Warning: Permanently added '10.128.1.39' (ED25519) to the list of known hosts.
2024/05/04 22:21:05 fuzzer started
2024/05/04 22:21:05 dialing manager at 10.128.0.163:30006
[   17.841848][   T28] audit: type=1400 audit(1714861265.283:66): avc:  denied  { node_bind } for  pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   17.846063][   T28] audit: type=1400 audit(1714861265.283:67): avc:  denied  { name_bind } for  pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   17.862434][   T28] audit: type=1400 audit(1714861265.303:68): avc:  denied  { mounton } for  pid=290 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   17.863403][  T290] cgroup: Unknown subsys name 'net'
[   17.885079][   T28] audit: type=1400 audit(1714861265.303:69): avc:  denied  { mount } for  pid=290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   17.912039][   T28] audit: type=1400 audit(1714861265.343:70): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   17.912168][  T290] cgroup: Unknown subsys name 'devices'
[   18.020304][  T290] cgroup: Unknown subsys name 'hugetlb'
[   18.025748][  T290] cgroup: Unknown subsys name 'rlimit'
[   18.120329][   T28] audit: type=1400 audit(1714861265.563:71): avc:  denied  { mounton } for  pid=290 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   18.144987][   T28] audit: type=1400 audit(1714861265.563:72): avc:  denied  { mount } for  pid=290 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   18.152705][  T292] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   18.168183][   T28] audit: type=1400 audit(1714861265.563:73): avc:  denied  { setattr } for  pid=290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
2024/05/04 22:21:05 code coverage: enabled
2024/05/04 22:21:05 comparison tracing: enabled
2024/05/04 22:21:05 extra coverage: enabled
2024/05/04 22:21:05 delay kcov mmap: enabled
2024/05/04 22:21:05 setuid sandbox: enabled
2024/05/04 22:21:05 namespace sandbox: enabled
2024/05/04 22:21:05 Android sandbox: enabled
2024/05/04 22:21:05 fault injection: enabled
2024/05/04 22:21:05 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2024/05/04 22:21:05 net packet injection: enabled
2024/05/04 22:21:05 net device setup: enabled
2024/05/04 22:21:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/05/04 22:21:05 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/05/04 22:21:05 NIC VF setup: PCI device 0000:00:11.0 is not available
2024/05/04 22:21:05 USB emulation: enabled
2024/05/04 22:21:05 hci packet injection: /dev/vhci does not exist
2024/05/04 22:21:05 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
2024/05/04 22:21:05 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
2024/05/04 22:21:05 swap file: enabled
2024/05/04 22:21:05 starting 5 executor processes
[   18.199172][   T28] audit: type=1400 audit(1714861265.623:74): avc:  denied  { relabelto } for  pid=292 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   18.205801][  T290] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   18.224368][   T28] audit: type=1400 audit(1714861265.623:75): avc:  denied  { write } for  pid=292 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   18.775634][  T301] bridge0: port 1(bridge_slave_0) entered blocking state
[   18.782654][  T301] bridge0: port 1(bridge_slave_0) entered disabled state
[   18.790075][  T301] device bridge_slave_0 entered promiscuous mode
[   18.797916][  T301] bridge0: port 2(bridge_slave_1) entered blocking state
[   18.804841][  T301] bridge0: port 2(bridge_slave_1) entered disabled state
[   18.812131][  T301] device bridge_slave_1 entered promiscuous mode
[   18.887914][  T302] bridge0: port 1(bridge_slave_0) entered blocking state
[   18.894926][  T302] bridge0: port 1(bridge_slave_0) entered disabled state
[   18.902119][  T302] device bridge_slave_0 entered promiscuous mode
[   18.918546][  T302] bridge0: port 2(bridge_slave_1) entered blocking state
[   18.925389][  T302] bridge0: port 2(bridge_slave_1) entered disabled state
[   18.932655][  T302] device bridge_slave_1 entered promiscuous mode
[   18.978387][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   18.985330][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   18.992464][  T304] device bridge_slave_0 entered promiscuous mode
[   19.000324][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.007166][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.014449][  T304] device bridge_slave_1 entered promiscuous mode
[   19.035655][  T303] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.042603][  T303] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.049882][  T303] device bridge_slave_0 entered promiscuous mode
[   19.068932][  T303] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.075778][  T303] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.082999][  T303] device bridge_slave_1 entered promiscuous mode
[   19.108106][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.114996][  T308] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.122285][  T308] device bridge_slave_0 entered promiscuous mode
[   19.143171][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.150049][  T308] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.157128][  T308] device bridge_slave_1 entered promiscuous mode
[   19.185599][  T301] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.192452][  T301] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.199580][  T301] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.206317][  T301] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.275585][  T302] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.282443][  T302] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.289536][  T302] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.296308][  T302] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.362579][  T303] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.369454][  T303] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.376512][  T303] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.383336][  T303] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.398934][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.405779][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.412911][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.419689][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.427991][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   19.436275][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   19.444621][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   19.451887][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.459108][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.466087][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.473266][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.480233][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.487143][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.495227][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   19.502449][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   19.538617][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   19.546560][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.553403][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.561661][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   19.569686][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.576517][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.583826][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   19.591599][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   19.599420][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   19.607099][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   19.620302][  T302] device veth0_vlan entered promiscuous mode
[   19.628812][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   19.636570][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   19.644129][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   19.651702][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   19.673523][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   19.691765][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   19.700025][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.706853][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.714775][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   19.722707][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.729544][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.742066][  T302] device veth1_macvtap entered promiscuous mode
[   19.759471][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   19.767171][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   19.774490][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   19.782800][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   19.791267][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   19.799099][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   19.826559][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   19.834649][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   19.842493][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   19.849915][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   19.857077][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   19.865594][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   19.873621][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.880455][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.887770][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   19.895920][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   19.903862][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.910706][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   19.917836][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   19.925814][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   19.933910][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   19.941182][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   19.948341][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   19.956382][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   19.964494][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   19.972622][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   19.980570][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.987470][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[   19.994709][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   20.002830][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   20.010818][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.017671][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.025251][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   20.043894][  T303] device veth0_vlan entered promiscuous mode
[   20.051422][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   20.059293][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.066959][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   20.075145][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.083020][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   20.091086][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.099228][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   20.106806][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   20.116598][  T301] device veth0_vlan entered promiscuous mode
[   20.132732][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.140906][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   20.148156][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   20.155476][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   20.163885][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.171623][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   20.179614][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.187275][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   20.195396][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.208683][  T304] device veth0_vlan entered promiscuous mode
[   20.216041][  T303] device veth1_macvtap entered promiscuous mode
[   20.229076][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   20.236834][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000008000000001500000018110000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SIOCSIFHWADDR(r0, 0x40086602, &(0x7f0000000540)={'\x00', @dev})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.current\x00', 0x7a05, 0x1700)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000100), 0x1001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000008110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_es_find_extent_range_exit\x00', r7}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
getpeername$netlink(r4, &(0x7f00000002c0), &(0x7f0000000300)=0xc)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
ioctl$HCIINQUIRY(r9, 0x400448cc, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r8}, 0x10)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000000)={0x2, 0x0, [0x0, 0x401, 0x8000000000000001, 0xfffffffffffffff7, 0x1, 0x7, 0x2, 0x7]})
r10 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r10, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r10, &(0x7f0000000340)={0x2, 0x0, 0x0, @loopback}, 0x1c)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x1, 0x1ff, 0x9, 0x2001, 0xffffffffffffffff, 0xd8, '\x00', 0x0, r5, 0x0, 0x3, 0x5, 0xb}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="ff030000000001b8fb10aff164f09a0018110000b389f918abd025c99834abfc858fdd90f406c436da9a71b66bb80b28f6bcfa02aa0c40af89bcfaa542277311", @ANYRES32=r11, @ANYRES32=r1, @ANYRESOCT=r3, @ANYRESOCT], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r12}, 0x10)
r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r13)

[   20.244817][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   20.253284][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.267179][  T304] device veth1_macvtap entered promiscuous mode
[   20.283564][  T308] device veth0_vlan entered promiscuous mode
[   20.289877][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   20.297090][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   20.304514][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   20.307023][  T329] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure
[   20.313171][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.330948][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   20.339134][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   20.347170][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   20.354893][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   20.362642][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   20.370723][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   20.383612][  T301] device veth1_macvtap entered promiscuous mode
executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
pipe(0x0) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x3, &(0x7f0000000340)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000880)=[{0x0, 0x1, 0xb}, {0x5, 0x4, 0x4, 0xb}, {0x2}, {}, {0x0, 0x0, 0x10, 0x8}], 0x10, 0x176}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f00000002c0)=ANY=[], 0xc1) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r1, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x3, &(0x7f0000000080), 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) (async)
io_setup(0x1f, &(0x7f0000000380)=<r3=>0x0) (async)
clock_gettime(0x0, &(0x7f0000000200)={<r4=>0x0, <r5=>0x0})
io_pgetevents(r3, 0x1, 0x1, &(0x7f00000003c0)=[{}], &(0x7f0000000440)={r4, r5+10000000}, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r6, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) (async)
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r8, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
readv(r8, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x2)

[   20.392408][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   20.399797][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   20.407052][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   20.415205][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.423481][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   20.431524][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x813014, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/udp\x00')
read$FUSE(r0, &(0x7f00000061c0)={0x2020, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid={'gid', 0x3d, r1}}]})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r2, &(0x7f0000004180)={0x2020}, 0x1e7)

executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) (async)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f00000007c0))
r2 = creat(&(0x7f0000000780)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0200000020"], 0xfe44, 0x0) (async)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0200000020"], 0xfe44, 0x0)

[   20.439851][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   20.448020][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   20.456163][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 2:
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0) (async)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000004000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000eaffffff850000008600000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='block_plug\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='block_plug\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0x43400) (async)
write$cgroup_int(r4, &(0x7f0000000200), 0x43400)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)=@usbdevfs_connect)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @empty, @dev}, &(0x7f0000000180)=0xc)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)

[   20.499386][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   20.510857][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   20.520373][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   20.529364][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000002c0)=0x4000007, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r1, 0x401)
listen(r0, 0x0)
close(r1)

executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000200), 0x180c0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x3, 0x9, 0x84c, 0x121, r0, 0x401, '\x00', 0x0, r1, 0x4, 0x2, 0x3, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a80)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
r4 = getgid()
fsetxattr$system_posix_acl(r2, &(0x7f0000000340)='system.posix_acl_access\x00', &(0x7f0000000900)={{}, {0x1, 0x1}, [{0x2, 0x3}, {0x2, 0x4}, {}, {0x2, 0x3}], {0x4, 0x2}, [{0x8, 0x4}, {0x8, 0x2}, {0x8, 0x3}, {0x8, 0x1}, {0x8, 0x1}, {0x8, 0x1}, {0x8, 0x7, r4}], {}, {0x20, 0x1}}, 0x7c, 0x3)
setpgid(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000500), &(0x7f0000000540)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = dup(r7)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000001c0)={'gre0\x00', @random="a80f9df9b761"})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mount$incfs(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000100), 0x1001)
pipe2$watch_queue(&(0x7f0000000300), 0x80)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r11}, 0x10)
ioctl$SIOCSIFHWADDR(r10, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])

[   20.559371][  T308] device veth1_macvtap entered promiscuous mode
[   20.572507][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.595784][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCXONC(r3, 0x540a, 0x2)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r5}, 0x10)
io_setup(0xffff, &(0x7f00000007c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='ext4_insert_range\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x59}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7}, 0x48)
r6 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3102, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xa)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000500)=ANY=[@ANYRESHEX=r7, @ANYBLOB, @ANYRESDEC=0x0, @ANYRESDEC=r7, @ANYBLOB="da259f5d0fc27d1c4ecf15731916c950750900739a62ca062d92"])
fstatfs(0xffffffffffffffff, 0x0)
io_setup(0x2, &(0x7f0000000040)=<r8=>0x0)
io_submit(r8, 0x1, &(0x7f0000000380)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000080)="eb", 0x1}])
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x8000004, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x90)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
socket$unix(0x1, 0x5, 0x0)

[   20.604737][  T302] syz-executor.4 (302) used greatest stack depth: 21520 bytes left
executing program 1:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0x4, 0x8, 0x1}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000008c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c03d9259b6fd6c790d91cdb07099358000000020000000000000002000009000000000000"], &(0x7f0000000180)=""/139, 0x26, 0x8b, 0x1}, 0x20)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="000425bd7000ffdbdf25100000004000058034000280080003000500000008000200ffffffff080004000000000008000400ff0100000800010008000000080002000600000008000100756470008c0006800400050008000600050000000400020057000300cff6037714af5f6f3399380730eac40e53beba773c0db9c1383f19a43940547835424bc8a7d218bc262958d220fc7bf1940f5271c9c6b3ad88f5d890958df2de9eccc549c4743897b05d7a607d29d2253b946b000800060040000000080006000600000008000600ff03000008000100360300006c0001802c0004001400010002004e210a01010100000000000000001400020002004e23640101000000000000000000080003000104000008000300620500002c00028008000400000800000800020008000000080001001600000008000400010000000800020000080000140006800400020004000500080001000200000008000480040007800c00098008000100aa06000014000780080002007f00000008000100070000003c0001801c00028008000200001000000800030001000000080001001f0000000d0001007564703a73797a30000000000c00028008000300ffffffff"], 0x1c4}, 0x1, 0x0, 0x0, 0x20040000}, 0x20008004)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
pipe2(&(0x7f0000001440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
splice(r3, 0x0, r5, 0x0, 0x2000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="0000000000000000b708000000aa00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, r4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000900)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r9 = syz_open_dev$usbfs(&(0x7f0000000840), 0x90c, 0x40001)
ioctl$USBDEVFS_CLAIMINTERFACE(r9, 0x551f, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES64=r9, @ANYRES16=r0, @ANYRESOCT=r6], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r10}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r12=>r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
lsetxattr$system_posix_acl(&(0x7f0000000400)='./file0/file0\x00', &(0x7f00000004c0)='system.posix_acl_access\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="02000000010000000000000002000400", @ANYRES32=0x0, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="02000100", @ANYRES32, @ANYRESDEC=r12, @ANYRES32=0xee00, @ANYBLOB="040001000000000008000300", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0xee01, @ANYBLOB="81920000", @ANYRES32=0xee00, @ANYBLOB="10000100000000002000010000000000"], 0x5c, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BTRFS_IOC_INO_PATHS(r2, 0xc0389423, &(0x7f0000000200)={0x4db, 0x0, [0x5, 0xa16f, 0xb, 0x3], &(0x7f0000000080)})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

[   20.630040][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   20.661541][  T347] loop0: detected capacity change from 0 to 512
[   20.668934][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   20.677003][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x1002, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
keyctl$KEYCTL_MOVE(0x15, 0x0, 0x0, 0x0, 0x0)

[   20.729776][  T347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[   20.752447][  T347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[   20.766102][  T347] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2810: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   20.791361][  T347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[   20.805707][  T347] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[   20.819398][  T347] EXT4-fs (loop0): 1 orphan inode deleted
[   20.825008][  T347] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   20.856176][  T347] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   20.890062][  T301] EXT4-fs error (device loop0): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor.0: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[   20.912601][  T301] ------------[ cut here ]------------
[   20.917881][  T301] kernel BUG at fs/namei.c:2956!
[   20.936339][  T301] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   20.942230][  T301] CPU: 0 PID: 301 Comm: syz-executor.0 Not tainted 6.1.75-syzkaller-00089-g1794308d463f #0
[   20.952038][  T301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   20.961931][  T301] RIP: 0010:may_delete+0x6eb/0x6f0
[   20.966878][  T301] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 36 72 f3 ff e9 72 fe ff ff e8 4c 79 ac ff 0f 0b e8 45 79 ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 31 79 ac ff 4c 8d
[   20.986320][  T301] RSP: 0018:ffffc90005bcfbd8 EFLAGS: 00010293
[   20.992223][  T301] RAX: ffffffff81c8f6cb RBX: ffff88810edec250 RCX: ffff8881096c6540
[   21.000035][  T301] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[   21.007843][  T301] RBP: ffffc90005bcfc40 R08: ffffffff81c8f05f R09: 0000000000000003
[   21.015750][  T301] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810edf2220
[   21.023643][  T301] R13: 1ffff11021dbe444 R14: ffff888100585ce8 R15: dffffc0000000000
[   21.031454][  T301] FS:  0000555555c4f480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   21.040220][  T301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.046642][  T301] CR2: 000000c00341a4c8 CR3: 0000000128eb8000 CR4: 00000000003506b0
[   21.054457][  T301] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   21.062356][  T301] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   21.070165][  T301] Call Trace:
[   21.073289][  T301]  <TASK>
[   21.076066][  T301]  ? __die_body+0x62/0xb0
[   21.080233][  T301]  ? die+0x88/0xb0
[   21.083792][  T301]  ? do_trap+0x103/0x330
[   21.087869][  T301]  ? may_delete+0x6eb/0x6f0
[   21.092211][  T301]  ? handle_invalid_op+0x95/0xc0
[   21.096981][  T301]  ? may_delete+0x6eb/0x6f0
[   21.101322][  T301]  ? exc_invalid_op+0x32/0x50
[   21.105839][  T301]  ? asm_exc_invalid_op+0x1b/0x20
[   21.110698][  T301]  ? may_delete+0x7f/0x6f0
[   21.114949][  T301]  ? may_delete+0x6eb/0x6f0
[   21.119288][  T301]  ? may_delete+0x6eb/0x6f0
[   21.123625][  T301]  ? may_delete+0x6eb/0x6f0
[   21.127971][  T301]  vfs_rmdir+0x32/0x500
[   21.131963][  T301]  ? generic_shutdown_super+0x2b8/0x370
[   21.137341][  T301]  incfs_kill_sb+0x113/0x230
[   21.141770][  T301]  deactivate_locked_super+0xad/0x110
[   21.146974][  T301]  deactivate_super+0xbe/0xf0
[   21.151490][  T301]  cleanup_mnt+0x485/0x510
[   21.155749][  T301]  ? user_path_at_empty+0x14e/0x1a0
[   21.160775][  T301]  __cleanup_mnt+0x19/0x20
[   21.165116][  T301]  task_work_run+0x24d/0x2e0
[   21.169541][  T301]  ? task_work_cancel+0x2b0/0x2b0
[   21.174401][  T301]  ? __x64_sys_umount+0x122/0x170
[   21.179263][  T301]  exit_to_user_mode_loop+0x94/0xa0
[   21.184298][  T301]  exit_to_user_mode_prepare+0x5a/0xa0
[   21.189594][  T301]  syscall_exit_to_user_mode+0x26/0x140
[   21.195058][  T301]  do_syscall_64+0x49/0xb0
[   21.199311][  T301]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   21.205040][  T301] RIP: 0033:0x7fef1107efd7
[   21.209378][  T301] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   21.228823][  T301] RSP: 002b:00007ffd4386adb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   21.237068][  T301] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fef1107efd7
[   21.244896][  T301] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd4386ae70
[   21.252697][  T301] RBP: 00007ffd4386ae70 R08: 0000000000000000 R09: 0000000000000000
[   21.260504][  T301] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd4386bf60
[   21.268317][  T301] R13: 00007fef110c83b9 R14: 000000000000505f R15: 000000000000001e
[   21.276215][  T301]  </TASK>
[   21.279083][  T301] Modules linked in:
[   21.293511][  T301] ---[ end trace 0000000000000000 ]---
[   21.298897][  T301] RIP: 0010:may_delete+0x6eb/0x6f0
[   21.303790][  T301] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 7f fe ff ff 4c 89 e7 e8 36 72 f3 ff e9 72 fe ff ff e8 4c 79 ac ff 0f 0b e8 45 79 ac ff <0f> 0b 0f 1f 00 55 48 89 e5 41 56 53 48 89 fb e8 31 79 ac ff 4c 8d
[   21.326932][  T301] RSP: 0018:ffffc90005bcfbd8 EFLAGS: 00010293
[   21.332909][  T301] RAX: ffffffff81c8f6cb RBX: ffff88810edec250 RCX: ffff8881096c6540
[   21.342266][  T301] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 0000000000000000
[   21.350374][  T301] RBP: ffffc90005bcfc40 R08: ffffffff81c8f05f R09: 0000000000000003
[   21.358295][  T301] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff88810edf2220
[   21.367496][  T301] R13: 1ffff11021dbe444 R14: ffff888100585ce8 R15: dffffc0000000000
[   21.375817][  T301] FS:  0000555555c4f480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   21.384810][  T301] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.391422][  T301] CR2: 000000002000cf3d CR3: 0000000128eb8000 CR4: 00000000003506a0
[   21.436532][  T301] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   21.445173][  T301] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   21.454460][  T301] Kernel panic - not syncing: Fatal exception
[   21.460543][  T301] Kernel Offset: disabled
[   21.464662][  T301] Rebooting in 86400 seconds..