last executing test programs:

2m32.454228233s ago: executing program 1 (id=666):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd98, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

2m32.326624385s ago: executing program 1 (id=667):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x1}, 0x8)
close(r1)

2m32.291517076s ago: executing program 1 (id=668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4603240095028000000000000003003e0001010000940200000000230040000000000000004d02000000000000f6ffffff000038000100fdff7f000800030000000400000007000000000000b1f200000000000000010100000000000006"], 0x78)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

2m32.250830626s ago: executing program 1 (id=669):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ec)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
close(r0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2m32.193927717s ago: executing program 1 (id=670):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

2m32.011584941s ago: executing program 1 (id=671):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r1}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800c0001006d6163766c616e0095e5028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x44}}, 0x0)

2m32.01145355s ago: executing program 32 (id=671):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r1}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000140012800c0001006d6163766c616e0095e5028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x44}}, 0x0)

1m33.292626325s ago: executing program 3 (id=2890):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x3]}, 0x8)
read$msr(r2, &(0x7f0000000bc0)=""/4096, 0x1000)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)

1m32.4261619s ago: executing program 3 (id=2918):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x8000000000000002, &(0x7f0000000e80)={<r3=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r3, 0x1}}, 0x18)

1m32.391401941s ago: executing program 3 (id=2920):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x58, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd600a96460014060000000000000000000000000000000000fe8000000000000000000000000000aa00014e22", @ANYRES32=0x41424344, @ANYRES32, @ANYBLOB='Q'], 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r2, 0x0)

1m32.355495491s ago: executing program 3 (id=2922):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000500)='./file0/../file0\x00', 0x89901)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

1m32.291444492s ago: executing program 3 (id=2923):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xa}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x1}]}]}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x220008e8}, 0x800)

1m32.074569666s ago: executing program 3 (id=2931):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
write$cgroup_netprio_ifpriomap(0xffffffffffffffff, 0x0, 0x51)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0xa, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0x2, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000040)={0x5, 0x69, 0x0, 0x1, 0x8, 0xa, 0x0, 0x4, 0x400, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x4, @perf_bp={0x0, 0x8}, 0x11950, 0x4854, 0x3, 0x6, 0x5, 0xb5, 0x5, 0x0, 0xc8, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0x6, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x6, 0x1}, 0x18842, 0x0, 0x2, 0x7, 0x9, 0x3, 0x32, 0x0, 0x8, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)

1m32.049267076s ago: executing program 33 (id=2931):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
write$cgroup_netprio_ifpriomap(0xffffffffffffffff, 0x0, 0x51)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0xa, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0x2, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x0, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000040)={0x5, 0x69, 0x0, 0x1, 0x8, 0xa, 0x0, 0x4, 0x400, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10001, 0x4, @perf_bp={0x0, 0x8}, 0x11950, 0x4854, 0x3, 0x6, 0x5, 0xb5, 0x5, 0x0, 0xc8, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0x6, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000001100)={0x5, 0x80, 0x9, 0x8, 0xb, 0xfb, 0x0, 0x3c, 0xc002, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x6, 0x1}, 0x18842, 0x0, 0x2, 0x7, 0x9, 0x3, 0x32, 0x0, 0x8, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)

49.84083953s ago: executing program 5 (id=4348):
r0 = syz_io_uring_setup(0x7fbc, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2000000}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, {0x2}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x10, 0x2007, @fd, 0x8, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

49.793991801s ago: executing program 5 (id=4350):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

49.595569624s ago: executing program 5 (id=4352):
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r2}, 0x10)
openat(r1, &(0x7f0000000040)='./file0/../file0\x00', 0x515a02, 0x52abe154ad664f64)

49.566696124s ago: executing program 5 (id=4353):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000240)={[{@grpjquota}, {@lazytime}, {@barrier}, {@barrier}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@grpquota}], [{@seclabel}]}, 0x3, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ffffffffffffffc, 0x80100000400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47d8780820335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffff000000e8f20000000200", "b73267f0fffffffff2ff00", [0x10000000000004]})
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)

49.089671342s ago: executing program 5 (id=4364):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "e69cca8f3dc0d7f4", "8dbae53f6e3cb557549df62149742a804fc7915bbb0060906a9b85760e395535", "d1d853cf", "000000002c5a84bb"}, 0x38)
shutdown(r0, 0x1)
ppoll(&(0x7f0000000080)=[{r0, 0x200}], 0x1, 0x0, 0x0, 0x0)

48.58231612s ago: executing program 5 (id=4380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

48.557151781s ago: executing program 34 (id=4380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

39.664638227s ago: executing program 6 (id=4739):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

39.601553338s ago: executing program 6 (id=4742):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

39.46216975s ago: executing program 6 (id=4745):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
connect$inet(0xffffffffffffffff, 0x0, 0x0)
fspick(r0, &(0x7f0000000000)='.\x00', 0x0)

39.399779671s ago: executing program 6 (id=4748):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

39.314468733s ago: executing program 6 (id=4754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10)
setitimer(0x0, 0x0, 0x0)

38.767693272s ago: executing program 6 (id=4767):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}}, 0x0)

38.758026502s ago: executing program 35 (id=4767):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}}, 0x0)

17.704772188s ago: executing program 8 (id=5564):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000001080)='dctcp\x00', 0x6)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24040ffd, &(0x7f0000000440)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000000)="b4", 0x1}], 0x1}}], 0x1, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x182, 0x0, 0x27)

16.834169053s ago: executing program 8 (id=5595):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

16.775019793s ago: executing program 8 (id=5586):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

16.697845675s ago: executing program 8 (id=5587):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x2bc3c1f, 0xffffffffffffffff, 0x7, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80100, 0x10)
r1 = open_tree(r0, &(0x7f0000000380)='./file0/../file0\x00', 0x1101)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

16.661357255s ago: executing program 8 (id=5588):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0xfffffffe}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x0)

16.547671118s ago: executing program 8 (id=5590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x67}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000003060101000000007e625f4609ca6fd90500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)

16.547513647s ago: executing program 36 (id=5590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x67}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000003060101000000007e625f4609ca6fd90500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)

1.939417897s ago: executing program 9 (id=6092):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x9, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000021ea0523b55cdf2f4448f45c110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.855559399s ago: executing program 9 (id=6094):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @ib_path={0x0, r3}}, 0x20)

1.848213079s ago: executing program 9 (id=6095):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.632693822s ago: executing program 9 (id=6100):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0xffffffffffffffd6)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usbip_server_init(0x4)

1.141227061s ago: executing program 7 (id=6112):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r2}, 0x18)
r3 = socket$kcm(0x21, 0x2, 0x2)
recvmsg$kcm(r3, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)

1.110822191s ago: executing program 7 (id=6113):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000063f9ff000000000000000d008500000041000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1.067732502s ago: executing program 9 (id=6114):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000110000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000000)=0x56, 0x4)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

818.928556ms ago: executing program 7 (id=6125):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = dup(r2)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtaction={0x98, 0x30, 0x301, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x0, 0x0, 0xffffffe4}, 0x1, r5}}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

758.690757ms ago: executing program 7 (id=6128):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xdc}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000000), 0xfdef)

724.687117ms ago: executing program 7 (id=6118):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r2}, 0x18)

627.848089ms ago: executing program 2 (id=6120):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r2, 0x409, 0xb)

580.4456ms ago: executing program 9 (id=6121):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
write(r1, &(0x7f0000000100)="ab74efd76a620ea165a11145cf87e9c6fff7d0ad5edd51792d193b7069f4bef51c7b4de70df07f03736eb920e33ca61b82e53b79239b7e1578199bff294282477468ba2e2c9770823917401bc623716a80b14c06a70c0fb39cc2", 0x5a)
bind$can_j1939(r1, &(0x7f0000000000)={0x1d, r2, 0x1}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffeb}, {0xa, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

367.194513ms ago: executing program 7 (id=6131):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x8, 0x6}, 0x0, 0x9, 0x800000, 0x7, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000000c0)=<r1=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000980), 0xfdef)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

337.269514ms ago: executing program 2 (id=6133):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_nanosleep(0xb, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0)

328.988754ms ago: executing program 4 (id=6134):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)
socket$kcm(0x10, 0x2, 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

271.682865ms ago: executing program 4 (id=6135):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000240)={'wg2\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r3}, @IFLA_HSR_SLAVE2={0x8, 0x2, r4}]}}}]}, 0x40}}, 0x0)

271.500605ms ago: executing program 2 (id=6136):
r0 = gettid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r1}, 0x20)
recvmmsg(r1, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000001840)=""/4096, 0x1000}], 0x1}}], 0x1, 0x10003, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

229.191276ms ago: executing program 0 (id=6140):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000f000000050030000000000005002f00a005000008000300", @ANYRES32=r4], 0x2c}}, 0x0)

216.861596ms ago: executing program 2 (id=6141):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c9042, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x226140, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000002280)={'syzkaller0\x00', @random="2d311e000008"})

197.804976ms ago: executing program 4 (id=6142):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
close(0x3)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @remote}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmmsg$inet(r0, &(0x7f0000004ac0)=[{{0x0, 0x0, &(0x7f0000005580)=[{0x0}, {&(0x7f0000005380)="8745e9feb39f5af0f970", 0xa}], 0x2}}], 0x1, 0x4000000)

196.630126ms ago: executing program 0 (id=6143):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="81b641f1f3843704b6", 0x9}], 0x1}, 0x48005)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000900)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r3, {0xfffd, 0x2}, {0x2, 0x3}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x40840)

177.841577ms ago: executing program 4 (id=6144):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000000)='./file1\x00', 0x82)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x40400, 0x8)
fcntl$notify(r1, 0x402, 0x8000003b)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)

160.864127ms ago: executing program 4 (id=6145):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0)
clock_nanosleep(0x2, 0xfffffdfc, &(0x7f0000000080)={0x0, 0x989680}, 0x0)

137.436097ms ago: executing program 0 (id=6146):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x301040, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0x5, 0xfffffffa, 0x1, 0xb3a}, 0xb6, 0x1, 0xffff, 0x2, 0x508, 0x10, 0x1e, 0x1d, 0x5, 0xff, {0x6, 0x9c22, 0x9, 0x10, 0x4, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40008d1}, 0x0)

126.872837ms ago: executing program 2 (id=6147):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41100, 0x38, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a00)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425200000000000000008fa437e38b8200000000630000000000000000000000000000000000000000000000e91100000000ee65e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658020e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba042bb2617f5b3eb59efcdf3e9332827586e6be0cd2d7297ebd5716514942fd941c1152a8df17f7bf8d23188cc812736a6eb35f0004dde29f79717df9065381ba566751a8e1710210f00ca58ff481633fa3fbe088f86e336cce022c8e2233b79af7f3fb562f9863b2842df189b15ae659ffd7fb31258935a7d1eec82952520f62fbf0f4c8d879805ef3e6b576f5bac6cd8ad874081", @ANYRES16], 0x0, 0x11e6, &(0x7f0000002480)="$eJzs3E2LW1UcBvB/x76ZOpNRa7UF8aAb3VyaWbjRTZApSANK2witINw6NxpyTUJuGIiI1ZVbN+J3EJfuBHGnm9n4GdzNxmUX4hUTtZ0SkfFlAsPvt8kD5zzhHAKBE3Lu/sufvjfoVVkvn8baiROxNo5Id1OkWIs/fBQvvPTd909fv3nrarvT2b6W0pX2jdaLKaWNZ75584Mvn/12eu6Nrza+PhN7m2/t/7T1496FvYv7v9x4t1+lfpWGo2nK0+3RaJrfLou0068GWUqvl0VeFak/rIrJgfFeORqPZykf7qw3xpOiqlI+nKVBMUvTUZpOZil/J+8PU5Zlab0R/BvdL+7WdR1R16fidNR1XT8cjTgXj8R6bEQzNuPReCwej/PxRFyIJ+OpuDiftep1AwAAAAAAAAAAAAAAAAAAwPHi/j8AAAAAAAAAAAAAAAAAAACs3vWbt662O53taymdjSg/2e3udhevi/F2L/pRRhGXoxk/x/z2/8IiX3m1s305zW3Gx+Wd3/t3drsPHey35o8TWNpvLfrpYP9MNO7vb0Uzzi/vby3tn43nn7uvn0Uzfng7RlHGTvzWvdf/sJXSK691Huhfms8DAACA4yBLf1p6fs+yvxpf9A/x+8AD5+uTcenkavdORDV7f5CXZTH5z8OpWITT8c/e5/PPIv6XhQmC8Ldh1d9MHIV7H/qqVwIAAAAAAAAAAMBhHMXfCVe9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBXduBYAAAAAECYv3UaHRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//6HfTNQ==")
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)

71.755418ms ago: executing program 0 (id=6148):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x8000006}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x2007, 0x6361, 0x5, 0xfffffffd, 0x40000006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

59.745039ms ago: executing program 2 (id=6149):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
unshare(0x40000080)
syz_usb_disconnect(0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a01010000000000000000010000000900030073797a3100000000080007006e6174000900010073797a310000000014000480080002407c40280f080001"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

22.397489ms ago: executing program 0 (id=6150):
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000480)=@ccm_128={{0x303}, "7d671e204ef9f51d", "9ecc4b2b96d28df19c86b6842bbf27f7", "3b541451", "d838b3324f8ec67b"}, 0x28)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0xc000001)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@ccm_128={{0x304}, "097f00b800", "595786437e882122fba809000000e265", "0200f8c7", "47f47ac2f720d652"}, 0x28)

8.306079ms ago: executing program 0 (id=6151):
socket$tipc(0x1e, 0x5, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000, 0x0, 0x0, 0x0, 0x6}, 0x0, &(0x7f00000002c0)={0x3bf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffffffd, 0xfffffffffffffffc}, 0x0, 0x0)

0s ago: executing program 4 (id=6152):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
gettid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
fallocate(r1, 0x0, 0x2000000, 0x2c2)

kernel console output (not intermixed with test programs):

op6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.440764][T12849] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3896'.
[  140.822127][T12920] loop2: detected capacity change from 0 to 128
[  140.853344][T12920] EXT4-fs: Ignoring removed nobh option
[  140.875609][T12920] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  140.912951][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.953519][T12930] serio: Serial port ptm0
[  141.059524][T12947] hub 9-0:1.0: USB hub found
[  141.064336][T12947] hub 9-0:1.0: 8 ports detected
[  141.122120][T12954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3941'.
[  141.195197][T12965] 9pnet: p9_errstr2errno: server reported unknown error ��p��A���
���ʼn}dϲ#����=M���{t���&�ࡺ'��<���ףd��gC�Q�
,
[  141.314251][T12973] loop6: detected capacity change from 0 to 512
[  141.328413][T12973] EXT4-fs: Ignoring removed oldalloc option
[  141.351395][T12973] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.3950: Parent and EA inode have the same ino 15
[  141.369973][T12973] EXT4-fs error (device loop6): ext4_xattr_inode_iget:433: comm syz.6.3950: Parent and EA inode have the same ino 15
[  141.382572][T12973] EXT4-fs (loop6): 1 orphan inode deleted
[  141.390102][T12973] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.420262][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.483856][T12982] hub 6-0:1.0: USB hub found
[  141.489161][T12982] hub 6-0:1.0: 8 ports detected
[  141.540722][T12993] netlink: 'syz.0.3958': attribute type 4 has an invalid length.
[  141.573605][T12993] netlink: 'syz.0.3958': attribute type 4 has an invalid length.
[  142.346480][T13064] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3988'.
[  142.366122][T13064] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3988'.
[  142.494626][T13076] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  142.857966][T13106] loop5: detected capacity change from 0 to 128
[  142.893586][T13106] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.006579][ T5209] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.105528][T13125] pim6reg1: entered promiscuous mode
[  143.110968][T13125] pim6reg1: entered allmulticast mode
[  143.389184][T13153] netlink: 108 bytes leftover after parsing attributes in process `syz.5.4027'.
[  143.418865][T13155] pimreg: entered allmulticast mode
[  143.426918][T13155] pimreg: left allmulticast mode
[  143.464067][   T29] kauditd_printk_skb: 251 callbacks suppressed
[  143.464080][   T29] audit: type=1400 audit(143.443:3412): avc:  denied  { ioctl } for  pid=13158 comm="syz.5.4029" path="socket:[34762]" dev="sockfs" ino=34762 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  143.554137][T13165] loop6: detected capacity change from 0 to 512
[  143.588896][T13165] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  143.599035][T13165] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  143.608996][T13165] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4032: Failed to acquire dquot type 1
[  143.621756][   T29] audit: type=1400 audit(143.573:3413): avc:  denied  { mount } for  pid=13171 comm="syz.0.4034" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  143.643195][   T29] audit: type=1400 audit(143.583:3414): avc:  denied  { read } for  pid=13171 comm="syz.0.4034" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  143.665812][   T29] audit: type=1400 audit(143.583:3415): avc:  denied  { open } for  pid=13171 comm="syz.0.4034" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  143.669751][T13165] EXT4-fs (loop6): 1 truncate cleaned up
[  143.688948][   T29] audit: type=1400 audit(143.603:3416): avc:  denied  { ioctl } for  pid=13171 comm="syz.0.4034" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  143.689195][   T29] audit: type=1400 audit(143.603:3417): avc:  denied  { unmount } for  pid=9656 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  143.745665][T13165] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.749453][   T29] audit: type=1400 audit(143.723:3418): avc:  denied  { setopt } for  pid=13175 comm="syz.5.4037" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  143.847015][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.931639][   T29] audit: type=1326 audit(143.913:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13178 comm="syz.5.4038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f48e1e9a9 code=0x7fc00000
[  143.958427][   T23] kernel write not supported for file /409/attr/exec (pid: 23 comm: kworker/1:0)
[  144.282148][T13226] netlink: 664 bytes leftover after parsing attributes in process `syz.2.4058'.
[  144.334588][T13232] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  144.355173][T13232] SELinux: failed to load policy
[  144.380160][T13234] loop6: detected capacity change from 0 to 164
[  144.550369][T13262] netlink: 'syz.2.4076': attribute type 1 has an invalid length.
[  144.570456][T13264] loop6: detected capacity change from 0 to 512
[  144.590887][T13264] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  144.600803][T13264] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[  144.623308][T13262] netlink: 'syz.2.4076': attribute type 1 has an invalid length.
[  144.670390][T13264] netlink: zone id is out of range
[  144.675619][T13264] netlink: zone id is out of range
[  144.680868][T13264] netlink: zone id is out of range
[  144.685971][T13264] netlink: zone id is out of range
[  144.691125][T13264] netlink: zone id is out of range
[  144.696296][T13264] netlink: zone id is out of range
[  144.701407][T13264] netlink: zone id is out of range
[  144.706596][T13264] netlink: zone id is out of range
[  144.711765][T13264] netlink: zone id is out of range
[  144.716868][T13264] netlink: zone id is out of range
[  145.189370][T13336] loop2: detected capacity change from 0 to 512
[  145.205966][T13336] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  145.227120][T13336] EXT4-fs (loop2): 1 truncate cleaned up
[  145.237173][T13336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.281532][T13346] loop6: detected capacity change from 0 to 512
[  145.309597][T13346] EXT4-fs: Ignoring removed nomblk_io_submit option
[  145.336978][T13346] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  145.391343][T13346] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.413015][T13346] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  145.435078][T13356] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.4115'.
[  145.504982][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.523805][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.610089][T13372] netlink: 92 bytes leftover after parsing attributes in process `syz.6.4118'.
[  145.619214][T13372] netem: unknown loss type 0
[  145.623860][T13372] netem: change failed
[  145.649265][T13379] 9pnet_fd: Insufficient options for proto=fd
[  145.668219][T13367] SELinux: failed to load policy
[  146.340160][T13408] loop5: detected capacity change from 0 to 1024
[  146.346846][T13408] EXT4-fs: Ignoring removed nobh option
[  146.355615][T13408] EXT4-fs: Ignoring removed oldalloc option
[  146.365888][T13408] EXT4-fs: Ignoring removed orlov option
[  146.377480][T13408] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.570850][T13424] 9pnet_virtio: no channels available for device syz
[  146.957711][T13438] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  147.060602][T13450] loop6: detected capacity change from 0 to 1024
[  147.067939][T13450] EXT4-fs: Ignoring removed bh option
[  147.081063][T13450] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.102077][T13450] EXT4-fs error (device loop6): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  147.134403][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.155763][T13458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4157'.
[  147.180046][ T5209] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.375783][T13475] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  147.467404][T13479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4164'.
[  147.510015][T13479] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4164'.
[  147.645807][T13499] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4185'.
[  147.716812][T13506] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  148.553525][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  148.553538][   T29] audit: type=1400 audit(148.533:3591): avc:  denied  { sys_module } for  pid=13538 comm="syz.4.4193" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  148.718040][T13557] SELinux: syz.6.4199 (13557) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  148.739672][T13556] block device autoloading is deprecated and will be removed.
[  148.787612][   T29] audit: type=1400 audit(148.763:3592): avc:  denied  { create } for  pid=13560 comm="syz.2.4203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  148.828549][   T29] audit: type=1400 audit(148.793:3593): avc:  denied  { setopt } for  pid=13560 comm="syz.2.4203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  148.847436][   T29] audit: type=1400 audit(148.793:3594): avc:  denied  { connect } for  pid=13560 comm="syz.2.4203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  148.944566][   T29] audit: type=1400 audit(148.923:3595): avc:  denied  { read write } for  pid=9656 comm="syz-executor" name="loop0" dev="devtmpfs" ino=874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  148.967366][   T29] audit: type=1400 audit(148.923:3596): avc:  denied  { open } for  pid=9656 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  148.989927][   T29] audit: type=1400 audit(148.923:3597): avc:  denied  { ioctl } for  pid=9656 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=874 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  149.127155][   T29] audit: type=1326 audit(149.093:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13581 comm="syz.6.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30263de9a9 code=0x7ffc0000
[  149.150075][   T29] audit: type=1326 audit(149.093:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13581 comm="syz.6.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30263de9a9 code=0x7ffc0000
[  149.173020][   T29] audit: type=1326 audit(149.093:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13581 comm="syz.6.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f30263de9a9 code=0x7ffc0000
[  149.285026][T13596] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4217'.
[  149.288557][T13598] loop6: detected capacity change from 0 to 2048
[  149.310895][T13598] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  149.409730][T13611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4225'.
[  149.411034][T13598] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  149.435503][T13598] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1296 with error 28
[  149.438228][T13611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4225'.
[  149.448091][T13598] EXT4-fs (loop6): This should not happen!! Data will be lost
[  149.448091][T13598] 
[  149.466484][T13598] EXT4-fs (loop6): Total free blocks count 0
[  149.472497][T13598] EXT4-fs (loop6): Free/Dirty block details
[  149.478456][T13598] EXT4-fs (loop6): free_blocks=2415919104
[  149.484174][T13598] EXT4-fs (loop6): dirty_blocks=1312
[  149.489529][T13598] EXT4-fs (loop6): Block reservation details
[  149.495552][T13598] EXT4-fs (loop6): i_reserved_data_blocks=82
[  149.604099][ T4252] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  149.658889][T13621] netdevsim netdevsim2: Direct firmware load for  failed with error -2
[  149.739199][T13629] loop6: detected capacity change from 0 to 2048
[  149.846190][T13629] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.050239][T13625] net_ratelimit: 138 callbacks suppressed
[  150.050255][T13625] Set syz1 is full, maxelem 65536 reached
[  150.254185][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.280438][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4248'.
[  150.295464][T13668] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4248'.
[  150.387359][T13682] raw_sendmsg: syz.5.4256 forgot to set AF_INET. Fix it!
[  150.468265][T13688] SELinux:  Context system_u:object_r:ifconfig_exec_t:s0 is not valid (left unmapped).
[  150.496002][T13695] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4262'.
[  150.508192][T13695] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4262'.
[  150.556892][T13699] SELinux: syz.5.4263 (13699) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  150.679938][T13707] loop5: detected capacity change from 0 to 256
[  150.790064][T13715] netlink: 'syz.5.4272': attribute type 10 has an invalid length.
[  150.816030][T13715] 8021q: adding VLAN 0 to HW filter on device team0
[  150.831439][T13715] bond0: (slave team0): Enslaving as an active interface with an up link
[  151.405934][T13732] Set syz1 is full, maxelem 65536 reached
[  151.529811][T13747] 9pnet_virtio: no channels available for device syz
[  151.601842][ T4184] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.670907][ T4184] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.761597][ T4184] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.815180][ T4184] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.034860][ T4184] batadv1: left allmulticast mode
[  152.040116][ T4184] batadv1: left promiscuous mode
[  152.045193][ T4184] bridge0: port 1(batadv1) entered disabled state
[  152.117308][T13778] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4298'.
[  152.130412][ T4184] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  152.206075][ T4184] batman_adv: batadv0: Removing interface: ip6gretap1
[  152.271057][ T4184] bond0 (unregistering): Released all slaves
[  152.287393][ T4184] bond1 (unregistering): Released all slaves
[  152.304059][ T4184] bond2 (unregistering): Released all slaves
[  152.409731][T13753] chnl_net:caif_netlink_parms(): no params data found
[  152.500510][T13802] loop0: detected capacity change from 0 to 512
[  152.526977][ T4184] hsr_slave_1: left promiscuous mode
[  152.548464][ T4184] veth1_macvtap: left promiscuous mode
[  152.557971][ T4184] veth0_macvtap: left promiscuous mode
[  152.563525][ T4184] veth1_vlan: left promiscuous mode
[  152.612267][ T4184] pim6reg9 (unregistering): left allmulticast mode
[  152.658587][ T4222] smc: removing ib device syz!
[  152.686864][T13753] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.694303][T13753] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.703679][T13753] bridge_slave_0: entered allmulticast mode
[  152.712264][T13753] bridge_slave_0: entered promiscuous mode
[  152.719885][T13753] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.726929][T13753] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.734163][T13753] bridge_slave_1: entered allmulticast mode
[  152.740692][T13753] bridge_slave_1: entered promiscuous mode
[  152.796208][T13753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.822756][T13753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.853974][T13753] team0: Port device team_slave_0 added
[  152.862940][T13753] team0: Port device team_slave_1 added
[  152.900480][T13753] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.907482][T13753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.933577][T13753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  152.998954][T13753] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.005927][T13753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.032016][T13753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.127045][T13753] hsr_slave_0: entered promiscuous mode
[  153.134630][T13753] hsr_slave_1: entered promiscuous mode
[  153.149398][T13753] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  153.157079][T13753] Cannot create hsr debugfs directory
[  153.186039][T13839] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4317'.
[  153.432319][T13753] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  153.445938][T13753] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  153.454806][T13753] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  153.465333][T13753] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  153.499982][T13853] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4322'.
[  153.522089][T13753] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.541230][T13753] 8021q: adding VLAN 0 to HW filter on device team0
[  153.551068][ T4184] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.558126][ T4184] bridge0: port 1(bridge_slave_0) entered forwarding state
[  153.571420][ T4198] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.578496][ T4198] bridge0: port 2(bridge_slave_1) entered forwarding state
[  153.653300][T13753] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.721676][T13753] veth0_vlan: entered promiscuous mode
[  153.730182][T13753] veth1_vlan: entered promiscuous mode
[  153.749045][T13753] veth0_macvtap: entered promiscuous mode
[  153.763550][T13753] veth1_macvtap: entered promiscuous mode
[  153.773892][T13753] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.784401][T13753] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.794362][T13753] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.803060][T13753] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.811836][T13753] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.820644][T13753] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.838530][   T29] kauditd_printk_skb: 118 callbacks suppressed
[  153.838540][   T29] audit: type=1400 audit(153.823:3719): avc:  denied  { mounton } for  pid=13753 comm="syz-executor" path="/root/syzkaller.4xv3e3/syz-tmp" dev="sda1" ino=2053 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  153.868727][   T29] audit: type=1400 audit(153.823:3720): avc:  denied  { mount } for  pid=13753 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  153.890204][   T29] audit: type=1400 audit(153.823:3721): avc:  denied  { mounton } for  pid=13753 comm="syz-executor" path="/root/syzkaller.4xv3e3/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  153.916431][   T29] audit: type=1400 audit(153.823:3722): avc:  denied  { mounton } for  pid=13753 comm="syz-executor" path="/root/syzkaller.4xv3e3/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=38300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  153.943810][   T29] audit: type=1400 audit(153.853:3723): avc:  denied  { mounton } for  pid=13753 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  153.966171][   T29] audit: type=1400 audit(153.853:3724): avc:  denied  { mount } for  pid=13753 comm="syz-executor" name="/" dev="gadgetfs" ino=4186 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  154.019332][   T29] audit: type=1326 audit(154.003:3725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.4.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  154.081924][T13880] program syz.2.4328 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.091706][   T29] audit: type=1326 audit(154.033:3726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.4.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  154.114700][   T29] audit: type=1326 audit(154.033:3727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.4.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f82d60de9e3 code=0x7ffc0000
[  154.137461][   T29] audit: type=1326 audit(154.033:3728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.4.4327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f82d60dd45f code=0x7ffc0000
[  154.404644][T13916] loop6: detected capacity change from 0 to 1024
[  154.464796][T13916] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  154.500908][T13916] EXT4-fs error (device loop6): ext4_map_blocks:816: inode #3: block 1: comm syz.6.4345: lblock 1 mapped to illegal pblock 1 (length 1)
[  154.573483][T13916] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.4345: Failed to acquire dquot type 0
[  154.624422][T13927] syz.0.4346 (13927) used obsolete PPPIOCDETACH ioctl
[  154.712571][T13935] loop5: detected capacity change from 0 to 512
[  154.730342][T13916] EXT4-fs error (device loop6): ext4_free_blocks:6587: comm syz.6.4345: Freeing blocks not in datazone - block = 0, count = 4096
[  154.758713][T13935] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  154.784370][T13935] EXT4-fs (loop5): 1 truncate cleaned up
[  154.791150][T13916] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.4345: Invalid inode bitmap blk 0 in block_group 0
[  154.791508][T13935] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.826419][ T4222] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:42: lblock 1 mapped to illegal pblock 1 (length 1)
[  154.851220][T13916] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem
[  154.871376][ T4222] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:42: Failed to release dquot type 0
[  154.889005][T13916] EXT4-fs (loop6): 1 orphan inode deleted
[  154.895359][T13916] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.928145][T13935] loop5: detected capacity change from 512 to 0
[  154.936848][T13935] bio_check_eod: 14324 callbacks suppressed
[  154.936861][T13935] syz.5.4353: attempt to access beyond end of device
[  154.936861][T13935] loop5: rw=524288, sector=10, nr_sectors = 2 limit=0
[  154.959992][T13935] syz.5.4353: attempt to access beyond end of device
[  154.959992][T13935] loop5: rw=524288, sector=12, nr_sectors = 2 limit=0
[  154.978374][T13935] syz.5.4353: attempt to access beyond end of device
[  154.978374][T13935] loop5: rw=524288, sector=16, nr_sectors = 2 limit=0
[  154.992215][T13935] syz.5.4353: attempt to access beyond end of device
[  154.992215][T13935] loop5: rw=524288, sector=18, nr_sectors = 2 limit=0
[  155.006710][T13935] syz.5.4353: attempt to access beyond end of device
[  155.006710][T13935] loop5: rw=12288, sector=14, nr_sectors = 2 limit=0
[  155.023954][T13935] EXT4-fs error (device loop5): __ext4_get_inode_loc_noinmem:4915: inode #11: block 7: comm syz.5.4353: unable to read itable block
[  155.049711][T13935] syz.5.4353: attempt to access beyond end of device
[  155.049711][T13935] loop5: rw=145409, sector=2, nr_sectors = 2 limit=0
[  155.063067][T13935] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[  155.064882][T13916] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.073061][T13935] EXT4-fs (loop5): I/O error while writing superblock
[  155.142072][T13962] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4362'.
[  155.151959][ T5209] syz-executor: attempt to access beyond end of device
[  155.151959][ T5209] loop5: rw=12288, sector=26, nr_sectors = 2 limit=0
[  155.187542][ T5209] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.206339][ T5209] syz-executor: attempt to access beyond end of device
[  155.206339][ T5209] loop5: rw=145409, sector=2, nr_sectors = 2 limit=0
[  155.219788][ T5209] Buffer I/O error on dev loop5, logical block 1, lost sync page write
[  155.229982][ T5209] EXT4-fs (loop5): I/O error while writing superblock
[  155.449713][T13991] loop6: detected capacity change from 0 to 512
[  155.462428][ T4222] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.472809][ T4222] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.505685][T13991] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.636960][ T4222] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.647416][ T4222] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.670475][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.775341][    T9] kernel write not supported for file /44/attr/exec (pid: 9 comm: kworker/0:0)
[  155.786427][ T4222] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.796809][ T4222] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.878851][ T4222] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  155.889245][ T4222] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.981331][ T4222] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  156.076504][ T4222] batman_adv: batadv0: Removing interface: ip6gretap1
[  156.199983][ T4222] bond0 (unregistering): (slave team0): Releasing backup interface
[  156.208953][ T4222] bond0 (unregistering): Released all slaves
[  156.217134][ T4222] bond1 (unregistering): Released all slaves
[  156.241575][T14057] netlink: 'syz.2.4401': attribute type 16 has an invalid length.
[  156.249502][T14057] netlink: 'syz.2.4401': attribute type 17 has an invalid length.
[  156.294053][T14057] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  156.333314][T14061] ip6gretap0: entered promiscuous mode
[  156.341654][T14061] ip6gretap0: left promiscuous mode
[  156.355503][ T4222] hsr_slave_0: left promiscuous mode
[  156.361181][ T4222] hsr_slave_1: left promiscuous mode
[  156.369201][ T4222] veth1_macvtap: left promiscuous mode
[  156.374733][ T4222] veth0_macvtap: left promiscuous mode
[  156.380616][ T4222] veth1_vlan: left promiscuous mode
[  156.385840][ T4222] veth0_vlan: left promiscuous mode
[  156.539799][T14014] chnl_net:caif_netlink_parms(): no params data found
[  156.593722][T14079] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4409'.
[  156.709661][T14014] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.716816][T14014] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.752461][T14014] bridge_slave_0: entered allmulticast mode
[  156.767107][T14014] bridge_slave_0: entered promiscuous mode
[  156.783161][T14014] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.790433][T14014] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.802300][T14014] bridge_slave_1: entered allmulticast mode
[  156.809240][T14014] bridge_slave_1: entered promiscuous mode
[  156.821445][T14098] serio: Serial port ptm0
[  156.840367][T14014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.855414][T14014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.922662][T14014] team0: Port device team_slave_0 added
[  156.939765][T14014] team0: Port device team_slave_1 added
[  157.001884][T14014] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.008879][T14014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.034997][T14014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.046380][T14014] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.053483][T14014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.079492][T14014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.115242][T14014] hsr_slave_0: entered promiscuous mode
[  157.123684][T14014] hsr_slave_1: entered promiscuous mode
[  157.129635][T14014] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.137217][T14014] Cannot create hsr debugfs directory
[  157.143108][T14115] Falling back ldisc for ttyS3.
[  157.268418][T14014] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  157.276033][T14130] loop0: detected capacity change from 0 to 764
[  157.284591][T14014] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  157.292786][T14130] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  157.302959][T14130] binfmt_misc: register: failed to install interpreter file ./file2
[  157.304023][T14014] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  157.327576][T14014] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  157.394614][T14014] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.414738][T14014] 8021q: adding VLAN 0 to HW filter on device team0
[  157.428802][ T4222] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.435886][ T4222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.448913][ T4202] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.455955][ T4202] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.543266][T14014] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.708983][T14014] veth0_vlan: entered promiscuous mode
[  157.716364][T14014] veth1_vlan: entered promiscuous mode
[  157.741748][T14014] veth0_macvtap: entered promiscuous mode
[  157.751675][T14014] veth1_macvtap: entered promiscuous mode
[  157.770824][T14014] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.784278][T14014] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.804895][T14014] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.813775][T14014] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.822518][T14014] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.831331][T14014] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.875146][T14178] netlink: 'syz.6.4441': attribute type 1 has an invalid length.
[  157.898614][T14178] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.918614][T14178] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4441'.
[  157.954682][T14178] bond1 (unregistering): Released all slaves
[  158.009763][T14198] ip6gretap0: entered promiscuous mode
[  158.019569][T14198] ip6gretap0: left promiscuous mode
[  158.037733][T14201] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4450'.
[  158.060280][T14205] loop7: detected capacity change from 0 to 256
[  158.072797][T14205] FAT-fs (loop7): Directory bread(block 64) failed
[  158.079554][T14205] FAT-fs (loop7): Directory bread(block 65) failed
[  158.086076][T14205] FAT-fs (loop7): Directory bread(block 66) failed
[  158.092693][T14205] FAT-fs (loop7): Directory bread(block 67) failed
[  158.099222][T14205] FAT-fs (loop7): Directory bread(block 68) failed
[  158.105913][T14205] FAT-fs (loop7): Directory bread(block 69) failed
[  158.112614][T14205] FAT-fs (loop7): Directory bread(block 70) failed
[  158.119889][T14205] FAT-fs (loop7): Directory bread(block 71) failed
[  158.126477][T14205] FAT-fs (loop7): Directory bread(block 72) failed
[  158.133585][T14205] FAT-fs (loop7): Directory bread(block 73) failed
[  158.225835][T14228] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4463'.
[  158.277338][T14234] loop7: detected capacity change from 0 to 764
[  158.285657][T14234] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  158.295426][T14234] binfmt_misc: register: failed to install interpreter file ./file2
[  158.560941][T14256] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  158.572620][T14255] IPVS: stopping master sync thread 14256 ...
[  158.614266][T14267] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4481'.
[  158.623882][T14267] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4481'.
[  158.717110][T14270] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.725772][T14270] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.734319][T14270] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.742904][T14270] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  158.752147][T14270] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.760557][T14270] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.769003][T14270] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.777348][T14270] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.786507][T14270] erspan0: left allmulticast mode
[  158.850877][T14278] ip6gretap0: entered promiscuous mode
[  158.863104][T14278] ip6gretap0: left promiscuous mode
[  158.907253][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  158.907264][   T29] audit: type=1400 audit(158.883:3853): avc:  denied  { relabelfrom } for  pid=14290 comm="syz.0.4492" name="" dev="pipefs" ino=40307 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  158.917867][T14291] SELinux:  Context system_u:object_r:utempter_exec_t:s0 is not valid (left unmapped).
[  158.955852][   T29] audit: type=1400 audit(158.933:3854): avc:  denied  { relabelto } for  pid=14290 comm="syz.0.4492" name="" dev="pipefs" ino=40307 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:utempter_exec_t:s0"
[  159.068976][T14311] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4500'.
[  159.469984][T14357] ip6gretap0: entered promiscuous mode
[  159.476928][T14357] ip6gretap0: left promiscuous mode
[  159.592488][   T29] audit: type=1400 audit(159.573:3855): avc:  denied  { read } for  pid=14381 comm="syz.2.4533" name="event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  159.615161][   T29] audit: type=1400 audit(159.573:3856): avc:  denied  { open } for  pid=14381 comm="syz.2.4533" path="/dev/input/event1" dev="devtmpfs" ino=243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  159.640234][   T29] audit: type=1400 audit(159.573:3857): avc:  denied  { create } for  pid=14381 comm="syz.2.4533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  159.640895][T14378] vhci_hcd: invalid port number 96
[  159.659789][   T29] audit: type=1400 audit(159.573:3858): avc:  denied  { bind } for  pid=14381 comm="syz.2.4533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  159.664877][T14378] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  159.684142][   T29] audit: type=1400 audit(159.573:3859): avc:  denied  { connect } for  pid=14381 comm="syz.2.4533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  159.710790][   T29] audit: type=1400 audit(159.573:3860): avc:  denied  { write } for  pid=14381 comm="syz.2.4533" path="socket:[40427]" dev="sockfs" ino=40427 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  159.749135][T14386] netlink: 'syz.4.4534': attribute type 1 has an invalid length.
[  159.767363][T14386] 8021q: adding VLAN 0 to HW filter on device bond1
[  159.775059][T14389] netlink: 'syz.0.4535': attribute type 6 has an invalid length.
[  159.780476][T14386] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4534'.
[  159.782850][T14389] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4535'.
[  159.805570][T14386] bond1 (unregistering): Released all slaves
[  159.853272][T14396] loop0: detected capacity change from 0 to 2048
[  159.864513][T14398] pimreg: entered allmulticast mode
[  159.870844][T14398] pimreg: left allmulticast mode
[  159.871717][T14396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.909925][ T9656] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  159.935164][   T29] audit: type=1400 audit(159.893:3861): avc:  denied  { remove_name } for  pid=9656 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  159.943893][ T9656] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  159.957831][   T29] audit: type=1400 audit(159.893:3862): avc:  denied  { rmdir } for  pid=9656 comm="syz-executor" name="lost+found" dev="loop0" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  160.013197][ T9656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.015233][T14409] loop7: detected capacity change from 0 to 2048
[  160.046941][T14409] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.068767][T14409] EXT4-fs (loop7): shut down requested (0)
[  160.084920][T14423] netlink: 'syz.2.4550': attribute type 6 has an invalid length.
[  160.115019][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.163601][T14436] netlink: 'syz.7.4551': attribute type 1 has an invalid length.
[  160.172261][T14436] __nla_validate_parse: 7 callbacks suppressed
[  160.172272][T14436] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4551'.
[  160.195332][T14436] hsr_slave_0 (unregistering): left promiscuous mode
[  160.309247][T14450] lo speed is unknown, defaulting to 1000
[  160.315185][T14450] lo speed is unknown, defaulting to 1000
[  160.322409][T14450] lo speed is unknown, defaulting to 1000
[  160.328937][T14450] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  160.343447][T14450] lo speed is unknown, defaulting to 1000
[  160.349477][T14450] lo speed is unknown, defaulting to 1000
[  160.355585][T14450] lo speed is unknown, defaulting to 1000
[  160.363044][T14450] lo speed is unknown, defaulting to 1000
[  160.370127][T14450] lo speed is unknown, defaulting to 1000
[  160.376359][T14450] lo speed is unknown, defaulting to 1000
[  160.382592][T14450] lo speed is unknown, defaulting to 1000
[  160.543508][T14487] xt_hashlimit: max too large, truncated to 1048576
[  160.557540][T14488] siw: device registration error -23
[  160.955712][T14519] siw: device registration error -23
[  161.659328][T14585] futex_wake_op: syz.2.4624 tries to shift op by -1; fix this program
[  161.881934][T14604] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4632'.
[  161.891967][T14604] 0��{X��: renamed from gretap0
[  161.899461][T14604] 0��{X��: entered allmulticast mode
[  161.906160][T14604] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  162.131514][T14637] netlink: 'syz.0.4646': attribute type 1 has an invalid length.
[  162.175021][T14637] 8021q: adding VLAN 0 to HW filter on device bond1
[  162.191383][T14637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4646'.
[  162.208303][T14637] bond1 (unregistering): Released all slaves
[  162.222582][T14645] xt_hashlimit: max too large, truncated to 1048576
[  162.260133][T14653] loop7: detected capacity change from 0 to 1024
[  162.266832][T14653] EXT4-fs: Ignoring removed bh option
[  162.281733][T14653] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  162.303423][T14660] loop0: detected capacity change from 0 to 512
[  162.310454][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  162.311421][T14660] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  162.331189][T14660] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[  162.341266][T14660] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4655: Corrupt directory, running e2fsck is recommended
[  162.354831][T14660] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  162.363969][T14660] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4655: corrupted in-inode xattr: invalid ea_ino
[  162.380636][T14660] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4655: couldn't read orphan inode 15 (err -117)
[  162.401379][T14660] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.418706][T14660] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  162.430281][T14660] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[  162.440390][T14660] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4655: Corrupt directory, running e2fsck is recommended
[  162.441613][T14667] loop7: detected capacity change from 0 to 512
[  162.454199][T14660] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  162.471107][T14660] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[  162.481202][T14660] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4655: Corrupt directory, running e2fsck is recommended
[  162.482587][T14667] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  162.496091][T14660] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  162.517438][T14660] EXT4-fs warning (device loop0): dx_probe:849: Enable large directory feature to access it
[  162.527553][T14660] EXT4-fs warning (device loop0): dx_probe:934: inode #2: comm syz.0.4655: Corrupt directory, running e2fsck is recommended
[  162.551300][T14660] EXT4-fs warning (device loop0): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  162.563322][T14660] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz.0.4655: path /407/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  162.629967][T14674] netlink: 532 bytes leftover after parsing attributes in process `syz.7.4662'.
[  162.640253][T14660] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 64: comm syz.0.4655: path /407/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  162.673412][T14674] lo speed is unknown, defaulting to 1000
[  162.725393][T14687] netlink: 'syz.2.4667': attribute type 1 has an invalid length.
[  162.740161][T14687] 8021q: adding VLAN 0 to HW filter on device bond1
[  162.752233][ T9656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.754089][T14687] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4667'.
[  162.777563][T14687] bond1 (unregistering): Released all slaves
[  162.871897][T14702] xt_CT: No such helper "pptp"
[  162.873286][T14707] SELinux: failed to load policy
[  162.947052][T14719] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14719 comm=syz.0.4682
[  163.004979][T14728] netlink: 'syz.2.4687': attribute type 1 has an invalid length.
[  163.032300][T14728] 8021q: adding VLAN 0 to HW filter on device bond1
[  163.050312][T14728] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4687'.
[  163.084593][T14728] bond1 (unregistering): Released all slaves
[  163.098989][T14739] vlan2: entered allmulticast mode
[  163.104755][T14741] netlink: 5 bytes leftover after parsing attributes in process `syz.6.4693'.
[  163.117109][T14741] 0��{X��: renamed from gretap0 (while UP)
[  163.129575][T14741] 0��{X��: entered allmulticast mode
[  163.135718][T14741] A link change request failed with some changes committed already. Interface 
30��{X�� may have been left with an inconsistent configuration, please check.
[  163.186832][T14747] loop6: detected capacity change from 0 to 512
[  163.213286][T14747] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.227512][T14747] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4696: corrupted inode contents
[  163.241491][T14747] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.4696: mark_inode_dirty error
[  163.253630][T14747] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4696: corrupted inode contents
[  163.269461][T14752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4697'.
[  163.310825][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.467346][ T4222] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x4b
[  164.011981][   T29] kauditd_printk_skb: 96 callbacks suppressed
[  164.011994][   T29] audit: type=1326 audit(163.993:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.4.4720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  164.023011][T14808] lo speed is unknown, defaulting to 1000
[  164.041011][   T29] audit: type=1326 audit(163.993:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.4.4720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  164.055946][   T29] audit: type=1326 audit(163.993:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.4.4720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  164.103541][   T29] audit: type=1326 audit(164.083:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.4.4720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  164.126444][   T29] audit: type=1326 audit(164.083:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14807 comm="syz.4.4720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  164.225213][T14814] netlink: 'syz.4.4723': attribute type 1 has an invalid length.
[  164.241403][T14814] 8021q: adding VLAN 0 to HW filter on device bond1
[  164.255955][T14814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4723'.
[  164.267464][T14814] bond1 (unregistering): Released all slaves
[  164.391372][   T36] IPVS: starting estimator thread 0...
[  164.401386][T14827] loop7: detected capacity change from 0 to 512
[  164.419675][T14827] EXT4-fs: Ignoring removed nomblk_io_submit option
[  164.426318][T14827] ext4: Unknown parameter 'noacl'
[  164.482283][   T29] audit: type=1400 audit(164.453:3964): avc:  denied  { append } for  pid=14836 comm="syz.7.4734" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  164.507872][T14824] IPVS: using max 2592 ests per chain, 129600 per kthread
[  164.589213][T14847] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  164.599706][T14847] SELinux: failed to load policy
[  164.613647][T14852] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4740'.
[  164.644665][   T29] audit: type=1400 audit(164.623:3965): avc:  denied  { write } for  pid=14853 comm="syz.2.4741" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  164.670688][   T29] audit: type=1400 audit(164.623:3966): avc:  denied  { read write } for  pid=14853 comm="syz.2.4741" name="uhid" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  164.678226][ T3365] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  164.693676][   T29] audit: type=1400 audit(164.623:3967): avc:  denied  { open } for  pid=14853 comm="syz.2.4741" path="/dev/uhid" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  164.724113][ T3365] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  164.771731][T14861] sch_tbf: burst 0 is lower than device lo mtu (16) !
[  164.788134][   T29] audit: type=1326 audit(164.773:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14862 comm="syz.6.4745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30263de9a9 code=0x7ffc0000
[  164.847543][T14869] loop6: detected capacity change from 0 to 2048
[  164.871447][T14869] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.909172][T14869] loop6: detected capacity change from 2048 to 64
[  164.943859][T10575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.963189][T14877] kmmpd-loop6: attempt to access beyond end of device
[  164.963189][T14877] loop6: rw=14337, sector=256, nr_sectors = 4 limit=64
[  164.976803][T14877] Buffer I/O error on dev loop6, logical block 64, lost sync page write
[  165.127893][T14892] Falling back ldisc for ttyS3.
[  165.158684][ T1971] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.200312][ T1971] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.234176][T14902] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  165.250100][T14902] SELinux: failed to load policy
[  165.269287][ T1971] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.301711][T14906] __nla_validate_parse: 2 callbacks suppressed
[  165.301725][T14906] netlink: 532 bytes leftover after parsing attributes in process `syz.0.4766'.
[  165.329550][ T1971] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.372878][T14906] lo speed is unknown, defaulting to 1000
[  165.452354][ T1971] bridge_slave_1: left allmulticast mode
[  165.458105][ T1971] bridge_slave_1: left promiscuous mode
[  165.463736][ T1971] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.484049][ T1971] bridge_slave_0: left allmulticast mode
[  165.489752][ T1971] bridge_slave_0: left promiscuous mode
[  165.495654][ T1971] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.513002][ T1971] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  165.580321][ T1971] batman_adv: batadv0: Removing interface: ip6gretap1
[  165.661938][ T1971] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  165.672464][ T1971] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  165.683415][ T1971] bond0 (unregistering): Released all slaves
[  165.733086][ T1971] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  165.740520][ T1971] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.754223][ T1971] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.761713][ T1971] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.784433][ T1971] veth1_macvtap: left promiscuous mode
[  165.813533][ T1971] veth0_macvtap: left promiscuous mode
[  165.831537][ T1971] veth1_vlan: left promiscuous mode
[  165.859677][ T1971] veth0_vlan: left promiscuous mode
[  165.997512][ T1971] team0 (unregistering): Port device team_slave_1 removed
[  166.016014][ T1971] team0 (unregistering): Port device team_slave_0 removed
[  166.259919][T14914] lo speed is unknown, defaulting to 1000
[  166.360274][T14914] chnl_net:caif_netlink_parms(): no params data found
[  166.423043][T14914] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.424091][ T1971] IPVS: stop unused estimator thread 0...
[  166.430169][T14914] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.473076][T14914] bridge_slave_0: entered allmulticast mode
[  166.488332][T14914] bridge_slave_0: entered promiscuous mode
[  166.501882][T14914] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.508998][T14914] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.536071][T14914] bridge_slave_1: entered allmulticast mode
[  166.551525][T14914] bridge_slave_1: entered promiscuous mode
[  166.574274][T14914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.587026][T14914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  166.635886][T14914] team0: Port device team_slave_0 added
[  166.651428][T14914] team0: Port device team_slave_1 added
[  166.696222][T14914] batman_adv: batadv0: Adding interface: batadv_slave_0
[  166.703216][T14914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.729395][T14914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  166.748506][T14914] batman_adv: batadv0: Adding interface: batadv_slave_1
[  166.755539][T14914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  166.781499][T14914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.833984][T14914] hsr_slave_0: entered promiscuous mode
[  166.852019][T14914] hsr_slave_1: entered promiscuous mode
[  166.864877][T14914] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  166.898900][T14914] Cannot create hsr debugfs directory
[  167.021330][T14914] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  167.030063][T14914] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  167.045658][T14914] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  167.060369][T14914] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  167.125103][T14914] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.132247][T14914] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.139579][T14914] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.146645][T14914] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.204013][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.223105][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.229228][T14990] tipc: Failed to remove unknown binding: 66,1,1/0:1679736040/1679736042
[  167.238728][T14990] tipc: Failed to remove unknown binding: 66,1,1/0:1679736040/1679736042
[  167.315322][T14914] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.349585][T14914] 8021q: adding VLAN 0 to HW filter on device team0
[  167.360408][  T172] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.367462][  T172] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.386632][  T172] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.393702][  T172] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.414328][T14914] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  167.424698][T14914] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  167.607699][T14914] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.805490][T14914] veth0_vlan: entered promiscuous mode
[  167.821501][T14914] veth1_vlan: entered promiscuous mode
[  167.865022][T14914] veth0_macvtap: entered promiscuous mode
[  167.886447][T14914] veth1_macvtap: entered promiscuous mode
[  167.908856][T14914] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.922651][T14914] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.951046][T14914] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.959924][T14914] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.968721][T14914] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.977415][T14914] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.085987][T15063] lo speed is unknown, defaulting to 1000
[  168.112108][T15066] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4824'.
[  168.194278][T15076] loop7: detected capacity change from 0 to 1024
[  168.201717][T15076] EXT4-fs: inline encryption not supported
[  168.207702][T15076] EXT4-fs: Ignoring removed bh option
[  168.220801][T15076] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.259197][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.268399][T15086] loop8: detected capacity change from 0 to 1024
[  168.277285][T15086] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.316355][T14914] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.339329][T15097] atomic_op ffff8881380bdd28 conn xmit_atomic 0000000000000000
[  168.365808][T15101] netlink: 197276 bytes leftover after parsing attributes in process `syz.8.4836'.
[  168.403110][T15108] loop7: detected capacity change from 0 to 164
[  168.411174][T15108] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  168.472314][T15110] SELinux: ebitmap start bit (132096) is beyond the end of the bitmap (1472)
[  168.500648][T15110] SELinux: failed to load policy
[  168.541667][T15118] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  168.556023][T15122] loop0: detected capacity change from 0 to 512
[  168.568619][T15120] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15120 comm=syz.8.4845
[  168.580962][T15118] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  168.614938][T15122] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  168.631635][T15128] loop7: detected capacity change from 0 to 128
[  168.638954][T15128] EXT4-fs: Ignoring removed nobh option
[  168.644382][T15122] EXT4-fs (loop0): mount failed
[  168.651765][T15128] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.705849][T14014] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.761002][T15151] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4858'.
[  168.832077][T15164] loop7: detected capacity change from 0 to 512
[  168.859645][T15164] EXT4-fs warning (device loop7): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  168.897090][ T3407] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  168.897980][T15164] EXT4-fs (loop7): mount failed
[  168.913537][ T3407] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  169.045858][T15192] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4877'.
[  169.169526][T15200] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4880'.
[  169.230091][   T29] kauditd_printk_skb: 140 callbacks suppressed
[  169.230103][   T29] audit: type=1400 audit(169.213:4107): avc:  denied  { search } for  pid=15206 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.260328][   T29] audit: type=1400 audit(169.213:4108): avc:  denied  { search } for  pid=15206 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=477 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.283094][   T29] audit: type=1400 audit(169.213:4109): avc:  denied  { search } for  pid=15206 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.305921][   T29] audit: type=1400 audit(169.213:4110): avc:  denied  { search } for  pid=15206 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.328550][   T29] audit: type=1400 audit(169.213:4111): avc:  denied  { read open } for  pid=15208 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.353465][   T29] audit: type=1400 audit(169.213:4112): avc:  denied  { getattr } for  pid=15208 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.378291][   T29] audit: type=1400 audit(169.213:4113): avc:  denied  { getattr } for  pid=15208 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  169.404143][   T29] audit: type=1400 audit(169.223:4114): avc:  denied  { read } for  pid=15210 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  169.425441][   T29] audit: type=1400 audit(169.223:4115): avc:  denied  { open } for  pid=15210 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=509 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  169.475084][   T29] audit: type=1400 audit(169.303:4116): avc:  denied  { add_name } for  pid=15206 comm="dhcpcd-run-hook" name="resolv.conf.lapb2.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  169.547720][T15242] loop9: detected capacity change from 0 to 7
[  169.554178][T15240] loop8: detected capacity change from 0 to 1024
[  169.554441][T15242] Buffer I/O error on dev loop9, logical block 0, async page read
[  169.563312][T15240] EXT4-fs: Ignoring removed orlov option
[  169.574117][T15245] loop0: detected capacity change from 0 to 512
[  169.581506][T15245] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  169.600916][T15245] EXT4-fs: error: could not find journal device path
[  169.609087][T15242] Buffer I/O error on dev loop9, logical block 0, async page read
[  169.616912][T15242]  loop9: unable to read partition table
[  169.624324][T15240] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.628874][T15242] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  169.628874][T15242] 
) failed (rc=-5)
[  169.703267][T14914] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.036997][T15324] lo speed is unknown, defaulting to 1000
[  170.118376][T15342] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4910'.
[  170.138276][T15330] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.4910'.
[  170.155414][T15346] netem: incorrect gi model size
[  170.160445][T15346] netem: change failed
[  170.383578][T15374] loop7: detected capacity change from 0 to 1024
[  170.415020][T15374] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.516958][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.614002][T15384] loop7: detected capacity change from 0 to 1024
[  170.627539][T15384] EXT4-fs: Ignoring removed nobh option
[  170.679410][T15384] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.779051][T15384] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.4920: Allocating blocks 385-513 which overlap fs metadata
[  170.812443][T15384] EXT4-fs (loop7): pa ffff8881069a5930: logic 16, phys. 129, len 24
[  170.820484][T15384] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  170.876538][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.923968][T15388] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  171.173219][T15401] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4928'.
[  171.182226][T15401] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4928'.
[  171.842665][T15440] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4943'.
[  172.212854][T15487] loop8: detected capacity change from 0 to 512
[  172.228205][T15487] EXT4-fs: Ignoring removed mblk_io_submit option
[  172.247921][T15487] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13
[  172.256315][T15487] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.4967: attempt to clear invalid blocks 2 len 1
[  172.310589][T15487] EXT4-fs (loop8): Remounting filesystem read-only
[  172.335966][T15487] EXT4-fs (loop8): 1 truncate cleaned up
[  172.359618][T15487] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.467050][T14914] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.526291][T15509] netlink: 'syz.8.4975': attribute type 10 has an invalid length.
[  172.563332][T15509] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.570617][T15509] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.578018][T15515] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4975'.
[  172.602716][T15509] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.609845][T15509] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.617152][T15509] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.624283][T15509] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.660177][T15509] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  172.678099][T15515] bridge_slave_1: left allmulticast mode
[  172.683756][T15515] bridge_slave_1: left promiscuous mode
[  172.689422][T15515] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.717614][T15515] bridge_slave_0: left allmulticast mode
[  172.723305][T15515] bridge_slave_0: left promiscuous mode
[  172.729097][T15515] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.741289][T15515] bond0: (slave bridge0): Releasing backup interface
[  172.801710][T15521] netlink: 'syz.4.4983': attribute type 13 has an invalid length.
[  172.894799][T15530] loop8: detected capacity change from 0 to 512
[  172.912231][T15530] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.938113][T14914] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.314211][T15571] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5004'.
[  173.323236][T15571] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5004'.
[  173.332265][T15571] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5004'.
[  173.362147][T15571] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5004'.
[  173.371134][T15571] netlink: 'syz.7.5004': attribute type 6 has an invalid length.
[  173.419456][T15579] lo speed is unknown, defaulting to 1000
[  173.487065][T15589] loop7: detected capacity change from 0 to 512
[  173.774840][T15625] netlink: 'syz.8.5031': attribute type 1 has an invalid length.
[  173.792652][T15627] netlink: 'syz.2.5029': attribute type 1 has an invalid length.
[  173.800504][T15623] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5030'.
[  173.858589][T15633] loop8: detected capacity change from 0 to 1764
[  173.945539][T15652] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5041'.
[  174.067136][T15669] bond1: entered promiscuous mode
[  174.072338][T15669] bond1: entered allmulticast mode
[  174.087936][T15669] 8021q: adding VLAN 0 to HW filter on device bond1
[  174.118936][T15669] bond1 (unregistering): Released all slaves
[  174.141206][T15653] netlink: 'syz.2.5042': attribute type 10 has an invalid length.
[  174.159535][T15653] 8021q: adding VLAN 0 to HW filter on device team0
[  174.167694][T15653] bond0: (slave team0): Enslaving as an active interface with an up link
[  174.252427][   T29] kauditd_printk_skb: 220 callbacks suppressed
[  174.252442][   T29] audit: type=1400 audit(174.233:4337): avc:  denied  { cpu } for  pid=15688 comm="syz.2.5059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  174.302158][   T29] audit: type=1326 audit(174.263:4338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.325125][   T29] audit: type=1326 audit(174.263:4339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.348005][   T29] audit: type=1326 audit(174.263:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.371073][   T29] audit: type=1326 audit(174.263:4341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.393900][   T29] audit: type=1326 audit(174.263:4342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.416928][   T29] audit: type=1326 audit(174.263:4343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.439889][   T29] audit: type=1326 audit(174.263:4344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.462771][   T29] audit: type=1326 audit(174.263:4345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  174.485619][   T29] audit: type=1326 audit(174.263:4346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15692 comm="syz.0.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  175.108216][T15766] Falling back ldisc for ttyS3.
[  175.301326][T15792] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  175.307817][T15792] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  175.636448][T15815] netlink: 'syz.0.5112': attribute type 5 has an invalid length.
[  176.047439][T15849] syz_tun: entered allmulticast mode
[  176.061704][T15847] syz_tun: left allmulticast mode
[  176.115273][T15860] loop8: detected capacity change from 0 to 128
[  176.141272][T15860] FAT-fs (loop8): error, invalid FAT chain (i_pos 548, last_block 8)
[  176.149935][T15860] FAT-fs (loop8): Filesystem has been set read-only
[  176.170676][T15860] FAT-fs (loop8): error, corrupted file size (i_pos 548, 522)
[  176.171578][T15867] loop7: detected capacity change from 0 to 2048
[  176.179587][T15860] FAT-fs (loop8): error, corrupted file size (i_pos 548, 522)
[  176.228291][T15867]  loop7: p1 < > p4
[  176.237168][T15875] loop8: detected capacity change from 0 to 1024
[  176.248900][T15867] loop7: p4 size 8388608 extends beyond EOD, truncated
[  176.271821][T15875] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.316471][T14914] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.357550][T15887] __nla_validate_parse: 9 callbacks suppressed
[  176.357561][T15887] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5142'.
[  176.395864][T15899] netlink: 'syz.4.5147': attribute type 2 has an invalid length.
[  176.403648][T15899] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5147'.
[  176.580961][T15929] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5161'.
[  176.663497][ T3365] kernel write not supported for file /414/attr/exec (pid: 3365 comm: kworker/0:2)
[  176.841277][T15960] lo speed is unknown, defaulting to 1000
[  177.427466][T15980] netlink: 'syz.8.5183': attribute type 10 has an invalid length.
[  177.444953][T15980] 8021q: adding VLAN 0 to HW filter on device team0
[  177.473845][T15980] bond0: (slave team0): Enslaving as an active interface with an up link
[  177.685372][T16000] loop7: detected capacity change from 0 to 512
[  177.712369][T16000] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  177.746451][T16000] EXT4-fs (loop7): 1 truncate cleaned up
[  177.755680][T16000] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.807455][T16007] netlink: 'syz.4.5196': attribute type 1 has an invalid length.
[  177.914157][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.965893][T16023] loop7: detected capacity change from 0 to 1764
[  177.976087][T16028] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5205'.
[  178.002903][T16028] team1: entered promiscuous mode
[  178.009415][T16028] team1: entered allmulticast mode
[  178.046196][T16033] lo speed is unknown, defaulting to 1000
[  178.287207][T16082] loop8: detected capacity change from 0 to 2048
[  178.344398][T16096] lo speed is unknown, defaulting to 1000
[  178.351268][T16082]  loop8: p1 < > p3 p4
[  178.355939][T16082] loop8: p3 start 922746880 is beyond EOD, truncated
[  178.362680][T16082] loop8: p4 size 8388608 extends beyond EOD, truncated
[  178.386285][T16101] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5235'.
[  178.397350][T16094] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5235'.
[  178.547200][T16118] loop0: detected capacity change from 0 to 128
[  178.554863][T16118] EXT4-fs: Ignoring removed nobh option
[  178.562155][T16118] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  178.593169][T16121] netlink: 3 bytes leftover after parsing attributes in process `syz.8.5244'.
[  178.607790][T16121] batadv1: entered promiscuous mode
[  178.613082][T16121] batadv1: entered allmulticast mode
[  178.774506][T16132] loop8: detected capacity change from 0 to 128
[  178.791696][T16132] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  178.839818][T14914] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  178.872464][ T9656] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  178.892308][T16139] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5251'.
[  178.925964][T16141] netlink: 'syz.8.5254': attribute type 13 has an invalid length.
[  179.016674][T16141] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.027436][T16141] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.066502][T16141] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.075554][T16141] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.084445][T16141] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.093350][T16141] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.220580][T16175] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5269'.
[  179.266417][   T29] kauditd_printk_skb: 257 callbacks suppressed
[  179.266432][   T29] audit: type=1400 audit(947.250:4604): avc:  denied  { create } for  pid=16182 comm="syz.7.5273" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  179.294458][   T29] audit: type=1400 audit(947.261:4605): avc:  denied  { create } for  pid=16186 comm="syz.4.5276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  179.313518][   T29] audit: type=1400 audit(947.261:4606): avc:  denied  { setopt } for  pid=16186 comm="syz.4.5276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  179.332595][   T29] audit: type=1400 audit(947.261:4607): avc:  denied  { bind } for  pid=16186 comm="syz.4.5276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  179.351472][   T29] audit: type=1400 audit(947.261:4608): avc:  denied  { node_bind } for  pid=16186 comm="syz.4.5276" saddr=::6100:0:0:0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  179.372660][   T29] audit: type=1400 audit(947.282:4609): avc:  denied  { read } for  pid=16182 comm="syz.7.5273" path="socket:[46375]" dev="sockfs" ino=46375 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  179.402476][   T29] audit: type=1326 audit(947.303:4610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.4.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  179.425708][   T29] audit: type=1326 audit(947.303:4611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.4.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  179.448583][   T29] audit: type=1326 audit(947.303:4612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.4.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  179.471475][   T29] audit: type=1326 audit(947.303:4613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16188 comm="syz.4.5277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  179.510232][T16201] lo speed is unknown, defaulting to 1000
[  179.525763][T16197] loop7: detected capacity change from 0 to 1024
[  179.557255][T16197] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.558654][T16205] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5281'.
[  179.604498][T16203] vhci_hcd: invalid port number 96
[  179.609652][T16203] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  179.622571][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.749314][T16229] pimreg: entered allmulticast mode
[  179.756591][T16229] pimreg: left allmulticast mode
[  179.988000][T16258] atomic_op ffff8881184b9128 conn xmit_atomic 0000000000000000
[  180.682434][T16310] team1: entered promiscuous mode
[  180.687941][T16310] team1: entered allmulticast mode
[  180.833450][T16324] vhci_hcd: invalid port number 96
[  180.838701][T16324] vhci_hcd: default hub control req: 0300 vfffa i0060 l0
[  181.652590][T16388] loop7: detected capacity change from 0 to 128
[  181.665962][T16388] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  181.702857][T14014] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  181.726607][T16404] sch_tbf: burst 0 is lower than device lo mtu (16) !
[  181.811667][T16417] __nla_validate_parse: 4 callbacks suppressed
[  181.811686][T16417] netlink: 268 bytes leftover after parsing attributes in process `syz.4.5372'.
[  181.855980][T16420] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5374'.
[  181.899494][T16424] vlan2: entered allmulticast mode
[  181.904733][T16424] syz_tun: entered allmulticast mode
[  181.919304][T16420] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  182.552502][T16442] netem: incorrect ge model size
[  182.557545][T16442] netem: change failed
[  182.628994][T16450] ref_ctr increment failed for inode: 0x1894 offset: 0x0 ref_ctr_offset: 0x82 of mm: 0xffff88810005d280
[  182.642861][T16449] uprobe: syz.4.5387:16449 failed to unregister, leaking uprobe
[  182.687327][T16456] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5390'.
[  182.747008][T16462] loop8: detected capacity change from 0 to 256
[  182.753878][T16462] FAT-fs (loop8): bogus number of FAT sectors
[  182.760207][T16462] FAT-fs (loop8): Can't find a valid FAT filesystem
[  182.868769][T16482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5407'.
[  182.883604][T16478] lo speed is unknown, defaulting to 1000
[  182.898465][T16482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5407'.
[  182.960041][T16490] loop0: detected capacity change from 0 to 2048
[  182.996404][T16490] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.031574][T16490] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5399: bg 0: block 345: padding at end of block bitmap is not set
[  183.091746][ T9656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.149706][T16505] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.5405'.
[  183.237573][T16517] lo speed is unknown, defaulting to 1000
[  183.290415][T16517] lo speed is unknown, defaulting to 1000
[  183.298294][T16525] serio: Serial port ptm0
[  183.378603][T16530] tipc: Started in network mode
[  183.383601][T16530] tipc: Node identity ac14140f, cluster identity 4711
[  183.391077][T16530] tipc: New replicast peer: 255.255.255.255
[  183.397291][T16530] tipc: Enabled bearer <udp:syz2>, priority 10
[  183.404659][T16530] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5417'.
[  183.413696][T16530] tipc: Disabling bearer <udp:syz2>
[  183.558545][T16554] lo speed is unknown, defaulting to 1000
[  183.588345][T16564] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5424'.
[  183.613780][T16565] loop7: detected capacity change from 0 to 1024
[  183.632106][T16561] netlink: 'syz.4.5425': attribute type 10 has an invalid length.
[  183.641231][T16564] team1: entered promiscuous mode
[  183.649537][T16564] team1: entered allmulticast mode
[  183.656244][T16565] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.677892][T16561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5425'.
[  183.699863][T14014] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.812234][T16580] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5431'.
[  184.165528][T16628] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=16628 comm=syz.7.5446
[  184.343250][   T29] kauditd_printk_skb: 120 callbacks suppressed
[  184.343265][   T29] audit: type=1400 audit(952.616:4734): avc:  denied  { mount } for  pid=16648 comm="syz.2.5456" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  184.386467][   T29] audit: type=1400 audit(952.669:4735): avc:  denied  { create } for  pid=16650 comm="syz.4.5457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  184.415514][   T29] audit: type=1400 audit(952.690:4736): avc:  denied  { cmd } for  pid=16650 comm="syz.4.5457" path="socket:[48170]" dev="sockfs" ino=48170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  184.525993][   T29] audit: type=1400 audit(952.817:4737): avc:  denied  { mount } for  pid=16659 comm="syz.8.5461" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  184.579451][   T29] audit: type=1400 audit(952.817:4738): avc:  denied  { mounton } for  pid=16659 comm="syz.8.5461" path="/117/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  184.665500][   T29] audit: type=1400 audit(952.902:4739): avc:  denied  { unmount } for  pid=14914 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  184.740523][   T29] audit: type=1326 audit(953.039:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16673 comm="syz.2.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9bade9a9 code=0x7ffc0000
[  184.765701][T16672] vlan3: entered allmulticast mode
[  184.813037][   T29] audit: type=1326 audit(953.060:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16673 comm="syz.2.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6b9bade9a9 code=0x7ffc0000
[  184.836160][   T29] audit: type=1326 audit(953.060:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16673 comm="syz.2.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9bade9a9 code=0x7ffc0000
[  184.859129][   T29] audit: type=1326 audit(953.060:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16673 comm="syz.2.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b9bade9a9 code=0x7ffc0000
[  185.321205][T16728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16728 comm=syz.0.5493
[  185.361269][T16734] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16734 comm=syz.7.5494
[  185.406265][T16739] tipc: Started in network mode
[  185.411285][T16739] tipc: Node identity ac14140f, cluster identity 4711
[  185.429843][T16739] tipc: New replicast peer: 255.255.255.255
[  185.435976][T16739] tipc: Enabled bearer <udp:syz2>, priority 10
[  185.455587][T16742] tipc: Disabling bearer <udp:syz2>
[  185.496512][T16745] netlink: 'syz.7.5499': attribute type 4 has an invalid length.
[  185.584854][T16737] netlink: 'syz.0.5496': attribute type 1 has an invalid length.
[  185.702810][T16771] loop7: detected capacity change from 0 to 256
[  185.710836][T16771] FAT-fs (loop7): bogus number of FAT sectors
[  185.717057][T16771] FAT-fs (loop7): Can't find a valid FAT filesystem
[  186.144444][   T10] kernel read not supported for file inotify (pid: 10 comm: kworker/0:1)
[  186.456273][T16879] wg2: left promiscuous mode
[  186.460968][T16879] wg2: left allmulticast mode
[  186.487939][T16885] loop0: detected capacity change from 0 to 1024
[  186.506257][T16879] wg2: entered promiscuous mode
[  186.511320][T16879] wg2: entered allmulticast mode
[  186.511701][T16885] EXT4-fs: Ignoring removed orlov option
[  186.553081][T16885] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.723290][T16902] __nla_validate_parse: 10 callbacks suppressed
[  186.723307][T16902] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5567'.
[  186.761973][T16906] lo speed is unknown, defaulting to 1000
[  186.933101][ T9656] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.181770][T16936] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  187.293405][ T4187] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.356625][ T4187] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.417370][ T4187] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.451973][T16948] lo speed is unknown, defaulting to 1000
[  187.472701][ T4187] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.513685][T16940] lo speed is unknown, defaulting to 1000
[  187.618677][ T4187] bridge_slave_1: left allmulticast mode
[  187.624438][ T4187] bridge_slave_1: left promiscuous mode
[  187.630107][ T4187] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.648957][ T4187] bridge_slave_0: left promiscuous mode
[  187.654657][ T4187] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.848127][ T4187] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.858633][T16977] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5593'.
[  187.869242][ T4187] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.880079][ T4187] bond0 (unregistering): Released all slaves
[  187.914773][T16940] chnl_net:caif_netlink_parms(): no params data found
[  187.946793][ T4187] tipc: Left network mode
[  187.986854][ T4187] hsr_slave_1: left promiscuous mode
[  187.989206][T16991] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5601'.
[  188.002203][ T4187] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.009744][ T4187] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.018243][ T4187] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  188.025757][ T4187] batman_adv: batadv0: Removing interface: batadv_slave_1
[  188.038691][ T4187] veth1_macvtap: left promiscuous mode
[  188.046051][ T4187] veth0_macvtap: left promiscuous mode
[  188.051640][ T4187] veth1_vlan: left promiscuous mode
[  188.057647][ T4187] veth0_vlan: left promiscuous mode
[  188.121200][ T4187] team0 (unregistering): Port device team_slave_1 removed
[  188.138547][ T4187] team0 (unregistering): Port device team_slave_0 removed
[  188.209170][T16940] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.216353][T16940] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.225802][T16940] bridge_slave_0: entered allmulticast mode
[  188.232361][T16940] bridge_slave_0: entered promiscuous mode
[  188.239351][T16940] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.246468][T16940] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.253806][T16940] bridge_slave_1: entered allmulticast mode
[  188.260163][T16940] bridge_slave_1: entered promiscuous mode
[  188.288698][T16940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.299430][T16940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.330130][T16965] lo speed is unknown, defaulting to 1000
[  188.344013][T16940] team0: Port device team_slave_0 added
[  188.352257][T17013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5609'.
[  188.360675][T16940] team0: Port device team_slave_1 added
[  188.373447][T17013] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5609'.
[  188.389867][T16940] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.397020][T16940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.422971][T16940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.434758][T16940] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.441817][T16940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.467829][T16940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.519039][T16940] hsr_slave_0: entered promiscuous mode
[  188.525300][T16940] hsr_slave_1: entered promiscuous mode
[  188.532811][T16940] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.540529][T16940] Cannot create hsr debugfs directory
[  188.554471][T16965] chnl_net:caif_netlink_parms(): no params data found
[  188.610671][T16965] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.617879][T16965] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.625123][T16965] bridge_slave_0: entered allmulticast mode
[  188.631589][T16965] bridge_slave_0: entered promiscuous mode
[  188.638334][T16965] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.645460][T16965] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.653005][T16965] bridge_slave_1: entered allmulticast mode
[  188.661231][T16965] bridge_slave_1: entered promiscuous mode
[  188.695082][T16965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.711860][T16965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.730000][T16965] team0: Port device team_slave_0 added
[  188.743128][T16965] team0: Port device team_slave_1 added
[  188.759130][T16965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.766163][T16965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.792165][T16965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.803228][T16965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.810169][T16965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.836162][T16965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.861593][T16965] hsr_slave_0: entered promiscuous mode
[  188.867686][T16965] hsr_slave_1: entered promiscuous mode
[  188.873520][T16965] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.881126][T16965] Cannot create hsr debugfs directory
[  189.016933][T16940] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  189.031971][T16940] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  189.055065][T16940] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  189.065895][T16965] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  189.079123][T16940] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  189.113107][T17041] ALSA: seq fatal error: cannot create timer (-16)
[  189.126281][T16965] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  189.135392][T16965] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  189.146138][T17043] IPVS: Error connecting to the multicast addr
[  189.155581][T16965] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  189.184732][T17053] SELinux: failed to load policy
[  189.195705][T16940] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.202816][T16940] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.210110][T16940] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.217211][T16940] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.224876][   T29] kauditd_printk_skb: 156 callbacks suppressed
[  189.224888][   T29] audit: type=1400 audit(957.732:4900): avc:  denied  { load_policy } for  pid=17052 comm="syz.0.5621" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  189.264632][ T4187] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.273515][ T4187] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.303915][   T29] audit: type=1400 audit(957.858:4901): avc:  denied  { create } for  pid=17061 comm="syz.0.5624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  189.355603][T16965] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.379751][T16965] 8021q: adding VLAN 0 to HW filter on device team0
[  189.413943][ T4206] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.421127][ T4206] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.446866][ T4247] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.454145][ T4247] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.481863][T16940] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.525291][T16940] 8021q: adding VLAN 0 to HW filter on device team0
[  189.539618][ T4200] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.546794][ T4200] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.562101][   T29] audit: type=1400 audit(958.133:4902): avc:  denied  { write } for  pid=17081 comm="syz.2.5632" lport=33317 faddr=::ffff:100.1.1.0 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  189.587141][ T4200] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.594219][ T4200] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.632114][T16940] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.698485][T16965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.795886][T16940] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.926730][T16965] veth0_vlan: entered promiscuous mode
[  189.935845][T16965] veth1_vlan: entered promiscuous mode
[  189.959464][T16965] veth0_macvtap: entered promiscuous mode
[  189.978787][T16965] veth1_macvtap: entered promiscuous mode
[  189.990995][T16965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.021477][T16965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.050462][T16965] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.059290][T16965] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.068081][T16965] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.076883][T16965] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.108763][T16940] veth0_vlan: entered promiscuous mode
[  190.120658][T16940] veth1_vlan: entered promiscuous mode
[  190.149572][   T29] audit: type=1400 audit(958.756:4903): avc:  denied  { mounton } for  pid=16965 comm="syz-executor" path="/root/syzkaller.h8pZU6/syz-tmp" dev="sda1" ino=2060 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  190.149761][T16940] veth0_macvtap: entered promiscuous mode
[  190.173505][   T29] audit: type=1400 audit(958.756:4904): avc:  denied  { mounton } for  pid=16965 comm="syz-executor" path="/root/syzkaller.h8pZU6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  190.185179][T16940] veth1_macvtap: entered promiscuous mode
[  190.211356][   T29] audit: type=1400 audit(958.788:4905): avc:  denied  { mounton } for  pid=16965 comm="syz-executor" path="/root/syzkaller.h8pZU6/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=49664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  190.252269][   T29] audit: type=1400 audit(958.851:4906): avc:  denied  { mounton } for  pid=16965 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  190.274810][   T29] audit: type=1400 audit(958.851:4907): avc:  denied  { mount } for  pid=16965 comm="syz-executor" name="/" dev="gadgetfs" ino=4186 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  190.306857][   T29] audit: type=1400 audit(958.894:4908): avc:  denied  { add_name } for  pid=16965 comm="syz-executor" name="syz9" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  190.308178][T16940] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.331028][   T29] audit: type=1400 audit(958.894:4909): avc:  denied  { create } for  pid=16965 comm="syz-executor" name="syz9" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  190.380308][T16940] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.399864][T17158] pim6reg1: entered promiscuous mode
[  190.405400][T17158] pim6reg1: entered allmulticast mode
[  190.427558][T16940] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.436337][T16940] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.445121][T16940] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.453825][T16940] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.529455][T17166] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5654'.
[  191.204567][T17221] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5675'.
[  191.307008][T17232] netlink: 2036 bytes leftover after parsing attributes in process `syz.4.5676'.
[  191.316319][T17232] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5676'.
[  191.332056][T17234] netlink: 404 bytes leftover after parsing attributes in process `syz.0.5679'.
[  191.381319][T17240] lo speed is unknown, defaulting to 1000
[  191.411377][T17244] SELinux:  Context system_u:object_r:syslogd_var_run_t:s0 is not valid (left unmapped).
[  191.654057][T17263] pim6reg1: entered promiscuous mode
[  191.659392][T17263] pim6reg1: entered allmulticast mode
[  192.122230][T17286] netlink: 'syz.0.5701': attribute type 5 has an invalid length.
[  192.156061][T17292] serio: Serial port ptm0
[  192.341402][T17318] vlan2: entered allmulticast mode
[  192.346760][T17318] macvtap0: entered allmulticast mode
[  192.352163][T17318] veth0_macvtap: entered allmulticast mode
[  192.779022][T17362] tipc: Started in network mode
[  192.783891][T17362] tipc: Node identity ac14140f, cluster identity 4711
[  192.791519][T17362] tipc: New replicast peer: 255.255.255.83
[  192.797617][T17362] tipc: Enabled bearer <udp:�>, priority 10
[  192.899984][T17380] lo speed is unknown, defaulting to 1000
[  193.045752][T17397] loop7: detected capacity change from 0 to 512
[  193.079841][T17397] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.085671][T17407] __nla_validate_parse: 1 callbacks suppressed
[  193.085724][T17407] netlink: 51 bytes leftover after parsing attributes in process `syz.4.5754'.
[  193.113322][T17397] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5750'.
[  193.165602][T16940] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.181239][T17414] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17414 comm=syz.0.5757
[  193.193899][T17414] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17414 comm=syz.0.5757
[  193.470573][T17429] loop9: detected capacity change from 0 to 128
[  193.477122][T17429] EXT4-fs: Ignoring removed nobh option
[  193.484799][T17429] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.652016][T16965] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.858414][ T3393] tipc: Node number set to 2886997007
[  193.945194][T17471] lo speed is unknown, defaulting to 1000
[  194.296943][T17497] lo speed is unknown, defaulting to 1000
[  194.396424][T17505] lo speed is unknown, defaulting to 1000
[  194.637659][T17518] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5800'.
[  194.647733][T17518] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5800'.
[  194.761560][T17528] lo speed is unknown, defaulting to 1000
[  194.903927][T17539] netlink: 404 bytes leftover after parsing attributes in process `syz.7.5810'.
[  194.926080][T17528] lo speed is unknown, defaulting to 1000
[  195.290852][   T29] kauditd_printk_skb: 70 callbacks suppressed
[  195.290867][   T29] audit: type=1400 audit(964.185:4980): avc:  denied  { relabelfrom } for  pid=17556 comm="syz.0.5817" name="MPTCPv6" dev="sockfs" ino=50878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  195.319744][   T29] audit: type=1401 audit(964.185:4981): op=setxattr invalid_context=""
[  195.414461][T17567] veth1_macvtap: left promiscuous mode
[  195.420392][T17567] macsec0: entered allmulticast mode
[  195.757288][   T29] audit: type=1400 audit(964.671:4982): avc:  denied  { ioctl } for  pid=17579 comm="syz.7.5828" path="socket:[51344]" dev="sockfs" ino=51344 ioctlcmd=0x48d4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  195.890775][T17590] lo speed is unknown, defaulting to 1000
[  196.169762][T17624] netlink: 2048 bytes leftover after parsing attributes in process `syz.0.5845'.
[  196.178942][T17624] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5845'.
[  196.212704][T17626] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17626 comm=syz.9.5848
[  196.242219][T17628] bridge: RTM_NEWNEIGH with invalid ether address
[  196.277575][   T29] audit: type=1400 audit(965.220:4983): avc:  denied  { append } for  pid=17635 comm="syz.9.5853" name="mISDNtimer" dev="devtmpfs" ino=248 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  196.317552][   T29] audit: type=1400 audit(965.262:4984): avc:  denied  { mount } for  pid=17637 comm="syz.9.5854" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  196.380299][T17648] loop7: detected capacity change from 0 to 1024
[  196.387502][T17648] EXT4-fs: Ignoring removed orlov option
[  196.394968][T17648] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.411136][T17648] EXT4-fs (loop7): shut down requested (0)
[  196.426009][T16940] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.545862][   T29] audit: type=1400 audit(965.505:4985): avc:  denied  { ioctl } for  pid=17659 comm="syz.7.5862" path="socket:[51489]" dev="sockfs" ino=51489 ioctlcmd=0x89f3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  196.590778][   T29] audit: type=1326 audit(965.558:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17663 comm="syz.7.5864" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fac643fe9a9 code=0x0
[  196.818159][   T29] audit: type=1326 audit(965.790:4987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.4.5866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  196.841198][   T29] audit: type=1326 audit(965.790:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.4.5866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82d60de9a9 code=0x7ffc0000
[  196.864171][   T29] audit: type=1326 audit(965.790:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17670 comm="syz.4.5866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f82d60dd310 code=0x7ffc0000
[  196.918816][T17674] tipc: Started in network mode
[  196.923772][T17674] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  196.932942][T17674] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  196.941244][T17674] tipc: Enabled bearer <udp:syz0>, priority 10
[  197.070492][T17681] vhci_hcd: invalid port number 236
[  197.182895][T17703] cgroup: Unknown subsys name 'cpuset'
[  197.387214][T17731] loop9: detected capacity change from 0 to 8192
[  197.403863][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.411761][T17731] FAT-fs (loop9): Filesystem has been set read-only
[  197.418429][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.426288][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.434202][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.442032][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.474486][T17741] netlink: 68 bytes leftover after parsing attributes in process `syz.2.5897'.
[  197.483716][T17731] syz.9.5893: attempt to access beyond end of device
[  197.483716][T17731] loop9: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  197.497155][T17731] Buffer I/O error on dev loop9, logical block 65368, async page read
[  197.505383][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.527012][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.535002][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.558656][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.566573][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.574549][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.582433][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.590296][T17731] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000ff12)
[  197.607894][T17731] syz.9.5893: attempt to access beyond end of device
[  197.607894][T17731] loop9: rw=0, sector=65368, nr_sectors = 1 limit=8192
[  197.621604][T17731] Buffer I/O error on dev loop9, logical block 65368, async page read
[  197.796157][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.803627][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.823724][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.831278][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.838892][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.846297][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.853698][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.861242][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.868851][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.876316][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.883828][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.891402][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.944957][T17765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=17765 comm=syz.9.5907
[  197.963141][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.970762][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.978277][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.985706][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  197.993125][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.000596][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.007992][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.015464][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.022842][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.030266][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.037746][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.045180][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.052607][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.060055][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.067456][   T36] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  198.075194][ T3386] tipc: Node number set to 1
[  198.100548][   T36] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  198.121990][T17771] Process accounting resumed
[  198.127296][T17773] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5912'.
[  198.217184][T17785] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  198.252056][T17787] veth0_vlan: left promiscuous mode
[  198.257327][T17787] veth0_vlan: entered promiscuous mode
[  198.342715][T17797] loop9: detected capacity change from 0 to 512
[  198.359844][T17797] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  198.395263][T17797] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.474601][T16965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.872982][T17854] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa
[  198.881323][T17854] tipc: Enabled bearer <udp:syz0>, priority 10
[  199.007272][T17876] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5959'.
[  199.191737][T17898] netlink: 'syz.0.5968': attribute type 1 has an invalid length.
[  199.199684][T17898] netlink: 'syz.0.5968': attribute type 4 has an invalid length.
[  199.207442][T17898] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.5968'.
[  199.220229][T17898] netlink: 'syz.0.5968': attribute type 1 has an invalid length.
[  199.228033][T17898] netlink: 'syz.0.5968': attribute type 4 has an invalid length.
[  199.235787][T17898] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.5968'.
[  199.311748][T17912] vlan2: entered allmulticast mode
[  199.316971][T17912] syz_tun: entered allmulticast mode
[  199.333115][T17916] loop7: detected capacity change from 0 to 1024
[  199.344092][T17916] EXT4-fs: Ignoring removed nobh option
[  199.349666][T17916] EXT4-fs: inline encryption not supported
[  199.370807][T17916] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.419971][T17916] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4113: comm syz.7.5976: Allocating blocks 385-513 which overlap fs metadata
[  199.445545][T17916] EXT4-fs (loop7): pa ffff8881069a5930: logic 16, phys. 129, len 24
[  199.453611][T17916] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  199.494215][T16940] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.560493][T17946] loop7: detected capacity change from 0 to 512
[  199.585121][T17946] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  199.617858][T17946] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.683520][T17969] netlink: 2048 bytes leftover after parsing attributes in process `syz.9.5996'.
[  199.692796][T17969] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5996'.
[  199.707902][T16940] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.785866][T17978] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17978 comm=syz.4.6003
[  199.798598][T17978] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17978 comm=syz.4.6003
[  199.800400][T17976] netlink: 68 bytes leftover after parsing attributes in process `syz.7.6002'.
[  199.852837][T17986] netlink: 'syz.2.6007': attribute type 7 has an invalid length.
[  199.860615][T17986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6007'.
[  199.876075][T17988] bridge_slave_1: left allmulticast mode
[  199.881823][T17988] bridge_slave_1: left promiscuous mode
[  199.887445][T17988] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.898135][T17988] bridge_slave_0: left allmulticast mode
[  199.903972][T17988] bridge_slave_0: left promiscuous mode
[  199.909689][T17988] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.961840][T17997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  199.972685][T17997] tipc: Disabling bearer <eth:syzkaller0>
[  200.165397][T18029] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=18029 comm=syz.2.6025
[  200.177982][T18029] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18029 comm=syz.2.6025
[  200.213260][T18032] loop7: detected capacity change from 0 to 764
[  200.229324][T18032] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  200.561231][   T29] kauditd_printk_skb: 1439 callbacks suppressed
[  200.561243][   T29] audit: type=1326 audit(969.748:6429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.616934][T18059] loop9: detected capacity change from 0 to 1024
[  200.656546][T18063] loop7: detected capacity change from 0 to 1024
[  200.665552][   T29] audit: type=1326 audit(969.780:6430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.683541][T18063] EXT4-fs: Ignoring removed orlov option
[  200.688519][   T29] audit: type=1326 audit(969.780:6431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.717319][   T29] audit: type=1326 audit(969.780:6432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.740273][   T29] audit: type=1326 audit(969.780:6433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.763220][   T29] audit: type=1326 audit(969.780:6434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.786367][   T29] audit: type=1326 audit(969.780:6435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.809258][   T29] audit: type=1326 audit(969.780:6436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.832274][   T29] audit: type=1326 audit(969.780:6437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.855170][   T29] audit: type=1326 audit(969.780:6438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18056 comm="syz.0.6038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ebf5de9a9 code=0x7ffc0000
[  200.889439][T18059] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.924360][T18063] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.974045][T16965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.137006][T16940] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.316382][T18092] team0: Mode changed to "activebackup"
[  201.323885][T18093] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6051'.
[  201.726216][T18131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6070'.
[  201.748164][T18131] batadv0 (unregistering): left allmulticast mode
[  201.754743][T18131] batadv0 (unregistering): left promiscuous mode
[  201.761217][T18131] bridge0: port 1(batadv0) entered disabled state
[  201.774510][T18133] SELinux: failed to load policy
[  202.006644][T18156] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125
[  202.071061][T18164] lo speed is unknown, defaulting to 1000
[  202.624342][T18198] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(5)
[  202.630942][T18198] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  202.638552][T18198] vhci_hcd vhci_hcd.0: Device attached
[  202.655489][T18199] vhci_hcd: connection closed
[  202.655744][ T4191] vhci_hcd: stop threads
[  202.664846][ T4191] vhci_hcd: release socket
[  202.669396][ T4191] vhci_hcd: disconnect device
[  202.803520][T18213] loop7: detected capacity change from 0 to 8192
[  202.919997][T18226] __nla_validate_parse: 3 callbacks suppressed
[  202.920012][T18226] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6109'.
[  202.969654][T18227] sch_tbf: burst 88 is lower than device veth3 mtu (1514) !
[  203.585849][T18248] nfs: Unknown parameter '��������0xffffffffffffffff'
[  203.687028][T18255] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6121'.
[  203.712868][T18254] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6116'.
[  203.722131][T18254] unsupported nlmsg_type 40
[  203.763192][T18262] netlink: 56 bytes leftover after parsing attributes in process `syz.4.6123'.
[  203.945666][T18283] macvtap0: entered promiscuous mode
[  203.952996][T18283] macvtap0: left promiscuous mode
[  204.030282][T18298] -1: renamed from syzkaller0
[  204.078454][T18300] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6143'.
[  204.093309][T18310] lo speed is unknown, defaulting to 1000
[  204.190526][T18320] lo speed is unknown, defaulting to 1000
[  204.322824][T18320] lo speed is unknown, defaulting to 1000
[  204.372982][    C0] ==================================================================
[  204.381073][    C0] BUG: KCSAN: data-race in do_select / pollwake
[  204.387297][    C0] 
[  204.389598][    C0] read to 0xffffc900062279e0 of 4 bytes by task 18325 on cpu 1:
[  204.397202][    C0]  do_select+0xe48/0xf50
[  204.401430][    C0]  core_sys_select+0x3d7/0x6e0
[  204.406172][    C0]  __se_sys_pselect6+0x216/0x280
[  204.411089][    C0]  __x64_sys_pselect6+0x78/0x90
[  204.415919][    C0]  x64_sys_call+0x1caa/0x2fb0
[  204.420571][    C0]  do_syscall_64+0xd2/0x200
[  204.425048][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.430914][    C0] 
[  204.433211][    C0] write to 0xffffc900062279e0 of 4 bytes by interrupt on cpu 0:
[  204.440813][    C0]  pollwake+0xb6/0x100
[  204.444857][    C0]  __wake_up+0x66/0xb0
[  204.448906][    C0]  bpf_ringbuf_notify+0x22/0x30
[  204.453736][    C0]  irq_work_run+0xe2/0x2d0
[  204.458130][    C0]  __sysvec_irq_work+0x22/0x170
[  204.462955][    C0]  sysvec_irq_work+0x66/0x80
[  204.467519][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  204.472432][    C0]  native_apic_msr_write+0x3d/0x60
[  204.477523][    C0]  x2apic_send_IPI_self+0x10/0x20
[  204.482524][    C0]  arch_irq_work_raise+0x46/0x50
[  204.487448][    C0]  __irq_work_queue_local+0x10f/0x2c0
[  204.492801][    C0]  irq_work_queue+0x70/0x100
[  204.497369][    C0]  bpf_ringbuf_discard+0xd3/0xf0
[  204.502285][    C0]  bpf_prog_fe0ed97373b08409+0x4b/0x4f
[  204.507721][    C0]  bpf_trace_run3+0x10f/0x1d0
[  204.512372][    C0]  __traceiter_kmem_cache_free+0x35/0x60
[  204.517979][    C0]  kmem_cache_free+0x257/0x300
[  204.522721][    C0]  __kfree_skb+0x109/0x150
[  204.527115][    C0]  consume_skb+0x49/0x150
[  204.531423][    C0]  nsim_dev_trap_report_work+0x533/0x630
[  204.537030][    C0]  process_scheduled_works+0x4cb/0x9d0
[  204.542467][    C0]  worker_thread+0x582/0x770
[  204.547037][    C0]  kthread+0x489/0x510
[  204.551080][    C0]  ret_from_fork+0xda/0x150
[  204.555558][    C0]  ret_from_fork_asm+0x1a/0x30
[  204.560296][    C0] 
[  204.562593][    C0] value changed: 0x00000001 -> 0x00000000
[  204.568280][    C0] 
[  204.570578][    C0] Reported by Kernel Concurrency Sanitizer on:
[  204.576711][    C0] CPU: 0 UID: 0 PID: 4251 Comm: kworker/u8:65 Not tainted 6.16.0-rc6-syzkaller-00279-gbf61759db409 #0 PREEMPT(voluntary) 
[  204.589355][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.599387][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  204.606129][    C0] ==================================================================