last executing test programs:

16m20.648217428s ago: executing program 2 (id=3592):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
open$dir(&(0x7f0000000340)='./file0\x00', 0x8100, 0x7c)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x40, 0x0)
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.nlink\x00', 0x0, 0x0)

16m20.596742538s ago: executing program 2 (id=3593):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000240)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x202, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x109081, 0x34)
syz_fuse_handle_req(r1, &(0x7f0000006380)="7f5912d07634539c3b2e15a57b311187a3eb119eb4b279cacf0b94d44882da90bb8c7bf605806fd007bddf798e1fed05db9ef39d3dff16e6eb4e5e642774588b2020a414a4574d1e0aa3474184583a655385fb5e7e632304e818af022a134095ea51f1f77a9472dabe407b36f0c47e318bfdd7c6ecb5a5bc07f28701201245abe626ab4592fac5b1544570a665a5e559eecf9505a828f5b0199a5dc33934b75bebb03744f92918f93553eb072cd2a940a5931a5907f82fc99d519f02287cac4341c4637dd8110214e9634088fc6b5a77a5065c4798538f41b263c6329df4d668d018f7ac9634910969342c836d78c7baa9893cef90deb8cbaa8cac81c262016a8dac72fa5c3d5094a8b64abbf82594b8cb1dc876e01a39fc9a26874052c47ec3ed015bc85933a98a61bbc108292a6c7932421162c82ec64518ce13f0fda30adf97b5c0d70fb0c69398e78d9dabe99d3d408bfef6e2518c820217b4a1cee43704fa5b5c4d4013bb61f631b813b8272188d403821fafe0ee4b5e09671c177e34a2566939920fcda640007845e4d19e2ce3693cea27e7ec2482ee603589260503c567e3dd320923e651d2530afe927013724b1ccc22c390c9e53a47331789172fb44c442cf558f9990badcbf377b731aa83d7b73a6675c687f16c9b96b59e0a6e262da754b1bba316a31fc262561d4628e33de9969794b879eb7ceee36abb30f5f977198bed19fbc4c4f13f32a3909fa76a3beef541a5dfff9ff8609fbfaba986e3a02b23dc0938e7e5b476f5b256a3e3333caea34de6410f75d1daedf4176f6e5a9fb915647bb65302b49895cfb699131513e1d7d937f8e452fe350a78783de31c96535c742b35edc7b117bc2fd2df6cdbef0cfa1000bade8a6c8a06019592b7dc144ffa88a01fb1f6093e82f63b05830f414a07779226b4928f5edc6d592a294c030d518f7e350b2e2536a2bae2616a574b63415c952c28cf6a82553411d305fdc33d1447b7356b8726b67d23dc0749bbb1230b18abfdb6a0fd35cc1489fcdd90aa83edcc613a77db36dd42fc5b83635df5c2acfddab054303e7c859c8bd5a21493742d8fc1adb1ae3f68f6103d65709a8d917292e648c5621691425a203de2e82e9e6bcd53a7f3e90238e89b2b05202ceafc72bb2f997a99487aa993a72d0cb44b345b3982784a78aafe5e5b6ddf2a17e4dca9a5433481fd8e60195832b704a1c186dc3317888c8c0849f1029d0df6af3a5fc93c8e643287ee38580ff450a259dc4bd45343aa453f462e92302c020ce91f26b1c2b66764cac41d2e809a46e51ac50121172759ba4c791cfc8856f7676ad8020433e00bb80e46d9d7709e196565b3a7b18270508d1e0023960e5b335bd901465dc328a581ca918dd295a110aa9f25ebb51ae5523eb619431a9db2b6e046cd94aae4b985bd663c6c6769015f49cb40d3f4b520c1022683487b170c9e47ed306097f1208a92ecf6727f7f276d19bcdfb987ca8b7f54732d0908f98ccac0ba9f6905e194da99608598ee87a6992c4dd33fad2e5e463c995babd0c7dad010499ee2cbf0f2fb63c7678d681a8b63d8a1316fcac3a107f8723dc004aaf7d9224090b6c78212172884eda7089cac24f196db5d3bd2747649e6fee4ebafb3d883df077f99bb945220161a3323aaa09a5caba3348a2d78096a18625aece41aad5cf9fc9cdb590f0cabb882839474c53a14fdbd34772f69cdd369260309a9500af55572adb7b23d4fdbfaa807242ba1130f7029fbcffde2da9b8a0814840e9b241febe92d6247419ae4cd15f5b073c7dc03e4541e24291ac5b4e29cde2649ca6cb7952e81308ae249906ca9d97d8ceb129b0b2b44a84e268b12b8a373965b877028cae0ead133c8422052a8f91d92f6695b6a3e9c36661c0cb6d03dc795490b09f62210803d88dfb3777b16e1485c9c7ce4a4becc718c9da4aaa32f5d9da57ffbfe6633a302b10c676a0e047f1b24e8dac251dffc841a2906002abdd64334a2cc50db924e196b6cee0f9261a87793dcbf8dcf1363b91b33dfcbca15798e9089cab241884ddacd61fa07f8797cb21f9c1f4f1d7fd8d0f2e19b99b40173853282bbe94e5c867006949b55c1a27e12fef9f264d2a14700fb5c828e21293b38502dadfd2e96dbbe866547a460a737951e55803fe5ed0b448aa1fbe65de9117d066b2f46dbe658510434d2d3fabc734fc5632fd16a3ddf04a0da7067908f3fe7d9c046ec9d528808d0f4a755a4467609386b31104db69605b78507f83995c297d049d6b028ffe981f0ecd972f23ca43096a955d437f604355e49e1d9fac491f955fae46a150555bd91173091a016aeddc51399b8dd20bb6e8e3060da97180d79a8eea89562bbe4dd19f5c36686c3ab5de9cdce1a241b407c78b2a8886b3e316f5163ec082bb1de53ac1797a633587d9319f3626ce3b052107cd55a6c44b97e27aaf9bf5fe0d4475ae2090920865b0a0f32567351c4ac9859e57cdd8254a58d2dc5d67dd16b513a02954d7c99a9544ce5d8ea8a59a06321083690cf6007bb941cafccb17a3b81c96453964cb469e07e8543407f2c03105d88bbd2073cf9fdc51c9fcf58854417f49141efb66b0f98b36b89eccfb616992286ebaa8f325eb9ca85a45d8b1dfa7a18dd46516ad40d2f46365fac4cbb044624139bb5a0bb0ed062edfa0260ea03b9268f18a7d94d83d4411ee46896ef955aada3e31d29e83414ac0a64353b6498c8f1ef37d051b38291369f6f124913d3fef14af925ab93a34d58f569f3c4f12aa458c85b2b29249e4c868e0bce4791c7f7226bf050c23ad590f6231315f1c9a087b3041ce33f6971c4d5a20f85bb103edd586184e90a34dd5c9e3eb1fea74fe413c503c5d48c70e3fc1d210985644ce5ce0b5636751947ae22e3dd6fa39dcbe1ee3def6a3097c8d9836db3b9ce1bcff91451bc46ef3000b5dc66b007ff2ace898a81631c5728c9de7710c41691332a268b18f0eec37ed7944ad0049936e9fe4df157a8eb324ef0d9954ee8da259c700b05bea37e4238c7be1ead4ca18ef228a15d9828476e899b77821f27512ad3ca27e2bdc769890e6addc2bc1ade2a5434421d627d978b72ce2fab1ee5769646881a2ecea9743ec88b48442806e946c27213bd7fe137d3979dcf477eee9ebec8fbe72fd9b6123c0523e83045dc88ef385d961cb4b48320e16350846ebb36accdcfe95cf541347dbdd7817e3e7d91b71a1dcb23ba7156484f90f789ba880b8019cb6a248f3db56e5cf7af156c6e84f58e8ffdc322b76dcd1b4ca02cb6fdd1d210807c34febac4c49ddb8257aa18ad782efca3406f34c6500fb65cbfec98077b50ef7a21e366e0fad97c6f6ca5d69b93639f7c608dae3e6b5c282ce130a8ef23908a626ef98e38bb9255ab6db1fdb48ca0d8f2d469123acbf6a1a83ca4f08d21bbf638ffe553fb4faa83993d9fbff7a9af18e21c74ffb720f41e02912d4507aee16acd64a34d2727bed087fa30c34202b34003330c15fbde12d5ba8e7a88b23501c6b837d01b97d78ea66e323579f0ffa9cbb40ebef25deb8a88f82a4e29441fdfcdb743bf98d1ac091677fd8fd3f172116697db4b2d1186303f68b71eae90dbcbee1cbd6eb49702dbf2de4f7f247bd071446fc2edeb68df92fb4436a3773ccc865587202f13083008f1dd964fc912c29bb0072f381b9d042d0fa058faba9d68886cd9fba2f41dd084ed13fbfe9e97afca35024025a83a6c6bbd798c8dae5bffdf486e88b6c32357b20b4b0fbea04c8cef7178a05d64bfcf836cd919216accd05b99ed4390b0016accac7e0fedacefb7ef4580ba6202aa241989fba902b5502bd4d6a3fb0c62c236f78969d395c67cf1ad2f5c250d8f8076189766d6e20ae9de72be45c2d68b5733a6d1f467db1b16a55da3245160188a217306298e5a86a4c4cad1ae72d6287c6b56684ab4452d54995322eb19c15724447b39c196e2056937fb2b956684c06bda117908000000f4524ddfab9c9fa5872f9fab3a5c3e1de343cb59744978ff286e037b2b8a122c6774291d713cd5b233ea9359764c528676e092840cfd716d995bdbae8dded68c71b8865490946df93c6c617b77ce830a1fb17b3459917ddb1797641ad2e5fa12a4ea8fdd0c914024913ea45237010d8f725c0d6ca6775a22285dab06c48432cee3faccfeda5c7756001121286c6ba8f52740a76a66632142fd84a088f5a0809d49b4cb513630a94acd1f5f246a997c85e90c7b0f9e55b3454a13cbc30518d3979789b76492afd411574ed54f0e9858693dd29b96a20aa55c6835a40c44c84d523054dcaded22718e48708958f977f94cdb360421878f67e97fe2140233f15924071c78fe5ea27b7f9e7eb0cc08fe19703df61906177cb8377c16d50ede70d62f1d8c0f8068323cd5eab2f6fba57ab3574c4742e06031d5a75f3d000b56051f43f987472a5f582a83f4c99a4366ac8c66673da6a312fe4804fb185f3fcbf6f3ffda91f5ebf6467ce6baa992a850765d37de2b3f16fd3ca44854993082e987ca1f520e0c149cdf92f727566c4c5ebe3ecf376c67a5fa7d51942784ff35236a0940a5f275a9ab8c0c5caf68421a14834edc9c29fd3adaedf4cca2802aaa33283ac811d97ef4affbba7315ce7fa5dd2783a067f223a4a8235fd67c23fa535efb4547202d171b51050d508081be9fb6467e9e7d052a7fa8fa8534c440f9f22c8f3d763d89666046951fe85f977a7ad816fc42037adbbec0352ed2b3454fa433e31a30159b9a3d5777944258f01dfe9d38f67af3e85dbdf23e5bb841401b40afeaa708f0a06a2efa2289f9ebda77c2a1390b887bf4b3dd90e418955d05431fd524b481b8b51c523fb1a3d0339bc3999c0a14d643a6ea69346f46a554bd25be3263a3c5ac0848b152d3eed833e7f2a6ce3b0d4100e49319120d4c2b520205fa2a344ab087bec0f73968768d0188007603a77428f12026cf3b296823f3138315ff0f95f3c62c060acb1a11850b46d361ab41b7ad241e45246b091ee2d0c1d444290ff6669a34f1fd0020795fe89d4b67bf07f16c88c8987e7f72480ad42109b43f37e4c753495661b0514553532364638ca8152782b99804b6f9da69fb2b5b7f93acad94ccbadf6e6d9547852088945d3d8c4c5702b1323c47fdd4fc77fcfd61c7ea8b26cfd0954be063cca429cb9915b8a937833ff4c1f2bd620b08dc00ddaab4fa5e13a5f4f2127f0b63b7140dd14b1dee95f178d2bc33cef7e820e609aaa20a733931625227529c714530574bb8cb38e6baef0cefe9a9e3277a4e1534f249abed7f06c8470ff3723c9140f5ed466ba7b79ab2ed2e61d2f5826d72a560c8cc6cf6a64fb9e70b1d15b80f22cd86bbd38b5c46741e054204476f63651f3cc9bce975600abb3133e104fe0145383d0d320367df2dd202daeb7b51b4a1e4e7d36fd1c847965efd71430b8bcef773163b1e378e1381f05083304ea41ee8d37ecd988cc671270101ad4800706cf0387bd038a7164d1586ef5e8791cd6bc3a91bdcf35982d46d841acc8342544d557d369cb4a84589082bf9503d45659791e522bec6a5f61f740ca5540787dc4a6a9f567bb6c0b13d618e80b2b348adde16fc63b2052f381eab8c120f14ab623a4110030847db00ed2d19c0101991f82a8671738b68b6e0efaa8f771de3cb6c2165298df69383b775fafb7c249fd78ad2ee46390c1b905b3853680a80a1849952a10e69fa64d680cdeaf5a451408c5b5d64e0f244ee362f21f37c66b795d73647964d12e297f7f6b760ee4e4b46ef502a54483d3838674e1767eb93f91454f1dfb629e45ed71646f139b685cdac6c73afc20bf62b3b2dcd81d9adf65b4f4a5f2a2a2fa7e079d944739546462519521e523db10cbff9489d7ce84a78ed5fa80b2d5361f4829bfa4bef5c351c984cf58a5f227687eadceb8c0cdc51825a008f8bb8ebb549864b6fba1da22da5aa0a0161464695fad60e636e45091b6dee20498f33ff9f91c1ef927c90215cbf4f5711805eb13e0e65cf326627bcfdaf0bf07d5e9c53520b884411ed632f9f5169db46d674fd660637ab8ee1ca1aefee8ea4ab3b41e6fc18842a0a254db125243e4e996db939aab80b04d70fb22f3c1cf7edb1d18cb5af99be7dd4f01e2ee265109abc51845dcb3f5c8e8477fd7fa8fe41bd83809120428ea9dfef010005964d66ef96c1648516f1b0cacebd95ab20c2a2e2647c967c48c6c9b7977441a0dfeffba2beaec54a66f863c9ef3a4e2fc77928291753648b7abf3fc26128cb4eea246468b05cac113b3464546442e14d5aa760a3d7c481d238b2a5226bfe0dfd2dd5b2a9a5ad738c6a83e21312e0e11ea3daedaa7a6e527ec166337d24b083ccf97af580edb453dc1a7b841b7266ea143b294291ac5ed5dce7dac20d14bb6e53b64eec515515ef817611d22d3a306170d4f358f0b890411454e1bdf85ccc42589ba1a1d75289523e4aae1eb46328d0dac43539eab1d3aeca3db300e605c53cccf04d3688e5db58fe283b01745dc39baea5ff49db07deb7adeac2d3df45fa72f9fccc9d1947556fd8594faa393a2854691016eeea88e96272ee1156874b9ba78a4f71022e3ec2e0776f8db400e6b967be079684d3d80645125c488f5bc0a69a3d7e12bf187a41a8acc9b2f7a610798fb6e2e438b85a9012d6f6990c7b9a557b98d32753cc1786868dc864edd3f0edd8bbf48924fd09d0d7a2334bfcbb5786752765c8f33fc8cdab048b81607b1ba098ce44e6d99d8b1b08b5d19d177f6661c32031d475381c0c804c63d2b7ae9a2198c0d6114e7bdd0e01a4cbfc5c41e858d28f157efe5a52ffd6d70f2bef2066a2d65ec68ac1ea678588f1cf0c9eb030f34a2d99138c4a6a0f85edd8a382324c2c823a7bfc3db3e6822faa0ab1801361c1f23aff0fdb8fb27cdc1db4226d62c0101561e78b704854893c6bf0de79b45f87da7a8e4f65875842230d2bfa152e96fecbe4a7465fb400cb7790102d0a89f105e84a23173141245d641051b8d614d3be26423bc0d042990c62ea3b7392e7a8117e250348d3cf79be1529c8a764da382f019b5a750ab848ad03cf53921c8548318db7aaef2be3acce1a3d9a9715ebf6a5b53da18ef20b932d5926c3cb44c1a4e6ef83f2a84f8afa382d44ea35f17bc147ae1dc792784cfd9edeb9fe09f422aca81ec59688baf429509a6b27ad0f6e21c977756a022979c8a47d983d42a913d0ea6ecfd8bc0aaf9fba62a36d542710161a088656dca539a940ec6dc79ab197eebb803988674d93c8d604a5bcdcdeba44c331c72e58ff9320f39031fe711bca2e0269b1028862c2d2a6c8871a0f92dddd30629eafc739165a070c61c12be11bf3d3cabb31decf449059c99fcc12a1684d8cb48e496df33920dc0a4fd225981c0f45b7220fd9d9189808e4bb39e5accc10fd7a8f3cf1335cb9dc31043a1e2eaf75e0ba500d5ca4497b2924725c0892033eb0ef944e2fc204e9f1e177862af3d59190e2335061a76d4d3bd922d9bb72553a339dd1672b61a91a0d0e23ddf6b08bd13cdf82451b5e8fd3842ba71eebdde40f8563124fba86c3c500f2ceb7246967f497f1dd3e5e42f14774a909199dbec4b469b8b3b6b25a95caa86f334084d38d71d93a395acb14c145298c503f7f494bb9867c564ad7e32aa1ca7bcfa2181dc712165247462db25192f7cba05cee92826c0561303bc473c9485a989793b8bfc2d0285dfbb13c11a426dff4e404435e2e47760d45b76f91b6c7bf04d4504c2502293fc7b49d24fda5b5fcfabf714087582d25a69ead80222da1d574d599b39a0c54ea7709dea1798b9eddea5cff504cc5ae40c561976c11a514f2ba359f6791830926fa13ac7f71e7614d0233305d3ec694b7d31ef320a44079af2614956ba31a66b959a11a3bfbdb683037d6ca42d0e9bbd2d83af74fd4a73dd6537e393b7026169d3c0e017a9e3392e03e8d76cc0f5f0caad4926b3169d61ea09b6cd45e5f62aba4ecab5b053d54cdf8ec5a69320094d520f702cbd218125f24e38a5934a2f5f4d74c12df05cc0c7b3c36a37db2863e918a8cbc496fa77bf6109008e20602636ddbd53aec45741384aafd05ebbac9d6ddd8aeb3d75775bae5124cbc7fb5db4ce9c8af96ad05035a8dcb64c0b02f0669c65b07f60c9cb81e99462ef8318d0ab65b97d6a9271042f4d46a5d8ee42b90783db78827d018b8d392ab3eab88e06b409878fcf74067b1a1fede92874741cfde10bdb444819fb991c36c9dd458c8794e0b4bd9e3f7cd383c485e6a60fa4238b318e14896934d97b4b7993472f4f9f246ca7523e5979c984fd16248b087cc3eafd706328a3ec47f88247357c4b759a2a1f0efde24f4129fb612f8c3742847b39996487653d6bcaf5862dc1bca501abed2d0b5a23c1d2a62eb968acb01763718b27a57e99bcd66c9910d6d0bedc7e6197bd58267cb1a8c61eeef9f19aaa6a0cab7cc268e8bec46db3fbcf4de3e8abe483bb01811087fec18bbe471628c3bc80194d3661efa6d9130a524089b07d8cdf6198018a24d23bfee4a1664e68ae7c30f77bbbcc7116d9bda8a4e6c01f047a4ee60a09ab23a63e1bcdeb3869043efe60eb3b7a6beb366d11e786002b2e3d36d44f91ed87152697e456f8ebd2b0e15df21a773b1ea876319fada12bd340314944f8d9d90ea26380cd83692a2f634c241bfa0868fd7ba52a841ad418c97e818195047d6d11ade0aafabe0d627a68721f61f3758c40dd14498521966380d59e0cb621953f0ea908fd297178899b2e60c210479a4a9ef9a8cf1d2a0c2e909043ce75d2f4fb766eb166b995b714cfb71bad7462525aa15d3fc8462808f8a0cee080502765bb9d1e9912a9ba937a94e48708b531d5ba71bdddb97fe77dfc7fcbcc0ddbef56c1f78feff399eabe15aac18b95f0c88a40dd5ebbdcb3ae45ba66dc990e9267c5290f7b357e1ae5e354c72edab117bcc394e4e8a91d99ca2f000420ff9cb32f87c663c6bb9692cab44c5c26212dad70a5426ce7eee219cdeb6bcb65d9b1f957c3e495a1198a60dcf446f4b192fa50d8c4426b8ba3ef0e06be2d04d7e142e825718828617220349408bd313df2ae8f860058b169b7ec3416f4c73fbfe509b442b8332a7049e7dd59b77d199079c187f7afb9b869ddd27864fb1bd0ba7e0ff67ceefc88f86362540a3020b9a90d07b9634358142a4b095f3becfc810b2ca5d78361403cf09e59c3b747953ff3535bb9f99bfd20da8a64082fd8552739f622e5d24d2fee438083d839402aac872f3d98f394d56bb4564c8caac19ec4873ffd2dae20a0bd8f0781fb92984755014695ba1f3a2e01ce4fa33206b53138afdacf34c2be54b56cd76a9948013538c7ed8fa60055e9b60aafde90f50b4e0cc9b3009f45823f674f23ddd6cb2439c479e20ab975139055bc8ad72315c3c466093be1e06ad27f7601b9cfbce93f172143c6523e239fed636ece9407caa423db7e64d6ee1163976dd7f19c333d02d788111de7243b7dd6dba0a1d9957e758acd4ad9ceba61d0be6c2be89b65d18f1a7f1cee89f9fee5dc682e12e78d2822f99f4b2a920c36d0650604c545b76c9e5755032a8ea94d0fb21d513a138b5a1ad86acdf0097d5f289a9629c7a3e570a96383980c067a702cdc198712adade467e0baf05595108dff0b342d1b1fe243cf8145d024b46f8008c20ded574da9f49b49163591a6cd2fcad74caad0e95dc5714a15cfa88ff11a7d30028326575217447100f4c5c97f0cc25d79960e39b94f0ab60f986fa3c919865f8e231bd77c2c759b166d8874728e9e131b9b3aa5cd166a9ae330ca439ea3ffb7581f1f4389ebf9334810d07981c5ea03b42ef5615ebc17005a0c9c02478353c08f4cca0b6a2e98de3d51d3174ee8101387f52b12b699b57a4c50452a978eb43c3a101ae69213fe93f2606fc6bf7b771e3dea5e578b85e5642791e9aa281c8f91cebde1095cbc23ce174a1ceec151703a226749176d42d72468d48f88012d18e0f2640c3018e08c8a2df197f273596ca5d48cf976b7ee051189b8081f0863e613258f267a5bcf30509c6285fc37c0d045c29c471b04f189cb3c69914ba0591cfba1c71ed909362aa8840be28e624e3a6b8393170e809231e10820326ecd03e23e11dfe29ae47adddf3d4f858d51f9ca33ee85a5077a1463caac5d034293bcacafe15b3e6cac7247a33ace000f164cf8a5243f89b89b8b11220b35a07679e7af900e540d965669fa23ca0d0d3b47d9b2cb0fa31a90c69e686d582f6c9c8c628875c002cc5e288a5e1b738842258569fe2a4de3dfd7dfd13b1fd7c8c29dfa4f58ea8d0c7e56222fb9b0d29c68c7cb8ba3fd79b04a14366f83bbef2531311a3f385bdad440ee85e2dd947f32a349f9d1eb750ceb0f7211980b0b970c7b81f16935d4d3e764869edae7a45cb45a0445e8c8ec27fac4edd6ea269563b6f12f394782fd970cbfc2752fc9f4892c731eaac8e3a315797b0449b2a9ae3d4bd25d0e8f1a43e29630b4e2e882ece16dc542fcbc1f165b2cefc4deb40c23bf61f3e51d5acbc81135d35f0c055d8a003e03c0625e83f95ab2349c222dbc6d62d34e0119938d0b384a86dbdfd00c1226d0ff1f834c3529361c9db6d5612009bc39a0d654de2940ee2b8a96bd3c297ecad0a3df1b2a85a400fab889648315415c4ddbd0c9752146496d3769b3c9148330a8324453d4431d19727ddd12493003bd7eaeb05b2f5c333a33cba442df3dc11dc23c80292a52b040f5e707784b5d29f4c46d3ac8ae0e159517c1a196103bfd6bf6d32afd687773bf224ef00c844f1f36365e7220c57a97aa0904219a0ab84def7095b280b971b554e0142d154c5422c918b4744bb3b9e61721a983f4d63cc79fd88295b67b24fec0ec1ce8a2e80a1ca4e97cdda6d2df44a571a74b941f049886355e2bb5ed908e646850d85095d099e3a189a4298f4a25c0798b4dc25cd630695561a04f43ff009e4f49177e01c11442593fbc23657a46f918a77231b3405d4931b6f2c01f0207d6933304bb2106c5dbce23378bc7ca66ff4f57550bbc36500f6c4ce21dc22a4575c315d2f4c4fb1fb8e12ebc2c037451611718d4371c6d0a00bab9f68a1dea6bd654d49232ab3c85e07a6ec8e2b19012c31d540f81d666d0a236e9e2a4b6d85c0974efa172d13003b63e94cd7a5652f4703d88712fb63521abaf0e2a0dd4b2e457e42d4a811db6a77310b1aff1b9055c9995ce9a0fe2e0c3657c52ae562738b6c12693cb2bffd1d3c41b6a73feec4008e63562bbc38a8c56c10efdb2b67fcef74f6a6f7e35baa4685f7764977348db378b242ac5f81a8a69c666c0247d1d326faf3b7dd4f07bfb16c08bb2703f6997e1a6cf042c0ff0fea27217ac2c78328bd573e8dd86263de6ffcf3d26d45d8be7234da9f24f1a08ab16f3df9e85861fb1251933eb8982b81999234d6d56759acd528ffcaee5a300e711e0b7f0b208612caa6dfeddfe4557161933a1910ec4b35ed89760fb91de6c19f766845979e36855a11d7ba6b892a717b32e8e17b367c5fd11b940de937a975470bbf872f8a1cd637c76fe0a9aba5fb9e", 0x2000, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x28, 0x0, 0xffffffffffff6260, {{0x0, 0x6c2, 0x1, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fcntl$lock(r4, 0x5, &(0x7f0000000200)={0x1})

16m18.334317722s ago: executing program 2 (id=3635):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x78e, 0x80000000002, 0x180, 0x4, 0xffffffffffffffff, 0xf1, 0x3, 0xfffffffffffffd7e, 0x45, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x8], 0x8000000, 0x3c4210})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

16m18.176919493s ago: executing program 2 (id=3638):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x84)
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

16m18.143865473s ago: executing program 2 (id=3640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@access_any}]}})
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file1\x00', 0xe42, 0x1ff)

16m18.065283023s ago: executing program 2 (id=3641):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000400)={0x2, 0x0, @pic={0xc, 0x7, 0x17, 0xb0, 0x0, 0xc, 0x7, 0xdc, 0x6, 0xc, 0x2f, 0xc8, 0xe, 0x6, 0x8, 0x81}})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x19, 0x0, &(0x7f00000000c0))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0x4, &(0x7f0000001440))
fstatfs(0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

16m18.052817804s ago: executing program 32 (id=3641):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000400)={0x2, 0x0, @pic={0xc, 0x7, 0x17, 0xb0, 0x0, 0xc, 0x7, 0xdc, 0x6, 0xc, 0x2f, 0xc8, 0xe, 0x6, 0x8, 0x81}})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r3, 0x6, 0x19, 0x0, &(0x7f00000000c0))
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0x4, &(0x7f0000001440))
fstatfs(0xffffffffffffffff, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m2.112126365s ago: executing program 1 (id=6543):
r0 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005000000", @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
getpeername$inet6(r3, 0x0, &(0x7f0000000d80))
unshare(0x2a060400)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

3m57.855984691s ago: executing program 1 (id=6547):
r0 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005000000", @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
io_submit(0x0, 0x0, 0x0)
getpeername$inet6(r3, 0x0, &(0x7f0000000d80))
unshare(0x2a060400)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe, 0xd}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)

3m56.659154638s ago: executing program 1 (id=6551):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
getpid()
munlockall()
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x6)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x3, 0xc98})
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
eventfd(0xc)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xd000})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000a40))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3m52.574814463s ago: executing program 1 (id=6556):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00'})
sendmsg$nl_route(r4, 0x0, 0x0)

3m48.902469965s ago: executing program 1 (id=6561):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$fuse(0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0)
r5 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = dup3(r7, r6, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r8, &(0x7f0000000000)={0x30000010})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r7, &(0x7f0000000100)={0x20000000})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

3m44.471104922s ago: executing program 1 (id=6567):
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
wait4(r5, 0x0, 0x40000000, 0x0)
ptrace$cont(0x20, r5, 0x1000000000003, 0x10000)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x800092, &(0x7f0000000500)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c757466383d312c696f636861727365743d69736f383835392d31332c636865636b3d7374726963742c726f6469722c757466383d302c756e695f786c6174653d312c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d63703835352c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c757466383d302c756e695f786c6174653d302c0500695f786c6174653d312c696f636861727365743d6370313235352c757466383d302c646566636f6e7465010000006e636f6e66696e65645f752c00"], 0x46, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)

3m27.204894857s ago: executing program 33 (id=6567):
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
wait4(r5, 0x0, 0x40000000, 0x0)
ptrace$cont(0x20, r5, 0x1000000000003, 0x10000)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x800092, &(0x7f0000000500)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c757466383d312c696f636861727365743d69736f383835392d31332c636865636b3d7374726963742c726f6469722c757466383d302c756e695f786c6174653d312c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d63703835352c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c757466383d302c756e695f786c6174653d302c0500695f786c6174653d312c696f636861727365743d6370313235352c757466383d302c646566636f6e7465010000006e636f6e66696e65645f752c00"], 0x46, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)

51.597548331s ago: executing program 5 (id=8286):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000140)='%pI4   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r4, <r5=>0xffffffffffffffff}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x16, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x8, 0xe, 0x0, &(0x7f0000000300)="40f0538ef047b21fb60068305500", 0x0, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

51.241041024s ago: executing program 5 (id=8293):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

51.198679364s ago: executing program 5 (id=8294):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x20000000)
recvmsg(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000bc0)=""/159, 0x9f}], 0x1}, 0x40)

51.145200064s ago: executing program 5 (id=8295):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x3f, 0x2000000000000033, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r3}, &(0x7f00000008c0), &(0x7f0000000900)=r2}, 0x20)

51.001468735s ago: executing program 5 (id=8296):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002080)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000780)={0x0, 0xffffffffffffffff, 0x0, 0x31, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

50.989595755s ago: executing program 5 (id=8298):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000500), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x9, 0x3a, '*', 0x3a, '@({&', 0x3a, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x12a)

34.867497581s ago: executing program 34 (id=8298):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, 0x0})
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000500), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000540)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x9, 0x3a, '*', 0x3a, '@({&', 0x3a, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x12a)

5.13575067s ago: executing program 3 (id=9540):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x32c, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x2e0, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0xf}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x284, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x260, 0x9, 0x0, 0x1, [{0xb8, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x4}, {0x4}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x18}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x9, 0x7, @empty, 0x3}}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x32c}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
creat(&(0x7f0000000440)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

4.156931595s ago: executing program 3 (id=9555):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x4}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = dup3(r2, r1, 0x0)
recvmmsg(r3, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000880)=""/194, 0xc2}], 0x1}, 0x6}], 0x1, 0x40000001, 0x0)

3.604371529s ago: executing program 7 (id=9568):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r0, 0x0, 0xa}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x6, 0x37, 0x0, 0x9}]}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

3.562548539s ago: executing program 7 (id=9569):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x40fd)
close(r2)

3.562035909s ago: executing program 7 (id=9570):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x10006c, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="fdffe02c2a237d580a38f41e6c650000010000000000c691fa387787d511d54e465fab695863b74f4465d7c3c31ee01b7596831d47af7dbc", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xfffffffffffffffe, 0x0, {{0x6, 0x1, 0x8000000004007, 0xac, 0x3, 0x4, {0x0, 0x4000000180, 0x20fe, 0x40000000005, 0x85, 0xd614, 0x9, 0x7fffffff, 0xfffffffe, 0xc000, 0x0, 0xee00, 0x0, 0x3ff, 0x401}}, {0x0, 0x11}}}, 0xa0)
recvmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000300)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000000)=""/59, 0x3b}, {&(0x7f0000000100)=""/43, 0x2b}], 0x2, &(0x7f00000003c0)=""/117, 0x75}, 0xfffffffa}], 0x1, 0x0, 0x0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)

3.195884562s ago: executing program 7 (id=9574):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a00))
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0x0)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f00000001c0)=0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, &(0x7f0000000200)})
process_mrelease(0xffffffffffffffff, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xb0}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
sendmsg$inet(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="1e3a", 0x2}], 0x1}, 0x41)
recvmsg(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)

3.193067472s ago: executing program 3 (id=9575):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880)

3.141732891s ago: executing program 3 (id=9578):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}}, 0xd4)

3.051560972s ago: executing program 3 (id=9580):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000005c0)={0x18, 0x2, 0x1, 0x3, 0x0, 0x0, {0xa}, [@CTA_FILTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x10050}, 0x4)

2.905341433s ago: executing program 3 (id=9582):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r2}, 0x18)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
syz_usb_connect(0x2, 0xfffffffffffffe86, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1.977212519s ago: executing program 7 (id=9594):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffeff, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0xa}}]}, 0x40}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd1, &(0x7f0000000500)=0xf, 0x4)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@ipv6_newaddr={0x48, 0x14, 0x9535393fea6295b5, 0x0, 0x400000, {0xa, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_ADDRESS={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x5}]}, 0x48}}, 0x0)

1.920676029s ago: executing program 7 (id=9597):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="070000000400000008000000"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
syz_read_part_table(0x1051, &(0x7f0000001080)="$eJzsz82JwlAUBeATZuaRzMC4sYds3FqK7WhasA1Xru1NlJdn7EBE+L7NuYf3Aze8V9/i2GI8Z5v9ujyPv26rOa/jb23J4VK6qY3VX37a8J2hRrf09Hk8/Z//KZsk01BvLEp2p5fvBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf4B4AAP//3rYJTg==")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(0x0, r0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={0x0, @rand_addr, @remote}, &(0x7f0000000480)=0xc)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000200), &(0x7f0000000080)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
clock_nanosleep(0x2, 0x37dc12502000000, 0x0, 0x0)

1.920130229s ago: executing program 0 (id=9598):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(r0, 0x8, &(0x7f0000000340)=0x2)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

1.642328221s ago: executing program 6 (id=9606):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair(0xa, 0x0, 0x0, &(0x7f00000006c0))

1.569210081s ago: executing program 4 (id=9607):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

1.553898451s ago: executing program 4 (id=9608):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
close_range(r1, 0xffffffffffffffff, 0x0)

1.525182881s ago: executing program 6 (id=9609):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.433249612s ago: executing program 4 (id=9610):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)

1.332041872s ago: executing program 4 (id=9611):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
sched_rr_get_interval(0x0, &(0x7f0000000400))

1.206760314s ago: executing program 4 (id=9612):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x10c000)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

1.141487944s ago: executing program 6 (id=9613):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)
close(r0)

1.017208375s ago: executing program 4 (id=9614):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x45, 0x45, 0x8, [@datasec={0x3, 0x1, 0x0, 0xf, 0x1, [{0x4, 0x6, 0x8}], "bb"}, @decl_tag={0xf, 0x0, 0x0, 0x11, 0x4, 0xa}, @var={0xe, 0x0, 0x0, 0xe, 0x1, 0x1}, @type_tag={0x3, 0x0, 0x0, 0x12, 0x4}]}, {0x0, [0x2e, 0x0, 0x30, 0x61, 0x5f, 0x61]}}, &(0x7f00000002c0)=""/58, 0x68, 0x3a, 0x0, 0x6, 0x10000}, 0x28)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c9042, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

947.852235ms ago: executing program 0 (id=9615):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)

944.885665ms ago: executing program 6 (id=9616):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x29, 0x4, 0x10, 0x0, 0x4, @empty, @empty, 0x7, 0x40, 0xff, 0x6}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0x20, &(0x7f0000000300)={0x0, 0x0, 0x0, &(0x7f0000000240)=""/75, 0x4b}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x3, 0x288}, &(0x7f0000000100), &(0x7f0000000140))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r3=>0x0})
r4 = fsopen(&(0x7f0000000440)='rpc_pipefs\x00', 0x0)
fsmount(r4, 0x1, 0x9)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x2c8, 0x158, 0x11, 0x148, 0x0, 0x0, 0x230, 0x2a8, 0x2a8, 0x230, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x110, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x40, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x4, 0x18}}}, @common=@unspec=@limit={{0x48}, {0x5, 0x5, 0x4, 0x3, 0x9, 0x3, 0xfffffffffffffff8}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @multicast1, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x12, 0x9, 0x5, 0x1, 'netbios-ns\x00', 'syz0\x00', {0x4a7}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x328)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x1ff, {0x0, 0x0, 0x0, r3, {0xfff2}, {}, {0x8, 0x7}}}, 0x24}}, 0x0)

889.309865ms ago: executing program 0 (id=9617):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000140)='%pI4   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x16, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x8, 0x0, 0x0, 0x0, 0x0, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
getpid()

613.176537ms ago: executing program 6 (id=9618):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
write$vga_arbiter(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='unlock L'], 0xc)

521.578258ms ago: executing program 6 (id=9619):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000000)='./file0\x00', 0x2000494, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c00484516000000000037c015c57600912233eefc80e89be5a1ef2c27ebf5171169dcfa4805d89c7e1f70d73d649ba4afab8b2194a9e8b537ad2ed68f8319883b84237da3bf9213365872b3f3"], 0x1, 0x2b9, &(0x7f0000000fc0)="$eJzs3E1rE3sUx/HTpm3SlDa5cLlwL1w96EY3QxtfgAZpQQwotSnqQpjaiYaMSZkJlYjYbMStr6O4dCeoL8BuxI17d0UQ3HQhjjiTaZM2rWmap7bfD5T5Z87/x5ymD5wEJpu3Xz4q5FwjZ5ZlOKYyLFKVLZHk71XNUO047K/HpF5VLk58//z/rTt3r6czmdl51bn0wqWUqk6dffv46atz78sTi6+n3kRlI3lv81vqy8Y/G/9u/lx4mHdHxdViqaymLpVKZXPJtnQ57xYM1Zu2ZbqW5ouu5TTUc3ZpZaWiZnF5Mr7iWK6rZrGiBaui5ZKWnYqaD8x8UQ3D0Mm4nG4jLezJrs/Pm+l9y16kox2h68abnXScdLV5Mbveg54AAMCAOXj+D2b9/ef/zGJwbGv+1/x+87/Ikef/D2O9fy6Pg2rDoz/M/6FE07OxjjWFrnKctBmv/f02Yv4HAAAAAAAAAAAAAAAAAAAAAOA42PK8hOd5ifAYfkVrN3iEj/vdJ7qjzZ//5T61iw6ru3EvJmK/WM2uZoNjUE/nJC+2WDItCfnh/z7UBOu5a5nZafUl5Z29VsuvrWYjEg3zoWSYH/JvQwvyZ/6aCfLamB+VeP31U5KQv5tfP9U0PyYXztflDUnIx/tSEluW/Wvv5J/NqF69kdmVH/f3AQAAAABwEhi6bc/rd7/ub4jJ3nqQP8T7A7teX4/If618RCUAAAAAADgyt/KkYNq25bSxiIrIEeIndRGRgWhj1+KKiAxAG71axEQkOKPtxL9ux1tKeS3sGRGRvj8th1j0+z8TAAAAgE7bGfoPEfr0vIsdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+rT6eWDh/j2lsHBAvO5ykZ5/gwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA+RUAAP//ovscvw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, 0x0)

409.069438ms ago: executing program 0 (id=9620):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x10006c, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="fdffe02c2a237d580a38f41e6c650000010000000000c691fa387787d511d54e465fab695863b74f4465d7c3c31ee01b7596831d47af7dbc", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xfffffffffffffffe, 0x0, {{0x6, 0x1, 0x8000000004007, 0xac, 0x3, 0x4, {0x0, 0x4000000180, 0x20fe, 0x40000000005, 0x85, 0xd614, 0x9, 0x7fffffff, 0xfffffffe, 0xc000, 0x0, 0xee00, 0x0, 0x3ff, 0x401}}, {0x0, 0x11}}}, 0xa0)
recvmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000300)=@in6={0xa, 0x0, 0x0, @private0}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000000)=""/59, 0x3b}, {&(0x7f0000000100)=""/43, 0x2b}], 0x2, &(0x7f00000003c0)=""/117, 0x75}, 0xfffffffa}], 0x1, 0x0, 0x0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)

33.722691ms ago: executing program 0 (id=9621):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'gre0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000300)={0x11, 0x1b, r3, 0x1, 0x0, 0x6, @local}, 0x14)
bind$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

0s ago: executing program 0 (id=9622):
r0 = socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

): avc:  denied  { setattr } for  pid=24886 comm="syz.4.6944" path="/49/mnt/file1" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1962.547588][T23824] usb 4-1: USB disconnect, device number 35
[ 1962.567614][T24894] 9pnet: Insufficient options for proto=fd
[ 1962.996049][  T344] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1963.005211][  T344] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1963.013221][  T344] usb 1-1: Product: syz
[ 1963.024239][  T344] usb 1-1: Manufacturer: syz
[ 1963.256150][T24928] loop0: detected capacity change from 0 to 1024
[ 1963.814867][  T344] usb 1-1: config 0 descriptor??
[ 1963.826669][T24881] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[ 1963.837454][  T344] usb 1-1: can't set config #0, error -71
[ 1963.844223][  T344] usb 1-1: USB disconnect, device number 47
[ 1963.889212][   T30] audit: type=1400 audit(4517.976:5704): avc:  denied  { map } for  pid=24923 comm="syz.0.6957" path="/dev/loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1964.016989][   T30] audit: type=1400 audit(4518.098:5705): avc:  denied  { append } for  pid=24952 comm="syz.5.6968" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1964.743878][   T30] audit: type=1400 audit(4518.771:5706): avc:  denied  { mount } for  pid=24957 comm="syz.5.6970" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[ 1964.831738][T24881] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1964.852388][T24881] usb 5-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[ 1964.895427][T24881] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1964.966204][T24881] usb 5-1: config 0 descriptor??
[ 1965.619764][T24973] loop6: detected capacity change from 0 to 8192
[ 1965.674357][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.810853][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.827265][   T30] audit: type=1400 audit(4519.791:5707): avc:  denied  { mounton } for  pid=24971 comm="syz.6.6975" path="/83/file2/file0" dev="loop6" ino=1048667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[ 1965.830765][T24975] attempt to access beyond end of device
[ 1965.830765][T24975] loop6: rw=0, want=57848, limit=8192
[ 1965.861397][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.903979][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.937914][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.945748][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.964860][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1965.976659][T24881] hid-generic 0003:057E:200E.0011: unknown main item tag 0x0
[ 1965.984279][T24975] attempt to access beyond end of device
[ 1965.984279][T24975] loop6: rw=0, want=57848, limit=8192
[ 1965.995462][   T30] audit: type=1400 audit(4519.931:5708): avc:  denied  { write } for  pid=24980 comm="syz.5.6976" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[ 1965.995497][T24881] hid-generic 0003:057E:200E.0011: hidraw0: USB HID v0.00 Device [HID 057e:200e] on usb-dummy_hcd.4-1/input0
[ 1966.020609][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.041598][T24975] attempt to access beyond end of device
[ 1966.041598][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.052813][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.061412][T24975] attempt to access beyond end of device
[ 1966.061412][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.072982][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.078814][T24881] usb 5-1: USB disconnect, device number 29
[ 1966.092429][T24975] attempt to access beyond end of device
[ 1966.092429][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.110377][T24984] fido_id[24984]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[ 1966.125574][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.133872][T24975] attempt to access beyond end of device
[ 1966.133872][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.155176][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.163945][T24975] attempt to access beyond end of device
[ 1966.163945][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.175040][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.184013][T24975] attempt to access beyond end of device
[ 1966.184013][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.195057][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.203338][T24975] attempt to access beyond end of device
[ 1966.203338][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.214460][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.225877][T24975] attempt to access beyond end of device
[ 1966.225877][T24975] loop6: rw=0, want=57848, limit=8192
[ 1966.236886][T23951] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 1966.244495][T24975] Buffer I/O error on dev loop6, logical block 57847, async page read
[ 1966.627614][T23951] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1966.642074][T24992] loop4: detected capacity change from 0 to 512
[ 1966.650454][T23951] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1966.661166][T23951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1966.669988][T23951] usb 1-1: config 0 descriptor??
[ 1966.744918][T24992] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #11: comm syz.4.6979: ea_inode with extended attributes
[ 1966.757941][T24992] EXT4-fs (loop4): Remounting filesystem read-only
[ 1966.764538][T24992] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.6979: error while reading EA inode 11 err=-117
[ 1966.777261][T24992] EXT4-fs (loop4): Remounting filesystem read-only
[ 1966.783881][T24992] EXT4-fs (loop4): 1 orphan inode deleted
[ 1966.789688][T24992] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,errors=remount-ro,delalloc,journal_ioprio=0x0000000000000001,init_itable=0x0000000000008d55,. Quota mode: none.
[ 1967.551354][T25017] input: syz0 as /devices/virtual/input/input23
[ 1968.300843][T25030] input: syz1 as /devices/virtual/input/input24
[ 1968.891811][T25051] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7002'.
[ 1968.903756][T25051] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7002'.
[ 1969.083561][T25058] loop4: detected capacity change from 0 to 512
[ 1969.115894][T25058] EXT4-fs (loop4): Ignoring removed nobh option
[ 1969.118494][T23951] usbhid 1-1:0.0: can't add hid device: -71
[ 1969.122559][T25058] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1969.128144][T23951] usbhid: probe of 1-1:0.0 failed with error -71
[ 1969.135797][T25058] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1969.168409][T23951] usb 1-1: USB disconnect, device number 48
[ 1969.179569][T25058] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.6989: iget: bad i_size value: 38620345925642
[ 1969.182327][T25062] loop0: detected capacity change from 0 to 128
[ 1969.194333][T25058] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.6989: couldn't read orphan inode 15 (err -117)
[ 1969.211366][T25058] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,auto_da_alloc,test_dummy_encryption,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[ 1970.236273][T25079] loop0: detected capacity change from 0 to 512
[ 1970.263936][T25083] loop6: detected capacity change from 0 to 256
[ 1970.326525][T25083] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65db40a, utbl_chksum : 0x7319d30d)
[ 1970.371627][T25083] exFAT-fs (loop6): error, found bogus dentry(15) beyond unused empty group(0) (start_clu : 7, cur_clu : 7)
[ 1970.402706][T25083] exFAT-fs (loop6): Filesystem has been set read-only
[ 1971.172647][T25138] loop4: detected capacity change from 0 to 128
[ 1971.183979][T25136] loop6: detected capacity change from 0 to 1024
[ 1971.196564][T25136] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 1971.230410][T25136] EXT4-fs (loop6): mounted filesystem without journal. Opts: abort,bsddf,barrier=0x00000000000001ff,commit=0x0000000000000005,debug_want_extra_isize=0x0000000000000080,grpjquota=,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 1971.694094][T25159] netlink: 220 bytes leftover after parsing attributes in process `syz.5.7040'.
[ 1971.884103][T25168] loop0: detected capacity change from 0 to 256
[ 1971.972861][T23824] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[ 1971.981085][T25168] /dev/loop0: Can't open blockdev
[ 1972.212154][T25182] bridge_slave_0: default FDB implementation only supports local addresses
[ 1972.261999][T23824] usb 5-1: Using ep0 maxpacket: 16
[ 1972.284861][T25191] binder: 25190:25191 ioctl c0306201 0 returned -14
[ 1972.292113][T25191] binder: 25190:25191 ioctl c0046209 0 returned -22
[ 1972.321323][T25193] loop0: detected capacity change from 0 to 1024
[ 1972.463084][T25199] loop0: detected capacity change from 0 to 512
[ 1972.491233][T25206] loop6: detected capacity change from 0 to 256
[ 1972.507551][T23824] usb 5-1: config 1 has an invalid descriptor of length 119, skipping remainder of the config
[ 1972.522354][T23824] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1972.685805][T25206] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011bf5, chksum : 0xdfba1b89, utbl_chksum : 0xe619d30d)
[ 1972.738257][T25206] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1972.753355][T23824] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1972.812696][T23824] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1972.822460][T23824] usb 5-1: Product: à°Š
[ 1972.837543][T23824] usb 5-1: Manufacturer: Я
[ 1972.842142][T23824] usb 5-1: SerialNumber: ྚⱊ鑚늾몬춑ꕒ辒漨炇뼗
[ 1972.890386][   T30] audit: type=1400 audit(4526.395:5709): avc:  denied  { nlmsg_write } for  pid=25226 comm="syz.5.7066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1972.920657][   T30] audit: type=1400 audit(4526.395:5710): avc:  denied  { nlmsg_read } for  pid=25226 comm="syz.5.7066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1972.941040][   T30] audit: type=1400 audit(4526.395:5711): avc:  denied  { audit_write } for  pid=25226 comm="syz.5.7066" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1973.164126][T25148] loop4: detected capacity change from 0 to 512
[ 1973.234628][T25148] EXT4-fs (loop4): #blocks per group too big: 466944
[ 1973.277092][T24298] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1973.446154][T25244] loop0: detected capacity change from 0 to 1024
[ 1973.488492][T25247] loop6: detected capacity change from 0 to 512
[ 1973.747511][T24298] usb 6-1: Using ep0 maxpacket: 32
[ 1973.763683][   T30] audit: type=1400 audit(4527.208:5712): avc:  denied  { watch } for  pid=25246 comm="syz.3.7073" path="/syzcgroup/cpu/syz3/cpuset.cpus" dev="cgroup" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[ 1973.939023][T25247] EXT4-fs (loop6): mounted filesystem without journal. Opts: nolazytime,,errors=continue. Quota mode: writeback.
[ 1973.993418][T24298] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1974.068688][T25247] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: writeback.
[ 1974.089608][T24298] usb 6-1: config 1 has an invalid interface number: 24 but max is 0
[ 1974.097721][T24298] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1974.125134][T24298] usb 6-1: config 1 has no interface number 0
[ 1974.131395][T24298] usb 6-1: config 1 interface 24 altsetting 5 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1974.141574][T24298] usb 6-1: config 1 interface 24 altsetting 5 bulk endpoint 0x5 has invalid maxpacket 0
[ 1974.151735][T24298] usb 6-1: config 1 interface 24 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1974.165091][T24298] usb 6-1: config 1 interface 24 has no altsetting 0
[ 1974.763654][T24298] usb 6-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=24.72
[ 1974.796233][T23824] usb 5-1: 0:2 : does not exist
[ 1974.820522][T23824] usb 5-1: USB disconnect, device number 30
[ 1974.846102][T24298] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1974.854374][T24298] usb 6-1: Product: syz
[ 1974.858544][T24298] usb 6-1: Manufacturer: syz
[ 1974.863442][T24298] usb 6-1: SerialNumber: syz
[ 1975.052494][T23800] udevd[23800]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1975.237968][T25303] loop0: detected capacity change from 0 to 256
[ 1975.251528][T24298] usb 6-1: USB disconnect, device number 12
[ 1975.423793][T25303] /dev/loop0: Can't open blockdev
[ 1975.467457][T25303] kvm: pic: non byte read
[ 1975.472355][T25303] kvm: pic: level sensitive irq not supported
[ 1975.472403][T25303] kvm: pic: non byte read
[ 1975.487740][   T30] audit: type=1400 audit(4528.826:5713): avc:  denied  { accept } for  pid=25318 comm="syz.4.7098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1975.533058][T25303] kvm: pic: level sensitive irq not supported
[ 1975.533119][T25303] kvm: pic: non byte read
[ 1975.550398][T25303] kvm: pic: level sensitive irq not supported
[ 1975.550447][T25303] kvm: pic: non byte read
[ 1975.562734][T25303] kvm: pic: level sensitive irq not supported
[ 1975.562780][T25303] kvm: pic: non byte read
[ 1975.582839][T25321] loop4: detected capacity change from 0 to 512
[ 1975.590219][T25303] kvm: pic: level sensitive irq not supported
[ 1975.590278][T25303] kvm: pic: non byte read
[ 1975.626988][T25303] kvm: pic: level sensitive irq not supported
[ 1975.627036][T25303] kvm: pic: non byte read
[ 1975.639278][T25321] EXT4-fs (loop4): can't mount with commit=8, fs mounted w/o journal
[ 1975.647927][T25303] kvm: pic: level sensitive irq not supported
[ 1975.647975][T25303] kvm: pic: non byte read
[ 1975.659417][T25303] kvm: pic: level sensitive irq not supported
[ 1975.659465][T25303] kvm: pic: non byte read
[ 1975.670750][T25303] kvm: pic: level sensitive irq not supported
[ 1975.670797][T25303] kvm: pic: non byte read
[ 1975.682395][T25303] kvm: pic: level sensitive irq not supported
[ 1975.886200][T23268] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1975.950259][T25335] loop4: detected capacity change from 0 to 256
[ 1975.976323][T25335] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x5bae174d, utbl_chksum : 0xe619d30d)
[ 1975.989235][T25335] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1976.880736][T23268] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1976.888901][T23268] usb 7-1: config 0 has no interface number 0
[ 1976.911802][T23268] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1976.947356][T23268] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1976.966228][T23268] usb 7-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[ 1976.975439][T23268] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1976.989103][T23268] usb 7-1: config 0 descriptor??
[ 1977.265741][T13235] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1977.326946][T25377] binder: 25376:25377 ioctl 40046205 0 returned -22
[ 1977.517898][T23268] prodikeys 0003:041E:2801.0012: item fetching failed at offset 3/7
[ 1977.533661][T13235] usb 6-1: Using ep0 maxpacket: 32
[ 1977.553866][T23268] prodikeys 0003:041E:2801.0012: hid parse failed
[ 1977.596406][T23268] prodikeys: probe of 0003:041E:2801.0012 failed with error -22
[ 1977.672733][T13235] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1977.709359][T13235] usb 6-1: config 0 has no interface number 0
[ 1977.719321][T25387] loop4: detected capacity change from 0 to 128
[ 1977.747183][T13235] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1977.768581][T23268] usb 7-1: USB disconnect, device number 5
[ 1977.837690][T25387] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,init_itable,,errors=continue. Quota mode: writeback.
[ 1977.910929][   T30] audit: type=1400 audit(4531.099:5714): avc:  denied  { create } for  pid=25386 comm="syz.4.7127" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1977.928755][T13235] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1977.962596][T13235] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1977.965059][T25394] device syzkaller1 entered promiscuous mode
[ 1977.970651][T13235] usb 6-1: Product: syz
[ 1977.981491][T13235] usb 6-1: Manufacturer: syz
[ 1977.986234][T13235] usb 6-1: SerialNumber: syz
[ 1977.994530][T13235] usb 6-1: config 0 descriptor??
[ 1978.037159][T13235] smsc75xx v1.0.0
[ 1978.144232][T25405] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1978.238499][T25420] loop0: detected capacity change from 0 to 512
[ 1978.248599][T25419] loop4: detected capacity change from 0 to 512
[ 1978.314464][T25419] EXT4-fs (loop4): Ignoring removed orlov option
[ 1979.337198][   T30] audit: type=1400 audit(4531.931:5715): avc:  denied  { mounton } for  pid=25429 comm="syz.6.7145" path="/syzcgroup/unified/syz6" dev="cgroup2" ino=192 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1979.398240][T25419] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1979.426826][T25419] EXT4-fs error (device loop4): ext4_find_extent:893: inode #4: comm syz.4.7140: inode has invalid extent depth: 7
[ 1979.439830][T25419] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=-117
[ 1979.449485][T25419] EXT4-fs warning (device loop4): ext4_enable_quotas:6452: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1979.456730][T25435] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1979.464045][T25419] EXT4-fs (loop4): Cannot turn on quotas: error -22
[ 1979.464072][T25419] EXT4-fs (loop4): mounted filesystem without journal. Opts: orlov,sysvgroups,,errors=continue. Quota mode: writeback.
[ 1979.601737][T25439] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=25439 comm=syz.0.7144
[ 1979.825370][   T30] audit: type=1326 audit(4532.885:5716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25451 comm="syz.0.7152" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9496e5cfc9 code=0x0
[ 1979.865249][T25458] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[ 1979.873147][T25458] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[ 1979.910415][T25464] loop6: detected capacity change from 0 to 1024
[ 1979.940982][T25464] EXT4-fs (loop6): mounted filesystem without journal. Opts: bsdgroups,,errors=continue. Quota mode: none.
[ 1980.013979][T24298] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1980.014134][T13235] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1980.031861][T25471] loop6: detected capacity change from 0 to 512
[ 1980.112307][T25471] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,noload,bsdgroups,. Quota mode: writeback.
[ 1980.227751][   T30] audit: type=1400 audit(4533.259:5717): avc:  denied  { mount } for  pid=25479 comm="syz.6.7160" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1980.250264][T13235] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1980.262192][T13235] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1980.271453][   T30] audit: type=1400 audit(4533.296:5718): avc:  denied  { unmount } for  pid=23668 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1980.272711][T13235] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1980.291559][T24298] usb 5-1: Using ep0 maxpacket: 8
[ 1980.302484][T13235] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1980.316714][T13235] smsc75xx: probe of 6-1:0.184 failed with error -71
[ 1980.335431][T13235] usb 6-1: USB disconnect, device number 13
[ 1980.671715][T25484] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=32532 sclass=netlink_xfrm_socket pid=25484 comm=syz.6.7162
[ 1980.751968][T24298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1980.795466][T24298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1980.834983][T24298] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1980.845192][T24298] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[ 1980.857081][T24298] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1980.868302][T24298] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1980.877623][T24298] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1980.907564][T24298] usb 5-1: config 0 descriptor??
[ 1980.934814][T25456] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1981.094473][T25505] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=25505 comm=syz.6.7170
[ 1981.201238][T15448] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1981.874785][T15448] usb 4-1: Using ep0 maxpacket: 8
[ 1981.959033][   T30] audit: type=1326 audit(4534.876:5719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25511 comm="syz.5.7174" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85a02e3fc9 code=0x0
[ 1982.067851][T24298] usb 5-1: USB disconnect, device number 31
[ 1982.078021][T15448] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1982.097838][T15448] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1982.117969][T15448] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1982.138724][T15448] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1982.154424][T15448] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[ 1982.165182][T15448] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1982.174308][T15448] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1982.191470][T15448] usb 4-1: config 0 descriptor??
[ 1982.439889][T25535] loop6: detected capacity change from 0 to 1024
[ 1982.479422][T25500] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1982.492985][T13235] usb 4-1: USB disconnect, device number 36
[ 1982.507805][T25535] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1982.537827][   T30] audit: type=1400 audit(4535.419:5720): avc:  denied  { ioctl } for  pid=25534 comm="syz.6.7181" path="/130/file1/file1" dev="loop6" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1982.806209][   T30] audit: type=1400 audit(4535.671:5721): avc:  denied  { write } for  pid=25560 comm="syz.4.7191" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[ 1983.462690][   T30] audit: type=1400 audit(4536.288:5722): avc:  denied  { mounton } for  pid=25589 comm="syz.3.7203" path="/117/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[ 1984.519236][T25620] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7213'.
[ 1984.626244][T25629] picdev_read: 21 callbacks suppressed
[ 1984.626264][T25629] kvm: pic: non byte read
[ 1984.646406][T25629] kvm: pic: non byte read
[ 1985.230599][   T30] audit: type=1400 audit(4537.934:5723): avc:  denied  { view } for  pid=25672 comm="syz.6.7235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1985.268174][T25669] loop4: detected capacity change from 0 to 256
[ 1985.521480][T24298] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[ 1985.802510][T25701] 9pnet_virtio: no channels available for device syz
[ 1985.853853][T25707] 9pnet_virtio: no channels available for device syz
[ 1985.938622][T24298] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 31091, setting to 64
[ 1985.950212][T24298] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1985.959429][T24298] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1985.973012][T24298] usb 7-1: config 0 descriptor??
[ 1985.992207][T25673] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1986.572227][T24298] hid-generic 0003:04F3:0755.0013: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.6-1/input0
[ 1986.790245][T24298] usb 7-1: USB disconnect, device number 6
[ 1986.938953][T25763] 9pnet_virtio: no channels available for device syz
[ 1987.436745][   T30] audit: type=1400 audit(4540.001:5724): avc:  denied  { unmount } for  pid=23668 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1987.506064][T25785] loop6: detected capacity change from 0 to 1024
[ 1987.524513][T25785] EXT4-fs (loop6): Ignoring removed orlov option
[ 1987.531069][T25785] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 1987.564502][T25785] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 1988.464878][   T30] audit: type=1400 audit(4540.964:5725): avc:  denied  { mounton } for  pid=25845 comm="syz.3.7298" path="/140/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[ 1988.488239][   T30] audit: type=1400 audit(4540.992:5726): avc:  denied  { unmount } for  pid=23736 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1988.625671][T25856] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7302'.
[ 1988.644105][T13235] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1988.867414][T25871] device syzkaller0 entered promiscuous mode
[ 1989.307207][T23951] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1989.424892][T13235] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1989.433930][T13235] usb 7-1: config 1 has an invalid descriptor of length 67, skipping remainder of the config
[ 1989.444511][T13235] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1989.453915][T13235] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 248, changing to 11
[ 1989.465649][T13235] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24844, setting to 1024
[ 1989.480930][   T30] audit: type=1400 audit(4541.918:5727): avc:  denied  { read } for  pid=25886 comm="syz.4.7315" name="loop-control" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1989.504935][   T30] audit: type=1400 audit(4541.918:5728): avc:  denied  { open } for  pid=25886 comm="syz.4.7315" path="/dev/loop-control" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1989.529407][   T30] audit: type=1400 audit(4541.918:5729): avc:  denied  { ioctl } for  pid=25886 comm="syz.4.7315" path="/dev/loop-control" dev="devtmpfs" ino=115 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1989.574444][T23951] usb 4-1: Using ep0 maxpacket: 8
[ 1989.606685][T13235] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1989.615864][T13235] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1989.624329][T13235] usb 7-1: Product: syz
[ 1989.628818][T13235] usb 7-1: Manufacturer: syz
[ 1989.660005][T23743] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1989.681912][T13235] cdc_wdm 7-1:1.0: skipping garbage
[ 1989.687468][T13235] cdc_wdm 7-1:1.0: skipping garbage
[ 1989.703140][T13235] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[ 1989.713584][T23951] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1989.723335][T23951] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1989.740789][T23951] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1989.750928][T23951] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1989.764045][T23951] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1989.773175][T23951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1989.900156][T23951] usb 7-1: USB disconnect, device number 7
[ 1989.903497][   T30] audit: type=1400 audit(4542.301:5730): avc:  denied  { append } for  pid=25831 comm="syz.6.7292" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1989.928709][T23743] usb 6-1: Using ep0 maxpacket: 8
[ 1989.968421][   T30] audit: type=1400 audit(4542.366:5731): avc:  denied  { mount } for  pid=25892 comm="syz.4.7317" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1989.990587][   T30] audit: type=1400 audit(4542.395:5732): avc:  denied  { unmount } for  pid=23833 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1990.066462][T23743] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1990.081463][T23743] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1990.093752][T23743] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1990.103818][T23743] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1990.117481][T23743] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1990.126672][T23743] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1990.677061][T25917] syz.6.7326[25917] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1990.677117][T25917] syz.6.7326[25917] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1990.973496][T25927] device ip6erspan0 entered promiscuous mode
[ 1991.093696][T25946] 9pnet: Insufficient options for proto=fd
[ 1991.298598][T25953] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7341'.
[ 1991.351223][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1991.351244][   T30] audit: type=1400 audit(4543.666:5734): avc:  denied  { create } for  pid=25949 comm="syz.6.7340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1991.426427][T25958] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1991.672552][   T30] audit: type=1400 audit(4543.965:5735): avc:  denied  { read } for  pid=25968 comm="syz.0.7347" lport=48 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1991.883863][T23824] usb 4-1: USB disconnect, device number 37
[ 1992.184163][   T30] audit: type=1326 audit(4544.405:5736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25984 comm="syz.6.7352" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23b9d32fc9 code=0x0
[ 1992.474827][T25991] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1992.595590][T15448] usb 6-1: USB disconnect, device number 14
[ 1992.796265][T26007] 9pnet_virtio: no channels available for device syz
[ 1992.869771][   T30] audit: type=1400 audit(4545.069:5737): avc:  denied  { getopt } for  pid=26013 comm="syz.5.7363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1994.173203][   T30] audit: type=1400 audit(4546.303:5738): avc:  denied  { listen } for  pid=26048 comm="syz.3.7375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1994.226356][T15448] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1994.536503][T15448] usb 6-1: Using ep0 maxpacket: 32
[ 1994.543407][   T30] audit: type=1326 audit(4546.434:5739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26050 comm="syz.6.7376" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23b9d32fc9 code=0x0
[ 1994.664899][T15448] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1994.688221][T15448] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1994.757339][T15448] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1994.785060][T15448] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1994.810539][T15448] usb 6-1: config 0 descriptor??
[ 1994.866460][T15448] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1994.923494][T15448] hub: probe of 6-1:0.0 failed with error -5
[ 1994.928520][T26066] device syzkaller1 entered promiscuous mode
[ 1994.932667][T15448] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1995.812000][T26119] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x7
[ 1995.821180][T23743] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 1995.854119][T26124] fuse: Bad value for 'fd'
[ 1995.913821][T26126] tipc: Started in network mode
[ 1995.920107][T26126] tipc: Node identity ca382bac2813, cluster identity 4711
[ 1995.927774][T26126] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1995.936354][T26125] tipc: Resetting bearer <eth:syzkaller0>
[ 1995.946884][T26130] 9pnet_virtio: no channels available for device syz
[ 1995.973552][T26125] tipc: Disabling bearer <eth:syzkaller0>
[ 1996.094840][T26144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1996.102364][T26144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1996.176759][T26153] fuse: Bad value for 'group_id'
[ 1996.236964][T23743] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1996.249005][T26156] syz.5.7373 (26156): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1996.250115][T23743] usb 4-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config
[ 1996.272420][T23743] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1996.335729][T23743] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 248, changing to 11
[ 1996.352645][T23743] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24844, setting to 1024
[ 1996.505920][T23743] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1996.578185][T23743] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1996.601647][T23743] usb 4-1: Product: syz
[ 1996.607194][T23743] usb 4-1: Manufacturer: syz
[ 1996.786299][T23743] cdc_wdm 4-1:1.0: skipping garbage
[ 1996.793589][T23743] cdc_wdm 4-1:1.0: skipping garbage
[ 1996.808632][T23743] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1997.009882][T23743] usb 4-1: USB disconnect, device number 38
[ 1997.541874][T23743] usb 6-1: USB disconnect, device number 15
[ 1997.691950][T26190] fuse: Bad value for 'group_id'
[ 1998.059259][T26206] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7433'.
[ 1998.148810][T26218] device syzkaller0 entered promiscuous mode
[ 1998.209860][   T30] audit: type=1400 audit(4550.072:5740): avc:  denied  { ioctl } for  pid=26219 comm="syz.4.7441" path="/dev/fuse" dev="devtmpfs" ino=91 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1998.343556][T13235] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[ 1998.388459][T26227] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1998.553007][T26235] netlink: 'syz.4.7446': attribute type 1 has an invalid length.
[ 1998.608626][T26240] 9pnet_virtio: no channels available for device syz
[ 1998.732934][T13235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1998.744236][T13235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1998.755779][T13235] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1998.769198][T13235] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1998.782228][T13235] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1999.050332][T26269] loop2: detected capacity change from 0 to 7
[ 1999.125110][T13235] usb 4-1: config 0 descriptor??
[ 1999.498524][T23268] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[ 2000.270333][T26301] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7470'.
[ 2000.444883][T13235] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving
[ 2000.454075][T13235] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 2000.470404][T13235] usb 4-1: USB disconnect, device number 39
[ 2000.503445][T26310] fido_id[26310]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 2000.911830][T26329] tipc: Started in network mode
[ 2000.916852][T26329] tipc: Node identity 225e7bc314e7, cluster identity 4711
[ 2000.939327][T26329] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2000.957749][T26340] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7485'.
[ 2000.968689][T26320] tipc: Resetting bearer <eth:syzkaller0>
[ 2000.998093][T26320] tipc: Disabling bearer <eth:syzkaller0>
[ 2001.049697][T26343] overlayfs: failed to clone upperpath
[ 2001.663271][T26369] device syzkaller0 entered promiscuous mode
[ 2001.819178][T23268] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2001.828240][T23268] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2001.862665][T23268] usb 6-1: config 0 descriptor??
[ 2001.880660][T26375] tipc: Started in network mode
[ 2001.885822][T26375] tipc: Node identity 96d1ecbfa6e7, cluster identity 4711
[ 2001.893653][T26375] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2001.986272][T26380] device syzkaller0 entered promiscuous mode
[ 2002.010596][T26375] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 2002.041537][T26375] tipc: Resetting bearer <eth:syzkaller0>
[ 2002.103234][T26373] tipc: Resetting bearer <eth:syzkaller0>
[ 2002.153985][T26373] tipc: Disabling bearer <eth:syzkaller0>
[ 2002.517823][T26390] pit: kvm: requested 73752 ns i8254 timer period limited to 200000 ns
[ 2002.527015][T26390] pit: kvm: requested 129066 ns i8254 timer period limited to 200000 ns
[ 2002.536049][T26390] pit: kvm: requested 116495 ns i8254 timer period limited to 200000 ns
[ 2002.544823][T26390] pit: kvm: requested 62019 ns i8254 timer period limited to 200000 ns
[ 2002.561647][T26390] pit: kvm: requested 24304 ns i8254 timer period limited to 200000 ns
[ 2002.571271][T26390] pit: kvm: requested 58666 ns i8254 timer period limited to 200000 ns
[ 2002.580007][T26390] pit: kvm: requested 110628 ns i8254 timer period limited to 200000 ns
[ 2002.590558][T26390] pit: kvm: requested 81295 ns i8254 timer period limited to 200000 ns
[ 2002.683746][T26401] fuse: Unknown parameter 'grou00000000000000000000'
[ 2002.792632][T26413] 9pnet_virtio: no channels available for device syz
[ 2002.850667][T26419] overlayfs: failed to get inode (-116)
[ 2002.857540][T26419] overlayfs: failed to look up (bus) for ino (-116)
[ 2002.903368][T26427] fuse: Unknown parameter 'grou00000000000000000000'
[ 2002.925275][   T30] audit: type=1400 audit(4554.485:5741): avc:  denied  { transfer } for  pid=26429 comm="syz.3.7519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 2003.200333][   T30] audit: type=1400 audit(4554.747:5742): avc:  denied  { create } for  pid=26434 comm="syz.6.7520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 2003.931080][T26463] fuse: Unknown parameter 'grou00000000000000000000'
[ 2004.077180][T26471] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[ 2004.096019][T26471] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[ 2004.514123][T23268] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2004.531930][T23268] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9
[ 2004.545123][T23268] asix: probe of 6-1:0.0 failed with error -71
[ 2004.570545][T23268] usb 6-1: USB disconnect, device number 16
[ 2004.629908][T26496] fuse: Unknown parameter 'group_i00000000000000000000'
[ 2004.705782][T26499] 9pnet_virtio: no channels available for device syz
[ 2004.866323][   T30] audit: type=1400 audit(4556.290:5743): avc:  denied  { create } for  pid=26512 comm="syz.4.7548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 2004.933259][T26519] tap0: tun_chr_ioctl cmd 2147767521
[ 2005.049735][T26525] fuse: Unknown parameter 'group_i00000000000000000000'
[ 2005.219841][  T344] usb 5-1: new low-speed USB device number 32 using dummy_hcd
[ 2005.315090][T26534] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2005.339418][T26534] kvm: pic: non byte read
[ 2005.344279][T26534] kvm: pic: non byte read
[ 2005.354426][T26534] kvm: pic: non byte read
[ 2005.476309][T26550] fuse: Unknown parameter 'group_i00000000000000000000'
[ 2005.857122][  T344] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2005.866285][  T344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2005.875651][  T344] usb 5-1: config 0 descriptor??
[ 2005.985900][T26576] fuse: Unknown parameter 'group_id00000000000000000000'
[ 2006.143778][T26613] tun0: tun_chr_ioctl cmd 1074025694
[ 2006.214479][T26625] syzkaller0: tun_chr_ioctl cmd 1074025688
[ 2006.729642][   T30] audit: type=1326 audit(4558.048:5744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.6.7620" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23b9d32fc9 code=0x0
[ 2006.868771][T26683] device syzkaller0 entered promiscuous mode
[ 2007.043140][T26697] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2007.069711][T26697] kvm: pic: non byte read
[ 2007.074731][T26697] pic_ioport_write: 20 callbacks suppressed
[ 2007.074755][T26697] kvm: pic: level sensitive irq not supported
[ 2007.081126][T26697] kvm: pic: non byte read
[ 2007.091927][T26697] kvm: pic: level sensitive irq not supported
[ 2007.091976][T26697] kvm: pic: non byte read
[ 2007.125694][T26701] ÿÿÿÿÿÿ: renamed from vlan1
[ 2007.772256][T26737] device syzkaller0 entered promiscuous mode
[ 2007.870721][T26752] device sit0 entered promiscuous mode
[ 2008.386136][T26773] device syzkaller0 entered promiscuous mode
[ 2008.577881][  T344] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2009.191076][  T344] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9
[ 2009.203414][  T344] asix: probe of 5-1:0.0 failed with error -71
[ 2009.235627][  T344] usb 5-1: USB disconnect, device number 32
[ 2009.425543][T26819] kvm: pic: non byte read
[ 2009.430087][T26819] kvm: pic: level sensitive irq not supported
[ 2009.430133][T26819] kvm: pic: non byte read
[ 2009.445498][T26819] kvm: pic: level sensitive irq not supported
[ 2009.445547][T26819] kvm: pic: non byte read
[ 2009.468819][T26819] kvm: pic: level sensitive irq not supported
[ 2009.468866][T26819] kvm: pic: non byte read
[ 2009.497157][T26819] kvm: pic: level sensitive irq not supported
[ 2009.497366][T26819] kvm: pic: level sensitive irq not supported
[ 2009.511834][T26819] kvm: pic: level sensitive irq not supported
[ 2009.525521][T26819] kvm: pic: level sensitive irq not supported
[ 2009.537720][T26819] kvm: pic: level sensitive irq not supported
[ 2010.098076][T26887] device pim6reg1 entered promiscuous mode
[ 2010.159660][   T30] audit: type=1326 audit(4561.246:5745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26888 comm="syz.4.7713" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb5cca3ffc9 code=0x0
[ 2010.212174][T26893] fuse: Bad value for 'fd'
[ 2010.301914][T26916] fuse: Invalid rootmode
[ 2010.475438][T26940] fuse: Invalid rootmode
[ 2010.937375][T26964] overlayfs: failed to clone upperpath
[ 2011.343371][   T30] audit: type=1326 audit(4562.359:5746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26993 comm="syz.0.7761" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9496e5cfc9 code=0x0
[ 2011.820054][T27020] picdev_read: 58 callbacks suppressed
[ 2011.820087][T27020] kvm: pic: non byte read
[ 2011.907731][T27020] kvm: pic: non byte read
[ 2011.912575][T27020] kvm: pic: non byte read
[ 2011.919483][T27020] kvm: pic: non byte read
[ 2012.099348][T27020] kvm: pic: non byte read
[ 2012.122499][T27020] kvm: pic: non byte read
[ 2012.138064][T27020] kvm: pic: non byte read
[ 2012.159966][T27020] kvm: pic: non byte read
[ 2012.187554][T27020] kvm: pic: non byte read
[ 2012.890467][   T30] audit: type=1326 audit(4563.808:5747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27061 comm="syz.5.7787" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85a02e3fc9 code=0x0
[ 2013.687476][T27091] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2014.758440][T27240] ÿÿÿÿÿÿ: renamed from vlan1
[ 2015.957597][T27362] device pim6reg1 entered promiscuous mode
[ 2017.320000][T27458] overlayfs: failed to clone upperpath
[ 2019.797362][T27635] device pim6reg1 entered promiscuous mode
[ 2019.845746][   T30] audit: type=1326 audit(4570.307:5748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2019.872938][   T30] audit: type=1326 audit(4570.307:5749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2019.898933][   T30] audit: type=1326 audit(4570.307:5750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2019.922300][   T30] audit: type=1326 audit(4570.307:5751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2019.945535][T23951] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 2019.986518][   T30] audit: type=1326 audit(4570.307:5752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.012340][   T30] audit: type=1326 audit(4570.307:5753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.035780][   T30] audit: type=1326 audit(4570.307:5754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.063869][   T30] audit: type=1326 audit(4570.307:5755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.087633][   T30] audit: type=1326 audit(4570.307:5756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.116384][   T30] audit: type=1326 audit(4570.307:5757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27644 comm="syz.4.8044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2020.362672][T23951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2020.378814][T23951] usb 4-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[ 2020.388043][T23951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2020.398288][T23951] usb 4-1: config 0 descriptor??
[ 2020.655306][T27700] IPv6: NLM_F_CREATE should be specified when creating new route
[ 2021.012962][T27741] fuse: Unknown parameter '0x0000000000000003'
[ 2021.096816][T27763] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2021.116910][T27763] kvm: pic: non byte read
[ 2021.147036][T27776] fuse: Unknown parameter '0x0000000000000003'
[ 2021.358672][T27800] fuse: Unknown parameter '0x0000000000000003'
[ 2021.432047][T23951] usbhid 4-1:0.0: can't add hid device: -71
[ 2021.438338][T23951] usbhid: probe of 4-1:0.0 failed with error -71
[ 2021.479913][T23951] usb 4-1: USB disconnect, device number 40
[ 2021.868914][T27827] fuse: Unknown parameter '0x0000000000000003'
[ 2022.406305][T27854] fuse: Unknown parameter 'fd0x0000000000000003'
[ 2023.485336][T27911] device syzkaller0 entered promiscuous mode
[ 2023.590657][T27939] ÿÿÿÿÿÿ: renamed from vlan1
[ 2023.876656][T28004] device pim6reg1 entered promiscuous mode
[ 2023.934763][T28013] device syzkaller1 entered promiscuous mode
[ 2023.958638][T28012] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2024.046238][T28033] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2024.096497][T28050] device pim6reg1 entered promiscuous mode
[ 2024.897401][T28099] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2025.777409][T28133] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2025.916117][T28139] device syzkaller1 entered promiscuous mode
[ 2026.617789][T28196] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2027.322419][T28241] netlink: 'syz.3.8299': attribute type 2 has an invalid length.
[ 2027.331789][T28241] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8299'.
[ 2027.735815][T28280] device syzkaller1 entered promiscuous mode
[ 2028.545768][T28323] device syzkaller1 entered promiscuous mode
[ 2029.563285][   T30] kauditd_printk_skb: 59 callbacks suppressed
[ 2029.563301][   T30] audit: type=1326 audit(4579.396:5817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.592901][   T30] audit: type=1326 audit(4579.424:5818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.616450][   T30] audit: type=1326 audit(4579.443:5819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.646861][   T30] audit: type=1326 audit(4579.443:5820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.677563][   T30] audit: type=1326 audit(4579.443:5821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.705327][   T30] audit: type=1326 audit(4579.462:5822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.755552][   T30] audit: type=1326 audit(4579.462:5823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.779249][   T30] audit: type=1326 audit(4579.462:5824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2029.833916][   T30] audit: type=1326 audit(4579.462:5825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2030.013030][   T30] audit: type=1326 audit(4579.462:5826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28457 comm="syz.3.8402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f424d818fc9 code=0x7ffc0000
[ 2030.468661][T28497] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2030.561517][T28507] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2030.991981][T28525] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8426'.
[ 2031.239631][T28536] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2031.295296][T28536] kvm: pic: non byte read
[ 2031.321379][T28536] pic_ioport_write: 60 callbacks suppressed
[ 2031.321407][T28536] kvm: pic: level sensitive irq not supported
[ 2031.338570][T28536] kvm: pic: non byte read
[ 2031.371354][T28536] kvm: pic: level sensitive irq not supported
[ 2031.371447][T28536] kvm: pic: non byte read
[ 2031.422681][T28556] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2032.195364][T28602] serio: Serial port ptm0
[ 2032.925708][T28677] netlink: 68 bytes leftover after parsing attributes in process `syz.4.8492'.
[ 2033.314345][T28700] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[ 2033.697231][T28733] tipc: New replicast peer: 255.255.255.83
[ 2033.765812][T28733] tipc: Enabled bearer <udp:£>, priority 10
[ 2034.050791][T28762] device syzkaller1 entered promiscuous mode
[ 2034.778750][T28786] device syzkaller0 entered promiscuous mode
[ 2034.894003][T28807] device syzkaller1 entered promiscuous mode
[ 2034.983188][  T344] tipc: Node number set to 3794480044
[ 2035.234920][T28830] device syzkaller0 entered promiscuous mode
[ 2035.925296][   T30] kauditd_printk_skb: 105 callbacks suppressed
[ 2035.925310][   T30] audit: type=1326 audit(4585.344:5932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28906 comm="syz.6.8598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b9d32fc9 code=0x7ffc0000
[ 2035.983505][   T30] audit: type=1326 audit(4585.372:5933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28906 comm="syz.6.8598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f23b9d32fc9 code=0x7ffc0000
[ 2036.008546][   T30] audit: type=1326 audit(4585.372:5934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28906 comm="syz.6.8598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23b9d32fc9 code=0x7ffc0000
[ 2037.139778][T28973] sch_tbf: peakrate 9 is lower than or equals to rate 6829859379779001161 !
[ 2037.291568][T28985] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8634'.
[ 2037.381940][   T30] audit: type=1326 audit(4586.709:5935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28999 comm="syz.6.8641" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f23b9d32fc9 code=0x0
[ 2039.108889][T29142] tipc: Started in network mode
[ 2039.112096][T29145] ------------[ cut here ]------------
[ 2039.131634][T29145] trace type BPF program uses run-time allocation
[ 2039.139452][T29145] WARNING: CPU: 0 PID: 29145 at kernel/bpf/verifier.c:11722 check_map_prog_compatibility+0x6cd/0x870
[ 2039.150297][T29142] tipc: Node identity ac14140f, cluster identity 4711
[ 2039.161179][T29142] tipc: New replicast peer: 255.255.255.83
[ 2039.166742][T29145] Modules linked in:
[ 2039.170918][T29145] CPU: 0 PID: 29145 Comm: syz.3.8708 Not tainted syzkaller #0
[ 2039.178312][T29142] tipc: Enabled bearer <udp:£>, priority 10
[ 2039.186406][   T30] audit: type=1326 audit(4588.392:5936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.209466][T29145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2039.209502][T29145] RIP: 0010:check_map_prog_compatibility+0x6cd/0x870
[ 2039.236053][T29146] netlink: 'syz.3.8708': attribute type 12 has an invalid length.
[ 2039.247875][T29145] Code: ee ff 48 c7 c6 a0 f3 47 85 4c 8b 65 d0 e9 fd fc ff ff e8 46 4b ee ff c6 05 54 99 6b 05 01 48 c7 c7 00 f0 47 85 e8 73 69 25 03 <0f> 0b e9 88 fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ac f9 ff
[ 2039.275482][T29145] RSP: 0018:ffffc90000b37428 EFLAGS: 00010246
[ 2039.283953][T29145] RAX: 8ab181610df00000 RBX: 0000000000000001 RCX: 0000000000080000
[ 2039.295714][   T30] audit: type=1326 audit(4588.392:5937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.303304][T29145] RDX: ffffc90001fbe000 RSI: 0000000000011a63 RDI: 0000000000011a64
[ 2039.357275][T29145] RBP: ffffc90000b37470 R08: dffffc0000000000 R09: ffffed103ee04e93
[ 2039.365416][T29145] R10: ffffed103ee04e93 R11: 1ffff1103ee04e92 R12: ffff8881262b0000
[ 2039.373790][T29145] R13: 0000000000000011 R14: dffffc0000000000 R15: ffff88812605b800
[ 2039.394565][   T30] audit: type=1326 audit(4588.392:5938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.419056][T29145] FS:  00007f424c2816c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2039.428656][T29145] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2039.435673][T29145] CR2: 00007fb5ccc98dac CR3: 000000013c02c000 CR4: 00000000003506b0
[ 2039.454328][T29145] Call Trace:
[ 2039.458944][T29145]  <TASK>
[ 2039.462477][T29145]  resolve_pseudo_ldimm64+0x685/0x11d0
[ 2039.473338][T29145]  ? check_attach_btf_id+0xde0/0xde0
[ 2039.486399][T29145]  ? __mark_reg_known+0x1b0/0x1b0
[ 2039.487717][   T30] audit: type=1326 audit(4588.392:5939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.555219][T29145]  ? security_capable+0x87/0xb0
[ 2039.574886][   T30] audit: type=1326 audit(4588.392:5940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.598316][T29145]  bpf_check+0x2c25/0xf280
[ 2039.632626][T29145]  ? 0xffffffffa0016000
[ 2039.653799][T29145]  ? is_bpf_text_address+0x177/0x190
[ 2039.671074][T29145]  ? bpf_get_btf_vmlinux+0x60/0x60
[ 2039.689062][T29145]  ? unwind_get_return_address+0x4d/0x90
[ 2039.702871][   T30] audit: type=1326 audit(4588.392:5941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29147 comm="syz.4.8709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2039.738846][T29145]  ? stack_trace_save+0xe0/0xe0
[ 2039.768189][T29145]  ? arch_stack_walk+0xee/0x140
[ 2039.798471][T29145]  ? stack_trace_save+0x98/0xe0
[ 2039.824273][T29145]  ? __stack_depot_save+0x34/0x480
[ 2039.848264][T29145]  ? __kasan_slab_alloc+0x69/0xf0
[ 2039.889953][T29145]  ? _find_next_bit+0x1fa/0x200
[ 2039.915960][T29145]  ? __kasan_kmalloc+0xec/0x110
[ 2039.951370][T29145]  ? __kasan_kmalloc+0xda/0x110
[ 2039.975734][T29145]  ? kmem_cache_alloc_trace+0x119/0x270
[ 2040.014025][T29145]  ? selinux_bpf_prog_alloc+0x51/0x140
[ 2040.037829][T29145]  ? security_bpf_prog_alloc+0x62/0x90
[ 2040.054672][T29145]  ? bpf_prog_load+0x97c/0x1550
[ 2040.059567][T29145]  ? __sys_bpf+0x4c3/0x730
[ 2040.064081][T29145]  ? __x64_sys_bpf+0x7c/0x90
[ 2040.068879][T29145]  ? x64_sys_call+0x4b9/0x9a0
[ 2040.073995][T29145]  ? do_syscall_64+0x4c/0xa0
[ 2040.078610][T29145]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2040.085341][T29145]  ? check_stack_object+0x81/0x140
[ 2040.090480][T29145]  ? memset+0x35/0x40
[ 2040.094690][T29145]  ? bpf_obj_name_cpy+0x193/0x1e0
[ 2040.100004][T29145]  bpf_prog_load+0x1042/0x1550
[ 2040.104945][T29145]  ? map_freeze+0x360/0x360
[ 2040.109483][T29145]  ? selinux_bpf+0xc7/0xf0
[ 2040.114134][T29145]  ? security_bpf+0x82/0xa0
[ 2040.118760][T29145]  __sys_bpf+0x4c3/0x730
[ 2040.123069][T29145]  ? bpf_link_show_fdinfo+0x310/0x310
[ 2040.128564][T29145]  ? __kasan_check_write+0x14/0x20
[ 2040.133952][T29145]  ? switch_fpu_return+0x15d/0x2c0
[ 2040.139147][T29145]  __x64_sys_bpf+0x7c/0x90
[ 2040.144160][T29145]  x64_sys_call+0x4b9/0x9a0
[ 2040.148875][T29145]  do_syscall_64+0x4c/0xa0
[ 2040.153311][T29145]  ? clear_bhb_loop+0x50/0xa0
[ 2040.158052][T29145]  ? clear_bhb_loop+0x50/0xa0
[ 2040.162742][T29145]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2040.168816][T29145] RIP: 0033:0x7f424d818fc9
[ 2040.173257][T29145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2040.194551][T29145] RSP: 002b:00007f424c281038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2040.203696][T29145] RAX: ffffffffffffffda RBX: 00007f424da6ffa0 RCX: 00007f424d818fc9
[ 2040.211845][T29145] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[ 2040.219962][T29145] RBP: 00007f424d89bf91 R08: 0000000000000000 R09: 0000000000000000
[ 2040.228269][T29145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2040.236471][T29145] R13: 00007f424da70038 R14: 00007f424da6ffa0 R15: 00007ffcb5d69c48
[ 2040.244542][T29145]  </TASK>
[ 2040.248957][T29145] ---[ end trace fb4730828c74d1f7 ]---
[ 2040.361288][T15448] tipc: Node number set to 2886997007
[ 2041.302991][   T30] kauditd_printk_skb: 53 callbacks suppressed
[ 2041.303005][   T30] audit: type=1326 audit(4590.374:5995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.345725][   T30] audit: type=1326 audit(4590.393:5996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.369520][   T30] audit: type=1326 audit(4590.393:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.433973][   T30] audit: type=1326 audit(4590.393:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.461946][   T30] audit: type=1326 audit(4590.403:5999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.485530][   T30] audit: type=1326 audit(4590.403:6000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.517424][   T30] audit: type=1326 audit(4590.403:6001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29253 comm="syz.4.8756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5cca3ffc9 code=0x7ffc0000
[ 2041.548511][   T30] audit: type=1326 audit(4590.468:6002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29258 comm="syz.0.8758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2041.572193][   T30] audit: type=1326 audit(4590.468:6003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29258 comm="syz.0.8758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2041.595677][   T30] audit: type=1326 audit(4590.468:6004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29258 comm="syz.0.8758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2041.655915][T29268] device pim6reg1 entered promiscuous mode
[ 2041.732879][T29264] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2041.756760][T29264] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2041.768004][T29264] device bridge_slave_0 entered promiscuous mode
[ 2041.789845][T29264] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2041.802591][T29264] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2041.813163][T29264] device bridge_slave_1 entered promiscuous mode
[ 2042.046518][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2042.055552][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2042.089381][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2042.106517][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2042.124571][T22575] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2042.131678][T22575] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2042.149398][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2042.158128][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2042.168162][T22575] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2042.175240][T22575] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2042.254612][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2042.270771][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2042.314244][T29264] device veth0_vlan entered promiscuous mode
[ 2042.340750][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2042.367970][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2042.385767][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2042.393862][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2042.412479][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2042.436752][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2042.451868][T29264] device veth1_macvtap entered promiscuous mode
[ 2042.504180][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2042.535791][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2042.575310][ T1093] tipc: Disabling bearer <udp:£>
[ 2042.595524][ T1093] tipc: Left network mode
[ 2043.229785][ T1093] device bridge_slave_1 left promiscuous mode
[ 2043.235949][ T1093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2043.264759][ T1093] device bridge_slave_0 left promiscuous mode
[ 2043.286252][ T1093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2043.316380][ T1093] device veth1_macvtap left promiscuous mode
[ 2043.338427][ T1093] device veth0_vlan left promiscuous mode
[ 2043.575710][T24488] bridge0: port 3(syz_tun) entered disabled state
[ 2043.589758][T24488] device syz_tun left promiscuous mode
[ 2043.604820][T24488] bridge0: port 3(syz_tun) entered disabled state
[ 2043.765107][T29383] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2043.772341][T29383] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2043.780361][T29383] device bridge_slave_0 entered promiscuous mode
[ 2043.788011][T29383] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2043.795351][T29383] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2043.803186][T29383] device bridge_slave_1 entered promiscuous mode
[ 2043.969082][T29383] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2043.976179][T29383] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2043.983529][T29383] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2043.990569][T29383] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2044.072211][ T1129] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2044.079697][ T1129] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2044.102389][T29394] loop6: detected capacity change from 0 to 1024
[ 2044.121524][T29394] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[ 2044.126537][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2044.137714][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2044.147932][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2044.156562][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2044.164935][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2044.172006][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2044.193345][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2044.201925][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2044.210091][ T1129] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2044.217139][ T1129] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2044.231490][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2044.242909][T29394] loop6: detected capacity change from 0 to 512
[ 2044.249784][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2044.272181][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2044.280439][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2044.300683][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2044.319994][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2044.327668][T29394] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2044.351846][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2044.363057][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2044.374872][T29383] device veth0_vlan entered promiscuous mode
[ 2044.389534][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2044.398312][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2044.412689][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2044.421243][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2044.448650][T29383] device veth1_macvtap entered promiscuous mode
[ 2044.459303][T29411] tipc: Started in network mode
[ 2044.464234][T29411] tipc: Node identity ac14140f, cluster identity 4711
[ 2044.471352][T29411] tipc: New replicast peer: 255.255.255.83
[ 2044.477288][T29411] tipc: Enabled bearer <udp:£>, priority 10
[ 2044.499150][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2044.506907][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2044.515444][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2044.533704][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2044.542184][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2044.725999][ T1093] device bridge_slave_1 left promiscuous mode
[ 2044.732332][ T1093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2044.748702][ T1093] device bridge_slave_0 left promiscuous mode
[ 2044.754885][ T1093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2044.827463][T29434] 9pnet: Insufficient options for proto=fd
[ 2044.970925][ T1093] device veth1_macvtap left promiscuous mode
[ 2045.033762][T24881] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[ 2045.309142][T29447] device syzkaller0 entered promiscuous mode
[ 2045.418857][T24881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 29542, setting to 64
[ 2045.437016][T24881] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 2045.448444][T24881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2045.462620][T24881] usb 7-1: config 0 descriptor??
[ 2045.482995][T29431] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 2045.600687][T29486] device syzkaller0 entered promiscuous mode
[ 2045.664703][T23951] tipc: Node number set to 2886997007
[ 2045.740838][T29511] loop7: detected capacity change from 0 to 512
[ 2045.784526][T29511] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2045.796867][T29511] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2229: inode #15: comm syz.7.8859: corrupted in-inode xattr
[ 2045.809600][T29511] EXT4-fs (loop7): 1 orphan inode deleted
[ 2045.820395][T29511] EXT4-fs (loop7): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,i_version,,errors=continue. Quota mode: none.
[ 2046.049803][T24881] usbhid 7-1:0.0: can't add hid device: -71
[ 2046.055844][T24881] usbhid: probe of 7-1:0.0 failed with error -71
[ 2046.081829][T24881] usb 7-1: USB disconnect, device number 8
[ 2046.914298][T29606] device pim6reg1 entered promiscuous mode
[ 2046.980655][T29608] loop6: detected capacity change from 0 to 128
[ 2047.077977][T29608] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2047.261618][T29615] device syzkaller0 entered promiscuous mode
[ 2047.308620][   T30] kauditd_printk_skb: 86 callbacks suppressed
[ 2047.308636][   T30] audit: type=1326 audit(4595.985:6091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29616 comm="syz.0.8907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2047.398036][   T30] audit: type=1326 audit(4595.985:6092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29616 comm="syz.0.8907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2047.422482][   T30] audit: type=1326 audit(4595.985:6093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29616 comm="syz.0.8907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2047.446640][   T30] audit: type=1326 audit(4595.994:6094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29616 comm="syz.0.8907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2047.578292][   T30] audit: type=1400 audit(4596.238:6095): avc:  denied  { append } for  pid=29635 comm="syz.6.8914" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 2047.912950][   T30] audit: type=1400 audit(4596.556:6096): avc:  denied  { module_load } for  pid=29668 comm="syz.3.8928" path="/sys/power/wakeup_count" dev="sysfs" ino=1148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 2048.038370][T29679] device syzkaller0 entered promiscuous mode
[ 2048.072239][T29666] tipc: Started in network mode
[ 2048.077177][T29666] tipc: Node identity ac14140f, cluster identity 4711
[ 2048.084142][T29666] tipc: New replicast peer: 255.255.255.83
[ 2048.090081][T29666] tipc: Enabled bearer <udp:£>, priority 10
[ 2048.781986][T29709] device syzkaller0 entered promiscuous mode
[ 2048.962896][T29714] device pim6reg1 entered promiscuous mode
[ 2049.068642][T29736] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2049.118672][T15448] kernel write not supported for file /1099/clear_refs (pid: 15448 comm: kworker/1:5)
[ 2049.149778][T29741] loop6: detected capacity change from 0 to 2048
[ 2049.187675][   T30] audit: type=1400 audit(4597.743:6097): avc:  denied  { create } for  pid=29758 comm="syz.3.8971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 2049.220277][T29741] Alternate GPT is invalid, using primary GPT.
[ 2049.232543][   T30] audit: type=1400 audit(4597.752:6098): avc:  denied  { read write } for  pid=29383 comm="syz-executor" name="loop7" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 2049.234095][T29741]  loop6: p1 p2 p3
[ 2049.263411][T29741] loop6: partition table partially beyond EOD, truncated
[ 2049.263702][T29764] device pim6reg1 entered promiscuous mode
[ 2049.279369][T23743] tipc: Node number set to 2886997007
[ 2049.295698][   T30] audit: type=1400 audit(4597.752:6099): avc:  denied  { open } for  pid=29383 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 2049.321410][T29770] tipc: New replicast peer: 255.255.255.83
[ 2049.327853][T29770] tipc: Enabled bearer <udp:£>, priority 10
[ 2049.349659][   T30] audit: type=1400 audit(4597.752:6100): avc:  denied  { ioctl } for  pid=29383 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=123 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 2049.496014][T23801] udevd[23801]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[ 2049.528911][T23674] udevd[23674]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[ 2049.622075][T23800] udevd[23800]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[ 2049.706787][T29808] device pim6reg1 entered promiscuous mode
[ 2049.785763][T29825] loop7: detected capacity change from 0 to 512
[ 2049.817836][T29823] device syzkaller0 entered promiscuous mode
[ 2049.841164][T29825] EXT4-fs (loop7): Ignoring removed orlov option
[ 2049.864969][T29825] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[ 2049.926839][T29825] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[ 2049.932968][T29831] loop6: detected capacity change from 0 to 512
[ 2049.936651][T29825] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2229: inode #15: comm syz.7.8997: corrupted in-inode xattr
[ 2049.963084][T29831] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 2049.966185][T29825] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.8997: couldn't read orphan inode 15 (err -117)
[ 2049.987019][T29825] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 2049.987090][T29831] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 2050.049501][T29831] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[ 2050.061416][T29831] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 2050.068378][T29831] EXT4-fs warning (device loop6): ext4_enable_quotas:6452: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 2050.083913][T29831] EXT4-fs (loop6): Cannot turn on quotas: error -22
[ 2050.092630][T29831] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.9002: bg 0: block 40: padding at end of block bitmap is not set
[ 2050.108005][T29831] EXT4-fs (loop6): Remounting filesystem read-only
[ 2050.114793][T29831] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2050.125785][T29831] EXT4-fs (loop6): Remounting filesystem read-only
[ 2050.141541][T29831] EXT4-fs (loop6): 1 truncate cleaned up
[ 2050.153601][T29844] device pim6reg1 entered promiscuous mode
[ 2050.165886][T29831] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,dioread_lock,nouid32,nomblk_io_submit,. Quota mode: writeback.
[ 2050.189767][T29831] fscrypt (loop6, inode 16): Error -61 getting encryption context
[ 2050.299438][T29860] loop7: detected capacity change from 0 to 1024
[ 2050.349606][T29860] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[ 2050.368295][T29860] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[ 2050.382419][T29877] device pim6reg1 entered promiscuous mode
[ 2050.470769][T29860] loop7: detected capacity change from 0 to 512
[ 2050.528263][T29860] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.7.9015: corrupted xattr block 95
[ 2050.554936][T23949] tipc: Node number set to 808905919
[ 2050.562669][T29860] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.9015: bg 0: block 7: invalid block bitmap
[ 2050.577574][T29860] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2050.587014][T29860] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2942: inode #11: comm syz.7.9015: corrupted xattr block 95
[ 2050.600281][T29860] EXT4-fs warning (device loop7): ext4_evict_inode:303: xattr delete (err -117)
[ 2050.609653][T29860] EXT4-fs (loop7): 1 orphan inode deleted
[ 2050.615500][T29860] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2050.926397][T29898] device syzkaller0 entered promiscuous mode
[ 2051.377894][T29918] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9033'.
[ 2051.578187][T29924] device pim6reg1 entered promiscuous mode
[ 2052.080012][T29942] loop7: detected capacity change from 0 to 8192
[ 2052.227564][T29959] 9pnet: Could not find request transport: rdma
[ 2052.671923][T30000] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2052.777255][   T30] kauditd_printk_skb: 239 callbacks suppressed
[ 2052.777270][   T30] audit: type=1400 audit(4601.100:6339): avc:  denied  { relabelfrom } for  pid=30002 comm="syz.6.9076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 2052.858413][   T30] audit: type=1400 audit(4601.100:6340): avc:  denied  { relabelto } for  pid=30002 comm="syz.6.9076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 2052.892808][   T30] audit: type=1400 audit(4601.119:6341): avc:  denied  { read write } for  pid=30008 comm="syz.7.9079" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2052.915581][T30015] SELinux: failed to load policy
[ 2052.956579][   T30] audit: type=1400 audit(4601.119:6342): avc:  denied  { open } for  pid=30008 comm="syz.7.9079" path="/dev/raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2052.993041][   T30] audit: type=1400 audit(4601.119:6343): avc:  denied  { ioctl } for  pid=30008 comm="syz.7.9079" path="/dev/raw-gadget" dev="devtmpfs" ino=254 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 2053.019087][T30026] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2053.019088][   T30] audit: type=1400 audit(4601.175:6344): avc:  denied  { load_policy } for  pid=30012 comm="syz.4.9082" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 2053.200604][   T30] audit: type=1326 audit(4601.493:6345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30044 comm="syz.0.9095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2053.427698][   T30] audit: type=1326 audit(4601.512:6346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30044 comm="syz.0.9095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2053.550454][   T30] audit: type=1326 audit(4601.512:6347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30044 comm="syz.0.9095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2053.908833][   T30] audit: type=1400 audit(4602.157:6348): avc:  denied  { read write } for  pid=30065 comm="syz.6.9103" name="vhost-vsock" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 2053.986400][T30078] netlink: 'syz.0.9107': attribute type 12 has an invalid length.
[ 2054.012637][T30080] device ip6gre1 entered promiscuous mode
[ 2054.357859][T30101] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 2054.481364][T30121] netlink: 44 bytes leftover after parsing attributes in process `syz.4.9128'.
[ 2054.730638][T30145] 9pnet: Insufficient options for proto=fd
[ 2054.936118][T30152] device pim6reg1 entered promiscuous mode
[ 2055.518668][T30171] SELinux: ebitmap: truncated map
[ 2055.552895][T30171] SELinux: failed to load policy
[ 2055.851438][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.859137][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.874792][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.895025][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.917053][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.942120][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.963655][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2055.985128][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.005516][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.039365][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.070059][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.098987][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.127605][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.173442][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.195620][T30203] loop7: detected capacity change from 0 to 512
[ 2056.195927][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.231086][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.238562][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.249077][T30203] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2056.270475][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.285074][T30203] EXT4-fs warning (device loop7): ext4_enable_quotas:6452: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 2056.289770][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.336585][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.356037][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.375183][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.394346][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.413537][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.420953][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.452018][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.472211][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.491952][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.511605][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.519049][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.549894][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.569070][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.588289][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.607670][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.615100][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.646126][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.668898][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.676326][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.700956][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2056.708383][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2057.032482][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2057.039905][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2057.065017][T15448] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 2057.081783][T15448] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 2057.143449][T30217] fido_id[30217]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 2057.163435][ T1132] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 2057.444172][T30235] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9177'.
[ 2057.453635][T30235] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9177'.
[ 2057.932981][T30256] loop6: detected capacity change from 0 to 1024
[ 2057.956484][T30256] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 2057.974567][T30256] EXT4-fs (loop6): can't mount with data=, fs mounted w/o journal
[ 2058.169848][   T30] kauditd_printk_skb: 41 callbacks suppressed
[ 2058.169866][   T30] audit: type=1326 audit(4606.084:6389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30257 comm="syz.6.9187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f1916e1bfc9 code=0x7ffc0000
[ 2059.293196][   T30] audit: type=1326 audit(4607.197:6390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.318934][   T30] audit: type=1326 audit(4607.197:6391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.343036][   T30] audit: type=1326 audit(4607.197:6392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.366524][   T30] audit: type=1326 audit(4607.197:6393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.416096][   T30] audit: type=1326 audit(4607.197:6394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.439514][   T30] audit: type=1326 audit(4607.197:6395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.462705][   T30] audit: type=1400 audit(4607.197:6396): avc:  denied  { bind } for  pid=30312 comm="syz.0.9213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 2059.483547][   T30] audit: type=1326 audit(4607.197:6397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.506699][   T30] audit: type=1326 audit(4607.197:6398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30312 comm="syz.0.9213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9496e5cfc9 code=0x7ffc0000
[ 2059.730518][T30339] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 2060.147076][T30344] device pim6reg1 entered promiscuous mode
[ 2060.331817][T30347] SELinux: failed to load policy
[ 2060.346688][T30349] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2060.382812][T23951] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x4
[ 2060.391785][T23951] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x2
[ 2060.399499][T23951] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x3
[ 2060.408033][T23951] hid-generic 0000:3000000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[ 2060.464054][T30358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2060.471317][T30358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2060.472502][T30360] fido_id[30360]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 2060.550567][T30368] device pim6reg1 entered promiscuous mode
[ 2061.224506][T23949] usb 4-1: new low-speed USB device number 41 using dummy_hcd
[ 2061.631020][T23949] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2061.640269][T23949] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2062.069272][T23949] usb 4-1: config 0 descriptor??
[ 2062.187288][T30441] SELinux: failed to load policy
[ 2062.202852][T30443] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2062.520648][T30469] netlink: 64 bytes leftover after parsing attributes in process `syz.7.9281'.
[ 2062.764258][T30480] loop7: detected capacity change from 0 to 512
[ 2062.797608][T30480] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 2062.809533][T30480] EXT4-fs (loop7): 1 truncate cleaned up
[ 2062.815326][T30480] EXT4-fs (loop7): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none.
[ 2062.846301][T30480] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.9286: corrupted xattr block 33
[ 2062.858437][T30480] EXT4-fs (loop7): Remounting filesystem read-only
[ 2062.865090][T30480] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[ 2062.874231][T30480] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.9286: corrupted xattr block 33
[ 2062.886226][T30480] EXT4-fs (loop7): Remounting filesystem read-only
[ 2062.892804][T30480] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[ 2062.901983][T30480] EXT4-fs error (device loop7): ext4_xattr_block_find:1867: inode #15: comm syz.7.9286: corrupted xattr block 33
[ 2062.914241][T30480] EXT4-fs (loop7): Remounting filesystem read-only
[ 2063.072843][T30492] loop7: detected capacity change from 0 to 512
[ 2063.151839][T30492] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2063.237771][T30498] loop7: detected capacity change from 0 to 8192
[ 2063.259629][T30498] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 2063.440762][T30510] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2063.539157][   T30] kauditd_printk_skb: 79 callbacks suppressed
[ 2063.539175][   T30] audit: type=1400 audit(4611.162:6478): avc:  denied  { create } for  pid=30532 comm="syz.7.9310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 2063.586997][   T30] audit: type=1400 audit(4611.199:6479): avc:  denied  { setopt } for  pid=30532 comm="syz.7.9310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 2063.641294][T30542] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2063.701613][   T30] audit: type=1400 audit(4611.311:6480): avc:  denied  { block_suspend } for  pid=30548 comm="syz.4.9318" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 2063.765472][   T30] audit: type=1326 audit(4611.367:6481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2063.797887][   T30] audit: type=1326 audit(4611.367:6482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f70d996f810 code=0x7ffc0000
[ 2063.831947][   T30] audit: type=1326 audit(4611.367:6483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2063.859504][   T30] audit: type=1326 audit(4611.367:6484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2063.888627][   T30] audit: type=1326 audit(4611.367:6485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2063.921048][   T30] audit: type=1326 audit(4611.367:6486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2063.943347][T30562] device syzkaller0 entered promiscuous mode
[ 2063.962232][   T30] audit: type=1326 audit(4611.367:6487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30553 comm="syz.7.9321" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2064.203450][T30587] loop7: detected capacity change from 0 to 1024
[ 2064.228011][T30590] loop0: detected capacity change from 0 to 1024
[ 2064.261680][T23949] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2064.271710][T23949] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[ 2064.283495][T23949] asix: probe of 4-1:0.0 failed with error -71
[ 2064.289923][T30587] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[ 2064.302316][T23949] usb 4-1: USB disconnect, device number 41
[ 2064.310539][T30590] EXT4-fs (loop0): Ignoring removed orlov option
[ 2064.319609][T30590] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 2064.330202][T30587] EXT4-fs (loop7): can't mount with data=, fs mounted w/o journal
[ 2064.333594][T30593] netlink: 'syz.4.9338': attribute type 4 has an invalid length.
[ 2064.364761][T30590] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 2064.515867][T30587] loop7: detected capacity change from 0 to 512
[ 2064.595375][T30587] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.7.9336: corrupted xattr block 95
[ 2064.617950][T30587] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.9336: bg 0: block 7: invalid block bitmap
[ 2064.635550][T30587] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2064.654267][T30587] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2942: inode #11: comm syz.7.9336: corrupted xattr block 95
[ 2064.685752][T30587] EXT4-fs warning (device loop7): ext4_evict_inode:303: xattr delete (err -117)
[ 2064.697818][T30587] EXT4-fs (loop7): 1 orphan inode deleted
[ 2064.706164][T30587] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2064.735094][T30613] loop0: detected capacity change from 0 to 1024
[ 2064.761952][T30613] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 2064.793534][T30613] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[ 2064.820192][T30630] netlink: 'syz.3.9353': attribute type 6 has an invalid length.
[ 2065.031904][T30644] loop6: detected capacity change from 0 to 1024
[ 2065.057943][T30644] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 2065.101594][T30644] EXT4-fs (loop6): can't mount with data=, fs mounted w/o journal
[ 2065.264180][T30644] loop6: detected capacity change from 0 to 512
[ 2065.395768][T30644] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.6.9359: corrupted xattr block 95
[ 2065.409150][T30644] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.9359: bg 0: block 7: invalid block bitmap
[ 2065.439179][T30644] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2065.450996][T30644] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2942: inode #11: comm syz.6.9359: corrupted xattr block 95
[ 2065.481053][T30644] EXT4-fs warning (device loop6): ext4_evict_inode:303: xattr delete (err -117)
[ 2065.490932][T30644] EXT4-fs (loop6): 1 orphan inode deleted
[ 2065.497014][T30644] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2065.839036][T30664] loop6: detected capacity change from 0 to 128
[ 2065.867492][T30664] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2065.908902][T30664] EXT4-fs error (device loop6): htree_dirblock_to_tree:1083: inode #2: comm syz.6.9366: Directory block failed checksum
[ 2065.911213][T30669] loop7: detected capacity change from 0 to 512
[ 2065.931380][T30669] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2065.953367][T30669] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2065.991716][T30674] loop6: detected capacity change from 0 to 512
[ 2066.021386][T30674] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2066.058230][T24881] usb 4-1: new low-speed USB device number 42 using dummy_hcd
[ 2066.073769][T30683] loop7: detected capacity change from 0 to 512
[ 2066.130256][T30683] EXT4-fs error (device loop7): ext4_ext_check_inode:501: inode #3: comm syz.7.9373: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[ 2066.131909][T30695] loop6: detected capacity change from 0 to 512
[ 2066.149550][T30691] device pim6reg1 entered promiscuous mode
[ 2066.160934][T30683] EXT4-fs error (device loop7): ext4_quota_enable:6411: comm syz.7.9373: Bad quota inode: 3, type: 0
[ 2066.172751][T30695] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.9378: bad orphan inode 11862016
[ 2066.173104][T30683] EXT4-fs warning (device loop7): ext4_enable_quotas:6452: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[ 2066.183949][T30695] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2066.199285][T30683] EXT4-fs (loop7): mount failed
[ 2066.406449][T30722] device pim6reg1 entered promiscuous mode
[ 2066.550801][T24881] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2066.629865][T24881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2066.675581][T30730] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2066.683676][T24881] usb 4-1: config 0 descriptor??
[ 2067.470694][T30753] 9pnet: Insufficient options for proto=fd
[ 2067.555925][T30755] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2067.563837][T30755] tipc: Disabling bearer <eth:syzkaller0>
[ 2067.962761][T30767] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9406'.
[ 2068.034751][T30772] loop7: detected capacity change from 0 to 256
[ 2068.089278][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.105896][T30772] FAT-fs (loop7): Filesystem has been set read-only
[ 2068.127851][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.145511][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.162288][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.171393][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.180802][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.190093][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.199076][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.208701][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.217482][T30772] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[ 2068.401871][T30787] loop6: detected capacity change from 0 to 1024
[ 2068.412998][T30787] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 2068.433141][T30787] EXT4-fs (loop6): can't mount with data=, fs mounted w/o journal
[ 2068.555696][T30787] loop6: detected capacity change from 0 to 512
[ 2068.593320][T30787] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.6.9416: corrupted xattr block 95
[ 2068.624449][T30787] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.9416: bg 0: block 7: invalid block bitmap
[ 2068.643349][T30787] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2068.657055][T30787] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2942: inode #11: comm syz.6.9416: corrupted xattr block 95
[ 2068.675795][T30787] EXT4-fs warning (device loop6): ext4_evict_inode:303: xattr delete (err -117)
[ 2068.691169][T30787] EXT4-fs (loop6): 1 orphan inode deleted
[ 2068.697172][T30787] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2068.881504][T24881] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2068.891904][T24881] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[ 2068.910060][   T30] kauditd_printk_skb: 752 callbacks suppressed
[ 2068.910079][   T30] audit: type=1326 audit(4616.183:7240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30771 comm="syz.7.9409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f70d99a3885 code=0x7ffc0000
[ 2068.955379][T24881] asix: probe of 4-1:0.0 failed with error -71
[ 2068.979082][T24881] usb 4-1: USB disconnect, device number 42
[ 2068.996370][   T30] audit: type=1400 audit(4616.267:7241): avc:  denied  { ioctl } for  pid=30817 comm="syz.6.9429" path="/dev/usbmon7" dev="devtmpfs" ino=176 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 2069.022222][   T30] audit: type=1326 audit(4616.267:7242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30771 comm="syz.7.9409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.045909][   T30] audit: type=1326 audit(4616.295:7243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30771 comm="syz.7.9409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.138569][T30829] loop6: detected capacity change from 0 to 512
[ 2069.197344][T30829] EXT4-fs (loop6): Ignoring removed nobh option
[ 2069.206639][   T30] audit: type=1326 audit(4616.464:7244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.231084][   T30] audit: type=1326 audit(4616.473:7245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.257119][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #3: comm syz.6.9434: corrupted inode contents
[ 2069.269225][T30829] EXT4-fs error (device loop6): ext4_dirty_inode:6077: inode #3: comm syz.6.9434: mark_inode_dirty error
[ 2069.280839][   T30] audit: type=1326 audit(4616.482:7246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.304846][   T30] audit: type=1326 audit(4616.482:7247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.305002][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #3: comm syz.6.9434: corrupted inode contents
[ 2069.341549][   T30] audit: type=1326 audit(4616.482:7248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.364749][T30829] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #3: comm syz.6.9434: mark_inode_dirty error
[ 2069.376434][   T30] audit: type=1326 audit(4616.482:7249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30834 comm="syz.7.9437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70d9970fc9 code=0x7ffc0000
[ 2069.400131][T30829] EXT4-fs error (device loop6): ext4_acquire_dquot:6200: comm syz.6.9434: Failed to acquire dquot type 0
[ 2069.420025][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #16: comm syz.6.9434: corrupted inode contents
[ 2069.432496][T30829] EXT4-fs error (device loop6): ext4_dirty_inode:6077: inode #16: comm syz.6.9434: mark_inode_dirty error
[ 2069.444368][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #16: comm syz.6.9434: corrupted inode contents
[ 2069.456713][T30829] EXT4-fs error (device loop6): __ext4_ext_dirty:183: inode #16: comm syz.6.9434: mark_inode_dirty error
[ 2069.468625][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #16: comm syz.6.9434: corrupted inode contents
[ 2069.481224][T30829] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[ 2069.490123][T30829] EXT4-fs error (device loop6): ext4_do_update_inode:5241: inode #16: comm syz.6.9434: corrupted inode contents
[ 2069.502645][T30829] EXT4-fs error (device loop6): ext4_truncate:4310: inode #16: comm syz.6.9434: mark_inode_dirty error
[ 2069.515362][T30829] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[ 2069.525794][T30829] EXT4-fs (loop6): 1 truncate cleaned up
[ 2069.531507][T30829] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_dev=0x000000000002d353,nobh,,errors=continue. Quota mode: writeback.
[ 2069.560289][T30858] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[ 2069.568093][T30858] SELinux: failed to load policy
[ 2069.775427][T30882] 9pnet: Insufficient options for proto=fd
[ 2070.887880][T30918] loop0: detected capacity change from 0 to 512
[ 2070.925164][T30918] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 2070.966238][T30918] EXT4-fs (loop0): 1 truncate cleaned up
[ 2070.972049][T30918] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000007,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nouid32,. Quota mode: none.
[ 2071.011572][T30927] 9pnet: Insufficient options for proto=fd
[ 2071.102144][T30934] serio: Serial port ptm0
[ 2071.154114][T30949] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9487'.
[ 2071.166424][T30949] device ip6gre2 entered promiscuous mode
[ 2071.294014][T30971] netlink: 64 bytes leftover after parsing attributes in process `syz.6.9499'.
[ 2071.327954][T30976] netlink: 40 bytes leftover after parsing attributes in process `syz.0.9501'.
[ 2071.407057][T30991] loop6: detected capacity change from 0 to 1024
[ 2071.427575][T30991] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[ 2071.438135][T30991] EXT4-fs (loop6): can't mount with data=, fs mounted w/o journal
[ 2071.766972][T30991] loop6: detected capacity change from 0 to 512
[ 2071.870856][T31007] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9514'.
[ 2071.890501][T30991] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.6.9508: corrupted xattr block 95
[ 2071.926484][T31007] device ip6gre1 entered promiscuous mode
[ 2071.934090][T30991] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.9508: bg 0: block 7: invalid block bitmap
[ 2071.995160][T30991] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2072.055764][T30991] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2942: inode #11: comm syz.6.9508: corrupted xattr block 95
[ 2072.091974][T30991] EXT4-fs warning (device loop6): ext4_evict_inode:303: xattr delete (err -117)
[ 2072.102114][T30991] EXT4-fs (loop6): 1 orphan inode deleted
[ 2072.127571][T30991] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2072.511627][T31046] device pim6reg1 entered promiscuous mode
[ 2072.567479][T31048] device wireguard0 entered promiscuous mode
[ 2072.812025][T31053] loop7: detected capacity change from 0 to 512
[ 2072.846363][T31053] EXT4-fs (loop7): Ignoring removed nobh option
[ 2072.862663][T31053] EXT4-fs (loop7): Quota format mount options ignored when QUOTA feature is enabled
[ 2072.874903][T31053] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.9532: iget: bad i_size value: 38620345925642
[ 2072.888248][T31053] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.9532: couldn't read orphan inode 15 (err -117)
[ 2072.911545][T31053] EXT4-fs (loop7): mounted filesystem without journal. Opts: nobh,jqfmt=vfsv0,data_err=ignore,,errors=continue. Quota mode: writeback.
[ 2072.928613][T31053] EXT4-fs error (device loop7): empty_inline_dir:1877: inode #12: block 7: comm syz.7.9532: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[ 2072.954676][T31053] EXT4-fs warning (device loop7): empty_inline_dir:1884: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[ 2073.109891][T31065] loop0: detected capacity change from 0 to 1024
[ 2073.132179][T31065] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[ 2073.149476][T31071] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2073.151495][T31065] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[ 2073.178466][T31065] JBD2: no valid journal superblock found
[ 2073.191390][T31065] EXT4-fs (loop0): error loading journal
[ 2073.381683][T31088] loop0: detected capacity change from 0 to 1024
[ 2073.399026][T31094] loop7: detected capacity change from 0 to 1024
[ 2073.412492][T31094] EXT4-fs (loop7): Ignoring removed nobh option
[ 2073.419747][T31094] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 2073.438453][T31088] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 2073.459554][T31083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2073.466590][T31083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2073.474966][T31083] device bridge_slave_0 entered promiscuous mode
[ 2073.482301][T31094] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,nodioread_nolock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,nouid32,nobh,jqfmt=vfsv1,nouid32,dioread_nolock,,errors=continue. Quota mode: none.
[ 2073.508836][T31088] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal
[ 2073.519224][T31083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2073.530840][T31083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2073.538940][T31083] device bridge_slave_1 entered promiscuous mode
[ 2073.606699][T31088] loop0: detected capacity change from 0 to 512
[ 2073.649051][T31088] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2776: inode #11: comm syz.0.9546: corrupted xattr block 95
[ 2073.667739][T31088] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.9546: bg 0: block 7: invalid block bitmap
[ 2073.690723][T31088] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 2073.710347][T31088] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2942: inode #11: comm syz.0.9546: corrupted xattr block 95
[ 2073.727044][T31103] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3871: comm syz.7.9548: Allocating blocks 497-513 which overlap fs metadata
[ 2073.752074][T31103] EXT4-fs (loop7): pa ffff8881115aff18: logic 128, phys. 385, len 8
[ 2073.760122][T31103] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4888: group 0, free 0, pa_free 1
[ 2073.768804][T31088] EXT4-fs warning (device loop0): ext4_evict_inode:303: xattr delete (err -117)
[ 2073.851242][T31088] EXT4-fs (loop0): 1 orphan inode deleted
[ 2073.875619][T31088] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2073.884755][T31083] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2073.893321][T31083] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2073.900773][T31083] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2073.907833][T31083] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2073.968306][ T1129] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2073.975957][ T1129] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2073.983730][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2073.991423][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2074.008563][ T1129] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2074.019562][ T1129] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2074.026652][ T1129] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2074.054122][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2074.077835][T22575] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2074.084920][T22575] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2074.114282][ T1093] tipc: Disabling bearer <udp:£>
[ 2074.123965][ T1093] tipc: Left network mode
[ 2074.163744][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2074.171836][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2074.222612][T22575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2074.237320][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2074.245934][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2074.253739][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2074.263789][T31083] device veth0_vlan entered promiscuous mode
[ 2074.270723][T31128] device pim6reg1 entered promiscuous mode
[ 2074.293861][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2074.307388][T31083] device veth1_macvtap entered promiscuous mode
[ 2074.316434][   T30] kauditd_printk_skb: 291 callbacks suppressed
[ 2074.316450][   T30] audit: type=1400 audit(4621.242:7539): avc:  denied  { mount } for  pid=31133 comm="syz.6.9560" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 2074.347957][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2074.361457][ T1261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2074.379945][T31138] loop6: detected capacity change from 0 to 512
[ 2074.394738][   T30] audit: type=1400 audit(4621.317:7540): avc:  denied  { mounton } for  pid=31083 comm="syz-executor" path="/root/syzkaller.y4xu1Q/syz-tmp" dev="sda1" ino=2063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 2074.426573][T31138] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.9562: casefold flag without casefold feature
[ 2074.441831][   T30] audit: type=1400 audit(4621.345:7541): avc:  denied  { mount } for  pid=31083 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 2074.463611][T31138] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.9562: couldn't read orphan inode 15 (err -117)
[ 2074.484299][T31138] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2074.496103][   T30] audit: type=1400 audit(4621.345:7542): avc:  denied  { mount } for  pid=31083 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 2074.520587][   T30] audit: type=1400 audit(4621.345:7543): avc:  denied  { mounton } for  pid=31083 comm="syz-executor" path="/root/syzkaller.y4xu1Q/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 2074.549849][   T30] audit: type=1400 audit(4621.345:7544): avc:  denied  { mounton } for  pid=31083 comm="syz-executor" path="/root/syzkaller.y4xu1Q/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=117645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 2074.577525][   T30] audit: type=1400 audit(4621.354:7545): avc:  denied  { mounton } for  pid=31083 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 2074.600926][   T30] audit: type=1400 audit(4621.354:7546): avc:  denied  { mount } for  pid=31083 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 2074.634388][   T30] audit: type=1400 audit(4621.354:7547): avc:  denied  { mounton } for  pid=31083 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 2074.686259][T31151] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9567'.
[ 2074.697970][T31151] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9567'.
[ 2074.719883][T31151] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9567'.
[ 2074.728587][T31159] loop7: detected capacity change from 0 to 1024
[ 2074.733334][T31157] loop6: detected capacity change from 0 to 1024
[ 2074.744011][T31157] EXT4-fs (loop6): Ignoring removed orlov option
[ 2074.753241][T31159] EXT4-fs (loop7): Ignoring removed orlov option
[ 2074.763205][T31159] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[ 2074.773585][T31157] EXT4-fs (loop6): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[ 2074.809391][T31159] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 2074.972321][ T1093] device bridge_slave_1 left promiscuous mode
[ 2074.986231][ T1093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2074.996362][ T1093] device bridge_slave_0 left promiscuous mode
[ 2075.003509][ T1093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2075.381677][T31189] tipc: Enabling of bearer <udp:£> rejected, already enabled
[ 2077.190195][   T30] audit: type=1400 audit(4623.926:7548): avc:  denied  { bind } for  pid=31264 comm="syz.6.9613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2077.350786][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9616'.
[ 2077.806423][T31283] loop6: detected capacity change from 0 to 128
[ 2077.861025][T31283] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 2077.949390][T31283] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 2078.304738][T31292] ==================================================================
[ 2078.312838][T31292] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 2078.322053][T31292] Read of size 1 at addr ffff8881366413f8 by task syz.0.9622/31292
[ 2078.329958][T31292] 
[ 2078.332294][T31292] CPU: 0 PID: 31292 Comm: syz.0.9622 Tainted: G        W         syzkaller #0
[ 2078.341151][T31292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2078.351226][T31292] Call Trace:
[ 2078.354511][T31292]  <TASK>
[ 2078.357446][T31292]  __dump_stack+0x21/0x30
[ 2078.361781][T31292]  dump_stack_lvl+0xee/0x150
[ 2078.366635][T31292]  ? show_regs_print_info+0x20/0x20
[ 2078.371846][T31292]  ? load_image+0x3a0/0x3a0
[ 2078.376356][T31292]  ? unwind_get_return_address+0x4d/0x90
[ 2078.382007][T31292]  print_address_description+0x7f/0x2c0
[ 2078.387560][T31292]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 2078.394071][T31292]  kasan_report+0xf1/0x140
[ 2078.398496][T31292]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 2078.405009][T31292]  __asan_report_load1_noabort+0x14/0x20
[ 2078.410653][T31292]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 2078.416994][T31292]  xfrm_policy_inexact_insert_node+0x938/0xb50
[ 2078.423160][T31292]  ? xfrm_netlink_rcv+0x72/0x90
[ 2078.428017][T31292]  ? netlink_unicast+0x876/0xa40
[ 2078.432955][T31292]  ? netlink_sendmsg+0x86a/0xb70
[ 2078.437904][T31292]  ? ____sys_sendmsg+0x5a2/0x8c0
[ 2078.442848][T31292]  ? ___sys_sendmsg+0x1f0/0x260
[ 2078.447709][T31292]  ? x64_sys_call+0x4b/0x9a0
[ 2078.452301][T31292]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2078.458378][T31292]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[ 2078.464545][T31292]  xfrm_policy_inexact_insert+0x70/0x1130
[ 2078.470276][T31292]  ? __get_hash_thresh+0x10c/0x420
[ 2078.475390][T31292]  ? policy_hash_bysel+0x110/0x4f0
[ 2078.480507][T31292]  xfrm_policy_insert+0x126/0x9a0
[ 2078.485529][T31292]  ? xfrm_policy_construct+0x54f/0x1f00
[ 2078.491162][T31292]  xfrm_add_policy+0x4d1/0x830
[ 2078.495943][T31292]  ? xfrm_dump_sa_done+0xc0/0xc0
[ 2078.500878][T31292]  xfrm_user_rcv_msg+0x45c/0x6e0
[ 2078.505804][T31292]  ? xfrm_netlink_rcv+0x90/0x90
[ 2078.510650][T31292]  ? avc_has_perm_noaudit+0x460/0x460
[ 2078.516014][T31292]  ? x64_sys_call+0x4b/0x9a0
[ 2078.520596][T31292]  ? selinux_nlmsg_lookup+0x237/0x4c0
[ 2078.525963][T31292]  netlink_rcv_skb+0x1e0/0x430
[ 2078.530721][T31292]  ? xfrm_netlink_rcv+0x90/0x90
[ 2078.535651][T31292]  ? netlink_ack+0xb60/0xb60
[ 2078.540234][T31292]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2078.546810][T31292]  ? __netlink_lookup+0x387/0x3b0
[ 2078.551824][T31292]  xfrm_netlink_rcv+0x72/0x90
[ 2078.556490][T31292]  netlink_unicast+0x876/0xa40
[ 2078.561245][T31292]  netlink_sendmsg+0x86a/0xb70
[ 2078.566001][T31292]  ? netlink_getsockopt+0x530/0x530
[ 2078.571182][T31292]  ? sock_alloc_file+0xba/0x260
[ 2078.576028][T31292]  ? security_socket_sendmsg+0x82/0xa0
[ 2078.581478][T31292]  ? netlink_getsockopt+0x530/0x530
[ 2078.586669][T31292]  ____sys_sendmsg+0x5a2/0x8c0
[ 2078.591428][T31292]  ? __sys_sendmsg_sock+0x40/0x40
[ 2078.596442][T31292]  ? import_iovec+0x7c/0xb0
[ 2078.600930][T31292]  ___sys_sendmsg+0x1f0/0x260
[ 2078.605595][T31292]  ? __sys_sendmsg+0x250/0x250
[ 2078.610351][T31292]  ? __fdget+0x1a1/0x230
[ 2078.614585][T31292]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 2078.619517][T31292]  ? ___sys_sendmsg+0x260/0x260
[ 2078.624443][T31292]  ? __kasan_check_write+0x14/0x20
[ 2078.629541][T31292]  ? switch_fpu_return+0x15d/0x2c0
[ 2078.634655][T31292]  x64_sys_call+0x4b/0x9a0
[ 2078.639056][T31292]  do_syscall_64+0x4c/0xa0
[ 2078.643457][T31292]  ? clear_bhb_loop+0x50/0xa0
[ 2078.648813][T31292]  ? clear_bhb_loop+0x50/0xa0
[ 2078.653481][T31292]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2078.659366][T31292] RIP: 0033:0x7f9496e5cfc9
[ 2078.663768][T31292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2078.683360][T31292] RSP: 002b:00007f94958c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2078.691774][T31292] RAX: ffffffffffffffda RBX: 00007f94970b3fa0 RCX: 00007f9496e5cfc9
[ 2078.699743][T31292] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[ 2078.707699][T31292] RBP: 00007f9496edff91 R08: 0000000000000000 R09: 0000000000000000
[ 2078.715703][T31292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2078.723675][T31292] R13: 00007f94970b4038 R14: 00007f94970b3fa0 R15: 00007ffc530ca9a8
[ 2078.731640][T31292]  </TASK>
[ 2078.734645][T31292] 
[ 2078.736948][T31292] Allocated by task 31292:
[ 2078.741342][T31292]  __kasan_kmalloc+0xda/0x110
[ 2078.746010][T31292]  __kmalloc+0x13d/0x2c0
[ 2078.750244][T31292]  sk_prot_alloc+0xed/0x320
[ 2078.754732][T31292]  sk_alloc+0x38/0x430
[ 2078.758786][T31292]  pfkey_create+0x12a/0x660
[ 2078.763272][T31292]  __sock_create+0x38d/0x7a0
[ 2078.767932][T31292]  __sys_socket+0xec/0x190
[ 2078.772332][T31292]  __x64_sys_socket+0x7a/0x90
[ 2078.776994][T31292]  x64_sys_call+0x8c5/0x9a0
[ 2078.781481][T31292]  do_syscall_64+0x4c/0xa0
[ 2078.785886][T31292]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2078.791766][T31292] 
[ 2078.794077][T31292] Last potentially related work creation:
[ 2078.799791][T31292]  kasan_save_stack+0x3a/0x60
[ 2078.804453][T31292]  __kasan_record_aux_stack+0xd2/0x100
[ 2078.809895][T31292]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2078.815686][T31292]  call_rcu+0x105/0xfe0
[ 2078.819827][T31292]  qdisc_destroy+0x166/0x270
[ 2078.824408][T31292]  dev_shutdown+0x198/0x580
[ 2078.828897][T31292]  unregister_netdevice_many+0x95d/0x1990
[ 2078.834608][T31292]  unregister_netdevice_queue+0x31c/0x360
[ 2078.840312][T31292]  __tun_detach+0xca6/0x1450
[ 2078.844923][T31292]  tun_chr_close+0x92/0x140
[ 2078.849409][T31292]  __fput+0x20b/0x8b0
[ 2078.853376][T31292]  ____fput+0x15/0x20
[ 2078.857338][T31292]  task_work_run+0x127/0x190
[ 2078.861911][T31292]  exit_to_user_mode_loop+0xd0/0xe0
[ 2078.867093][T31292]  exit_to_user_mode_prepare+0x87/0xd0
[ 2078.872538][T31292]  syscall_exit_to_user_mode+0x1a/0x30
[ 2078.877979][T31292]  do_syscall_64+0x58/0xa0
[ 2078.882382][T31292]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2078.888349][T31292] 
[ 2078.890914][T31292] Second to last potentially related work creation:
[ 2078.897474][T31292]  kasan_save_stack+0x3a/0x60
[ 2078.902206][T31292]  __kasan_record_aux_stack+0xd2/0x100
[ 2078.907672][T31292]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2078.913469][T31292]  call_rcu+0x105/0xfe0
[ 2078.917609][T31292]  qdisc_destroy+0x166/0x270
[ 2078.922196][T31292]  dev_shutdown+0x198/0x580
[ 2078.926777][T31292]  unregister_netdevice_many+0x95d/0x1990
[ 2078.932492][T31292]  unregister_netdevice_queue+0x31c/0x360
[ 2078.938370][T31292]  __tun_detach+0xca6/0x1450
[ 2078.943126][T31292]  tun_chr_close+0x92/0x140
[ 2078.947612][T31292]  __fput+0x20b/0x8b0
[ 2078.951578][T31292]  ____fput+0x15/0x20
[ 2078.955546][T31292]  task_work_run+0x127/0x190
[ 2078.960130][T31292]  exit_to_user_mode_loop+0xd0/0xe0
[ 2078.965396][T31292]  exit_to_user_mode_prepare+0x87/0xd0
[ 2078.970838][T31292]  syscall_exit_to_user_mode+0x1a/0x30
[ 2078.976283][T31292]  do_syscall_64+0x58/0xa0
[ 2078.980687][T31292]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2078.986566][T31292] 
[ 2078.988872][T31292] The buggy address belongs to the object at ffff888136641000
[ 2078.988872][T31292]  which belongs to the cache kmalloc-1k of size 1024
[ 2079.002930][T31292] The buggy address is located 1016 bytes inside of
[ 2079.002930][T31292]  1024-byte region [ffff888136641000, ffff888136641400)
[ 2079.016373][T31292] The buggy address belongs to the page:
[ 2079.021997][T31292] page:ffffea0004d99000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x136640
[ 2079.032239][T31292] head:ffffea0004d99000 order:3 compound_mapcount:0 compound_pincount:0
[ 2079.040550][T31292] flags: 0x4000000000010200(slab|head|zone=1)
[ 2079.046626][T31292] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043080
[ 2079.055213][T31292] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 2079.063777][T31292] page dumped because: kasan: bad access detected
[ 2079.070168][T31292] page_owner tracks the page as allocated
[ 2079.075862][T31292] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 281, ts 447191909562, free_ts 446900633934
[ 2079.096426][T31292]  post_alloc_hook+0x192/0x1b0
[ 2079.101189][T31292]  prep_new_page+0x1c/0x110
[ 2079.105684][T31292]  get_page_from_freelist+0x2cc5/0x2d50
[ 2079.111218][T31292]  __alloc_pages+0x18f/0x440
[ 2079.115793][T31292]  new_slab+0xa1/0x4d0
[ 2079.119860][T31292]  ___slab_alloc+0x381/0x810
[ 2079.124435][T31292]  __slab_alloc+0x49/0x90
[ 2079.128753][T31292]  __kmalloc+0x16a/0x2c0
[ 2079.132979][T31292]  kvmalloc_node+0x206/0x300
[ 2079.137552][T31292]  xt_alloc_table_info+0x3b/0xa0
[ 2079.142493][T31292]  do_ip6t_set_ctl+0x86a/0xcf0
[ 2079.147266][T31292]  nf_setsockopt+0x272/0x2a0
[ 2079.151872][T31292]  ipv6_setsockopt+0x2555/0x38a0
[ 2079.156796][T31292]  tcp_setsockopt+0x1f8/0x1d30
[ 2079.161541][T31292]  sock_common_setsockopt+0xa0/0xb0
[ 2079.166733][T31292]  __sys_setsockopt+0x2f0/0x460
[ 2079.171690][T31292] page last free stack trace:
[ 2079.176349][T31292]  free_unref_page_prepare+0x542/0x550
[ 2079.181801][T31292]  free_unref_page+0xa2/0x550
[ 2079.186467][T31292]  __free_pages+0x6c/0x100
[ 2079.190868][T31292]  __free_slab+0xe8/0x1e0
[ 2079.195282][T31292]  __unfreeze_partials+0x160/0x190
[ 2079.200401][T31292]  put_cpu_partial+0xc6/0x120
[ 2079.205069][T31292]  __slab_free+0x1d4/0x290
[ 2079.209479][T31292]  ___cache_free+0x104/0x120
[ 2079.214055][T31292]  qlink_free+0x4d/0x90
[ 2079.218207][T31292]  qlist_free_all+0x5f/0xb0
[ 2079.222695][T31292]  kasan_quarantine_reduce+0x14a/0x170
[ 2079.228249][T31292]  __kasan_slab_alloc+0x2f/0xf0
[ 2079.233185][T31292]  slab_post_alloc_hook+0x4f/0x2b0
[ 2079.238284][T31292]  kmem_cache_alloc+0xf7/0x260
[ 2079.243037][T31292]  __alloc_file+0x28/0x2a0
[ 2079.247444][T31292]  alloc_empty_file+0x97/0x180
[ 2079.252197][T31292] 
[ 2079.254503][T31292] Memory state around the buggy address:
[ 2079.260112][T31292]  ffff888136641280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2079.268155][T31292]  ffff888136641300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2079.276200][T31292] >ffff888136641380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 2079.284239][T31292]                                                                 ^
[ 2079.292230][T31292]  ffff888136641400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2079.300594][T31292]  ffff888136641480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2079.308635][T31292] ==================================================================
[ 2079.316678][T31292] Disabling lock debugging due to kernel taint