_noprof+0x4a6/0x530
[  167.483414][T14289]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[  167.489622][T14289]  ? css_rstat_updated+0xb7/0x240
[  167.494772][T14289]  ? try_charge_memcg+0x215/0xa10
[  167.499949][T14289]  ? pcpu_block_refresh_hint+0x10b/0x170
[  167.505985][T14289]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  167.512160][T14289]  ? _find_next_zero_bit+0x29/0xa0
[  167.517722][T14289]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[  167.524151][T14289]  ? css_rstat_updated+0xb7/0x240
[  167.529444][T14289]  ? __rcu_read_unlock+0x4f/0x70
[  167.535072][T14289]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[  167.541089][T14289]  ? bpf_prog_alloc+0x5b/0x150
[  167.546116][T14289]  ? pcpu_alloc_noprof+0xd29/0x1250
[  167.551575][T14289]  ? should_fail_ex+0x30/0x280
[  167.556640][T14289]  ? should_failslab+0x8c/0xb0
[  167.561861][T14289]  ? __kmalloc_noprof+0x2a2/0x570
[  167.567238][T14289]  ? security_bpf_prog_load+0x60/0x140
[  167.572993][T14289]  ? selinux_bpf_prog_load+0xad/0xd0
[  167.578442][T14289]  ? security_bpf_prog_load+0x9e/0x140
[  167.584165][T14289]  bpf_prog_load+0xf6e/0x1100
[  167.589123][T14289]  ? security_bpf+0x2b/0x90
[  167.593857][T14289]  __sys_bpf+0x469/0x7c0
[  167.598416][T14289]  __x64_sys_bpf+0x41/0x50
[  167.602927][T14289]  x64_sys_call+0x2aee/0x3000
[  167.607942][T14289]  do_syscall_64+0xd2/0x200
[  167.612742][T14289]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  167.618606][T14289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.624671][T14289] RIP: 0033:0x7fe4cdeef6c9
[  167.629272][T14289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.649018][T14289] RSP: 002b:00007fe4cc957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  167.657571][T14289] RAX: ffffffffffffffda RBX: 00007fe4ce145fa0 RCX: 00007fe4cdeef6c9
[  167.665715][T14289] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  167.673879][T14289] RBP: 00007fe4cdf71f91 R08: 0000000000000000 R09: 0000000000000000
[  167.682027][T14289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  167.690235][T14289] R13: 00007fe4ce146038 R14: 00007fe4ce145fa0 R15: 00007fff98fed018
[  167.698317][T14289]  </TASK>
[  167.701419][T14289] ---[ end trace 0000000000000000 ]---
[  167.770275][T14297] loop3: detected capacity change from 0 to 1024
[  167.795205][T14297] EXT4-fs: Ignoring removed orlov option
[  167.828049][T14297] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.847178][T14297] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4174'.
[  167.856243][T14297] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4174'.
[  167.896674][T14297] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4174: bg 0: block 232: padding at end of block bitmap is not set
[  167.928010][T14297] EXT4-fs (loop3): Remounting filesystem read-only
[  167.935241][T14297] EXT4-fs (loop3): error restoring inline_data for inode -- potential data loss! (inode 12, error -30)
[  167.965486][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.982321][T14306] loop5: detected capacity change from 0 to 1024
[  167.995842][T14306] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  168.006816][T14306] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  168.017519][T14306] JBD2: no valid journal superblock found
[  168.023280][T14306] EXT4-fs (loop5): Could not load journal inode
[  168.032420][T14306] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  168.112332][T14317] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  168.118978][T14317] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  168.127184][T14317] vhci_hcd vhci_hcd.0: Device attached
[  168.133618][T14322] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4185'.
[  168.134975][T14318] vhci_hcd: connection closed
[  168.142990][ T4323] vhci_hcd: stop threads
[  168.151972][ T4323] vhci_hcd: release socket
[  168.156488][ T4323] vhci_hcd: disconnect device
[  168.213204][T14325] netlink: 'syz.0.4186': attribute type 1 has an invalid length.
[  168.230793][T14329] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4187'.
[  168.233476][T14325] 8021q: adding VLAN 0 to HW filter on device bond2
[  168.271131][T14331] bond2: (slave geneve2): making interface the new active one
[  168.281880][T14331] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  168.292685][ T4352] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.312315][ T4352] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.334988][ T4352] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.369434][ T4352] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.479655][T14355] netlink: 'syz.5.4199': attribute type 27 has an invalid length.
[  168.599491][T14355] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.606810][T14355] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.729743][T14355] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.775010][T14355] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.889572][T14355] macsec0: left promiscuous mode
[  168.938545][T14355] geneve2: left promiscuous mode
[  168.950096][T14355] gre2: left promiscuous mode
[  169.020544][T14358] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.045172][T14358] 8021q: adding VLAN 0 to HW filter on device team0
[  169.069671][T14358] net_ratelimit: 4 callbacks suppressed
[  169.069686][T14358] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  169.092292][T14368] macsec0: entered promiscuous mode
[  169.103726][ T4323] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.126289][T14381] bond2: (slave ip6tnl2): The slave device specified does not support setting the MAC address
[  169.144803][T14381] bond2: (slave ip6tnl2): Error -95 calling set_mac_address
[  169.172238][ T4323] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.190728][ T4323] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.211062][ T4323] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.715279][T14436] __nla_validate_parse: 8 callbacks suppressed
[  169.715296][T14436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4233'.
[  169.730601][T14436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4233'.
[  169.857632][T14446] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4238'.
[  170.057210][   T29] kauditd_printk_skb: 114 callbacks suppressed
[  170.057227][   T29] audit: type=1400 audit(2000000526.700:3966): avc:  denied  { write } for  pid=14482 comm="syz.4.4256" path="socket:[34573]" dev="sockfs" ino=34573 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  170.351356][T14514] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  170.357984][T14514] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  170.366270][T14514] vhci_hcd vhci_hcd.0: Device attached
[  170.379718][T14520] vhci_hcd: connection closed
[  170.380728][ T4294] vhci_hcd: stop threads
[  170.389884][ T4294] vhci_hcd: release socket
[  170.394514][ T4294] vhci_hcd: disconnect device
[  170.450041][   T29] audit: type=1400 audit(2000000527.090:3967): avc:  denied  { ioctl } for  pid=14530 comm="syz.3.4275" path="socket:[35519]" dev="sockfs" ino=35519 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  170.502284][T14536] loop3: detected capacity change from 0 to 2048
[  170.529468][T14538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4278'.
[  170.543980][T14536]  loop3: p1 < > p3
[  170.548564][T14536] loop3: p3 size 134217728 extends beyond EOD, truncated
[  170.560575][T14536] sd 0:0:1:0: device reset
[  170.599437][   T29] audit: type=1400 audit(2000000527.170:3968): avc:  denied  { bind } for  pid=14537 comm="syz.4.4278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  170.630710][   T29] audit: type=1400 audit(2000000527.260:3969): avc:  denied  { create } for  pid=14540 comm="syz.3.4279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  170.650646][   T29] audit: type=1400 audit(2000000527.270:3970): avc:  denied  { sys_admin } for  pid=14540 comm="syz.3.4279" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  170.929845][T14554] netlink: 'syz.0.4295': attribute type 15 has an invalid length.
[  170.937788][T14554] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4295'.
[  171.064373][   T29] audit: type=1400 audit(2000000527.700:3971): avc:  denied  { bind } for  pid=14566 comm="syz.0.4290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  171.084059][   T29] audit: type=1400 audit(2000000527.700:3972): avc:  denied  { setattr } for  pid=14566 comm="syz.0.4290" name="PPTP" dev="sockfs" ino=35620 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  171.231530][T14578] netlink: 'syz.2.4296': attribute type 4 has an invalid length.
[  171.322273][T14578] netlink: 'syz.2.4296': attribute type 4 has an invalid length.
[  171.346831][T14582] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  171.346831][T14582]    program syz.5.4299 not setting count and/or reply_len properly
[  171.492931][ T4323] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  171.516681][ T4323] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  171.537312][ T4323] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  171.553063][ T4323] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  171.609372][   T29] audit: type=1400 audit(2000000528.251:3973): avc:  denied  { create } for  pid=14597 comm="syz.0.4305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  171.629352][   T29] audit: type=1400 audit(2000000528.251:3974): avc:  denied  { connect } for  pid=14597 comm="syz.0.4305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  171.649341][   T29] audit: type=1400 audit(2000000528.251:3975): avc:  denied  { ioctl } for  pid=14597 comm="syz.0.4305" path="socket:[34716]" dev="sockfs" ino=34716 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  171.787061][T14611] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4307'.
[  171.838347][T14617] loop5: detected capacity change from 0 to 164
[  171.854480][T14617] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  171.936504][T14624] veth0_vlan: entered allmulticast mode
[  171.970304][T14626] loop3: detected capacity change from 0 to 128
[  172.000959][T14626] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  172.055069][T14626] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  172.063053][T14626] FAT-fs (loop3): Filesystem has been set read-only
[  172.097120][T14626] bio_check_eod: 32 callbacks suppressed
[  172.097141][T14626] syz.3.4317: attempt to access beyond end of device
[  172.097141][T14626] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  172.295988][T14631] bond3: entered promiscuous mode
[  172.828096][T14666] loop3: detected capacity change from 0 to 128
[  172.862924][T14666] FAT-fs (loop3): Directory bread(block 162) failed
[  172.869597][T14666] FAT-fs (loop3): Directory bread(block 163) failed
[  172.913840][T14666] FAT-fs (loop3): Directory bread(block 164) failed
[  172.933604][T14666] FAT-fs (loop3): Directory bread(block 165) failed
[  172.988276][T14666] FAT-fs (loop3): Directory bread(block 166) failed
[  173.016682][T14666] FAT-fs (loop3): Directory bread(block 167) failed
[  173.062231][T14666] FAT-fs (loop3): Directory bread(block 168) failed
[  173.120214][T14666] FAT-fs (loop3): Directory bread(block 169) failed
[  173.161304][T14666] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  173.261372][T14666] FAT-fs (loop3): Directory bread(block 162) failed
[  173.272181][T14666] FAT-fs (loop3): Directory bread(block 163) failed
[  173.279348][T14688] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.4341'.
[  173.288692][T14688] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4341'.
[  173.312343][T14666] syz.3.4330: attempt to access beyond end of device
[  173.312343][T14666] loop3: rw=3, sector=226, nr_sectors = 6 limit=128
[  173.366005][T14666] syz.3.4330: attempt to access beyond end of device
[  173.366005][T14666] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128
[  173.732464][T14712] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4352'.
[  173.758415][T14712] ip6gre2: entered allmulticast mode
[  173.787704][T14714] loop3: detected capacity change from 0 to 2048
[  173.853021][T14714]  loop3: p1 < > p3 p4 < >
[  173.858112][T14714] loop3: p3 start 4284289 is beyond EOD, truncated
[  173.981201][T14728] ALSA: seq fatal error: cannot create timer (-19)
[  174.123704][T14739] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4362'.
[  174.194522][T14742] netlink: 'syz.5.4363': attribute type 1 has an invalid length.
[  174.202354][T14742] netlink: 'syz.5.4363': attribute type 4 has an invalid length.
[  174.211967][T14742] netlink: 'syz.5.4363': attribute type 1 has an invalid length.
[  174.219716][T14742] netlink: 'syz.5.4363': attribute type 4 has an invalid length.
[  174.644758][T14772] tipc: New replicast peer: 255.255.255.83
[  174.650742][T14772] tipc: Enabled bearer <udp:�>, priority 10
[  174.783304][T14785] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  174.858697][T14789] netlink: 'syz.5.4386': attribute type 4 has an invalid length.
[  174.887069][T14789] netlink: 'syz.5.4386': attribute type 4 has an invalid length.
[  175.089699][T14802] netlink: 'syz.5.4390': attribute type 3 has an invalid length.
[  175.760760][ T3428] tipc: Node number set to 2886997007
[  176.513336][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  176.513355][   T29] audit: type=1400 audit(176.519:3989): avc:  denied  { mount } for  pid=14851 comm="syz.0.4410" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  176.569249][   T29] audit: type=1400 audit(176.549:3990): avc:  denied  { append } for  pid=14851 comm="syz.0.4410" name="rt_cache" dev="proc" ino=4026532530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  176.706235][T14871] __nla_validate_parse: 3 callbacks suppressed
[  176.706252][T14871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4414'.
[  176.953432][   T29] audit: type=1400 audit(176.930:3991): avc:  denied  { getattr } for  pid=14892 comm="syz.4.4428" name="/" dev="secretmem" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  177.222842][   T29] audit: type=1400 audit(177.220:3992): avc:  denied  { mounton } for  pid=14917 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  177.390386][ T4342] batadv0: left allmulticast mode
[  177.395494][ T4342] batadv0: left promiscuous mode
[  177.400730][ T4342] bridge0: port 3(batadv0) entered disabled state
[  177.410172][ T4342] bridge_slave_1: left allmulticast mode
[  177.415858][ T4342] bridge_slave_1: left promiscuous mode
[  177.421554][ T4342] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.429776][ T4342] bridge_slave_0: left promiscuous mode
[  177.435512][ T4342] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.560526][ T4342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.585138][ T4342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.610788][ T4342] bond0 (unregistering): Released all slaves
[  177.688280][ T4342] tipc: Left network mode
[  177.694156][T14942] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4446'.
[  177.703297][T14942] netlink: 'syz.3.4446': attribute type 7 has an invalid length.
[  177.711057][T14942] netlink: 'syz.3.4446': attribute type 8 has an invalid length.
[  177.718795][T14942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4446'.
[  177.750221][T14944] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  177.758973][T14944] ref_ctr increment failed for inode: 0x119a offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff88810b745640
[  177.866412][ T4342] hsr_slave_0: left promiscuous mode
[  177.874038][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_0
[  177.901769][ T4342] batman_adv: batadv0: Removing interface: batadv_slave_1
[  177.991835][ T4342] team0 (unregistering): Port device team_slave_1 removed
[  178.015814][ T4342] team0 (unregistering): Port device team_slave_0 removed
[  178.119389][T14959] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4453'.
[  178.243309][T14917] chnl_net:caif_netlink_parms(): no params data found
[  178.265211][T14968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14968 comm=syz.0.4456
[  178.407924][T14917] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.415167][T14917] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.440689][   T29] audit: type=1400 audit(178.430:3993): avc:  denied  { write } for  pid=14976 comm="syz.0.4459" lport=47808 faddr=fe80::3c fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  178.463699][   T29] audit: type=1400 audit(178.430:3994): avc:  denied  { setopt } for  pid=14976 comm="syz.0.4459" lport=47808 faddr=fe80::3c fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  178.497260][T14917] bridge_slave_0: entered allmulticast mode
[  178.514394][T14917] bridge_slave_0: entered promiscuous mode
[  178.569111][T14917] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.576375][T14917] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.583941][T14917] bridge_slave_1: entered allmulticast mode
[  178.596914][T14917] bridge_slave_1: entered promiscuous mode
[  178.671607][T14917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.701938][T14917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.714050][T14992] bridge: RTM_NEWNEIGH with invalid state 0x10
[  178.742848][T14917] team0: Port device team_slave_0 added
[  178.795377][T14917] team0: Port device team_slave_1 added
[  178.881857][T14917] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.888850][T14917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  178.914985][T14917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.041728][T15015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4468'.
[  179.058426][T14917] batman_adv: batadv0: Adding interface: batadv_slave_1
[  179.065487][T14917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  179.091446][T14917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  179.151241][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4469'.
[  179.160205][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4469'.
[  179.185062][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4469'.
[  179.204663][T14917] hsr_slave_0: entered promiscuous mode
[  179.233156][T14917] hsr_slave_1: entered promiscuous mode
[  179.239168][T14917] debugfs: 'hsr0' already exists in 'hsr'
[  179.244929][T14917] Cannot create hsr debugfs directory
[  179.250954][T15030] netlink: 'syz.2.4472': attribute type 4 has an invalid length.
[  179.287579][   T29] audit: type=1400 audit(179.281:3995): avc:  denied  { remount } for  pid=15032 comm="syz.4.4473" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[  179.448173][   T29] audit: type=1400 audit(179.441:3996): avc:  denied  { bind } for  pid=15052 comm="syz.2.4477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  179.558179][T15061] wg2: entered promiscuous mode
[  179.563117][T15061] wg2: entered allmulticast mode
[  179.694966][T15079] netlink: 'syz.4.4484': attribute type 27 has an invalid length.
[  179.916245][T15079] wg2: left promiscuous mode
[  179.920948][T15079] wg2: left allmulticast mode
[  179.987168][T15107] loop3: detected capacity change from 0 to 128
[  180.009051][T15079] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.066367][T15079] veth0_vlan: left allmulticast mode
[  180.119989][T15079] ipip0: left promiscuous mode
[  180.130202][T15079] bond1: left promiscuous mode
[  180.144093][T15079] dummy0: left promiscuous mode
[  180.149091][T15079] bond1: left allmulticast mode
[  180.179466][T15079] dummy0: left allmulticast mode
[  180.203483][T15079] bond3: left promiscuous mode
[  180.236899][T15087] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.311535][T15087] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  180.328846][ T4349] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  180.337335][ T4349] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.403183][T14917] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  180.424804][ T4349] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  180.433508][ T4349] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.442322][T14917] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  180.461284][ T4349] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  180.469779][ T4349] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.478667][T14917] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  180.495991][T14917] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  180.529011][ T4349] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  180.537436][ T4349] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  180.613316][T15158] 8021q: adding VLAN 0 to HW filter on device bond3
[  180.630358][T15158] bond0: (slave bond3): Enslaving as an active interface with an up link
[  180.648713][T14917] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.662335][T14917] 8021q: adding VLAN 0 to HW filter on device team0
[  180.682741][ T4342] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.689881][ T4342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.709318][ T4342] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.716411][ T4342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.721485][T15166] futex_wake_op: syz.3.4495 tries to shift op by 144; fix this program
[  180.743159][T15158] bond0: (slave bridge0): Releasing backup interface
[  180.759287][T15158] bridge_slave_0: left allmulticast mode
[  180.765023][T15158] bridge_slave_0: left promiscuous mode
[  180.770826][T15158] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.807626][T15158] bridge_slave_1: left allmulticast mode
[  180.813435][T15158] bridge_slave_1: left promiscuous mode
[  180.819279][T15158] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.828112][T15158] bond0: (slave bond_slave_0): Releasing backup interface
[  180.833488][   T29] audit: type=1326 audit(180.832:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15171 comm="syz.3.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  180.860135][T15158] bond0: (slave bond_slave_1): Releasing backup interface
[  180.868916][T15158] team0: Port device team_slave_0 removed
[  180.875915][T15158] team0: Port device team_slave_1 removed
[  180.882485][T15158] batman_adv: batadv0: Removing interface: batadv_slave_0
[  180.898523][   T29] audit: type=1326 audit(180.862:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15171 comm="syz.3.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  180.922005][T15158] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.940154][T15158] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  181.128497][T14917] 8021q: adding VLAN 0 to HW filter on device batadv0
[  181.422955][T14917] veth0_vlan: entered promiscuous mode
[  181.443490][T14917] veth1_vlan: entered promiscuous mode
[  181.494216][T14917] veth0_macvtap: entered promiscuous mode
[  181.513309][T14917] veth1_macvtap: entered promiscuous mode
[  181.551285][T14917] batman_adv: batadv0: Interface activated: batadv_slave_0
[  181.565928][T14917] batman_adv: batadv0: Interface activated: batadv_slave_1
[  181.597992][ T4294] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.607225][ T4294] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.651811][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  181.651847][   T29] audit: type=1326 audit(181.652:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.721846][ T4294] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.749536][ T4294] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.805857][T15263] 8021q: adding VLAN 0 to HW filter on device bond4
[  181.812764][   T29] audit: type=1326 audit(181.682:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.835755][   T29] audit: type=1326 audit(181.692:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.858805][   T29] audit: type=1326 audit(181.692:4018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.881947][   T29] audit: type=1326 audit(181.692:4019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.905030][   T29] audit: type=1326 audit(181.692:4020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.927980][   T29] audit: type=1326 audit(181.692:4021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.930487][T15263] bond0: (slave bond4): Enslaving as an active interface with an up link
[  181.950915][   T29] audit: type=1326 audit(181.692:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  181.950950][   T29] audit: type=1326 audit(181.692:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  182.005177][   T29] audit: type=1326 audit(181.692:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15258 comm="syz.2.4518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  182.037219][T15270] bond1: (slave dummy0): Releasing active interface
[  182.066581][T15270] bond0: (slave bond_slave_0): Releasing backup interface
[  182.085792][T15270] bond0: (slave bond_slave_1): Releasing backup interface
[  182.104699][T15270] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.112849][T15270] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  182.608679][T15314] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.668959][T15314] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.734009][T15333] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4544'.
[  182.748038][T15333] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4544'.
[  182.774180][T15333] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4544'.
[  182.784586][T15333] netlink: 6 bytes leftover after parsing attributes in process `syz.4.4544'.
[  182.799753][T15314] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.829035][T15339] unsupported nlmsg_type 40
[  182.834751][T15339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  182.843540][T15339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.852582][T15314] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.899942][T15344] loop3: detected capacity change from 0 to 256
[  182.913471][T15344] FAT-fs (loop3): Directory bread(block 64) failed
[  182.934876][ T4323] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.945866][T15344] FAT-fs (loop3): Directory bread(block 65) failed
[  182.954566][ T4323] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.975570][T15344] FAT-fs (loop3): Directory bread(block 66) failed
[  182.982325][ T4323] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.990863][T15344] FAT-fs (loop3): Directory bread(block 67) failed
[  183.012201][ T4323] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.023956][T15344] FAT-fs (loop3): Directory bread(block 68) failed
[  183.031091][T15344] FAT-fs (loop3): Directory bread(block 69) failed
[  183.038207][T15344] FAT-fs (loop3): Directory bread(block 70) failed
[  183.044856][T15344] FAT-fs (loop3): Directory bread(block 71) failed
[  183.054350][T15344] FAT-fs (loop3): Directory bread(block 72) failed
[  183.061079][T15344] FAT-fs (loop3): Directory bread(block 73) failed
[  183.318556][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.318556][ T4323] loop3: rw=1, sector=1256, nr_sectors = 32 limit=256
[  183.334636][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.334636][ T4323] loop3: rw=1, sector=1320, nr_sectors = 32 limit=256
[  183.363028][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.363028][ T4323] loop3: rw=1, sector=1384, nr_sectors = 32 limit=256
[  183.378887][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.378887][ T4323] loop3: rw=1, sector=1448, nr_sectors = 32 limit=256
[  183.392925][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.392925][ T4323] loop3: rw=1, sector=1512, nr_sectors = 32 limit=256
[  183.408504][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.408504][ T4323] loop3: rw=1, sector=1576, nr_sectors = 32 limit=256
[  183.423196][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.423196][ T4323] loop3: rw=1, sector=1640, nr_sectors = 32 limit=256
[  183.437416][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.437416][ T4323] loop3: rw=1, sector=1704, nr_sectors = 32 limit=256
[  183.453026][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.453026][ T4323] loop3: rw=1, sector=1800, nr_sectors = 32 limit=256
[  183.467223][ T4323] kworker/u8:39: attempt to access beyond end of device
[  183.467223][ T4323] loop3: rw=1, sector=1864, nr_sectors = 32 limit=256
[  183.542840][T15356] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4554'.
[  183.562750][T15356] openvswitch: netlink: Key 0 has unexpected len 2 expected 0
[  183.606146][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4558'.
[  183.640390][T15363] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4558'.
[  183.802621][T15386] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4569'.
[  184.067271][T15407] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4575'.
[  184.234435][T15426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4584'.
[  184.502458][T15458] loop5: detected capacity change from 0 to 1024
[  184.534607][T15458] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  184.545610][T15458] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  184.557106][T15458] JBD2: no valid journal superblock found
[  184.563027][T15458] EXT4-fs (loop5): Could not load journal inode
[  184.606034][T15458] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  184.838774][T15493] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  184.937445][T15503] netlink: 'syz.4.4617': attribute type 12 has an invalid length.
[  185.773645][T15565] netlink: 'syz.4.4642': attribute type 13 has an invalid length.
[  185.803691][T15565] gretap0: refused to change device tx_queue_len
[  185.824311][T15565] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  185.929292][T15562] loop3: detected capacity change from 0 to 256
[  186.097038][T15603] loop3: detected capacity change from 0 to 128
[  186.107211][T15603] buffer_io_error: 18 callbacks suppressed
[  186.107228][T15603] Buffer I/O error on dev loop3, logical block 79, lost async page write
[  186.122512][T15603] Buffer I/O error on dev loop3, logical block 80, lost async page write
[  186.137676][T15603] Buffer I/O error on dev loop3, logical block 83, lost async page write
[  186.147592][T15603] Buffer I/O error on dev loop3, logical block 84, lost async page write
[  186.156813][T15603] Buffer I/O error on dev loop3, logical block 95, lost async page write
[  186.166813][T15603] Buffer I/O error on dev loop3, logical block 96, lost async page write
[  186.235718][T15606] Buffer I/O error on dev loop3, logical block 77, lost async page write
[  186.244457][T15606] Buffer I/O error on dev loop3, logical block 78, lost async page write
[  186.254019][T15606] Buffer I/O error on dev loop3, logical block 79, lost async page write
[  186.262885][T15606] Buffer I/O error on dev loop3, logical block 80, lost async page write
[  186.435816][T15639] syz_tun: entered allmulticast mode
[  186.569511][T15631] syz_tun: left allmulticast mode
[  186.577973][T15655] bridge0: port 3(gretap0) entered blocking state
[  186.584476][T15655] bridge0: port 3(gretap0) entered disabled state
[  186.595913][T15655] gretap0: entered allmulticast mode
[  186.601886][T15655] gretap0: entered promiscuous mode
[  186.616355][T15655] gretap0: left allmulticast mode
[  186.621609][T15655] gretap0: left promiscuous mode
[  186.626720][T15655] bridge0: port 3(gretap0) entered disabled state
[  186.711652][   T29] kauditd_printk_skb: 407 callbacks suppressed
[  186.711705][   T29] audit: type=1400 audit(186.714:4432): avc:  denied  { getopt } for  pid=15668 comm="syz.5.4689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  186.744276][   T29] audit: type=1326 audit(186.744:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.767388][   T29] audit: type=1326 audit(186.744:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.790638][   T29] audit: type=1326 audit(186.755:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.813683][   T29] audit: type=1326 audit(186.755:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.836877][   T29] audit: type=1326 audit(186.775:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.859792][   T29] audit: type=1326 audit(186.775:4438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.882793][   T29] audit: type=1326 audit(186.775:4439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.906077][   T29] audit: type=1326 audit(186.775:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  186.929066][   T29] audit: type=1326 audit(186.775:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15668 comm="syz.5.4689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  187.010634][T15673] Set syz1 is full, maxelem 6117 reached
[  187.857437][T15758] netlink: 'syz.5.4730': attribute type 3 has an invalid length.
[  187.878313][T15758] netlink: 'syz.5.4730': attribute type 3 has an invalid length.
[  187.916311][T15762] __nla_validate_parse: 12 callbacks suppressed
[  187.916333][T15762] netlink: 96 bytes leftover after parsing attributes in process `wޣ�'.
[  188.085688][T15777] loop5: detected capacity change from 0 to 136
[  188.092927][T15777] Attempt to read inode for relocated directory
[  188.138860][T15781] syz_tun: entered allmulticast mode
[  188.198335][T15776] syz_tun: left allmulticast mode
[  188.483569][T15807] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4745'.
[  188.544742][T11805] IPVS: starting estimator thread 0...
[  188.598818][T15818] netlink: 'syz.5.4757': attribute type 17 has an invalid length.
[  188.606969][T15818] netlink: 148 bytes leftover after parsing attributes in process `syz.5.4757'.
[  188.640519][T15814] IPVS: using max 2496 ests per chain, 124800 per kthread
[  188.651033][T15823] netlink: 'syz.3.4759': attribute type 12 has an invalid length.
[  188.723933][T15832] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4762'.
[  188.748854][T15832] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4762'.
[  188.931542][T15861] syzkaller0: entered allmulticast mode
[  188.937364][T15861] syzkaller0: entered promiscuous mode
[  188.955024][T15861] syzkaller0 (unregistering): left allmulticast mode
[  188.961810][T15861] syzkaller0 (unregistering): left promiscuous mode
[  189.183236][T15881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4783'.
[  189.195100][T15879] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4782'.
[  189.207075][T15881] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4783'.
[  189.251987][T15881] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4783'.
[  189.278067][T15890] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4787'.
[  189.288998][T15890] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.301816][T15890] bridge_slave_1 (unregistering): left allmulticast mode
[  189.308993][T15890] bridge_slave_1 (unregistering): left promiscuous mode
[  189.316016][T15890] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.342163][T15893] bond0 (unregistering): (slave bond3): Releasing backup interface
[  189.351431][T15893] bond0 (unregistering): Released all slaves
[  189.527430][T15918] random: crng reseeded on system resumption
[  189.586947][T15925] bridge0: port 2(gretap0) entered blocking state
[  189.593584][T15925] bridge0: port 2(gretap0) entered disabled state
[  189.623774][T15925] gretap0: entered allmulticast mode
[  189.629749][T15925] gretap0: entered promiscuous mode
[  189.635650][T15925] bridge0: port 2(gretap0) entered blocking state
[  189.642227][T15925] bridge0: port 2(gretap0) entered forwarding state
[  189.656056][T15925] gretap0: left allmulticast mode
[  189.661249][T15925] gretap0: left promiscuous mode
[  189.666480][T15925] bridge0: port 2(gretap0) entered disabled state
[  189.718848][T15936] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  190.611958][T15992] netlink: 'syz.5.4827': attribute type 4 has an invalid length.
[  190.656543][T15992] netlink: 'syz.5.4827': attribute type 4 has an invalid length.
[  190.673040][T15995] vhci_hcd: invalid port number 65
[  190.678269][T15995] vhci_hcd: invalid port number 65
[  191.237134][T16051] loop3: detected capacity change from 0 to 512
[  191.267256][T16051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.320147][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.501016][T16079] loop3: detected capacity change from 0 to 512
[  191.538359][T16079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.655160][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.052547][   T29] kauditd_printk_skb: 132 callbacks suppressed
[  192.052565][   T29] audit: type=1326 audit(191.832:4574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.098900][   T29] audit: type=1326 audit(191.869:4575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.122104][   T29] audit: type=1326 audit(191.869:4576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.145021][   T29] audit: type=1326 audit(191.869:4577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.168238][   T29] audit: type=1326 audit(191.869:4578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.191307][   T29] audit: type=1326 audit(191.869:4579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.214161][   T29] audit: type=1326 audit(191.869:4580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16130 comm="syz.3.4890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  192.298598][T16143] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  192.721546][   T29] audit: type=1326 audit(192.459:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16157 comm="syz.5.4901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  192.748403][   T29] audit: type=1326 audit(192.459:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16157 comm="syz.5.4901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  192.783558][   T29] audit: type=1326 audit(192.496:4583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16157 comm="syz.5.4901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  193.245893][T16214] loop3: detected capacity change from 0 to 256
[  193.305717][T16214] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  193.641842][T16239] netlink: 'syz.2.4938': attribute type 3 has an invalid length.
[  193.829466][T16255] tipc: Enabled bearer <ib:gre0>, priority 22
[  194.436100][ T4326] Bluetooth: hci0: Frame reassembly failed (-84)
[  194.658238][T16324] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16324 comm=syz.3.4972
[  194.904214][T16349] __nla_validate_parse: 13 callbacks suppressed
[  194.904231][T16349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4983'.
[  194.921764][T16349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4983'.
[  195.022422][T16355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4986'.
[  195.037637][T16355] netlink: 92 bytes leftover after parsing attributes in process `syz.0.4986'.
[  195.102531][T16360] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.116661][T16360] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.171233][T16360] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.202213][T16360] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.273658][ T4332] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.287400][ T4332] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.313522][ T4332] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.329018][ T4332] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.393930][T16380] netlink: 'syz.3.4998': attribute type 12 has an invalid length.
[  195.469961][T16392] loop3: detected capacity change from 0 to 128
[  195.481997][T16392] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5003'.
[  195.608055][T16413] bridge0: port 1(batadv1) entered blocking state
[  195.614770][T16413] bridge0: port 1(batadv1) entered disabled state
[  195.621652][T16413] batadv1: entered allmulticast mode
[  195.627451][T16413] batadv1: entered promiscuous mode
[  195.891123][T16436] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5024'.
[  196.151188][ T4326] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  196.160478][ T4326] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  196.332213][T16467] loop3: detected capacity change from 0 to 512
[  196.342341][T16467] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  196.357234][T16467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.404217][T16467] EXT4-fs: Ignoring removed orlov option
[  196.410330][T16467] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  196.420804][T16467] EXT4-fs (loop3): can't enable nombcache during remount
[  196.455452][ T3322] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.599921][ T3830] Bluetooth: hci0: command 0x1003 tx timeout
[  196.605998][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  196.673382][T16486] pimreg: entered allmulticast mode
[  196.690409][T16486] pimreg: left allmulticast mode
[  196.851092][T16495] loop5: detected capacity change from 0 to 512
[  196.868682][T16495] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #3: comm syz.5.5047: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  196.910503][T16495] EXT4-fs error (device loop5): ext4_quota_enable:7139: comm syz.5.5047: Bad quota inode: 3, type: 0
[  196.930445][T16495] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  196.945900][T16495] EXT4-fs (loop5): mount failed
[  197.003726][T16509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5051'.
[  197.066556][T16515] netlink: 96 bytes leftover after parsing attributes in process `syz.4.5054'.
[  197.325605][T16553] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16553 comm=syz.0.5071
[  197.447923][T16566] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5076'.
[  197.562029][T16582] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5085'.
[  197.609941][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  197.610024][   T29] audit: type=1400 audit(197.036:4711): avc:  denied  { connect } for  pid=16587 comm="syz.2.5088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  197.686898][T16597] macsec0: entered promiscuous mode
[  197.919727][   T29] audit: type=1400 audit(197.326:4712): avc:  denied  { name_bind } for  pid=16602 comm="syz.5.5096" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  197.963576][   T29] audit: type=1326 audit(197.364:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  197.986672][   T29] audit: type=1326 audit(197.364:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.009590][   T29] audit: type=1326 audit(197.364:4715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.032710][   T29] audit: type=1326 audit(197.364:4716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.055790][   T29] audit: type=1326 audit(197.364:4717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.078868][   T29] audit: type=1326 audit(197.364:4718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.101909][   T29] audit: type=1326 audit(197.364:4719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.125487][   T29] audit: type=1326 audit(197.364:4720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16608 comm="syz.0.5097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  198.287778][ T3381] kernel write not supported for file bpf-prog (pid: 3381 comm: kworker/0:2)
[  198.892895][T16670] sctp: [Deprecated]: syz.0.5124 (pid 16670) Use of struct sctp_assoc_value in delayed_ack socket option.
[  198.892895][T16670] Use struct sctp_sack_info instead
[  198.910730][T16670] sctp: [Deprecated]: syz.0.5124 (pid 16670) Use of struct sctp_assoc_value in delayed_ack socket option.
[  198.910730][T16670] Use struct sctp_sack_info instead
[  199.348081][T16687] netlink: 'syz.2.5132': attribute type 12 has an invalid length.
[  199.557408][T16706] xt_hashlimit: max too large, truncated to 1048576
[  199.608287][T16711] sctp: [Deprecated]: syz.0.5142 (pid 16711) Use of int in max_burst socket option.
[  199.608287][T16711] Use struct sctp_assoc_value instead
[  199.776324][T16717] sctp: [Deprecated]: syz.5.5139 (pid 16717) Use of struct sctp_assoc_value in delayed_ack socket option.
[  199.776324][T16717] Use struct sctp_sack_info instead
[  199.814871][T16717] sctp: [Deprecated]: syz.5.5139 (pid 16717) Use of struct sctp_assoc_value in delayed_ack socket option.
[  199.814871][T16717] Use struct sctp_sack_info instead
[  200.270285][T16753] __nla_validate_parse: 2 callbacks suppressed
[  200.270303][T16753] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5159'.
[  200.401048][T16769] netlink: 188 bytes leftover after parsing attributes in process `syz.2.5166'.
[  202.163908][T16835] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5194'.
[  202.349160][T16856] 9pnet_fd: Insufficient options for proto=fd
[  202.389948][T16860] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5206'.
[  202.470134][T16873] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5212'.
[  202.622928][T16893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5222'.
[  202.632949][T16893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5222'.
[  202.717114][T16902] netlink: 'syz.0.5227': attribute type 10 has an invalid length.
[  203.103137][T16939] syz_tun: entered allmulticast mode
[  203.118186][T16938] syz_tun: left allmulticast mode
[  203.433218][   T29] kauditd_printk_skb: 115 callbacks suppressed
[  203.433235][   T29] audit: type=1326 audit(202.484:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.462556][   T29] audit: type=1326 audit(202.484:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.570907][   T29] audit: type=1326 audit(202.484:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.589674][T16964] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5249'.
[  203.593925][   T29] audit: type=1326 audit(202.484:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.625714][   T29] audit: type=1326 audit(202.484:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.648742][   T29] audit: type=1326 audit(202.484:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.671747][   T29] audit: type=1326 audit(202.484:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16946 comm="syz.2.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  203.788019][   T29] audit: type=1400 audit(202.811:4843): avc:  denied  { bind } for  pid=16967 comm="syz.5.5252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  203.808076][   T29] audit: type=1400 audit(202.839:4844): avc:  denied  { listen } for  pid=16967 comm="syz.5.5252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  203.837683][T16973] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5253'.
[  203.887569][T16975] sd 0:0:1:0: device reset
[  204.044425][T16991] netlink: 'syz.0.5260': attribute type 10 has an invalid length.
[  204.075326][T16993] syz_tun: entered allmulticast mode
[  204.082861][T16992] syz_tun: left allmulticast mode
[  204.318560][   T29] audit: type=1326 audit(203.317:4845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17017 comm="syz.2.5271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  205.127142][T17077] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5295'.
[  207.042472][T17128] loop5: detected capacity change from 0 to 128
[  207.073481][T17132] __nla_validate_parse: 1 callbacks suppressed
[  207.073502][T17132] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5316'.
[  207.115199][T17132] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5316'.
[  207.123491][T17136] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5318'.
[  207.339586][T17146] SELinux:  Context  is not valid (left unmapped).
[  207.456586][T17157] loop5: detected capacity change from 0 to 512
[  207.463346][T17157] ext2: Unknown parameter 'noacl'
[  207.815392][T17182] loop5: detected capacity change from 0 to 1024
[  207.831502][T17182] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  208.512985][T17213] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5350'.
[  208.547772][T17210] vhci_hcd: invalid port number 96
[  208.552956][T17210] vhci_hcd: default hub control req: 2000 vfffc i0060 l7
[  208.555310][T17213] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5350'.
[  208.696865][T17218] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17218 comm=syz.4.5353
[  208.974695][   T29] kauditd_printk_skb: 360 callbacks suppressed
[  208.974711][   T29] audit: type=1400 audit(2000000003.631:5206): avc:  denied  { setopt } for  pid=17229 comm="syz.4.5358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  209.030985][T17214] netlink: 'syz.0.5351': attribute type 4 has an invalid length.
[  209.038819][T17214] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.5351'.
[  209.176812][T17241] 9pnet: Could not find request transport: f
[  209.210739][T17244] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5364'.
[  209.316348][T17253] netlink: 88 bytes leftover after parsing attributes in process `syz.0.5365'.
[  209.641690][T17283] netlink: 'syz.2.5381': attribute type 5 has an invalid length.
[  209.699574][T17288] netlink: 'syz.2.5381': attribute type 5 has an invalid length.
[  209.754020][T17290] 9pnet_fd: Insufficient options for proto=fd
[  209.910337][   T29] audit: type=1400 audit(2000000004.501:5207): avc:  denied  { firmware_load } for  pid=17295 comm="syz.4.5387" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  209.947337][T17298] geneve2: entered promiscuous mode
[  209.952594][T17298] geneve2: entered allmulticast mode
[  210.157886][   T29] audit: type=1400 audit(2000000004.726:5208): avc:  denied  { setopt } for  pid=17299 comm="syz.5.5399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  210.746676][T17327] netlink: 52 bytes leftover after parsing attributes in process `syz.4.5401'.
[  210.918306][T17342] netlink: 'syz.3.5406': attribute type 4 has an invalid length.
[  210.948737][T17342] netlink: 'syz.3.5406': attribute type 4 has an invalid length.
[  211.164080][   T29] audit: type=1326 audit(2000000005.680:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.187729][   T29] audit: type=1326 audit(2000000005.680:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.245629][   T29] audit: type=1326 audit(2000000005.727:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.269222][   T29] audit: type=1326 audit(2000000005.727:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.292776][   T29] audit: type=1326 audit(2000000005.727:5213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.316343][   T29] audit: type=1326 audit(2000000005.727:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.339930][   T29] audit: type=1326 audit(2000000005.727:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17360 comm="syz.4.5415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  211.543142][T17386] netlink: 'syz.4.5424': attribute type 4 has an invalid length.
[  211.591059][T17386] netlink: 'syz.4.5424': attribute type 4 has an invalid length.
[  212.117103][T17426] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5442'.
[  214.170718][T17616] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5479'.
[  214.360795][T17633] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17633 comm=syz.0.5488
[  214.373469][T17633] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17633 comm=syz.0.5488
[  214.643515][T17650] veth0_vlan: entered allmulticast mode
[  214.654392][T17654] netlink: 'syz.0.5498': attribute type 4 has an invalid length.
[  214.662418][T17650] veth0_vlan: left promiscuous mode
[  214.668278][T17650] veth0_vlan: entered promiscuous mode
[  214.687954][T17654] netlink: 'syz.0.5498': attribute type 4 has an invalid length.
[  214.713483][T17654] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5498'.
[  214.800263][ T4331] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.809042][ T4334] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.822268][ T4334] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.840144][T17663] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5502'.
[  214.850270][ T4334] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.859037][   T29] kauditd_printk_skb: 309 callbacks suppressed
[  214.859053][   T29] audit: type=1400 audit(2000000009.134:5525): avc:  denied  { ioctl } for  pid=17664 comm="syz.0.5503" path="socket:[45586]" dev="sockfs" ino=45586 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  214.994079][   T29] audit: type=1400 audit(2000000009.171:5526): avc:  denied  { relabelfrom } for  pid=17660 comm="syz.5.5501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  215.014135][   T29] audit: type=1400 audit(2000000009.171:5527): avc:  denied  { relabelto } for  pid=17660 comm="syz.5.5501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  215.113950][T17682] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5509'.
[  215.637658][T17697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5514'.
[  215.651791][T17697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5514'.
[  215.732286][T17656] Set syz1 is full, maxelem 65536 reached
[  215.788226][ T3428] IPVS: starting estimator thread 0...
[  215.865542][T17718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5521'.
[  215.884919][T17708] IPVS: using max 2544 ests per chain, 127200 per kthread
[  215.893175][T17718] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5521'.
[  215.942874][   T29] audit: type=1400 audit(2000000010.154:5528): avc:  denied  { watch watch_reads } for  pid=17730 comm="syz.4.5526" path="/" dev="ramfs" ino=45693 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  216.311093][T17746] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5535'.
[  216.417512][   T29] audit: type=1400 audit(2000000010.594:5529): avc:  denied  { mounton } for  pid=17765 comm="syz.4.5542" path="/1151/file0" dev="tmpfs" ino=5934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  217.443569][T17804] netlink: 'syz.5.5558': attribute type 1 has an invalid length.
[  217.458570][T17804] bond1: entered promiscuous mode
[  217.464004][T17804] 8021q: adding VLAN 0 to HW filter on device bond1
[  217.489994][T17804] 8021q: adding VLAN 0 to HW filter on device bond1
[  217.497455][T17804] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address
[  217.507712][T17804] bond1: (slave xfrm1): Setting fail_over_mac to active for active-backup mode
[  217.518817][T17804] bond1: (slave xfrm1): making interface the new active one
[  217.526292][T17804] xfrm1: entered promiscuous mode
[  217.534172][T17804] bond1: (slave xfrm1): Enslaving as an active interface with an up link
[  218.364583][T17865] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5584'.
[  218.546207][   T29] audit: type=1326 audit(2000000012.587:5530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17874 comm="syz.5.5589" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f46b726f6c9 code=0x0
[  218.919898][T17889] netlink: 'syz.2.5595': attribute type 21 has an invalid length.
[  218.989037][   T29] audit: type=1400 audit(2000000012.999:5531): avc:  denied  { create } for  pid=17898 comm="syz.3.5599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  219.009986][   T29] audit: type=1400 audit(2000000012.999:5532): avc:  denied  { lock } for  pid=17898 comm="syz.3.5599" path="socket:[48194]" dev="sockfs" ino=48194 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  219.084335][T17907] 9pnet_fd: Insufficient options for proto=fd
[  219.454007][T17926] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  219.470321][   T29] audit: type=1326 audit(2000000013.448:5533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17925 comm="syz.5.5612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  219.494205][   T29] audit: type=1326 audit(2000000013.448:5534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17925 comm="syz.5.5612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  219.519104][T17929] netlink: 'syz.2.5613': attribute type 12 has an invalid length.
[  219.543961][T17932] bridge0: port 3(macsec1) entered blocking state
[  219.550531][T17932] bridge0: port 3(macsec1) entered disabled state
[  219.557246][T17932] macsec1: entered allmulticast mode
[  219.562661][T17932] bridge0: entered allmulticast mode
[  219.590233][T17932] macsec1: left allmulticast mode
[  219.595418][T17932] bridge0: left allmulticast mode
[  219.904956][T17960] __nla_validate_parse: 5 callbacks suppressed
[  219.904973][T17960] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5626'.
[  219.921221][T17961] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5627'.
[  220.027981][T17972] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5632'.
[  220.204922][T17989] sd 0:0:1:0: device reset
[  220.245325][T17991] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5641'.
[  220.279545][   T29] kauditd_printk_skb: 62 callbacks suppressed
[  220.279568][   T29] audit: type=1326 audit(2000000014.206:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.310452][   T29] audit: type=1326 audit(2000000014.206:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa84c01df10 code=0x7ffc0000
[  220.334157][   T29] audit: type=1326 audit(2000000014.206:5599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.357929][   T29] audit: type=1326 audit(2000000014.206:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.381647][   T29] audit: type=1326 audit(2000000014.206:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.405102][   T29] audit: type=1326 audit(2000000014.206:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.428901][   T29] audit: type=1326 audit(2000000014.206:5603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18000 comm="syz.3.5646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  220.463229][T18006] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5648'.
[  220.489613][   T29] audit: type=1326 audit(2000000014.403:5604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18007 comm="syz.2.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  220.513198][   T29] audit: type=1326 audit(2000000014.403:5605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18007 comm="syz.2.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  220.546251][   T29] audit: type=1326 audit(2000000014.450:5606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18007 comm="syz.2.5649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f146468f6c9 code=0x7ffc0000
[  221.166311][T18066] syzkaller1: entered promiscuous mode
[  221.171838][T18066] syzkaller1: entered allmulticast mode
[  221.685844][T18115] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5692'.
[  221.893215][T18137] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5704'.
[  221.944628][T18143] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18143 comm=syz.3.5706
[  222.297534][T18167] syzkaller0: entered allmulticast mode
[  222.314807][T18167] syzkaller0: entered promiscuous mode
[  222.321696][T18169] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5719'.
[  222.333052][T18167] syzkaller0 (unregistering): left promiscuous mode
[  222.339762][T18167] syzkaller0 (unregistering): left allmulticast mode
[  222.593389][T18190] gre0: MTU too low for tipc bearer
[  222.598681][T18190] tipc: Disabling bearer <ib:gre0>
[  222.706796][T18196] loop5: detected capacity change from 0 to 256
[  222.723707][T18196] vfat: Unknown parameter 'arset'
[  222.852919][T18208] netlink: 'syz.4.5734': attribute type 13 has an invalid length.
[  223.479611][T18223] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5741'.
[  223.700870][T18229] netlink: 55631 bytes leftover after parsing attributes in process `syz.4.5744'.
[  223.738897][T18235] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  223.747630][T18235] ref_ctr increment failed for inode: 0x15ba offset: 0x4 ref_ctr_offset: 0x2 of mm: 0xffff8881043ebf40
[  224.925460][ T8488] kernel write not supported for file bpf-prog (pid: 8488 comm: kworker/1:13)
[  224.977752][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  224.977861][ T3830] Bluetooth: hci0: command 0x1003 tx timeout
[  225.147911][T18452] netlink: 'syz.5.5796': attribute type 10 has an invalid length.
[  225.172917][T18452] team0: Port device geneve1 added
[  225.346584][T18525] smc: net device bond0 applied user defined pnetid SYZ0
[  225.375369][T18525] smc: net device bond0 erased user defined pnetid SYZ0
[  225.593716][T18608] netlink: 'syz.5.5808': attribute type 1 has an invalid length.
[  225.636422][T18608] 8021q: adding VLAN 0 to HW filter on device bond2
[  225.676191][T18612] bond2: (slave dummy0): making interface the new active one
[  225.699497][T18612] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  225.743577][   T29] kauditd_printk_skb: 67 callbacks suppressed
[  225.743595][   T29] audit: type=1400 audit(2000000019.316:5674): avc:  denied  { bind } for  pid=18619 comm="syz.0.5812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  225.791153][T18608] bond2 (unregistering): (slave dummy0): Releasing active interface
[  225.823644][T18608] bond2 (unregistering): Released all slaves
[  225.854717][T18628] __nla_validate_parse: 2 callbacks suppressed
[  225.854735][T18628] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5816'.
[  225.887810][T18628] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5816'.
[  226.007690][   T29] audit: type=1326 audit(2000000019.569:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.031297][   T29] audit: type=1326 audit(2000000019.569:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.112823][   T29] audit: type=1326 audit(2000000019.625:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.136423][   T29] audit: type=1326 audit(2000000019.625:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.159994][   T29] audit: type=1326 audit(2000000019.625:5679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.183722][   T29] audit: type=1326 audit(2000000019.625:5680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.207208][   T29] audit: type=1326 audit(2000000019.625:5681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.230763][   T29] audit: type=1326 audit(2000000019.625:5682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.5.5823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  226.294968][T18651] kernel read not supported for file /!selinuxwk1�m�9ɞ*T����#j����Y��mV�vm(p�-QZ#�{�� (pid: 18651 comm: syz.2.5821)
[  226.308217][   T29] audit: type=1400 audit(2000000019.841:5683): avc:  denied  { module_load } for  pid=18648 comm="syz.2.5821" path=2F2173656C696E7578776B311FD06DC37F39C99E2A0D5493FDE291EFAA16236A978FBCDE590FCCC56D56CB15766D2870C92D515A23D27B84BF06 dev="mqueue" ino=49142 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  226.592748][T18676] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18676 comm=syz.2.5836
[  226.867444][T18698] netlink: 'syz.4.5842': attribute type 1 has an invalid length.
[  226.924263][T18698] 8021q: adding VLAN 0 to HW filter on device bond5
[  226.958286][T18706] bond5: (slave dummy0): making interface the new active one
[  226.969086][T18706] bond5: (slave dummy0): Enslaving as an active interface with an up link
[  227.018092][T18698] bond5 (unregistering): (slave dummy0): Releasing active interface
[  227.082451][T18698] bond5 (unregistering): Released all slaves
[  227.179498][T18720] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5865'.
[  227.188565][T18720] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5865'.
[  227.212363][T18724] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5857'.
[  227.780402][T18763] netlink: 'syz.5.5873': attribute type 1 has an invalid length.
[  227.788257][T18763] netlink: 'syz.5.5873': attribute type 2 has an invalid length.
[  227.796016][T18763] netlink: 252 bytes leftover after parsing attributes in process `syz.5.5873'.
[  227.805122][T18763] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.889569][T18768] loop5: detected capacity change from 0 to 164
[  227.908005][T18768] bio_check_eod: 37 callbacks suppressed
[  227.908021][T18768] syz.5.5875: attempt to access beyond end of device
[  227.908021][T18768] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  227.937723][T18768] syz.5.5875: attempt to access beyond end of device
[  227.937723][T18768] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  227.991722][T18776] netlink: 96 bytes leftover after parsing attributes in process `syz.5.5880'.
[  228.092132][T18787] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18787 comm=syz.2.5884
[  228.115345][T18792] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5885'.
[  228.125146][T18792] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5885'.
[  228.539854][T18833] vlan2: entered allmulticast mode
[  229.597036][T18973] syz!: rxe_newlink: already configured on team_slave_0
[  229.683374][T18982] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5934'.
[  229.693082][T18982] netlink: 'syz.5.5934': attribute type 6 has an invalid length.
[  231.223883][T19101] vlan3: entered allmulticast mode
[  231.256051][   T29] kauditd_printk_skb: 154 callbacks suppressed
[  231.256069][   T29] audit: type=1400 audit(2000000024.483:5838): avc:  denied  { unmount } for  pid=19104 comm="syz.2.5992" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[  231.283845][T19107] __nla_validate_parse: 4 callbacks suppressed
[  231.283866][T19107] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5993'.
[  231.441406][   T29] audit: type=1400 audit(2000000024.651:5839): avc:  denied  { connect } for  pid=19125 comm="syz.4.6002" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  231.522624][T19138] sch_tbf: burst 19869 is lower than device lo mtu (11337746) !
[  231.594153][   T29] audit: type=1326 audit(2000000024.801:5840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="syz.5.6008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.619797][   T29] audit: type=1326 audit(2000000024.820:5841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="syz.5.6008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.643481][   T29] audit: type=1326 audit(2000000024.820:5842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.666570][   T29] audit: type=1326 audit(2000000024.820:5843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.689728][   T29] audit: type=1326 audit(2000000024.820:5844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.712860][   T29] audit: type=1326 audit(2000000024.820:5845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.735964][   T29] audit: type=1326 audit(2000000024.820:5846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.771580][   T29] audit: type=1326 audit(2000000024.820:5847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19140 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f46b726f6c9 code=0x7ffc0000
[  231.845747][T19148] netlink: 'syz.5.6011': attribute type 13 has an invalid length.
[  231.964265][T19148] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  231.974728][T19148] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.051535][ T4307] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.060687][ T4307] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.070686][ T4307] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.080026][ T4307] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.194044][T19160] netlink: 'syz.5.6017': attribute type 12 has an invalid length.
[  232.303723][T19168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6020'.
[  232.312841][T19168] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6020'.
[  232.322027][T19168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6020'.
[  232.331145][T19168] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6020'.
[  232.340194][T19168] netlink: 'syz.2.6020': attribute type 6 has an invalid length.
[  232.807898][T19204] ip6tnl3: entered promiscuous mode
[  232.813432][T19204] ip6tnl3: entered allmulticast mode
[  233.254605][T19239] netlink: 96 bytes leftover after parsing attributes in process `syz.5.6052'.
[  233.319321][T19245] wg2: entered promiscuous mode
[  233.324368][T19245] wg2: entered allmulticast mode
[  233.418268][T19253] netlink: 96 bytes leftover after parsing attributes in process `syz.5.6060'.
[  233.785643][T19285] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=19285 comm=syz.5.6073
[  234.739992][T19333] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6097'.
[  234.937378][T19354] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6107'.
[  234.951340][T19357] uprobe: syz.5.6109:19357 failed to unregister, leaking uprobe
[  234.959249][T19357] uprobe: syz.5.6109:19357 failed to unregister, leaking uprobe
[  235.048085][T19365] uprobe: syz.3.6123:19365 failed to unregister, leaking uprobe
[  235.095671][T19365] uprobe: syz.3.6123:19365 failed to unregister, leaking uprobe
[  235.560284][T19392] batman_adv: batadv0: Adding interface: dummy0
[  235.566685][T19392] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  235.592177][T19392] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  235.681556][T19403] macsec0: left promiscuous mode
[  235.691522][T19405] uprobe: syz.0.6130:19405 failed to unregister, leaking uprobe
[  235.731083][T19405] uprobe: syz.0.6130:19405 failed to unregister, leaking uprobe
[  236.398312][T19458] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3784037433/3784037435
[  236.425654][T19458] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3784037433/3784037435
[  236.435081][T19458] tipc: Failed to remove unknown binding: 66,1,1/2886997007:3784037433/3784037435
[  236.587338][T19475] sch_fq: defrate 4294967295 ignored.
[  236.634495][T19478] ip6tnl1: entered promiscuous mode
[  236.639790][T19478] ip6tnl1: entered allmulticast mode
[  236.819623][T19521] bridge0: entered allmulticast mode
[  236.839213][T19521] batadv1: left allmulticast mode
[  236.844317][T19521] batadv1: left promiscuous mode
[  236.849399][T19521] bridge0: port 1(batadv1) entered disabled state
[  236.969111][T19545] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6165'.
[  236.978828][T19545] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6165'.
[  237.061316][   T29] kauditd_printk_skb: 131 callbacks suppressed
[  237.061334][   T29] audit: type=1326 audit(2000000029.911:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19555 comm="syz.3.6170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa84c01f6c9 code=0x7ffc0000
[  237.093226][   T29] audit: type=1326 audit(2000000029.911:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.116900][   T29] audit: type=1326 audit(2000000029.911:5981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.140485][   T29] audit: type=1326 audit(2000000029.920:5982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.164143][   T29] audit: type=1326 audit(2000000029.920:5983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.187693][   T29] audit: type=1326 audit(2000000029.920:5984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.211367][   T29] audit: type=1326 audit(2000000029.920:5985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.215542][T19563] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  237.235001][   T29] audit: type=1326 audit(2000000029.920:5986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.266337][   T29] audit: type=1326 audit(2000000029.920:5987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.290000][   T29] audit: type=1326 audit(2000000029.920:5988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19557 comm="syz.4.6171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  237.583811][T19589] veth0_vlan: left allmulticast mode
[  239.298183][T19652] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19652 comm=syz.2.6213
[  239.531176][T19665] netlink: 96 bytes leftover after parsing attributes in process `syz.5.6218'.
[  240.225745][T19710] netlink: 96 bytes leftover after parsing attributes in process `syz.0.6236'.
[  240.570711][T19733] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6246'.
[  240.643451][T19738] netlink: 'syz.2.6248': attribute type 4 has an invalid length.
[  240.698702][T19738] netlink: 'syz.2.6248': attribute type 4 has an invalid length.
[  240.996779][T19759] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6257'.
[  241.015615][T19759] netem: change failed
[  241.177590][T19781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6268'.
[  241.187922][T19781] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6268'.
[  241.530129][T19814] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.6280'.
[  241.539419][T19814] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6280'.
[  241.852831][T19831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=19831 comm=syz.4.6289
[  242.441300][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  242.441314][   T29] audit: type=1326 audit(2000000034.946:6058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.495596][   T29] audit: type=1326 audit(2000000034.983:6059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.519220][   T29] audit: type=1326 audit(2000000034.983:6060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.543015][   T29] audit: type=1326 audit(2000000034.983:6061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.566747][   T29] audit: type=1326 audit(2000000034.983:6062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.590384][   T29] audit: type=1326 audit(2000000034.983:6063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.613980][   T29] audit: type=1326 audit(2000000034.983:6064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.637545][   T29] audit: type=1326 audit(2000000034.983:6065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.661132][   T29] audit: type=1326 audit(2000000034.983:6066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.684839][   T29] audit: type=1326 audit(2000000034.983:6067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.0.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38de65f6c9 code=0x7ffc0000
[  242.772643][T19846] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6295'.
[  243.261156][T19884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6313'.
[  243.389168][T19891] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6316'.
[  243.556166][T19897] lo: entered allmulticast mode
[  243.561944][T19897] lo: left allmulticast mode
[  244.827891][T19962] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6348'.
[  244.866287][T19962] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6348'.
[  245.246911][T19991] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6360'.
[  245.256156][T19991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  245.273877][T19991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.589608][T20019] netlink: 131740 bytes leftover after parsing attributes in process `syz.2.6372'.
[  245.610771][T20019] netlink: zone id is out of range
[  245.615928][T20019] netlink: zone id is out of range
[  245.631790][T20019] netlink: zone id is out of range
[  245.636963][T20019] netlink: zone id is out of range
[  245.655419][T20019] netlink: del zone limit has 8 unknown bytes
[  245.715968][T20027] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6376'.
[  245.751800][T20027] batman_adv: batadv0: Removing interface: dummy0
[  246.068766][T20064] netlink: 96 bytes leftover after parsing attributes in process `syz.0.6392'.
[  247.078997][T20159] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6410'.
[  247.474638][T20139] chnl_net:caif_netlink_parms(): no params data found
[  247.551560][T20139] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.558719][T20139] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.577536][T20139] bridge_slave_0: entered allmulticast mode
[  247.584649][T20139] bridge_slave_0: entered promiscuous mode
[  247.592296][T20139] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.599501][T20139] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.606856][T20139] bridge_slave_1: entered allmulticast mode
[  247.613504][T20139] bridge_slave_1: entered promiscuous mode
[  247.637345][T20139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.648162][T20139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.676660][T20139] team0: Port device team_slave_0 added
[  247.683906][T20139] team0: Port device team_slave_1 added
[  247.715564][T20139] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.722563][T20139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  247.748520][T20139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.258408][T20139] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.265529][T20139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  248.291506][T20139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.349430][T20139] hsr_slave_0: entered promiscuous mode
[  248.355812][T20139] hsr_slave_1: entered promiscuous mode
[  248.370205][T20139] debugfs: 'hsr0' already exists in 'hsr'
[  248.376013][T20139] Cannot create hsr debugfs directory
[  248.872259][   T29] kauditd_printk_skb: 141 callbacks suppressed
[  248.872276][   T29] audit: type=1326 audit(2000000040.973:6209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  248.905029][   T29] audit: type=1326 audit(2000000041.001:6210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  248.928940][   T29] audit: type=1326 audit(2000000041.001:6211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  248.952467][   T29] audit: type=1326 audit(2000000041.001:6212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  248.988004][   T29] audit: type=1326 audit(2000000041.067:6213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.011738][   T29] audit: type=1326 audit(2000000041.067:6214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.035313][   T29] audit: type=1326 audit(2000000041.067:6215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.058926][   T29] audit: type=1326 audit(2000000041.067:6216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.082473][   T29] audit: type=1326 audit(2000000041.067:6217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.106012][   T29] audit: type=1326 audit(2000000041.067:6218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20237 comm="syz.4.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4cdeef6c9 code=0x7ffc0000
[  249.377176][T20139] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  249.431410][T20268] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[  249.440384][T20139] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  249.457249][T20139] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  249.474255][T20268] __nla_validate_parse: 1 callbacks suppressed
[  249.474277][T20268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6439'.
[  249.496850][T20139] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  249.632437][T20139] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.667057][T20139] 8021q: adding VLAN 0 to HW filter on device team0
[  249.696574][ T4361] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.703726][ T4361] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.745831][ T4282] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.752950][ T4282] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.813557][T20304] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6455'.
[  249.833889][T20139] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  249.898281][T20311] IPVS: Error connecting to the multicast addr
[  249.963163][T20314] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6459'.
[  250.029500][T20139] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.107524][T20331] netlink: 536 bytes leftover after parsing attributes in process `syz.5.6465'.
[  250.147201][T20331] netlink: 60 bytes leftover after parsing attributes in process `syz.5.6465'.
[  250.170383][T20139] veth0_vlan: entered promiscuous mode
[  250.188207][T20139] veth1_vlan: entered promiscuous mode
[  250.204375][T20139] veth0_macvtap: entered promiscuous mode
[  250.228026][T20139] veth1_macvtap: entered promiscuous mode
[  250.249446][T20139] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.261549][T20139] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.272678][ T4361] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.282948][ T4361] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.300048][ T4361] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.317279][ T4282] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.782639][T20351] ==================================================================
[  250.790783][T20351] BUG: KCSAN: data-race in atime_needs_update / touch_atime
[  250.798130][T20351] 
[  250.800552][T20351] read to 0xffff88811c087b10 of 4 bytes by task 20356 on cpu 0:
[  250.808198][T20351]  atime_needs_update+0x25f/0x3e0
[  250.813270][T20351]  touch_atime+0x4a/0x340
[  250.817657][T20351]  shmem_file_read_iter+0x477/0x540
[  250.822883][T20351]  copy_splice_read+0x442/0x660
[  250.827768][T20351]  splice_direct_to_actor+0x290/0x680
[  250.833165][T20351]  do_splice_direct+0xda/0x150
[  250.837955][T20351]  do_sendfile+0x380/0x650
[  250.842428][T20351]  __x64_sys_sendfile64+0x105/0x150
[  250.847649][T20351]  x64_sys_call+0x2bb4/0x3000
[  250.852341][T20351]  do_syscall_64+0xd2/0x200
[  250.856854][T20351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.862757][T20351] 
[  250.865087][T20351] write to 0xffff88811c087b10 of 4 bytes by task 20351 on cpu 1:
[  250.872813][T20351]  touch_atime+0x1e8/0x340
[  250.877247][T20351]  shmem_file_read_iter+0x477/0x540
[  250.882460][T20351]  copy_splice_read+0x442/0x660
[  250.887319][T20351]  splice_direct_to_actor+0x290/0x680
[  250.892701][T20351]  do_splice_direct+0xda/0x150
[  250.897477][T20351]  do_sendfile+0x380/0x650
[  250.901909][T20351]  __x64_sys_sendfile64+0x105/0x150
[  250.907127][T20351]  x64_sys_call+0x2bb4/0x3000
[  250.911813][T20351]  do_syscall_64+0xd2/0x200
[  250.916334][T20351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.922235][T20351] 
[  250.924558][T20351] value changed: 0x2c428097 -> 0x2d601dc7
[  250.930272][T20351] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  250.932599][T20351] Reported by Kernel Concurrency Sanitizer on:
[  250.938799][T20351] CPU: 1 UID: 0 PID: 20351 Comm: syz.3.6407 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  250.950190][T20351] Tainted: [W]=WARN
[  250.953996][T20351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  250.964056][T20351] ==================================================================
[  251.457936][ T4333] bridge_slave_0: left allmulticast mode
[  251.463590][ T4333] bridge_slave_0: left promiscuous mode
[  251.469376][ T4333] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.494071][ T4333] bond1 (unregistering): (slave xfrm1): Releasing backup interface
[  251.502399][ T4333] xfrm1 (unregistering): left promiscuous mode
[  251.519046][ T4333] team0: Port device geneve1 removed
[  251.862997][ T4333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  251.872679][ T4333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  251.881818][ T4333] bond0 (unregistering): Released all slaves
[  251.891052][ T4333] bond1 (unregistering): Released all slaves
[  251.971240][ T4333] hsr_slave_0: left promiscuous mode
[  251.976987][ T4333] hsr_slave_1: left promiscuous mode
[  252.024585][ T4333] team0 (unregistering): Port device team_slave_1 removed
[  252.034973][ T4333] team0 (unregistering): Port device team_slave_0 removed
[  252.313100][ T4333] IPVS: stop unused estimator thread 0...
[  252.765403][ T4361] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.310508][ T4361] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.363764][ T4361] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.417466][ T4361] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.483022][ T4361] bridge_slave_1: left allmulticast mode
[  254.488689][ T4361] bridge_slave_1: left promiscuous mode
[  254.494457][ T4361] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.502626][ T4361] bridge_slave_0: left allmulticast mode
[  254.508359][ T4361] bridge_slave_0: left promiscuous mode
[  254.514118][ T4361] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.641974][ T4361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.652024][ T4361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  254.661936][ T4361] bond0 (unregistering): Released all slaves
[  254.770158][ T4361] hsr_slave_0: left promiscuous mode
[  254.776053][ T4361] hsr_slave_1: left promiscuous mode
[  254.788919][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.796322][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.804064][ T4361] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.811595][ T4361] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.824211][ T4361] veth1_macvtap: left promiscuous mode
[  254.829771][ T4361] veth0_macvtap: left promiscuous mode
[  254.835542][ T4361] veth1_vlan: left promiscuous mode
[  254.840802][ T4361] veth0_vlan: left promiscuous mode
[  254.915495][ T4361] team0 (unregistering): Port device team_slave_1 removed
[  254.925631][ T4361] team0 (unregistering): Port device team_slave_0 removed
[  255.506871][ T4361] bond1 (unregistering): (slave bridge1): Releasing active interface
[  255.687662][ T4361] bond1 (unregistering): Released all slaves
[  255.696668][ T4361] bond2 (unregistering): Released all slaves
[  255.705803][ T4361] bond3 (unregistering): Released all slaves
[  255.752971][ T4361] tipc: Disabling bearer <udp:�>
[  255.757991][ T4361] tipc: Left network mode
[  255.794856][ T4361] hsr_slave_0: left promiscuous mode
[  256.073898][ T4361] IPVS: stop unused estimator thread 0...