last executing test programs:

2m9.919000494s ago: executing program 1 (id=428):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x47, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)

2m9.732297495s ago: executing program 1 (id=435):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x11)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x0)

2m9.598169345s ago: executing program 1 (id=440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000070000000300000048"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000440), &(0x7f0000000280)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
capget(&(0x7f0000000180)={0x19980330}, 0x0)

2m9.597569556s ago: executing program 1 (id=442):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

2m9.534168946s ago: executing program 1 (id=445):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00')
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000340)=""/160, 0xa0}], 0x1, 0x144, 0x0)

2m9.333934888s ago: executing program 1 (id=458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0900000003000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000001140)='asymmetric\x00', &(0x7f0000001180)={'syz', 0x1}, &(0x7f00000011c0)='\x85[:*!\'(\xbc\'(:+\x00', 0x0)

2m9.333761257s ago: executing program 32 (id=458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0900000003000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
request_key(&(0x7f0000001140)='asymmetric\x00', &(0x7f0000001180)={'syz', 0x1}, &(0x7f00000011c0)='\x85[:*!\'(\xbc\'(:+\x00', 0x0)

2m3.139509815s ago: executing program 0 (id=763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000640)=@generic={&(0x7f0000000340)='./file0\x00', 0x0, 0x8}, 0x18)

2m3.073667876s ago: executing program 0 (id=765):
r0 = syz_io_uring_setup(0xd3, &(0x7f0000000480)={0x0, 0x7c, 0x100, 0x2, 0x35d}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0x3, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x6, 0x2004, @fd, 0x8001, 0x0, 0x0, 0x11, 0x1, {0x1, r3}})
io_uring_enter(r0, 0x47be, 0x8000000, 0x0, 0x0, 0x0)

2m3.006690336s ago: executing program 0 (id=767):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = syz_io_uring_setup(0x10d, &(0x7f00000006c0)={0x0, 0x5884, 0x800, 0x1, 0xfffffffd}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r0, 0x0, 0x0, 0x0, 0x80800, 0x1})
io_uring_enter(r1, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

2m2.951493817s ago: executing program 0 (id=773):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000080)='./file0\x00')
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)

2m2.821228468s ago: executing program 0 (id=786):
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x4a9c1, 0x6)
r0 = socket(0x11, 0x3, 0x8000)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000140)=0xc)
mount$bpf(0x0, 0x0, 0x0, 0x50a5840, &(0x7f0000000100)={[{@gid={'gid', 0x3d, r1}}]})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

2m2.562149119s ago: executing program 0 (id=806):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

2m2.561814049s ago: executing program 33 (id=806):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1m50.718342112s ago: executing program 6 (id=1310):
r0 = syz_io_uring_setup(0x3a, &(0x7f0000000640)={0x0, 0xaddc, 0x10100, 0x0, 0x203}, &(0x7f0000000380)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r4, &(0x7f000000bf00)=[{{0x0, 0x0, &(0x7f0000000240)}}], 0x3fffffffffffe89, 0x10081)

1m47.68691692s ago: executing program 6 (id=1456):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
set_tid_address(0x0)

1m47.662779911s ago: executing program 6 (id=1457):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r1 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x550, 0xfffffffffffffc75}, 0x0, 0x0, 0x3, 0x4, 0x0, 0x40d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='cpu<=0||!')
fcntl$setlease(r0, 0x400, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

1m47.411566022s ago: executing program 6 (id=1463):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00')

1m47.375346242s ago: executing program 6 (id=1465):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000000000800100"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

1m47.093005594s ago: executing program 6 (id=1473):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f0000000980)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x25dfdbfe, {}, [{0x4}]}, 0x18}}, 0x0)

1m47.092613664s ago: executing program 34 (id=1473):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f0000000980)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x25dfdbfe, {}, [{0x4}]}, 0x18}}, 0x0)

1m41.100235831s ago: executing program 5 (id=1713):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000140)='kfree\x00', r0, 0x0, 0xfffffffffffffff8}, 0x18)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=@newtaction={0x88c, 0x30, 0xffff, 0xfffffffe, 0x80, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x5, 0xc4e, 0x3, 0x5, 0xfffffffc, 0x0, 0x0, 0xfffffff7, 0x1000, 0x4c10, 0x5, 0x6, 0x9, 0x3, 0x1, 0x4, 0x8001, 0x5, 0x9, 0x7, 0x9, 0x1, 0x80000001, 0x49, 0x836, 0x6, 0x2, 0x4, 0x5, 0x1, 0x1ff, 0x4, 0x9, 0x3, 0x6e89, 0x7, 0x8, 0x6, 0x8, 0x3, 0x3, 0x3, 0x6, 0x5, 0x80000001, 0x4d, 0x2, 0x3, 0x7, 0x40, 0xe, 0x9, 0x9, 0x5, 0xfffffffd, 0xada8, 0x1, 0x7cf816ed, 0x6, 0x9, 0x1, 0x7f, 0x10001, 0x3ff, 0x8, 0x5, 0x336, 0xc4, 0x5, 0x400, 0xff, 0x1000, 0xfffffff7, 0x7, 0x3, 0x4, 0x1000, 0x4, 0x4, 0xffff, 0x4, 0x9, 0x7, 0xd, 0x8, 0x6, 0x8, 0x1, 0x6, 0xfffff2f9, 0x9, 0x2, 0x2f05, 0x6, 0x800, 0x8, 0x5, 0x5, 0x2, 0x4b9, 0x80000000, 0x6, 0x4, 0x80000001, 0x4, 0x202e, 0x3, 0xfffffffb, 0xe5a, 0xad03, 0x5, 0x4, 0x6, 0x0, 0x6, 0xcec1, 0xffffffff, 0x6, 0x8, 0x4, 0x1, 0x8, 0x5, 0x5, 0xb8, 0xb28, 0x2, 0x5, 0x7fffffff, 0x0, 0x60, 0x9, 0x6, 0x9, 0x4, 0x9, 0x80000001, 0x9, 0x63, 0x7fff, 0x100, 0x412d, 0x98ad, 0x3, 0x7fff, 0xffffffff, 0x16e5, 0x10000, 0x8, 0x80000000, 0xd, 0x7, 0x4ca7, 0x9, 0x6, 0x1, 0x3, 0x13, 0x2, 0xb, 0x6, 0x6, 0x2, 0x5a5a605, 0xc7f, 0xb9f, 0x8, 0xa, 0x4, 0x0, 0x4, 0x80000000, 0x58, 0x5, 0x0, 0x9, 0x0, 0xff, 0x80000000, 0x9, 0x1, 0x7b, 0x0, 0x3, 0xffffe209, 0x7, 0x2000000, 0x9, 0x2, 0x800, 0x7, 0xffff, 0x8, 0xadcd, 0x4, 0x7, 0x2, 0x9, 0x8, 0x4, 0x7, 0x2000008, 0x6, 0x101, 0x600, 0x5, 0xd, 0x9, 0x1, 0x10000, 0x3cba, 0xc, 0xff, 0xab3, 0xa1f2, 0x800, 0x3, 0x1, 0x4, 0x7fffffff, 0x2, 0x0, 0x80000000, 0x3, 0x3, 0x10000, 0x6, 0x2, 0x4, 0xa2d7038, 0xd, 0x0, 0x0, 0x6, 0x0, 0x5, 0x3, 0x40, 0x8, 0xae4d, 0x3, 0x8, 0xe3, 0x7cc9, 0x8001, 0x800, 0xc, 0x2, 0x0, 0x0, 0x8, 0xff, 0x0, 0xe891, 0xe9]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x5, 0x9, 0xffffffdb, 0x6, 0x1, 0x9, 0x34f, 0x3, 0x6, 0x7, 0x986b, 0x40, 0x8, 0xeea, 0x3, 0x9, 0x9, 0x9, 0x7fff, 0x3, 0x86, 0x6, 0x5, 0x532c, 0xfffffffb, 0x0, 0xedba, 0x6, 0x2, 0x8, 0x8001, 0xffff, 0xffff7f6f, 0x6, 0x0, 0x8, 0x4, 0x3, 0x1000, 0x9, 0x5, 0x7, 0x5, 0xfffffffb, 0xfff, 0x5, 0x8, 0x7fe703d2, 0x4, 0x8001, 0x55e, 0x3, 0x7, 0x6, 0xe, 0xe2f6, 0x3, 0xfffffc14, 0x4, 0xfffffff1, 0x2, 0x5, 0x6, 0xc5, 0x0, 0xd, 0x8, 0x5, 0xdcc, 0x300000, 0xffff, 0x10001, 0xfffffffd, 0x5a, 0x10006, 0x2, 0x1, 0x0, 0x9, 0x1, 0x4, 0xf, 0x800, 0x1b6, 0x7, 0xf, 0x81c5, 0xfffffffa, 0xd, 0x9, 0xfffffffd, 0x6, 0x10001, 0x1020000, 0x4, 0x22c5, 0x2, 0x2, 0x0, 0x9aa7, 0x14a476c4, 0xd54, 0x1, 0x39e, 0x2, 0x3ff, 0x0, 0x5d02, 0x8, 0x7, 0xff, 0x2dd8, 0x7, 0x3, 0xff, 0x6, 0x3, 0x6, 0x7, 0x713a, 0x9, 0x400, 0x1, 0x1000004e, 0x80, 0x9, 0x8, 0x8, 0x80000000, 0x8, 0x6, 0x3, 0x5, 0x2, 0x2, 0x6, 0x7fff, 0x4, 0x2, 0x4, 0x2, 0x8, 0x6, 0x1, 0x4, 0x5, 0xfffffffe, 0x10, 0x8, 0x0, 0xfe3, 0x8, 0xee, 0x2, 0x8, 0x0, 0x400, 0x7, 0xe45, 0x5, 0x2, 0x80, 0x3, 0x398, 0x40, 0x6, 0x2d4, 0x3, 0x7, 0x6, 0x26, 0x200, 0x1bb, 0x1ff, 0x7, 0x800000, 0x502e, 0x3, 0x8, 0x4, 0x7, 0x80000001, 0xce, 0x9, 0x1, 0x9, 0x1000, 0xffff, 0x7, 0x2, 0x2, 0x5, 0x9, 0x10000000, 0xfffffffd, 0xd, 0x6, 0xdf3, 0x1, 0x910, 0x3ff, 0x9, 0x8, 0x4, 0x1ff, 0x7fff, 0x401, 0x6249d0dd, 0x2e01, 0x1, 0x9, 0x5, 0x7fffffff, 0x361, 0xfffffc01, 0x6, 0x337, 0x28, 0x6, 0x1, 0x6fa, 0x8001, 0x400, 0x0, 0x7, 0xffffffff, 0xfffffff7, 0xfffffff9, 0x7a2, 0x0, 0x8, 0x200, 0xa40, 0x4, 0xfff, 0x1, 0x3, 0x3, 0xf, 0x400, 0x4, 0x4b4, 0x0, 0x7e, 0x5, 0x960, 0x8, 0xff, 0x98e, 0xfffffff9, 0x800, 0x2, 0x9, 0x1a]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x81, 0x2, 0x4, 0x8, 0xf, {0xd, 0x0, 0x2, 0x4, 0x0, 0x3}, {0x2, 0x2, 0x5, 0x5a, 0x2, 0x9}, 0x23a, 0x7, 0xd000000}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88c}}, 0x0)

1m41.047272031s ago: executing program 5 (id=1715):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000c000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c0000800800034000000002"], 0xb0}}, 0x40)

1m41.024660791s ago: executing program 5 (id=1716):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000780)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']}, 0x0)

1m40.923015352s ago: executing program 5 (id=1723):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000080)='./file0\x00')
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)

1m40.807421923s ago: executing program 5 (id=1740):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r1 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x5)
fcntl$notify(r1, 0x402, 0x8000003d)

1m40.562542344s ago: executing program 5 (id=1739):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x205, 0x101301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000180)={0x20, 0xc, 0x9dcb, 0x1, 0x0, 0x9, 0x0})

1m40.562220244s ago: executing program 35 (id=1739):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x205, 0x101301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000180)={0x20, 0xc, 0x9dcb, 0x1, 0x0, 0x9, 0x0})

1m25.916426084s ago: executing program 4 (id=2314):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001640)="5346f7f875528ef24043c68e04", 0xd}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)

1m25.887244744s ago: executing program 4 (id=2332):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x20)
symlinkat(&(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000200)='./file0\x00')
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x515a02, 0x52abe154ad664f26)

1m25.823569635s ago: executing program 4 (id=2322):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x78)
perf_event_open(&(0x7f0000000a40)={0x8, 0x80, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x480, 0x4, 0x7, 0xffffffff, 0x42, 0x0, 0x2, 0x0, 0xedfe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1m25.661110156s ago: executing program 4 (id=2337):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000080)='./file0\x00')
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)

1m25.510410056s ago: executing program 4 (id=2330):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001d40)=@newqdisc={0x80, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0xffff, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x50, 0x2, {{0x3, 0x2000, 0x3, 0xe, 0x2, 0xff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x1, 0x2, 0x7fffffff, 0x4, 0xb, 0x5}}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x80}}, 0x4000010)

1m23.40130613s ago: executing program 4 (id=2374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)

1m23.34984817s ago: executing program 36 (id=2374):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x1}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)

1.317362556s ago: executing program 7 (id=6209):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000080)=0x81, 0x43)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
syz_emit_ethernet(0xda, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffdb64e5ff0800450000cc00000000fd019078ac1e0001ac1414aa03059078000500014c2406860067fff9072f1000e0000001640101024424c7c3ffffffff00000004e0000001000000090a0101000000100000000000000001004424f221ac1414aa00000000ffffffff00000006e000000200000008e00000020000000344147f83ac1414aa00000000e000000100000006831bf7ad1414bbe00000020a010102e0000002e0000001ac1414354420b3d0000000020000000d0000000880000001ffffffff000000050000b2a08303"], 0x0)
sendto$packet(r1, &(0x7f0000000180)="0b036800e0ff64000200475400f6a13bb10000000800894f4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1.294456956s ago: executing program 7 (id=6213):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1b32, 0x4)
sendto$inet(r0, &(0x7f0000000540)='v', 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=""/4098, 0x1002}, 0xb}], 0x1, 0x40002182, 0x0)

1.222242976s ago: executing program 7 (id=6215):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x45cab649}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

1.222119216s ago: executing program 7 (id=6216):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000001000370400"/20, @ANYRES32=r2, @ANYBLOB="c3040500000000003c0012800b000100697036746e6c00002c00028014000300fc0004f400000000000000000000000014000200fe"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmmsg$inet(r0, &(0x7f0000000700)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @remote}}}], 0x20}}], 0x1, 0x40000)

1.211614916s ago: executing program 7 (id=6217):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
syz_clone3(&(0x7f0000000080)={0x180801400, &(0x7f0000000000)=<r2=>0xffffffffffffffff, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pidfd_send_signal(r2, 0x20, 0x0, 0x0)

1.134241067s ago: executing program 7 (id=6219):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
ppoll(&(0x7f00000000c0)=[{r0, 0x9284}, {r2, 0x1000}], 0x2, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

1.026243317s ago: executing program 3 (id=6227):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r0, 0x406, r1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x40000010})
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

1.025901907s ago: executing program 3 (id=6229):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = epoll_create(0x6)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x9})
r2 = epoll_create(0x3)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)={0x10000004})

1.023792137s ago: executing program 3 (id=6231):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
sendto$inet6(r0, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @remote}, 0x1c)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
sendto$inet6(r0, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)

1.005554017s ago: executing program 3 (id=6233):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000580)=ANY=[], 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

718.110848ms ago: executing program 9 (id=6250):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[], 0xffa8)

710.912488ms ago: executing program 9 (id=6253):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, r2, 0x2f, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r3, 0x4)

650.209758ms ago: executing program 9 (id=6255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
socket$packet(0x11, 0x2, 0x300)
write$tun(r0, &(0x7f00000000c0)={@val={0x8, 0x800}, @val={0x7, 0x3, 0x3, 0x2, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x4, 0x28, 0x0, 0x0, 0x8, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, {{0x8100, 0x88a8, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x63, 0x5}}}}, 0x36)

649.973778ms ago: executing program 8 (id=6257):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4f, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

649.698488ms ago: executing program 9 (id=6258):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000400), 0x101201, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000600)=0x14)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000080)=0x14)
close(r1)

634.091788ms ago: executing program 9 (id=6259):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fffdffff0000000000000000850000004100000085000000d000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

619.206818ms ago: executing program 9 (id=6260):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0xfffffffc, 0xb, 0x0, 0xfffffffc, 0x7f, "db8f2d2b3b7596160c6981acf8805944823a7f"})
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)=0x7)

558.249258ms ago: executing program 8 (id=6261):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000001, 0x12, r0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r1, 0x6, 0x19, 0x0, &(0x7f0000000000))

557.937328ms ago: executing program 8 (id=6262):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2800c1e, &(0x7f00000001c0)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8241, 0x0)
io_setup(0x20fe, &(0x7f0000000540)=<r2=>0x0)
io_submit(r2, 0x3, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000200)='p', 0x8200, 0x600}])
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))

491.370698ms ago: executing program 8 (id=6263):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000480)={[{@resgid}, {}, {@data_err_ignore}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f0000000c40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)

467.798818ms ago: executing program 8 (id=6264):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000004000000000000000010000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

402.248169ms ago: executing program 3 (id=6265):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_gettime(0x1, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x81, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
clock_settime(0x0, &(0x7f0000000040)={r0, r1+10000000})

402.118269ms ago: executing program 8 (id=6266):
pipe(&(0x7f0000000d00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
openat$null(0xffffffffffffff9c, &(0x7f0000001900), 0xa0041, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x7151, 0x0)

402.005469ms ago: executing program 3 (id=6267):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect$uac1(0x4, 0x71, &(0x7f0000000580)=ANY=[], 0x0)
close_range(r2, 0xffffffffffffffff, 0x200000000000000)

109.448439ms ago: executing program 2 (id=6268):
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x2a)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0x40000009, 0xe74e, 0x80000086, 0x10009, 0x9, 0x4ed})

94.651779ms ago: executing program 2 (id=6269):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x85)
ioprio_set$uid(0x3, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
sendfile(r0, r1, 0x0, 0x3)

34.2667ms ago: executing program 2 (id=6270):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
write$P9_RVERSION(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ff", @ANYRES64], 0xfffffd97)

33.96813ms ago: executing program 2 (id=6271):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002100)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x2, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x4, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000002, 0xb, 0x7, 0x5, 0x2, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x1, 0x7, 0x4, 0x1, {0x7, 0x0, 0x3, 0x7, 0x7, 0x80000001}, {0x4, 0x2, 0x2, 0xa, 0x1ff, 0x1c0000}, 0x9, 0xbc, 0xdf72c67}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)

33.8166ms ago: executing program 2 (id=6272):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETGROUP(r1, 0x400454ce, 0x0)

0s ago: executing program 2 (id=6273):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x32)
write(r1, &(0x7f00000001c0)="49bda8f11851b8436bebb25ac5f8202ffbcc3d0b6c", 0x15)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffffffffffffffd)

kernel console output (not intermixed with test programs):

294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9896 comm="syz.7.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34c593f6c9 code=0x7ffc0000
[   96.889259][   T29] audit: type=1326 audit(96.771:3834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9896 comm="syz.7.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c593f6c9 code=0x7ffc0000
[   96.912285][   T29] audit: type=1326 audit(96.771:3835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9896 comm="syz.7.2764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34c593f6c9 code=0x7ffc0000
[   96.936615][ T9889] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   96.948373][ T9889] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[   96.951990][ T9908] ALSA: seq fatal error: cannot create timer (-19)
[   96.958492][ T9889] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.2760: Corrupt directory, running e2fsck is recommended
[   96.998777][ T9911] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   97.003945][ T9889] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   97.017630][ T9889] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[   97.027719][ T9889] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.2760: Corrupt directory, running e2fsck is recommended
[   97.044089][ T9889] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   97.067712][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.152185][   T23] hid_parser_main: 44 callbacks suppressed
[   97.152201][   T23] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   97.167359][   T23] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   97.498498][ T9947] loop3: detected capacity change from 0 to 1024
[   97.512447][ T9947] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   97.523519][ T9947] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   97.556003][ T9947] JBD2: no valid journal superblock found
[   97.562012][ T9947] EXT4-fs (loop3): Could not load journal inode
[   97.575312][ T9947] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   97.647987][ T3408] IPVS: starting estimator thread 0...
[   97.683494][ T9973] loop7: detected capacity change from 0 to 512
[   97.690175][ T9973] EXT4-fs: Ignoring removed bh option
[   97.698824][ T9973] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   97.707971][ T9973] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[   97.726814][ T9973] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended
[   97.739297][ T9973] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[   97.749537][ T9963] IPVS: using max 2544 ests per chain, 127200 per kthread
[   97.752337][ T9973] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.805601][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.150270][T10054] loop3: detected capacity change from 0 to 764
[   98.165326][T10061] SELinux:  Context Ü is not valid (left unmapped).
[   98.174540][T10054] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   98.223658][T10068] atomic_op ffff888104adf528 conn xmit_atomic 0000000000000000
[   98.251081][T10071] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=256 sclass=netlink_audit_socket pid=10071 comm=syz.3.2845
[   98.298994][T10078] netlink: 'syz.3.2848': attribute type 21 has an invalid length.
[   98.337354][T10083] 9pnet_fd: Insufficient options for proto=fd
[   98.548037][T10122] loop9: detected capacity change from 0 to 7
[   98.622871][T10131] loop7: detected capacity change from 0 to 512
[   98.641568][T10131] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.663756][T10131] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   98.679066][T10131] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28
[   98.691415][T10131] EXT4-fs (loop7): This should not happen!! Data will be lost
[   98.691415][T10131] 
[   98.701204][T10131] EXT4-fs (loop7): Total free blocks count 0
[   98.707244][T10131] EXT4-fs (loop7): Free/Dirty block details
[   98.713184][T10131] EXT4-fs (loop7): free_blocks=65280
[   98.718463][T10131] EXT4-fs (loop7): dirty_blocks=33
[   98.723633][T10131] EXT4-fs (loop7): Block reservation details
[   98.729753][T10131] EXT4-fs (loop7): i_reserved_data_blocks=33
[   98.791504][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.974415][T10181] loop8: detected capacity change from 0 to 2048
[   99.021428][T10181] Alternate GPT is invalid, using primary GPT.
[   99.027812][T10181]  loop8: p2 p3 p7
[   99.102608][T10202] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   99.102608][T10202] The task syz.7.2901 (10202) triggered the difference, watch for misbehavior.
[   99.233094][ T3416] kernel read not supported for file /204/net/netstat (pid: 3416 comm: kworker/1:3)
[   99.333315][T10238] __nla_validate_parse: 4 callbacks suppressed
[   99.333334][T10238] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2922'.
[   99.348607][T10238] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2922'.
[   99.648268][T10327] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   99.668534][T10327] SELinux: failed to load policy
[   99.947513][T10334] lo speed is unknown, defaulting to 1000
[  100.045293][T10347] netlink: 'syz.2.2942': attribute type 1 has an invalid length.
[  100.584186][T10405] IPv6: Can't replace route, no match found
[  100.613361][T10407] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2974'.
[  100.697265][T10419] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2980'.
[  100.708704][T10424] bond1: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  100.730867][T10424] bond1 (unregistering): Released all slaves
[  100.746395][T10432] loop2: detected capacity change from 0 to 256
[  100.785357][T10436] loop9: detected capacity change from 0 to 1024
[  100.797450][T10436] EXT4-fs: Ignoring removed bh option
[  100.806329][T10436] EXT4-fs: inline encryption not supported
[  100.813013][T10436] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.824503][T10436] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  100.837270][T10436] EXT4-fs error (device loop9): ext4_map_blocks:778: inode #3: block 2: comm syz.9.2987: lblock 2 mapped to illegal pblock 2 (length 1)
[  100.852586][T10436] EXT4-fs error (device loop9): ext4_map_blocks:778: inode #3: block 48: comm syz.9.2987: lblock 0 mapped to illegal pblock 48 (length 1)
[  100.867338][T10436] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.2987: Failed to acquire dquot type 0
[  100.879039][T10436] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  100.888637][T10436] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #11: comm syz.9.2987: mark_inode_dirty error
[  100.900393][T10436] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  100.910708][T10436] EXT4-fs (loop9): 1 orphan inode deleted
[  100.918191][T10436] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.933433][T10320] EXT4-fs error (device loop9): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:61: lblock 1 mapped to illegal pblock 1 (length 1)
[  100.948467][T10320] EXT4-fs error (device loop9): ext4_release_dquot:6981: comm kworker/u8:61: Failed to release dquot type 0
[  100.996975][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.011621][ T8894] EXT4-fs error (device loop9): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  101.026350][ T8894] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  101.035964][ T8894] EXT4-fs error (device loop9): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  101.099728][T10462] loop7: detected capacity change from 0 to 1024
[  101.121916][T10462] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.133158][T10472] loop2: detected capacity change from 0 to 512
[  101.140759][T10472] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.153926][T10472] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.3001: inode has both inline data and extents flags
[  101.167483][T10472] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3001: couldn't read orphan inode 15 (err -117)
[  101.180850][T10472] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.209597][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.237564][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.358041][T10503] loop7: detected capacity change from 0 to 2048
[  101.382841][T10503] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.432001][T10517] netdevsim netdevsim9: loading /lib/firmware/. failed with error -22
[  101.440301][T10517] netdevsim netdevsim9: Direct firmware load for . failed with error -22
[  101.500675][   T29] kauditd_printk_skb: 341 callbacks suppressed
[  101.500691][   T29] audit: type=1400 audit(357.492:4174): avc:  denied  { read write } for  pid=10526 comm="syz.2.3037" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  101.529704][   T29] audit: type=1400 audit(357.492:4175): avc:  denied  { open } for  pid=10526 comm="syz.2.3037" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  101.574375][   T36] kernel write not supported for file /ppp (pid: 36 comm: kworker/1:1)
[  101.580989][   T29] audit: type=1400 audit(357.562:4176): avc:  denied  { ioctl } for  pid=10526 comm="syz.2.3037" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  101.644121][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.679411][   T29] audit: type=1400 audit(357.662:4177): avc:  denied  { setopt } for  pid=10536 comm="syz.2.3033" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  101.746192][   T29] audit: type=1400 audit(357.732:4178): avc:  denied  { setopt } for  pid=10547 comm="syz.9.3038" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.793073][T10555] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3041'.
[  101.819828][   T29] audit: type=1400 audit(357.812:4179): avc:  denied  { create } for  pid=10558 comm="syz.3.3043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  101.874704][   T29] audit: type=1400 audit(357.822:4180): avc:  denied  { ioctl } for  pid=10558 comm="syz.3.3043" path="socket:[30236]" dev="sockfs" ino=30236 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  101.898994][   T29] audit: type=1400 audit(357.842:4181): avc:  denied  { read write } for  pid=8830 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  101.922657][   T29] audit: type=1400 audit(357.842:4182): avc:  denied  { open } for  pid=8830 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  101.946135][   T29] audit: type=1400 audit(357.842:4183): avc:  denied  { ioctl } for  pid=8830 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  102.127677][T10583] SELinux:  Context system_u:object_r:netutils_exec_t:s0 is not valid (left unmapped).
[  102.190876][T10593] loop9: detected capacity change from 0 to 128
[  102.198201][T10593] FAT-fs (loop9): Directory bread(block 414) failed
[  102.205169][T10593] FAT-fs (loop9): Directory bread(block 415) failed
[  102.211944][T10593] FAT-fs (loop9): Directory bread(block 416) failed
[  102.218623][T10593] FAT-fs (loop9): Directory bread(block 417) failed
[  102.225550][T10593] FAT-fs (loop9): Directory bread(block 418) failed
[  102.232444][T10593] FAT-fs (loop9): Directory bread(block 419) failed
[  102.239119][T10593] FAT-fs (loop9): Directory bread(block 420) failed
[  102.245899][T10593] FAT-fs (loop9): Directory bread(block 421) failed
[  102.261782][T10593] FAT-fs (loop9): FAT read failed (blocknr 128)
[  102.336913][T10600] lo speed is unknown, defaulting to 1000
[  102.463587][T10612] loop9: detected capacity change from 0 to 128
[  102.471784][T10612] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.605847][T10633] sctp: [Deprecated]: syz.2.3073 (pid 10633) Use of struct sctp_assoc_value in delayed_ack socket option.
[  102.605847][T10633] Use struct sctp_sack_info instead
[  102.653652][T10638] gretap0: entered promiscuous mode
[  102.774825][T10648] loop9: detected capacity change from 0 to 2048
[  102.806560][T10648] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.977862][ T3408] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  102.985702][ T3408] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  103.012186][T10685] loop8: detected capacity change from 0 to 1024
[  103.032505][T10685] EXT4-fs: Ignoring removed bh option
[  103.038021][T10685] EXT4-fs: inline encryption not supported
[  103.059612][T10685] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  103.070891][T10685] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  103.071681][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.088962][T10685] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 2: comm syz.8.3098: lblock 2 mapped to illegal pblock 2 (length 1)
[  103.126275][T10685] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 48: comm syz.8.3098: lblock 0 mapped to illegal pblock 48 (length 1)
[  103.192641][T10685] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.3098: Failed to acquire dquot type 0
[  103.228602][T10685] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  103.238355][T10685] EXT4-fs error (device loop8): ext4_evict_inode:254: inode #11: comm syz.8.3098: mark_inode_dirty error
[  103.250146][T10685] EXT4-fs warning (device loop8): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  103.260481][T10685] EXT4-fs (loop8): 1 orphan inode deleted
[  103.266741][T10685] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.281455][T10323] EXT4-fs error (device loop8): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:64: lblock 1 mapped to illegal pblock 1 (length 1)
[  103.295890][T10323] EXT4-fs error (device loop8): ext4_release_dquot:6981: comm kworker/u8:64: Failed to release dquot type 0
[  103.332656][ T7421] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.342018][ T7421] EXT4-fs error (device loop8): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  103.355345][ T7421] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  103.368531][ T7421] EXT4-fs error (device loop8): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  103.381712][T10704] loop9: detected capacity change from 0 to 7
[  103.504801][ T3401] IPVS: starting estimator thread 0...
[  103.526192][T10724] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3125'.
[  103.535309][T10724] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3125'.
[  103.599374][T10719] IPVS: using max 2592 ests per chain, 129600 per kthread
[  103.883841][T10781] IPv6: NLM_F_CREATE should be specified when creating new route
[  103.922009][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3143'.
[  103.934110][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3143'.
[  103.999512][T10801] loop2: detected capacity change from 0 to 256
[  104.119602][T10818] netlink: 'syz.9.3160': attribute type 21 has an invalid length.
[  104.183411][T10834] loop2: detected capacity change from 0 to 512
[  104.197058][T10834] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.208773][T10834] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  104.219403][T10834] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3167: Corrupt directory, running e2fsck is recommended
[  104.235693][T10834] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  104.256006][T10834] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3167: corrupted in-inode xattr: invalid ea_ino
[  104.273255][T10841] loop8: detected capacity change from 0 to 512
[  104.280474][T10834] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3167: couldn't read orphan inode 15 (err -117)
[  104.292296][T10839] lo speed is unknown, defaulting to 1000
[  104.306918][T10841] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  104.317092][T10834] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.345558][T10841] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  104.361296][T10834] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.373029][T10834] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  104.383200][T10834] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3167: Corrupt directory, running e2fsck is recommended
[  104.402367][T10850] netlink: 19 bytes leftover after parsing attributes in process `syz.9.3173'.
[  104.421756][T10853] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.433320][T10853] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  104.443548][T10853] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3167: Corrupt directory, running e2fsck is recommended
[  104.461486][ T7421] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  104.477106][T10834] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.488784][T10834] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  104.498881][T10834] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.3167: Corrupt directory, running e2fsck is recommended
[  104.513813][T10834] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  104.541047][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.591925][T10868] 9pnet: Could not find request transport: r
[  104.686699][T10890] vhci_hcd: invalid port number 23
[  104.982674][T10933] loop7: detected capacity change from 0 to 512
[  104.995509][T10933] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  105.012856][T10933] EXT4-fs (loop7): 1 truncate cleaned up
[  105.019553][T10933] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.050266][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.050886][T10939] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3214'.
[  105.104548][T10949] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  105.184803][T10962] syzkaller1: entered promiscuous mode
[  105.190447][T10962] syzkaller1: entered allmulticast mode
[  105.288360][T10973] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub
[  105.384681][T10991] loop9: detected capacity change from 0 to 256
[  105.443700][T11005] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3240'.
[  105.443779][ T3401] kernel read not supported for file /557/net/netstat (pid: 3401 comm: kworker/0:4)
[  105.452772][T11005] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3240'.
[  106.222744][T11026] netlink: 'syz.7.3259': attribute type 3 has an invalid length.
[  106.252669][T11033] loop7: detected capacity change from 0 to 256
[  106.364329][T11044] loop2: detected capacity change from 0 to 764
[  106.511974][   T29] kauditd_printk_skb: 273 callbacks suppressed
[  106.511988][   T29] audit: type=1400 audit(362.502:4454): avc:  denied  { write } for  pid=11065 comm="syz.2.3269" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  106.543102][   T29] audit: type=1400 audit(362.502:4455): avc:  denied  { read } for  pid=11065 comm="syz.2.3269" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  106.679967][T11083] loop9: detected capacity change from 0 to 164
[  106.689558][T11083] ISOFS: unable to read i-node block
[  106.695049][T11083] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  106.731664][T11091] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3282'.
[  106.748714][T11093] loop2: detected capacity change from 0 to 512
[  106.763209][T11091] IPVS: Error connecting to the multicast addr
[  106.779709][   T29] audit: type=1400 audit(362.762:4456): avc:  denied  { audit_write } for  pid=11094 comm="syz.9.3284" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  106.800357][   T29] audit: type=1107 audit(362.762:4457): pid=11094 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  106.826625][T11093] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3283: couldn't read orphan inode 26 (err -116)
[  106.841690][   T29] audit: type=1326 audit(362.832:4458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11103 comm="syz.3.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0752e8f6c9 code=0x7ffc0000
[  106.865730][T11093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.878847][   T29] audit: type=1326 audit(362.862:4459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11103 comm="syz.3.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0752e8f6c9 code=0x7ffc0000
[  106.901986][T11093] Quota error (device loop2): do_check_range: Getting block 59136 out of range 0-1
[  106.919405][   T29] audit: type=1326 audit(362.892:4460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11103 comm="syz.3.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f0752e8f6c9 code=0x7ffc0000
[  106.956752][   T29] audit: type=1326 audit(362.932:4461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11101 comm="syz.9.3286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  106.980319][   T29] audit: type=1326 audit(362.932:4462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11101 comm="syz.9.3286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  107.016718][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.030604][T11110] loop8: detected capacity change from 0 to 128
[  107.301181][T11144] random: crng reseeded on system resumption
[  107.353984][T11151] netlink: 300 bytes leftover after parsing attributes in process `syz.8.3310'.
[  107.392229][T11154] netlink: 'syz.9.3311': attribute type 1 has an invalid length.
[  107.580845][T11176] sctp: [Deprecated]: syz.3.3319 (pid 11176) Use of struct sctp_assoc_value in delayed_ack socket option.
[  107.580845][T11176] Use struct sctp_sack_info instead
[  107.827294][T11202] loop7: detected capacity change from 0 to 512
[  107.851717][T11202] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.882348][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.983433][   T36] IPVS: starting estimator thread 0...
[  108.069503][T11224] IPVS: using max 2592 ests per chain, 129600 per kthread
[  108.396334][T11291] binfmt_misc: register: failed to install interpreter file ./file0
[  108.412509][T11293] loop9: detected capacity change from 0 to 512
[  108.419116][T11293] EXT4-fs: Ignoring removed nomblk_io_submit option
[  108.437530][T11293] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  108.445540][T11293] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  108.454555][T11293] EXT4-fs (loop9): couldn't mount RDWR because of unsupported optional features (80)
[  108.464099][T11293] EXT4-fs (loop9): Skipping orphan cleanup due to unknown ROCOMPAT features
[  108.473612][T11293] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  108.473993][T11300] loop7: detected capacity change from 0 to 512
[  108.501089][T11300] EXT4-fs: Ignoring removed bh option
[  108.506854][T11300] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  108.519405][T11293] EXT4-fs warning (device loop9): dx_probe:861: inode #2: comm syz.9.3375: dx entry: limit 65535 != root limit 120
[  108.531541][T11293] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.3375: Corrupt directory, running e2fsck is recommended
[  108.544608][T11293] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 3: comm syz.9.3375: path /206/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  108.566979][T11307] rdma_op ffff8881219e8580 conn xmit_rdma 0000000000000000
[  108.567119][T11293] EXT4-fs warning (device loop9): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  108.587663][T11300] EXT4-fs (loop7): 1 truncate cleaned up
[  108.593754][T11300] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.621225][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.665989][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.855099][T11341] loop3: detected capacity change from 0 to 1024
[  108.880557][T11341] ext3: Unknown parameter 'smackfshat'
[  108.891386][T11350] loop2: detected capacity change from 0 to 1024
[  108.898242][T11350] EXT4-fs: Ignoring removed orlov option
[  108.911657][T11350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.929171][T11341] loop3: detected capacity change from 0 to 512
[  108.970243][T11356] gretap0: entered promiscuous mode
[  108.974973][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.990497][T11362] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3406'.
[  109.000063][T11341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.018556][T11341] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.3397: Failed to acquire dquot type 0
[  109.076927][ T8830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.091805][T11374] loop8: detected capacity change from 0 to 512
[  109.104033][T11374] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  109.121065][T11374] EXT4-fs (loop8): orphan cleanup on readonly fs
[  109.142344][T11374] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.3412: Block bitmap for bg 0 marked uninitialized
[  109.158570][T11383] binfmt_misc: register: failed to install interpreter file ./file2
[  109.172351][T11374] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  109.181552][T11374] EXT4-fs (loop8): 1 orphan inode deleted
[  109.200214][T11374] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  109.269713][T11374] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.288910][T11396] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3421'.
[  109.488521][T11438] loop9: detected capacity change from 0 to 512
[  109.498581][T11438] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  109.516423][T11438] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.548836][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.561006][T11448] loop3: detected capacity change from 0 to 1024
[  109.598832][T11448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.664737][ T8830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.124973][T11480] loop2: detected capacity change from 0 to 128
[  110.133869][T11480] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.153242][ T3320] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.271318][T11485] vhci_hcd: invalid port number 255
[  110.496566][T11498] loop7: detected capacity change from 0 to 128
[  110.514747][T11498] EXT4-fs: Ignoring removed nobh option
[  110.533791][T11498] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.596533][ T6812] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  110.739684][T11486] TCP: TCP_TX_DELAY enabled
[  110.775246][T11519] netlink: 76 bytes leftover after parsing attributes in process `syz.7.3476'.
[  110.800177][T11523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.808813][T11523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.811948][T11527] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.828997][T11525] vhci_hcd: invalid port number 129
[  110.834568][T11525] vhci_hcd: default hub control req: 2006 v02fe i0081 l0
[  110.851792][T11527] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.348447][T11546] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3497'.
[  111.490487][T11556] usb usb8: usbfs: process 11556 (syz.8.3491) did not claim interface 0 before use
[  111.522638][   T29] kauditd_printk_skb: 303 callbacks suppressed
[  111.522656][   T29] audit: type=1400 audit(367.502:4764): avc:  denied  { write } for  pid=11558 comm="syz.7.3493" name="cgroup.subtree_control" dev="cgroup2" ino=381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.552494][   T29] audit: type=1400 audit(367.502:4765): avc:  denied  { open } for  pid=11558 comm="syz.7.3493" path="<too_long>" dev="cgroup2" ino=381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.572643][T11562] loop2: detected capacity change from 0 to 512
[  111.574839][   T29] audit: type=1400 audit(367.502:4766): avc:  denied  { ioctl } for  pid=11558 comm="syz.7.3493" path="<too_long>" dev="cgroup2" ino=381 ioctlcmd=0x54c8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  111.679017][T11562] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  111.694107][T11562] EXT4-fs (loop2): orphan cleanup on readonly fs
[  111.702683][T11562] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm syz.2.3494: corrupted inode contents
[  111.719880][   T29] audit: type=1400 audit(367.692:4767): avc:  denied  { mount } for  pid=11569 comm="syz.7.3498" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  111.720135][T11562] EXT4-fs (loop2): Remounting filesystem read-only
[  111.741974][   T29] audit: type=1400 audit(367.692:4768): avc:  denied  { setopt } for  pid=11567 comm="syz.8.3496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  111.748268][T11562] EXT4-fs (loop2): 1 truncate cleaned up
[  111.767906][   T29] audit: type=1400 audit(367.692:4769): avc:  denied  { unmount } for  pid=11569 comm="syz.7.3498" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  111.800484][T10315] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  111.811399][T10315] Quota error (device loop2): write_blk: dquota write failed
[  111.819078][T10315] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  111.829477][T10315] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  111.840551][T10315] Quota error (device loop2): write_blk: dquota write failed
[  111.848829][T10315] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  111.913095][T10315] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  111.924883][T11562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  111.982403][T11585] vhci_hcd: invalid port number 96
[  111.987547][T11585] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  112.010868][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.118276][T11607] SELinux: failed to load policy
[  112.151358][T11611] 8021q: adding VLAN 0 to HW filter on device bond1
[  112.159922][T11611] bridge0: port 3(bond1) entered blocking state
[  112.166291][T11611] bridge0: port 3(bond1) entered disabled state
[  112.172955][T11611] bond1: entered allmulticast mode
[  112.179610][T11611] bond1: entered promiscuous mode
[  112.185010][T11611] bridge0: port 3(bond1) entered blocking state
[  112.191429][T11611] bridge0: port 3(bond1) entered forwarding state
[  112.199183][T10270] bridge0: port 3(bond1) entered disabled state
[  112.301752][T11624] sd 0:0:1:0: device reset
[  112.376041][T11632] loop2: detected capacity change from 0 to 512
[  112.384406][T11632] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  112.401148][T11632] EXT4-fs (loop2): orphan cleanup on readonly fs
[  112.411884][T11632] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.3524: Block bitmap for bg 0 marked uninitialized
[  112.424600][T11637] loop7: detected capacity change from 0 to 512
[  112.425495][T11632] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  112.441718][T11632] EXT4-fs (loop2): 1 orphan inode deleted
[  112.448255][T11632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  112.482270][T11632] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.532807][T11649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.542701][T11649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.577189][T11655] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  112.603066][T11659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3536'.
[  112.634276][T11663] atomic_op ffff888131be7128 conn xmit_atomic 0000000000000000
[  112.743718][T11679] syzkaller1: entered promiscuous mode
[  112.749218][T11679] syzkaller1: entered allmulticast mode
[  112.804385][T11689] sd 0:0:1:0: device reset
[  113.308665][T11721] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  113.371023][T11730] netlink: 'syz.7.3566': attribute type 21 has an invalid length.
[  113.378865][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3566'.
[  113.417918][T11730] netlink: 'syz.7.3566': attribute type 21 has an invalid length.
[  113.418876][T10309] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  113.425976][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3566'.
[  113.437866][T10309] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  113.455043][T10309] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  113.464350][T10309] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  113.505300][T11742] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3571'.
[  113.563973][T11750] loop7: detected capacity change from 0 to 512
[  113.573910][T11753] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3587'.
[  113.584808][T11756] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  113.594539][T11750] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  113.608650][T11750] EXT4-fs (loop7): orphan cleanup on readonly fs
[  113.630682][T11750] EXT4-fs error (device loop7): ext4_do_update_inode:5632: inode #16: comm syz.7.3575: corrupted inode contents
[  113.653834][T11750] EXT4-fs (loop7): Remounting filesystem read-only
[  113.663217][T11750] EXT4-fs (loop7): 1 truncate cleaned up
[  113.668981][T10267] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  113.679889][T10267] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  113.691276][T10267] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  113.703119][T11750] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  113.736461][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.918342][T11791] netlink: 'syz.8.3604': attribute type 3 has an invalid length.
[  113.922273][T11793] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  113.986193][T11800] loop9: detected capacity change from 0 to 512
[  113.994027][T11801] netlink: 'syz.2.3608': attribute type 3 has an invalid length.
[  114.010596][T11800] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  114.019146][T11800] EXT4-fs (loop9): orphan cleanup on readonly fs
[  114.033096][T11800] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #16: comm syz.9.3596: corrupted inode contents
[  114.076892][T11800] EXT4-fs (loop9): Remounting filesystem read-only
[  114.083707][T11800] EXT4-fs (loop9): 1 truncate cleaned up
[  114.089760][T10309] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.101170][T10309] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  114.112954][T10309] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  114.124887][T11800] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.151801][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.163652][T11819] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3605'.
[  114.201726][T11827] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  114.257324][T11836] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.265773][T11836] bridge0: port 3(bond1) entered blocking state
[  114.272226][T11836] bridge0: port 3(bond1) entered disabled state
[  114.278864][T11836] bond1: entered allmulticast mode
[  114.285481][T11836] bond1: entered promiscuous mode
[  114.291129][T11836] bridge0: port 3(bond1) entered blocking state
[  114.297553][T11836] bridge0: port 3(bond1) entered forwarding state
[  114.410229][T11849] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  114.440887][T11850] vhci_hcd: invalid port number 255
[  114.522696][T11866] atomic_op ffff888119997d28 conn xmit_atomic 0000000000000000
[  114.551191][T11867] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.559125][T11867] bridge0: port 3(bond1) entered blocking state
[  114.565520][T11867] bridge0: port 3(bond1) entered disabled state
[  114.572086][T11867] bond1: entered allmulticast mode
[  114.580173][T11867] bond1: entered promiscuous mode
[  114.585470][T11867] bridge0: port 3(bond1) entered blocking state
[  114.591845][T11867] bridge0: port 3(bond1) entered forwarding state
[  114.599678][T11874] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  114.628949][T11881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3633'.
[  114.671463][T11889] loop9: detected capacity change from 0 to 128
[  114.689011][T11889] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  114.703767][T11895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.713719][T11895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.720527][T11891] vhci_hcd: invalid port number 255
[  114.724904][ T8894] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.832962][T11912] binfmt_misc: register: failed to install interpreter file ./file2
[  114.896949][T11920] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.906799][T11920] bond1 (unregistering): Released all slaves
[  115.014819][T11935] netlink: 'syz.8.3654': attribute type 21 has an invalid length.
[  115.014837][T11935] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3654'.
[  115.019949][T10267] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  115.032903][T11935] netlink: 'syz.8.3654': attribute type 21 has an invalid length.
[  115.042297][T10267] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  115.058698][T10267] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  115.058746][T10267] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  115.240178][T10309] bridge0: port 3(bond1) entered disabled state
[  115.247379][T10309] bridge0: port 3(bond1) entered disabled state
[  115.272989][T11942] netlink: 'syz.9.3656': attribute type 16 has an invalid length.
[  115.273008][T11942] netlink: 'syz.9.3656': attribute type 17 has an invalid length.
[  115.301864][T11942] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  115.309863][T11940] netlink: 'syz.8.3657': attribute type 12 has an invalid length.
[  115.362690][T11950] IPVS: Error connecting to the multicast addr
[  115.571250][T11967] netlink: 'syz.9.3666': attribute type 21 has an invalid length.
[  115.575576][T10309] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  115.598651][T10309] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  115.598782][T10309] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  115.598817][T10309] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  115.941765][T12000] __nla_validate_parse: 4 callbacks suppressed
[  115.941778][T12000] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3681'.
[  115.961324][T11998] vhci_hcd: invalid port number 65
[  115.966614][T11998] vhci_hcd: invalid port number 65
[  116.274845][T12027] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  116.419129][T12048] SELinux:  Context @ is not valid (left unmapped).
[  116.486087][T12055] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  116.614164][   T29] kauditd_printk_skb: 267 callbacks suppressed
[  116.614179][   T29] audit: type=1400 audit(372.602:5023): avc:  denied  { create } for  pid=12066 comm="syz.3.3712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  116.659345][   T29] audit: type=1400 audit(372.602:5024): avc:  denied  { connect } for  pid=12066 comm="syz.3.3712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  116.753481][   T29] audit: type=1400 audit(372.742:5025): avc:  denied  { bind } for  pid=12072 comm="syz.3.3717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.772487][   T29] audit: type=1400 audit(372.742:5026): avc:  denied  { listen } for  pid=12072 comm="syz.3.3717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.791592][   T29] audit: type=1400 audit(372.742:5027): avc:  denied  { write } for  pid=12072 comm="syz.3.3717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.810546][   T29] audit: type=1400 audit(372.742:5028): avc:  denied  { accept } for  pid=12072 comm="syz.3.3717" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.896722][   T29] audit: type=1400 audit(372.882:5029): avc:  denied  { create } for  pid=12089 comm="syz.3.3726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  116.919544][   T29] audit: type=1400 audit(372.912:5030): avc:  denied  { ioctl } for  pid=12089 comm="syz.3.3726" path="socket:[36039]" dev="sockfs" ino=36039 ioctlcmd=0x48cc scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  116.944986][T12091] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  116.961185][   T29] audit: type=1400 audit(372.932:5031): avc:  denied  { bind } for  pid=12089 comm="syz.3.3726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  116.983491][T12094] loop7: detected capacity change from 0 to 512
[  117.011778][T12094] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.033535][   T29] audit: type=1400 audit(373.022:5032): avc:  denied  { mount } for  pid=12099 comm="syz.3.3730" name="/" dev="configfs" ino=157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  117.097797][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.188570][T12123] binfmt_misc: register: failed to install interpreter file ./file0
[  117.206541][T12125] loop3: detected capacity change from 0 to 512
[  117.219961][T12125] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  117.228037][T12125] EXT4-fs (loop3): orphan cleanup on readonly fs
[  117.236162][T12125] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #16: comm syz.3.3750: corrupted inode contents
[  117.248712][T12125] EXT4-fs (loop3): Remounting filesystem read-only
[  117.255396][T12125] EXT4-fs (loop3): 1 truncate cleaned up
[  117.261141][T10309] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  117.271976][T10309] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  117.282710][T10309] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  117.293501][T12125] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  117.330527][ T8830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.380073][T12131] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  117.402267][T12137] loop3: detected capacity change from 0 to 512
[  117.409920][T12137] EXT4-fs: Ignoring removed bh option
[  117.416228][T12137] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  117.457202][T12137] EXT4-fs (loop3): 1 truncate cleaned up
[  117.463988][T12137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.493563][ T8830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.585545][T12164] loop8: detected capacity change from 0 to 512
[  117.625359][T12164] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  117.637576][T12164] EXT4-fs (loop8): orphan cleanup on readonly fs
[  117.650860][T12178] rdma_op ffff888119997980 conn xmit_rdma 0000000000000000
[  117.673012][T12164] EXT4-fs error (device loop8): ext4_do_update_inode:5632: inode #16: comm syz.8.3757: corrupted inode contents
[  117.732013][T12164] EXT4-fs (loop8): Remounting filesystem read-only
[  117.739497][T12164] EXT4-fs (loop8): 1 truncate cleaned up
[  117.745312][T12185] loop9: detected capacity change from 0 to 512
[  117.752153][T10267] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  117.762822][T10267] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  117.774374][T12185] EXT4-fs: Ignoring removed bh option
[  117.780508][T10267] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  117.790706][T12185] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  117.809254][T12185] EXT4-fs (loop9): 1 truncate cleaned up
[  117.910084][T12199] loop7: detected capacity change from 0 to 512
[  117.921953][T12199] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.940335][T12199] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  117.948288][T12199] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  117.957324][T12199] EXT4-fs (loop7): couldn't mount RDWR because of unsupported optional features (80)
[  117.958813][T12201] vhci_hcd: invalid port number 65
[  117.966974][T12199] EXT4-fs (loop7): Skipping orphan cleanup due to unknown ROCOMPAT features
[  117.982124][T12201] vhci_hcd: invalid port number 65
[  118.003268][T12199] EXT4-fs warning (device loop7): dx_probe:861: inode #2: comm syz.7.3782: dx entry: limit 65535 != root limit 120
[  118.015718][T12199] EXT4-fs warning (device loop7): dx_probe:934: inode #2: comm syz.7.3782: Corrupt directory, running e2fsck is recommended
[  118.041741][T12199] EXT4-fs error (device loop7): ext4_readdir:264: inode #2: block 3: comm syz.7.3782: path /452/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  118.110286][T12215] EXT4-fs warning (device loop7): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  118.413784][T12241] vhci_hcd: invalid port number 65
[  118.419096][T12241] vhci_hcd: invalid port number 65
[  118.436493][T12244] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3798'.
[  118.485879][T12252] loop8: detected capacity change from 0 to 512
[  118.524838][T12252] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.545620][T12252] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  118.553976][T12252] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  118.566153][T12252] EXT4-fs (loop8): couldn't mount RDWR because of unsupported optional features (80)
[  118.576155][T12252] EXT4-fs (loop8): Skipping orphan cleanup due to unknown ROCOMPAT features
[  118.597092][T12252] EXT4-fs warning (device loop8): dx_probe:861: inode #2: comm syz.8.3791: dx entry: limit 65535 != root limit 120
[  118.609830][T12252] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.3791: Corrupt directory, running e2fsck is recommended
[  118.635827][T12252] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 3: comm syz.8.3791: path /370/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  118.661556][T12265] EXT4-fs warning (device loop8): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  119.535483][T12331] loop9: detected capacity change from 0 to 32768
[  120.524183][    T9] IPVS: starting estimator thread 0...
[  120.570634][T12420] vhci_hcd: invalid port number 129
[  120.575981][T12420] vhci_hcd: default hub control req: 2006 v02fe i0081 l0
[  120.619547][T12416] IPVS: using max 2544 ests per chain, 127200 per kthread
[  120.737467][T12432] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3870'.
[  120.767235][T12435] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3873'.
[  120.812134][T12444] netlink: 100 bytes leftover after parsing attributes in process `syz.8.3875'.
[  120.970964][T12463] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  121.029866][T12477] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3890'.
[  121.133308][T12500] atomic_op ffff888131823d28 conn xmit_atomic 0000000000000000
[  121.149004][T12503] loop8: detected capacity change from 0 to 128
[  121.252246][T12522] validate_nla: 7 callbacks suppressed
[  121.252262][T12522] netlink: 'syz.3.3911': attribute type 5 has an invalid length.
[  121.492490][T12565] IPv6: NLM_F_CREATE should be specified when creating new route
[  121.641535][T12588] loop7: detected capacity change from 0 to 512
[  121.648098][T12588] EXT4-fs: Ignoring removed i_version option
[  121.654215][T12588] EXT4-fs: Ignoring removed bh option
[  121.656065][T12586] hub 2-0:1.0: USB hub found
[  121.669750][T12586] hub 2-0:1.0: 8 ports detected
[  121.695485][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  121.695509][   T29] audit: type=1400 audit(377.682:5292): avc:  denied  { read } for  pid=12589 comm="syz.3.3940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  121.740001][   T29] audit: type=1326 audit(377.722:5293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.763550][   T29] audit: type=1326 audit(377.722:5294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.787349][   T29] audit: type=1326 audit(377.722:5295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.810882][   T29] audit: type=1326 audit(377.722:5296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.834432][   T29] audit: type=1326 audit(377.722:5297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.858024][   T29] audit: type=1326 audit(377.722:5298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.881711][   T29] audit: type=1326 audit(377.722:5299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.905237][   T29] audit: type=1326 audit(377.722:5300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  121.928916][   T29] audit: type=1326 audit(377.722:5301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12594 comm="syz.9.3941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89cf5df6c9 code=0x7ffc0000
[  122.363210][T12650] program syz.9.3964 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.770466][T12696] ip6t_rpfilter: unknown options
[  122.821323][T12702] x_tables: duplicate underflow at hook 1
[  123.097085][T12738] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4003'.
[  123.226369][T12753] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4012'.
[  123.239049][T12754] netlink: 'syz.3.4011': attribute type 14 has an invalid length.
[  123.247039][T12754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4011'.
[  123.291491][T10313] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  123.291562][T12754] netlink: 'syz.3.4011': attribute type 14 has an invalid length.
[  123.291577][T12754] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4011'.
[  123.318204][T10313] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  123.327249][T10313] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  123.340404][T12760] SELinux: failed to load policy
[  123.354698][T10313] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  123.398925][T12770] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4019'.
[  123.408317][T12770] netlink: 348 bytes leftover after parsing attributes in process `syz.3.4019'.
[  123.417697][T12770] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4019'.
[  123.426808][T12770] netlink: 348 bytes leftover after parsing attributes in process `syz.3.4019'.
[  123.439179][T12770] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4019'.
[  123.511941][T12780] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=12780 comm=syz.9.4025
[  123.542338][T12780] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12780 comm=syz.9.4025
[  123.837303][T12819] binfmt_misc: register: failed to install interpreter file ./file0
[  123.873477][T12827] netlink: 'syz.2.4049': attribute type 1 has an invalid length.
[  123.903019][T12827] 8021q: adding VLAN 0 to HW filter on device bond2
[  123.924026][T12838] SELinux:  Context system_u:object_r:admin_passwd_exec_t:s0 is not valid (left unmapped).
[  123.953698][T12827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.974808][T12827] bond2: (slave batadv0): making interface the new active one
[  123.985543][T12827] bond2: (slave batadv0): Enslaving as an active interface with an up link
[  124.156027][T12867] loop9: detected capacity change from 0 to 7
[  124.162612][T12867] buffer_io_error: 18 callbacks suppressed
[  124.162627][T12867] Buffer I/O error on dev loop9, logical block 0, async page read
[  124.176863][T12867] Buffer I/O error on dev loop9, logical block 0, async page read
[  124.184887][T12867]  loop9: unable to read partition table
[  124.192988][T12867] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  124.192988][T12867] 
) failed (rc=-5)
[  124.367264][T12881] wireguard0: entered promiscuous mode
[  124.373212][T12881] wireguard0: entered allmulticast mode
[  124.574144][T12912] loop8: detected capacity change from 0 to 1024
[  124.583357][T12912] EXT4-fs: Ignoring removed orlov option
[  124.589257][T12912] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.609628][T12912] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c018, mo2=0082]
[  124.934494][T12964] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  124.950427][    T9] lo speed is unknown, defaulting to 1000
[  125.000376][T12973] vhci_hcd: default hub control req: 2313 v4002 i0001 l0
[  125.099915][T12993] xt_l2tp: invalid flags combination: 0
[  125.110115][T12991] loop9: detected capacity change from 0 to 2048
[  125.219944][T12991] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  125.275936][T12991] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1084 with error 28
[  125.288545][T12991] EXT4-fs (loop9): This should not happen!! Data will be lost
[  125.288545][T12991] 
[  125.298258][T12991] EXT4-fs (loop9): Total free blocks count 0
[  125.304244][T12991] EXT4-fs (loop9): Free/Dirty block details
[  125.310176][T12991] EXT4-fs (loop9): free_blocks=2415919104
[  125.315908][T12991] EXT4-fs (loop9): dirty_blocks=1088
[  125.321207][T12991] EXT4-fs (loop9): Block reservation details
[  125.327186][T12991] EXT4-fs (loop9): i_reserved_data_blocks=68
[  125.396268][T12991] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  125.408809][T12991] EXT4-fs (loop9): This should not happen!! Data will be lost
[  125.408809][T12991] 
[  125.474147][T12983] loop8: detected capacity change from 0 to 32768
[  125.530374][T12983]  loop8: p1 p3 < >
[  125.571093][T13012] loop9: detected capacity change from 0 to 512
[  125.589715][T13012] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  125.618107][T13012] EXT4-fs (loop9): 1 truncate cleaned up
[  125.790807][T13027] loop8: detected capacity change from 0 to 512
[  125.799762][T13027] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.4138: bad orphan inode 13
[  125.810481][T13027] ext4_test_bit(bit=12, block=4) = 1
[  125.815954][T13027] is_bad_inode(inode)=0
[  125.820236][T13027] NEXT_ORPHAN(inode)=0
[  125.824424][T13027] max_ino=32
[  125.827739][T13027] i_nlink=1
[  125.914141][T12995] syz.7.4125 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[  125.929194][T12995] CPU: 0 UID: 0 PID: 12995 Comm: syz.7.4125 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  125.929245][T12995] Tainted: [W]=WARN
[  125.929253][T12995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  125.929267][T12995] Call Trace:
[  125.929274][T12995]  <TASK>
[  125.929282][T12995]  __dump_stack+0x1d/0x30
[  125.929307][T12995]  dump_stack_lvl+0xe8/0x140
[  125.929350][T12995]  dump_stack+0x15/0x1b
[  125.929370][T12995]  dump_header+0x81/0x220
[  125.929445][T12995]  oom_kill_process+0x342/0x400
[  125.929542][T12995]  out_of_memory+0x979/0xb80
[  125.929578][T12995]  try_charge_memcg+0x610/0xa10
[  125.929677][T12995]  obj_cgroup_charge_pages+0xa6/0x150
[  125.929777][T12995]  __memcg_kmem_charge_page+0x9f/0x170
[  125.929843][T12995]  __alloc_frozen_pages_noprof+0x188/0x360
[  125.929892][T12995]  alloc_pages_mpol+0xb3/0x260
[  125.929987][T12995]  alloc_pages_noprof+0x90/0x130
[  125.930012][T12995]  __vmalloc_node_range_noprof+0x7a5/0xed0
[  125.930061][T12995]  __kvmalloc_node_noprof+0x483/0x670
[  125.930103][T12995]  ? ip_set_alloc+0x24/0x30
[  125.930171][T12995]  ? ip_set_alloc+0x24/0x30
[  125.930203][T12995]  ? __kmalloc_cache_noprof+0x249/0x4a0
[  125.930270][T12995]  ip_set_alloc+0x24/0x30
[  125.930303][T12995]  hash_netiface_create+0x282/0x740
[  125.930339][T12995]  ? __pfx_hash_netiface_create+0x10/0x10
[  125.930465][T12995]  ip_set_create+0x3cc/0x970
[  125.930568][T12995]  ? __nla_parse+0x40/0x60
[  125.930594][T12995]  nfnetlink_rcv_msg+0x4c6/0x590
[  125.930716][T12995]  netlink_rcv_skb+0x123/0x220
[  125.930752][T12995]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  125.930859][T12995]  nfnetlink_rcv+0x167/0x16c0
[  125.930887][T12995]  ? kmem_cache_free+0xe4/0x3d0
[  125.930924][T12995]  ? __kfree_skb+0x109/0x150
[  125.931010][T12995]  ? nlmon_xmit+0x4f/0x60
[  125.931036][T12995]  ? consume_skb+0x49/0x150
[  125.931103][T12995]  ? nlmon_xmit+0x4f/0x60
[  125.931129][T12995]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  125.931186][T12995]  ? __dev_queue_xmit+0x1200/0x2000
[  125.931301][T12995]  ? __dev_queue_xmit+0x182/0x2000
[  125.931366][T12995]  ? xas_find+0x3ab/0x3e0
[  125.931388][T12995]  ? ref_tracker_free+0x37d/0x3e0
[  125.931474][T12995]  ? __netlink_deliver_tap+0x4dc/0x500
[  125.931539][T12995]  netlink_unicast+0x5c0/0x690
[  125.931575][T12995]  netlink_sendmsg+0x58b/0x6b0
[  125.931668][T12995]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.931690][T12995]  __sock_sendmsg+0x145/0x180
[  125.931718][T12995]  ____sys_sendmsg+0x31e/0x4e0
[  125.931758][T12995]  ___sys_sendmsg+0x17b/0x1d0
[  125.931843][T12995]  __x64_sys_sendmsg+0xd4/0x160
[  125.931868][T12995]  x64_sys_call+0x191e/0x3000
[  125.931894][T12995]  do_syscall_64+0xd2/0x200
[  125.931915][T12995]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  125.931985][T12995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.932056][T12995] RIP: 0033:0x7f34c593f6c9
[  125.932088][T12995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.932138][T12995] RSP: 002b:00007f34c43a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.932160][T12995] RAX: ffffffffffffffda RBX: 00007f34c5b95fa0 RCX: 00007f34c593f6c9
[  125.932175][T12995] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  125.932250][T12995] RBP: 00007f34c59c1f91 R08: 0000000000000000 R09: 0000000000000000
[  125.932264][T12995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.932304][T12995] R13: 00007f34c5b96038 R14: 00007f34c5b95fa0 R15: 00007ffe7013d098
[  125.932324][T12995]  </TASK>
[  126.281938][T12995] memory: usage 307200kB, limit 307200kB, failcnt 111
[  126.288861][T12995] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  126.296748][T12995] kmem: usage 306828kB, limit 9007199254740988kB, failcnt 0
[  126.304253][T12995] Memory cgroup stats for /syz7:
[  126.315265][ T7421] EXT4-fs unmount: 17 callbacks suppressed
[  126.315282][ T7421] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.339654][T12995] cache 4096
[  126.342866][T12995] rss 372736
[  126.346324][T12995] shmem 0
[  126.349248][T12995] mapped_file 0
[  126.352717][T12995] dirty 0
[  126.355649][T12995] writeback 0
[  126.358918][T12995] workingset_refault_anon 0
[  126.363467][T12995] workingset_refault_file 0
[  126.368008][T12995] swap 0
[  126.370945][T12995] swapcached 0
[  126.374302][T12995] pgpgin 48996
[  126.377667][T12995] pgpgout 48903
[  126.381150][T12995] pgfault 82242
[  126.384686][T12995] pgmajfault 1
[  126.388134][T12995] inactive_anon 372736
[  126.392432][T12995] active_anon 0
[  126.395880][T12995] inactive_file 0
[  126.399516][T12995] active_file 8192
[  126.403226][T12995] unevictable 0
[  126.406727][T12995] hierarchical_memory_limit 314572800
[  126.412099][T12995] hierarchical_memsw_limit 9223372036854771712
[  126.418249][T12995] total_cache 4096
[  126.421976][T12995] total_rss 372736
[  126.425753][T12995] total_shmem 0
[  126.429197][T12995] total_mapped_file 0
[  126.433178][T12995] total_dirty 0
[  126.436626][T12995] total_writeback 0
[  126.440440][T12995] total_workingset_refault_anon 0
[  126.445451][T12995] total_workingset_refault_file 0
[  126.450483][T12995] total_swap 0
[  126.453923][T12995] total_swapcached 0
[  126.457818][T12995] total_pgpgin 48996
[  126.461731][T12995] total_pgpgout 48903
[  126.465698][T12995] total_pgfault 82242
[  126.469680][T12995] total_pgmajfault 1
[  126.473561][T12995] total_inactive_anon 372736
[  126.478175][T12995] total_active_anon 0
[  126.482168][T12995] total_inactive_file 0
[  126.486308][T12995] total_active_file 8192
[  126.490551][T12995] total_unevictable 0
[  126.494519][T12995] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.4125,pid=12994,uid=0
[  126.509394][T12995] Memory cgroup out of memory: Killed process 12995 (syz.7.4125) total-vm:93828kB, anon-rss:1268kB, file-rss:22188kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  126.716402][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  126.716464][   T29] audit: type=1400 audit(382.702:5656): avc:  denied  { load_policy } for  pid=13057 comm="syz.2.4152" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  126.716805][T13058] SELinux: failed to load policy
[  126.786703][   T29] audit: type=1401 audit(382.772:5657): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  126.815227][   T29] audit: type=1400 audit(382.792:5658): avc:  denied  { create } for  pid=13065 comm="syz.8.4155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  126.841966][T13068] 9pnet_fd: Insufficient options for proto=fd
[  126.859373][   T29] audit: type=1400 audit(382.832:5659): avc:  denied  { mounton } for  pid=13067 comm="syz.3.4157" path="/syzcgroup/net/syz3/cgroup.procs" dev="cgroup" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  126.861220][T12995] syz.7.4125 (12995) used greatest stack depth: 8200 bytes left
[  126.906698][   T29] audit: type=1326 audit(382.892:5660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  126.929651][   T29] audit: type=1326 audit(382.892:5661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  126.952610][   T29] audit: type=1326 audit(382.892:5662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  126.975543][   T29] audit: type=1326 audit(382.892:5663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  126.998567][   T29] audit: type=1326 audit(382.892:5664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  127.001521][T13047] loop9: detected capacity change from 0 to 32768
[  127.021591][   T29] audit: type=1326 audit(382.892:5665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13070 comm="syz.8.4158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  127.069258][T13074] vhci_hcd: default hub control req: 2313 v4002 i0001 l0
[  127.110439][T13047]  loop9: p1 p3 < >
[  127.177155][T13082] lo speed is unknown, defaulting to 1000
[  127.363785][T13103] wireguard0: entered promiscuous mode
[  127.369375][T13103] wireguard0: entered allmulticast mode
[  127.414999][T13113] loop9: detected capacity change from 0 to 164
[  127.423062][T13113] Unable to read rock-ridge attributes
[  127.450180][T13113] Unable to read rock-ridge attributes
[  127.490467][T13119] GUP no longer grows the stack in syz.9.4178 (13119): 200000004000-20000000a000 (200000002000)
[  127.501034][T13119] CPU: 1 UID: 0 PID: 13119 Comm: syz.9.4178 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  127.501135][T13119] Tainted: [W]=WARN
[  127.501142][T13119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  127.501156][T13119] Call Trace:
[  127.501163][T13119]  <TASK>
[  127.501172][T13119]  __dump_stack+0x1d/0x30
[  127.501197][T13119]  dump_stack_lvl+0xe8/0x140
[  127.501221][T13119]  dump_stack+0x15/0x1b
[  127.501241][T13119]  __get_user_pages+0x1968/0x1ed0
[  127.501360][T13119]  get_user_pages_remote+0x1d5/0x6c0
[  127.501394][T13119]  __access_remote_vm+0x15c/0x590
[  127.501427][T13119]  access_remote_vm+0x32/0x40
[  127.501468][T13119]  proc_pid_cmdline_read+0x32b/0x6c0
[  127.501505][T13119]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  127.501533][T13119]  vfs_readv+0x3fb/0x690
[  127.501588][T13119]  __x64_sys_preadv+0xfd/0x1c0
[  127.501622][T13119]  x64_sys_call+0x282e/0x3000
[  127.501648][T13119]  do_syscall_64+0xd2/0x200
[  127.501670][T13119]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  127.501726][T13119]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  127.501763][T13119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.501841][T13119] RIP: 0033:0x7f89cf5df6c9
[  127.501859][T13119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.501880][T13119] RSP: 002b:00007f89ce047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  127.501902][T13119] RAX: ffffffffffffffda RBX: 00007f89cf835fa0 RCX: 00007f89cf5df6c9
[  127.501917][T13119] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003
[  127.501931][T13119] RBP: 00007f89cf661f91 R08: 0000000000000000 R09: 0000000000000000
[  127.501946][T13119] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  127.502029][T13119] R13: 00007f89cf836038 R14: 00007f89cf835fa0 R15: 00007ffd2e202be8
[  127.502050][T13119]  </TASK>
[  127.506533][T13121] loop7: detected capacity change from 0 to 1024
[  127.706131][T13121] EXT4-fs: Ignoring removed orlov option
[  127.712141][T13121] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.770398][T13121] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c018, mo2=0082]
[  127.783399][T13121] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.810085][T13130] __nla_validate_parse: 7 callbacks suppressed
[  127.810100][T13130] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4183'.
[  127.871258][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.873713][T13133] loop8: detected capacity change from 0 to 512
[  127.901525][T13133] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.971901][T13133] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  127.988206][T13133] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28
[  128.000907][T13133] EXT4-fs (loop8): This should not happen!! Data will be lost
[  128.000907][T13133] 
[  128.010900][T13133] EXT4-fs (loop8): Total free blocks count 0
[  128.017135][T13133] EXT4-fs (loop8): Free/Dirty block details
[  128.023274][T13133] EXT4-fs (loop8): free_blocks=65280
[  128.028844][T13133] EXT4-fs (loop8): dirty_blocks=33
[  128.034150][T13133] EXT4-fs (loop8): Block reservation details
[  128.040472][T13133] EXT4-fs (loop8): i_reserved_data_blocks=33
[  128.077325][ T7421] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.091908][T13148] 9pnet_fd: Insufficient options for proto=fd
[  128.295016][T13160] loop9: detected capacity change from 0 to 512
[  128.346742][T13162] wireguard0: entered promiscuous mode
[  128.352436][T13162] wireguard0: entered allmulticast mode
[  128.359619][T13160] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.389222][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.493575][T13186] ip6t_rpfilter: unknown options
[  128.515127][T13192] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4207'.
[  128.563595][T13204] ip6t_rpfilter: unknown options
[  128.648163][T13211] atomic_op ffff888121879528 conn xmit_atomic 0000000000000000
[  128.651892][T13213] loop7: detected capacity change from 0 to 512
[  128.665837][T13213] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.696551][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.813204][T13229] wireguard0: entered promiscuous mode
[  128.818888][T13229] wireguard0: entered allmulticast mode
[  128.916674][T13234] hub 2-0:1.0: USB hub found
[  128.921771][T13234] hub 2-0:1.0: 8 ports detected
[  129.027777][T13252] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  129.103009][T13256] netlink: 'syz.7.4232': attribute type 5 has an invalid length.
[  129.313517][T13277] hub 2-0:1.0: USB hub found
[  129.318233][T13277] hub 2-0:1.0: 8 ports detected
[  129.508378][T13299] wireguard0: entered promiscuous mode
[  129.513927][T13299] wireguard0: entered allmulticast mode
[  129.604520][T13305] SELinux: failed to load policy
[  129.874594][T13353] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4276'.
[  129.907526][T13359] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=13359 comm=syz.2.4277
[  129.922458][T13359] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13359 comm=syz.2.4277
[  130.199665][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  130.733497][T13372] IPv6: NLM_F_CREATE should be specified when creating new route
[  130.792200][T13373] SELinux: failed to load policy
[  131.236064][T13396] loop9: detected capacity change from 0 to 512
[  131.243180][T13396] EXT4-fs: Ignoring removed i_version option
[  131.249310][T13396] EXT4-fs: Ignoring removed bh option
[  131.272419][T13396] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.302320][ T8894] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.395780][T13411] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4302'.
[  131.395810][T13411] netlink: 348 bytes leftover after parsing attributes in process `syz.8.4302'.
[  131.395830][T13411] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4302'.
[  131.395844][T13411] netlink: 348 bytes leftover after parsing attributes in process `syz.8.4302'.
[  131.395915][T13411] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4302'.
[  131.758787][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  131.758810][   T29] audit: type=1400 audit(387.742:5905): avc:  denied  { relabelfrom } for  pid=13428 comm="syz.9.4312" name="" dev="pipefs" ino=40215 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  131.758844][   T29] audit: type=1400 audit(387.742:5906): avc:  denied  { mac_admin } for  pid=13428 comm="syz.9.4312" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  131.760789][   T29] audit: type=1400 audit(387.742:5907): avc:  denied  { relabelto } for  pid=13428 comm="syz.9.4312" name="" dev="pipefs" ino=40215 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:admin_passwd_exec_t:s0"
[  131.781247][   T29] audit: type=1400 audit(387.772:5908): avc:  denied  { name_bind } for  pid=13431 comm="syz.7.4314" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  131.783297][   T29] audit: type=1400 audit(387.772:5909): avc:  denied  { write } for  pid=13431 comm="syz.7.4314" name="udp" dev="proc" ino=4026532918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  131.893682][   T29] audit: type=1326 audit(387.882:5910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.8.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  131.919632][T13434] lo speed is unknown, defaulting to 1000
[  132.037503][   T29] audit: type=1326 audit(387.932:5911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.8.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  132.037625][   T29] audit: type=1326 audit(387.932:5912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.8.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  132.037664][   T29] audit: type=1326 audit(387.932:5913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.8.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  132.037695][   T29] audit: type=1326 audit(387.932:5914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13440 comm="syz.8.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  132.305143][T13457] loop8: detected capacity change from 0 to 2048
[  132.352698][T13457] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  132.437934][T13457] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  132.454520][T13457] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  132.467388][T13457] EXT4-fs (loop8): This should not happen!! Data will be lost
[  132.467388][T13457] 
[  132.477347][T13457] EXT4-fs (loop8): Total free blocks count 0
[  132.483610][T13457] EXT4-fs (loop8): Free/Dirty block details
[  132.490024][T13457] EXT4-fs (loop8): free_blocks=2415919104
[  132.496263][T13457] EXT4-fs (loop8): dirty_blocks=2224
[  132.501985][T13457] EXT4-fs (loop8): Block reservation details
[  132.508258][T13457] EXT4-fs (loop8): i_reserved_data_blocks=139
[  132.523071][T13467] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  132.730064][T13483] loop8: detected capacity change from 0 to 4096
[  132.752820][T13483] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.873941][T13509] loop7: detected capacity change from 0 to 2048
[  132.901520][T13509] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  132.998035][T13509] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  133.013018][T13509] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 952 with error 28
[  133.025606][T13509] EXT4-fs (loop7): This should not happen!! Data will be lost
[  133.025606][T13509] 
[  133.035338][T13509] EXT4-fs (loop7): Total free blocks count 0
[  133.041380][T13509] EXT4-fs (loop7): Free/Dirty block details
[  133.047329][T13509] EXT4-fs (loop7): free_blocks=2415919104
[  133.053138][T13509] EXT4-fs (loop7): dirty_blocks=960
[  133.058334][T13509] EXT4-fs (loop7): Block reservation details
[  133.064350][T13509] EXT4-fs (loop7): i_reserved_data_blocks=60
[  133.158087][T10282] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  133.173091][ T7421] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.239627][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  133.265961][   T36] lo speed is unknown, defaulting to 1000
[  133.271744][   T36] syz2: Port: 1 Link DOWN
[  133.394523][T13567] rdma_op ffff888121879980 conn xmit_rdma 0000000000000000
[  133.572876][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.580615][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.588473][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.596455][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.615115][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.622885][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.630877][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.638680][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.646619][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.654221][ T3408] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  133.665085][ T3408] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  133.716981][T13612] netlink: 'syz.9.4381': attribute type 14 has an invalid length.
[  133.724841][T13612] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4381'.
[  133.752122][T13612] netlink: 'syz.9.4381': attribute type 14 has an invalid length.
[  133.760004][T13612] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4381'.
[  133.918331][T13631] loop8: detected capacity change from 0 to 2048
[  133.936180][T13631] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  134.024632][T13631] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  134.101859][T13631] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1234 with error 28
[  134.114346][T13631] EXT4-fs (loop8): This should not happen!! Data will be lost
[  134.114346][T13631] 
[  134.124077][T13631] EXT4-fs (loop8): Total free blocks count 0
[  134.130094][T13631] EXT4-fs (loop8): Free/Dirty block details
[  134.136141][T13631] EXT4-fs (loop8): free_blocks=2415919104
[  134.141886][T13631] EXT4-fs (loop8): dirty_blocks=1248
[  134.147232][T13631] EXT4-fs (loop8): Block reservation details
[  134.153278][T13631] EXT4-fs (loop8): i_reserved_data_blocks=78
[  134.193006][T13653] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  134.900280][T13669] loop7: detected capacity change from 0 to 512
[  134.920870][T13669] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  134.975722][T13669] Invalid ELF header magic: != ELF
[  135.027633][T13691] bond1: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  135.040225][T13691] bond1 (unregistering): Released all slaves
[  135.248310][T13716] syzkaller0: tun_chr_ioctl cmd 1074025677
[  135.276911][T13716] syzkaller0: linktype set to 280
[  135.359221][T13727] 9pnet: Could not find request transport: 0x0000000000000004
[  135.396622][T13732] loop8: detected capacity change from 0 to 256
[  136.321531][T13844] netlink: 'syz.2.4464': attribute type 12 has an invalid length.
[  136.673070][T13898] vlan2: entered allmulticast mode
[  136.779428][T13909] hub 2-0:1.0: USB hub found
[  136.779475][T13909] hub 2-0:1.0: 8 ports detected
[  136.969785][   T29] kauditd_printk_skb: 245 callbacks suppressed
[  136.969838][   T29] audit: type=1400 audit(392.962:6160): avc:  denied  { connect } for  pid=13936 comm="syz.9.4486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  137.041750][   T29] audit: type=1400 audit(393.032:6161): avc:  denied  { create } for  pid=13942 comm="syz.9.4487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  137.041839][   T29] audit: type=1400 audit(393.032:6162): avc:  denied  { bind } for  pid=13942 comm="syz.9.4487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  137.041961][   T29] audit: type=1400 audit(393.032:6163): avc:  denied  { read } for  pid=13942 comm="syz.9.4487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  137.081873][   T29] audit: type=1400 audit(393.072:6164): avc:  denied  { watch watch_reads } for  pid=13949 comm="syz.7.4489" path="/618/file1" dev="tmpfs" ino=3202 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  137.251821][   T29] audit: type=1400 audit(393.242:6165): avc:  denied  { read } for  pid=13966 comm="syz.9.4492" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  137.251856][   T29] audit: type=1400 audit(393.242:6166): avc:  denied  { open } for  pid=13966 comm="syz.9.4492" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  137.251883][   T29] audit: type=1400 audit(393.242:6167): avc:  denied  { ioctl } for  pid=13966 comm="syz.9.4492" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  137.384330][   T29] audit: type=1400 audit(393.372:6168): avc:  denied  { ioctl } for  pid=13989 comm="syz.9.4495" path="socket:[40946]" dev="sockfs" ino=40946 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  137.474071][   T29] audit: type=1400 audit(393.462:6169): avc:  denied  { create } for  pid=13999 comm="syz.9.4498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  137.515985][T14005] loop7: detected capacity change from 0 to 512
[  137.568102][T14005] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.595811][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.611649][T14005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=12
[  137.620987][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.634489][T14005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=12
[  137.644073][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.657619][T14005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=12
[  137.666664][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.681518][T14005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=12
[  137.691692][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.705136][T14005] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=12
[  137.715077][T14005] EXT4-fs error (device loop7): ext4_xattr_block_get:597: inode #12: comm syz.7.4501: corrupted xattr block 6: invalid header
[  137.758449][ T6812] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.826304][T14027] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4510'.
[  137.835348][T14027] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4510'.
[  137.844332][T14027] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4510'.
[  137.854207][T14027] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4510'.
[  137.863437][T14027] netlink: 'syz.9.4510': attribute type 6 has an invalid length.
[  137.934057][T14032] SELinux: failed to load policy
[  138.276938][T14077] sd 0:0:1:0: device reset
[  138.319039][   T36] kernel write not supported for file /958/gid_map (pid: 36 comm: kworker/1:1)
[  138.697993][T14119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4553'.
[  138.731760][T14119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4553'.
[  138.790915][T14128] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4558'.
[  138.801263][T14119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4553'.
[  138.859060][T14119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4553'.
[  138.884437][T14131] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4559'.
[  138.903051][T14119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4553'.
[  139.121384][T14169] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4575'.
[  139.340380][T14215] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4598'.
[  139.359292][T14214] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4597'.
[  139.426750][T14229] IPv6: NLM_F_CREATE should be specified when creating new route
[  139.445442][T14232] netlink: 'syz.3.4606': attribute type 3 has an invalid length.
[  140.131718][T14310] bond2: option resend_igmp: invalid value (1024)
[  140.138326][T14310] bond2: option resend_igmp: allowed values 0 - 255
[  140.150584][T14310] bond2 (unregistering): Released all slaves
[  140.405436][T14352] ALSA: seq fatal error: cannot create timer (-19)
[  140.448117][T14358] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14358 comm=syz.7.4663
[  140.670331][T14386] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  140.719772][T14392] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  141.100111][T14451] netlink: 3 bytes leftover after parsing attributes in process `syz.7.4708'.
[  141.117142][T14451] 1ªX¹¦À: renamed from 
60ªX¹¦À
[  141.125148][T14451] A link change request failed with some changes committed already. Interface 
61ªX¹¦À may have been left with an inconsistent configuration, please check.
[  141.530043][T14542] netlink: 'syz.9.4750': attribute type 12 has an invalid length.
[  141.739473][T14580] netlink: 'syz.9.4768': attribute type 1 has an invalid length.
[  141.753357][T14580] 8021q: adding VLAN 0 to HW filter on device bond2
[  141.773186][T14580] bond2: (slave geneve2): making interface the new active one
[  141.782623][T14580] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  141.980883][   T29] kauditd_printk_skb: 720 callbacks suppressed
[  141.980918][   T29] audit: type=1400 audit(397.972:6890): avc:  denied  { read write } for  pid=7421 comm="syz-executor" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  142.021636][   T29] audit: type=1400 audit(398.012:6891): avc:  denied  { map_create } for  pid=14608 comm="syz.8.4782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.057848][   T29] audit: type=1400 audit(398.012:6892): avc:  denied  { prog_load } for  pid=14608 comm="syz.8.4782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.077225][   T29] audit: type=1400 audit(398.012:6893): avc:  denied  { prog_load } for  pid=14608 comm="syz.8.4782" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.096433][   T29] audit: type=1400 audit(398.012:6894): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  142.121009][   T29] audit: type=1400 audit(398.032:6895): avc:  denied  { read write } for  pid=7421 comm="syz-executor" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  142.145498][   T29] audit: type=1400 audit(398.032:6896): avc:  denied  { prog_load } for  pid=14612 comm="syz.9.4785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.165541][   T29] audit: type=1400 audit(398.042:6897): avc:  denied  { map_create } for  pid=14614 comm="syz.8.4784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.184947][   T29] audit: type=1400 audit(398.042:6898): avc:  denied  { prog_load } for  pid=14614 comm="syz.8.4784" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  142.203952][   T29] audit: type=1400 audit(398.042:6899): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  143.704780][T14884] sch_tbf: peakrate 7 is lower than or equals to rate 7 !
[  143.761940][T14895] __nla_validate_parse: 7 callbacks suppressed
[  143.761955][T14895] netlink: 96 bytes leftover after parsing attributes in process `syz.8.4917'.
[  143.805308][T14899] netlink: 'syz.9.4920': attribute type 12 has an invalid length.
[  144.244788][T14957] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4947'.
[  144.244807][T14957] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4947'.
[  144.244828][T14957] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4947'.
[  144.280373][T14957] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4947'.
[  144.280392][T14957] netlink: 'syz.7.4947': attribute type 6 has an invalid length.
[  144.516365][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  144.516966][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  144.544376][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  144.544719][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  144.547655][T14995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4964'.
[  145.088654][T15086] IPv6: Can't replace route, no match found
[  145.394158][T10267] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.448134][T15147] xt_hashlimit: max too large, truncated to 1048576
[  146.068446][T15174] 0ªX¹¦À: renamed from caif0
[  146.074699][T15174] 0ªX¹¦À: entered allmulticast mode
[  146.079940][T15174] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  146.990727][   T29] kauditd_printk_skb: 1074 callbacks suppressed
[  146.990752][   T29] audit: type=1326 audit(146.984:7974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15247 comm="syz.8.5086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.027702][   T29] audit: type=1400 audit(147.014:7975): avc:  denied  { read write } for  pid=7421 comm="syz-executor" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  147.052215][   T29] audit: type=1400 audit(147.044:7976): avc:  denied  { map_create } for  pid=15250 comm="syz.8.5087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  147.070983][   T29] audit: type=1400 audit(147.064:7977): avc:  denied  { prog_load } for  pid=15250 comm="syz.8.5087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  147.089653][   T29] audit: type=1326 audit(147.064:7978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15250 comm="syz.8.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.152494][   T29] audit: type=1326 audit(147.064:7979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15250 comm="syz.8.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.175465][   T29] audit: type=1400 audit(147.064:7980): avc:  denied  { prog_load } for  pid=15250 comm="syz.8.5087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  147.194098][   T29] audit: type=1326 audit(147.064:7981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15250 comm="syz.8.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.217113][   T29] audit: type=1326 audit(147.064:7982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15250 comm="syz.8.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.240000][   T29] audit: type=1326 audit(147.064:7983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15250 comm="syz.8.5087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabac3f6c9 code=0x7ffc0000
[  147.399405][T13390] Bluetooth: hci0: command 0x1003 tx timeout
[  147.399460][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  148.289582][T15393] netem: incorrect ge model size
[  148.294565][T15393] netem: change failed
[  149.350239][T15469] __nla_validate_parse: 9 callbacks suppressed
[  149.350257][T15469] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5190'.
[  149.529939][T15496] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5198'.
[  149.602885][T15498] syzkaller0: entered promiscuous mode
[  149.608413][T15498] syzkaller0: entered allmulticast mode
[  149.767804][T15524] netlink: 'syz.8.5215': attribute type 1 has an invalid length.
[  149.795831][T15524] 8021q: adding VLAN 0 to HW filter on device bond1
[  149.804804][T15528] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5216'.
[  149.814721][T15528] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5216'.
[  149.862304][T15524] bond1: (slave batadv0): Opening slave failed
[  149.886296][T15544] ip6gre2: entered allmulticast mode
[  150.317977][T15619] ip6gre1: entered allmulticast mode
[  150.442027][T15631] syzkaller0: entered promiscuous mode
[  150.447700][T15631] syzkaller0: entered allmulticast mode
[  150.528216][T15635] macvtap0: refused to change device tx_queue_len
[  150.543690][T15637] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5268'.
[  150.567350][T15640] netlink: 'syz.8.5269': attribute type 4 has an invalid length.
[  150.599114][T15640] netlink: 'syz.8.5269': attribute type 4 has an invalid length.
[  150.821825][T15673] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5287'.
[  150.972968][T15695] netlink: 'syz.7.5298': attribute type 4 has an invalid length.
[  150.985888][T15695] netlink: 'syz.7.5298': attribute type 4 has an invalid length.
[  151.088880][T15701] netlink: 176 bytes leftover after parsing attributes in process `syz.7.5301'.
[  151.116060][T15715] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  151.677353][T15780] lo speed is unknown, defaulting to 1000
[  151.955412][T15853] netlink: 96 bytes leftover after parsing attributes in process `syz.7.5373'.
[  152.002238][   T29] kauditd_printk_skb: 1167 callbacks suppressed
[  152.002253][   T29] audit: type=1400 audit(151.994:9151): avc:  denied  { prog_load } for  pid=15861 comm="syz.3.5378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.002492][T15862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5378'.
[  152.008826][   T29] audit: type=1400 audit(151.994:9152): avc:  denied  { create } for  pid=15861 comm="syz.3.5378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  152.078880][   T29] audit: type=1400 audit(152.034:9153): avc:  denied  { map_create } for  pid=15863 comm="syz.3.5379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.097662][   T29] audit: type=1400 audit(152.034:9154): avc:  denied  { prog_load } for  pid=15863 comm="syz.3.5379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.116316][   T29] audit: type=1400 audit(152.034:9155): avc:  denied  { open } for  pid=15863 comm="syz.3.5379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  152.135155][   T29] audit: type=1400 audit(152.034:9156): avc:  denied  { write } for  pid=15859 comm="syz.7.5377" name="mcfilter6" dev="proc" ino=4026532965 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=0
[  152.157838][   T29] audit: type=1400 audit(152.054:9157): avc:  denied  { prog_load } for  pid=15866 comm="syz.3.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.176509][   T29] audit: type=1400 audit(152.064:9158): avc:  denied  { map_create } for  pid=15866 comm="syz.3.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.195179][   T29] audit: type=1400 audit(152.064:9159): avc:  denied  { prog_load } for  pid=15866 comm="syz.3.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  152.213782][   T29] audit: type=1400 audit(152.064:9160): avc:  denied  { read write } for  pid=6812 comm="syz-executor" name="loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  152.321711][T15901] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5396'.
[  152.677688][T15955] lo speed is unknown, defaulting to 1000
[  154.216582][T16199] IPv6: NLM_F_CREATE should be specified when creating new route
[  154.654232][T16269] lo speed is unknown, defaulting to 1000
[  155.191471][T16321] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(3)
[  155.198022][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  155.205564][T16321] vhci_hcd vhci_hcd.0: Device attached
[  155.215343][T16325] netlink: 'syz.2.5596': attribute type 10 has an invalid length.
[  155.223769][T16325] ipvlan0: entered allmulticast mode
[  155.229204][T16325] veth0_vlan: entered allmulticast mode
[  155.235338][T16321] vhci_hcd vhci_hcd.0: pdev(9) rhport(1) sockfd(5)
[  155.241850][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  155.249999][T16321] vhci_hcd vhci_hcd.0: Device attached
[  155.257454][T16325] team0: Device ipvlan0 failed to register rx_handler
[  155.266738][T16321] vhci_hcd vhci_hcd.0: pdev(9) rhport(2) sockfd(7)
[  155.273288][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  155.281055][T16321] vhci_hcd vhci_hcd.0: Device attached
[  155.309193][T16321] vhci_hcd vhci_hcd.0: pdev(9) rhport(3) sockfd(9)
[  155.315785][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  155.323305][T16321] vhci_hcd vhci_hcd.0: Device attached
[  155.332775][T16321] vhci_hcd vhci_hcd.0: pdev(9) rhport(4) sockfd(11)
[  155.339449][T16321] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  155.347066][T16321] vhci_hcd vhci_hcd.0: Device attached
[  155.356660][T16334] vhci_hcd: connection closed
[  155.356719][T10271] vhci_hcd: stop threads
[  155.356875][T16330] vhci_hcd: connection closed
[  155.361690][T10271] vhci_hcd: release socket
[  155.365991][T16328] vhci_hcd: connection closed
[  155.370696][T10271] vhci_hcd: disconnect device
[  155.375414][T16326] vhci_hcd: connection closed
[  155.393522][T16322] vhci_hcd: connection closed
[  155.402780][T10271] vhci_hcd: stop threads
[  155.412379][T10271] vhci_hcd: release socket
[  155.417017][T10271] vhci_hcd: disconnect device
[  155.422809][T10271] vhci_hcd: stop threads
[  155.427194][T10271] vhci_hcd: release socket
[  155.431931][T10271] vhci_hcd: disconnect device
[  155.437560][T10271] vhci_hcd: stop threads
[  155.442079][T10271] vhci_hcd: release socket
[  155.446663][T10271] vhci_hcd: disconnect device
[  155.451764][T10271] vhci_hcd: stop threads
[  155.456160][T10271] vhci_hcd: release socket
[  155.460748][T10271] vhci_hcd: disconnect device
[  155.469370][   T36] usb 19-1: new low-speed USB device number 2 using vhci_hcd
[  155.481045][   T36] usb 19-1: enqueue for inactive port 0
[  155.491612][   T36] usb 19-1: enqueue for inactive port 0
[  155.504020][   T36] usb 19-1: enqueue for inactive port 0
[  155.735781][   T36] vhci_hcd: vhci_device speed not set
[  155.927485][T16385] netlink: 'syz.8.5621': attribute type 29 has an invalid length.
[  155.956982][T16385] netlink: 'syz.8.5621': attribute type 29 has an invalid length.
[  155.965274][T16380] lo speed is unknown, defaulting to 1000
[  155.990802][T16394] __nla_validate_parse: 2 callbacks suppressed
[  155.990891][T16394] netlink: 3 bytes leftover after parsing attributes in process `syz.9.5624'.
[  156.008122][T16394] 0ªX¹¦À: renamed from caif0
[  156.018251][T16394] 0ªX¹¦À: entered allmulticast mode
[  156.023659][T16394] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  156.061047][T16401] netlink: 'syz.9.5628': attribute type 1 has an invalid length.
[  156.068801][T16401] netlink: 'syz.9.5628': attribute type 6 has an invalid length.
[  156.076572][T16401] netlink: 'syz.9.5628': attribute type 3 has an invalid length.
[  156.084311][T16401] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5628'.
[  156.636981][T16479] can0: slcan on ptm0.
[  156.689510][T16479] can0 (unregistered): slcan off ptm0.
[  157.016502][   T29] kauditd_printk_skb: 1035 callbacks suppressed
[  157.016516][   T29] audit: type=1400 audit(157.004:10196): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  157.072253][   T29] audit: type=1400 audit(157.014:10197): avc:  denied  { map_create } for  pid=16510 comm="syz.9.5680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.092400][   T29] audit: type=1400 audit(157.014:10198): avc:  denied  { prog_load } for  pid=16510 comm="syz.9.5680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.111617][   T29] audit: type=1400 audit(157.014:10199): avc:  denied  { prog_load } for  pid=16510 comm="syz.9.5680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.130800][   T29] audit: type=1400 audit(157.014:10200): avc:  denied  { prog_load } for  pid=16510 comm="syz.9.5680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.149944][   T29] audit: type=1400 audit(157.044:10201): avc:  denied  { read write } for  pid=8894 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  157.174269][   T29] audit: type=1400 audit(157.044:10202): avc:  denied  { map_create } for  pid=16513 comm="syz.9.5681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.193859][   T29] audit: type=1400 audit(157.044:10203): avc:  denied  { prog_load } for  pid=16513 comm="syz.9.5681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.213015][   T29] audit: type=1400 audit(157.044:10204): avc:  denied  { prog_load } for  pid=16513 comm="syz.9.5681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  157.232354][   T29] audit: type=1400 audit(157.054:10205): avc:  denied  { read write } for  pid=7421 comm="syz-executor" name="loop8" dev="devtmpfs" ino=108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  157.381115][T16552] netlink: 64 bytes leftover after parsing attributes in process `syz.8.5700'.
[  157.450310][T16565] ip6erspan0: entered promiscuous mode
[  157.603945][T16593] netlink: 'syz.3.5719': attribute type 10 has an invalid length.
[  157.638390][T16593] team0: Port device dummy0 added
[  158.045685][T16637] lo speed is unknown, defaulting to 1000
[  158.616148][T16766] netlink: 'syz.8.5802': attribute type 7 has an invalid length.
[  158.816584][T16807] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16807 comm=syz.9.5822
[  158.875131][T16820] netlink: 'syz.7.5828': attribute type 1 has an invalid length.
[  158.894411][T16820] bond2: (slave bridge1): making interface the new active one
[  158.902296][T16820] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  158.929757][T16829] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  159.053182][T16847] xt_CT: You must specify a L4 protocol and not use inversions on it
[  159.442998][T16899] xt_hashlimit: max too large, truncated to 1048576
[  159.648411][T16935] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5883'.
[  159.968163][T16984] lo speed is unknown, defaulting to 1000
[  160.046269][T17016] netlink: 'syz.3.5921': attribute type 4 has an invalid length.
[  160.129349][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5929'.
[  160.139699][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5929'.
[  160.179999][T17038] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5932'.
[  160.234172][T17038] bond_slave_0: entered promiscuous mode
[  160.239882][T17038] bond_slave_1: entered promiscuous mode
[  160.247612][T17038] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  160.260703][T17038] bond_slave_0: left promiscuous mode
[  160.266115][T17038] bond_slave_1: left promiscuous mode
[  161.369570][T17181] bridge0: entered promiscuous mode
[  161.375128][T17181] macvlan3: entered promiscuous mode
[  161.381847][T17181] bridge0: port 3(macvlan3) entered blocking state
[  161.388645][T17181] bridge0: port 3(macvlan3) entered disabled state
[  161.395646][T17181] macvlan3: entered allmulticast mode
[  161.401273][T17181] bridge0: entered allmulticast mode
[  161.409519][T17181] macvlan3: left allmulticast mode
[  161.414666][T17181] bridge0: left allmulticast mode
[  161.420957][T17181] bridge0: left promiscuous mode
[  161.470254][T17185] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(3)
[  161.476793][T17185] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  161.484380][T17185] vhci_hcd vhci_hcd.0: Device attached
[  161.519352][T17185] vhci_hcd vhci_hcd.0: pdev(8) rhport(1) sockfd(5)
[  161.525891][T17185] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  161.533910][T17185] vhci_hcd vhci_hcd.0: Device attached
[  161.544470][T17185] vhci_hcd vhci_hcd.0: pdev(8) rhport(2) sockfd(7)
[  161.551043][T17185] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  161.559161][T17185] vhci_hcd vhci_hcd.0: Device attached
[  161.589490][T17185] vhci_hcd vhci_hcd.0: pdev(8) rhport(3) sockfd(9)
[  161.596032][T17185] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  161.604066][T17185] vhci_hcd vhci_hcd.0: Device attached
[  161.612937][T17185] vhci_hcd vhci_hcd.0: pdev(8) rhport(4) sockfd(11)
[  161.619665][T17185] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  161.627718][T17185] vhci_hcd vhci_hcd.0: Device attached
[  161.635412][T17200] vhci_hcd: connection closed
[  161.635637][T10273] vhci_hcd: stop threads
[  161.645090][T10273] vhci_hcd: release socket
[  161.649835][T10273] vhci_hcd: disconnect device
[  161.658097][T17191] vhci_hcd: connection closed
[  161.666367][T17188] vhci_hcd: connection closed
[  161.671518][T17186] vhci_hcd: connection closed
[  161.672236][T17209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6008'.
[  161.676480][T17194] vhci_hcd: connection closed
[  161.683533][T17209] ip6gre2: entered allmulticast mode
[  161.695741][T10273] vhci_hcd: stop threads
[  161.704852][T10273] vhci_hcd: release socket
[  161.709442][T10273] vhci_hcd: disconnect device
[  161.715497][T10273] vhci_hcd: stop threads
[  161.719957][T10273] vhci_hcd: release socket
[  161.724519][T10273] vhci_hcd: disconnect device
[  161.729824][T10273] vhci_hcd: stop threads
[  161.734236][T10273] vhci_hcd: release socket
[  161.738861][T10273] vhci_hcd: disconnect device
[  161.744281][T10273] vhci_hcd: stop threads
[  161.748731][T10273] vhci_hcd: release socket
[  161.749339][ T3416] usb 17-1: new low-speed USB device number 2 using vhci_hcd
[  161.753448][T10273] vhci_hcd: disconnect device
[  161.766176][ T3416] usb 17-1: enqueue for inactive port 0
[  161.775186][ T3416] usb 17-1: enqueue for inactive port 0
[  161.784875][ T3416] usb 17-1: enqueue for inactive port 0
[  161.814007][T17219] bridge0: entered promiscuous mode
[  161.819734][T17219] macvlan2: entered promiscuous mode
[  161.826454][T17219] bridge0: port 4(macvlan2) entered blocking state
[  161.833216][T17219] bridge0: port 4(macvlan2) entered disabled state
[  161.840155][T17219] macvlan2: entered allmulticast mode
[  161.845687][T17219] bridge0: entered allmulticast mode
[  161.851559][T17219] macvlan2: left allmulticast mode
[  161.856738][T17219] bridge0: left allmulticast mode
[  161.862456][T17219] bridge0: left promiscuous mode
[  161.869313][ T3416] vhci_hcd: vhci_device speed not set
[  162.028492][   T29] kauditd_printk_skb: 1224 callbacks suppressed
[  162.028508][   T29] audit: type=1326 audit(162.019:11430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.057920][   T29] audit: type=1326 audit(162.019:11431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.091256][   T29] audit: type=1326 audit(162.019:11432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.114775][   T29] audit: type=1400 audit(162.019:11433): avc:  denied  { map_create } for  pid=17247 comm="syz.2.6028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  162.133483][   T29] audit: type=1326 audit(162.019:11434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.156498][   T29] audit: type=1326 audit(162.019:11435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.174475][T17261] bridge0: entered promiscuous mode
[  162.179542][   T29] audit: type=1326 audit(162.019:11436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.179632][   T29] audit: type=1400 audit(162.019:11437): avc:  denied  { prog_load } for  pid=17247 comm="syz.2.6028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  162.179655][   T29] audit: type=1326 audit(162.019:11438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.179707][   T29] audit: type=1326 audit(162.019:11439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17247 comm="syz.2.6028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  162.240461][T17261] macsec1: entered promiscuous mode
[  162.282780][T17261] bridge0: port 3(macsec1) entered blocking state
[  162.289633][T17261] bridge0: port 3(macsec1) entered disabled state
[  162.296686][T17261] macsec1: entered allmulticast mode
[  162.302387][T17261] bridge0: entered allmulticast mode
[  162.312803][T17261] macsec1: left allmulticast mode
[  162.318031][T17261] bridge0: left allmulticast mode
[  162.323946][T17261] bridge0: left promiscuous mode
[  162.564473][T10314] Bluetooth: hci0: Frame reassembly failed (-84)
[  163.279057][T10273] Bluetooth: hci1: Frame reassembly failed (-84)
[  164.599318][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  164.599318][T17399] Bluetooth: hci0: command 0x1003 tx timeout
[  164.915243][T17423] validate_nla: 1 callbacks suppressed
[  164.915261][T17423] netlink: 'syz.3.6110': attribute type 1 has an invalid length.
[  164.941331][T17423] bond1: (slave bridge1): making interface the new active one
[  164.949087][T17423] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  165.039008][T17439] bond2: (slave batadv0): Releasing active interface
[  165.198561][T10279] Bluetooth: hci0: Frame reassembly failed (-84)
[  165.319311][T17399] Bluetooth: hci1: command 0x1003 tx timeout
[  165.319317][T13390] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  165.359647][T17451] netlink: 'syz.8.6122': attribute type 10 has an invalid length.
[  165.367826][T17451] netlink: 'syz.8.6122': attribute type 10 has an invalid length.
[  165.375756][T17451] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6122'.
[  165.479403][T13390] Bluetooth: hci2: command 0x1003 tx timeout
[  165.479404][T17362] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  165.548244][T17463] netlink: 'syz.8.6128': attribute type 12 has an invalid length.
[  165.600181][T17465] lo speed is unknown, defaulting to 1000
[  165.610341][T17472] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6129'.
[  165.634167][T17476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17476 comm=syz.8.6134
[  165.717078][T17487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6138'.
[  165.896892][T17515] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  165.905449][T17515] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  166.907904][T17571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  166.984492][T17586] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6186'.
[  167.033097][   T29] kauditd_printk_skb: 524 callbacks suppressed
[  167.033111][   T29] audit: type=1400 audit(167.029:11964): avc:  denied  { prog_load } for  pid=17595 comm="syz.8.6191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  167.061664][   T29] audit: type=1400 audit(167.039:11965): avc:  denied  { map_create } for  pid=17597 comm="syz.2.6192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  167.080961][   T29] audit: type=1400 audit(167.039:11966): avc:  denied  { prog_load } for  pid=17597 comm="syz.2.6192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  167.100098][   T29] audit: type=1326 audit(167.039:11967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17597 comm="syz.2.6192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  167.123833][   T29] audit: type=1326 audit(167.039:11968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17597 comm="syz.2.6192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  167.147616][   T29] audit: type=1326 audit(167.039:11969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17597 comm="syz.2.6192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=129 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  167.172188][   T29] audit: type=1326 audit(167.039:11970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17597 comm="syz.2.6192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  167.195855][   T29] audit: type=1326 audit(167.039:11971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17597 comm="syz.2.6192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0232a1f6c9 code=0x7ffc0000
[  167.219681][   T29] audit: type=1400 audit(167.059:11972): avc:  denied  { map_create } for  pid=17599 comm="syz.2.6193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  167.239111][   T29] audit: type=1400 audit(167.059:11973): avc:  denied  { prog_load } for  pid=17599 comm="syz.2.6193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  167.244034][T17362] Bluetooth: hci0: command 0x1003 tx timeout
[  167.269226][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  167.358527][T17639] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6212'.
[  167.373230][T17639] bond_slave_0: entered promiscuous mode
[  167.379715][T17639] bond_slave_1: entered promiscuous mode
[  167.386771][T17639] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  167.397346][T17639] bond_slave_0: left promiscuous mode
[  167.402824][T17639] bond_slave_1: left promiscuous mode
[  167.419101][T10279] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  167.427395][T17647] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  167.468936][T17641] lo speed is unknown, defaulting to 1000
[  167.527287][T17661] ip6erspan0: entered promiscuous mode
[  167.542449][T10314] Bluetooth: hci0: Frame reassembly failed (-84)
[  167.560699][T17666] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17666 comm=syz.3.6224
[  167.852878][T17714] erspan0: entered promiscuous mode
[  167.861622][T17714] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6246'.
[  167.871644][T17714] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6246'.
[  168.719718][T17772] ==================================================================
[  168.727835][T17772] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  168.736435][T17772] 
[  168.738747][T17772] write to 0xffff888121b822e8 of 8 bytes by task 17771 on cpu 0:
[  168.746463][T17772]  shmem_file_splice_read+0x470/0x600
[  168.751848][T17772]  splice_direct_to_actor+0x26f/0x680
[  168.757220][T17772]  do_splice_direct+0xda/0x150
[  168.761982][T17772]  do_sendfile+0x380/0x650
[  168.766407][T17772]  __x64_sys_sendfile64+0x105/0x150
[  168.771604][T17772]  x64_sys_call+0x2bb4/0x3000
[  168.776283][T17772]  do_syscall_64+0xd2/0x200
[  168.780828][T17772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.786713][T17772] 
[  168.789029][T17772] write to 0xffff888121b822e8 of 8 bytes by task 17772 on cpu 1:
[  168.796750][T17772]  shmem_file_splice_read+0x470/0x600
[  168.802150][T17772]  splice_direct_to_actor+0x26f/0x680
[  168.807535][T17772]  do_splice_direct+0xda/0x150
[  168.812387][T17772]  do_sendfile+0x380/0x650
[  168.816859][T17772]  __x64_sys_sendfile64+0x105/0x150
[  168.822156][T17772]  x64_sys_call+0x2bb4/0x3000
[  168.826854][T17772]  do_syscall_64+0xd2/0x200
[  168.831355][T17772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.837249][T17772] 
[  168.839561][T17772] value changed: 0x0000000000017e83 -> 0x0000000000017f16
[  168.846660][T17772] 
[  168.848971][T17772] Reported by Kernel Concurrency Sanitizer on:
[  168.855110][T17772] CPU: 1 UID: 0 PID: 17772 Comm: syz.2.6273 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  168.866480][T17772] Tainted: [W]=WARN
[  168.870271][T17772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  168.880510][T17772] ==================================================================
[  169.559323][T17362] Bluetooth: hci0: command 0x1003 tx timeout
[  169.565523][ T3528] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  171.559349][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!