last executing test programs:

4m11.598452816s ago: executing program 2 (id=87):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x30)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x4080, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})

4m10.740923616s ago: executing program 2 (id=101):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xc}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000170000009500000000000000133629fb8c30"], &(0x7f00000005c0)='GPL\x00'}, 0x80)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r2, r1, 0x25, 0x2, @void}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b"], 0x0)

4m10.728877407s ago: executing program 2 (id=103):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xfa50, 0x0, 0x0, 0x0, 0x48}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x18, 0x68, 0x1, 0x2, 0x7ffffffc}, 0x18}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r7)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r8, 0x9c3fa077fa966179, 0x0, 0x600, {{0x7e, 0x0, 0xfff0}, {@void, @void}}}, 0x14}}, 0x4000054)

4m9.814173672s ago: executing program 2 (id=109):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000100)='./bus\x00', 0x154) (async)
mkdir(&(0x7f0000000100)='./bus\x00', 0x154)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x84000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x19, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="54010000210001000000000000000000e0000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000001c0004000db9d218b8f678510000000000000000e000000200000000000000ff00000000e8001100"], 0x154}}, 0x0) (async)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x19, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="54010000210001000000000000000000e0000001000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000001c0004000db9d218b8f678510000000000000000e000000200000000000000ff00000000e8001100"], 0x154}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700083c0020010010000000000000000000000000ff020000000000000000000000000001810098"], 0x0)
r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f478ef8ed"])
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc0, 0xfff, 0x6, 0x6, 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x6c, 0x8], 0xeeee8000, 0x2031c2}) (async)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x205, 0x6, 0x0, 0x0, 0x10003, 0x41, 0x400200cc0, 0xfff, 0x6, 0x6, 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x6c, 0x8], 0xeeee8000, 0x2031c2})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f0000000280)={'\x00', 0xf, 0x66a, 0x9, 0x0, 0x1, 0x80a4000, 0xd000, '\x00', 0xd5ad}) (async)
ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f0000000280)={'\x00', 0xf, 0x66a, 0x9, 0x0, 0x1, 0x80a4000, 0xd000, '\x00', 0xd5ad})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4m9.710548249s ago: executing program 2 (id=111):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='sys_enter\x00', r0}, 0x10)
clock_adjtime(0x0, &(0x7f0000000b00)={0xfd0, 0x0, 0x4100, 0x0, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0xfffffffffffffffd, 0x5, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000})

4m9.642084955s ago: executing program 2 (id=112):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x608, 0x360, 0x11, 0x148, 0x360, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x40000000, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2, 0x80}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x668)

4m9.626171657s ago: executing program 32 (id=112):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x608, 0x360, 0x11, 0x148, 0x360, 0x10, 0x570, 0x2a8, 0x2a8, 0x570, 0x2a8, 0x7fffffe, 0x0, {[{{@uncond, 0x10, 0x2f8, 0x360, 0x1c, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip6gretap0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x8}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x19, 0x0, 0x40000000, 0x0, 'syz0\x00', 'syz0\x00'}}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_batadv\x00'}, 0x0, 0x1c8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'team_slave_0\x00', {0x459, 0x0, 0x48, 0x0, 0x0, 0x3, 0x2, 0x80}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev, 'macsec0\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x668)

3m56.184563641s ago: executing program 5 (id=205):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000740)={0x1138, 0x14, 0x8, 0x70bd25, 0x25dfdbfc, {0x2c, 0x3}, [@INET_DIAG_REQ_BYTECODE={0x42, 0x1, "f309a6626e6bf850a89b243863672f5f52f9e33fdbcf8ce9e71b0618d02229be529948f9e63078f9b991e08de5b2d52b63a48854e26282804198ab6d7b7b"}, @INET_DIAG_REQ_BYTECODE={0x61, 0x1, "a82cc33ff2cd37fee7835f80d61139b7dc1fca01965e5845cfc7c18e4f36ca9eeccc5aea4dcef03957c10af925b6302b7d7de94cad7e9cec014a6ea33aa2901b642f129734356bcee42e3e616f6bfca830e49c11d5636c9fe29f7280d5"}, @INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "653c747960bb5b37c9e631a82820d738032e376f64701a26717680349ca79d3bcee1e5d8781fd9a23fc1edaf92c51ad7210c8514a782e17d9fbcb79d1a8fc7533083b2195b27d022e66fedd63ac620fe1edf47fde76101cc971e57037126f5501d306c7989653df980901000017e6e31ea69590aff55285263fb939f010ac7efefa2b479df47450f899a8b86954b7fe7b2f8bc0d157fcd5429364ac86814753620a72648b09df28a10dc14b792f8df43d25deef3ee98b1ef5cf6d3c718b4444e290b4e894b6fc6b5697c641538ed816f7e95e02c2be541930f264c897acffb8d4a053068cfa49c17288f0793ec8be9150a630af717206b098760dccfe3839feb2685f4c1e4459155456fc4ed23c11b0e55cc8789584bbfe3056d0aa994f0fa99d9c975dc401d81a1ad6eda19bc757717828cc3e2a87712fd88d6b5f868b90bc614baef1e16487911dcfe47ba3f32746d3600ff8465a2a18e338d30e1213eca06ffc57e2857bcb224d5f9aab50019b2482e2bcb6ced0f67241aa233a984d34cd31b6cd28412471758103bb6bdeb61869ff91a99ad81fc29cc23ea34e1682666396916379eaa7f08434a7ba7c04ac5c011552435b77947d5317e1a827726fef02fec6d81265755c8114255da12a3e8402e354511665a6d99840802c55efb68657a2810756e11ddbb6df6b4aea16bdc517bcee3b19de44aa5dcdfa218643b194e2907d79a09df9a7fecdf989a93ac024da18185de3a91ab071fa47c3a62d9ef1b055b23bcc1e01a55b908bb9e352712da4746576562de8b8b25dc4ffef57deb880e4bb7f792c7d6b5746df3d25d294d551c9b77278f01b6bafae65d61a6504c6dd9a9ab7a6040c0d96a7464365901f977ce353734e39872e3249b562e465d9e54802a1404438bc7b1a7e50752c66e9faa6ee0a0807907f4c4b714c7d9d04db2b5b623ac34f5d4511f103c10c06fa788258518b0141fffac4ca061a27e19e63f15de41c29ebe1db64155c18e1a83f6942fda994678807c7fa82b0dd5f5db1d6ad730d1eabff0aea07c221e94895ba97b4f1873e51d8bedde31e4a3417c16b5e1137222f52b613ad6d5b6b8f45aab5c1b5c2086f6cb88a1918adce3b260b347f05177acd00f29a95861709c089172505a5f9a9b3c50e8a622ad65df5544180522a0254d77c034067aa2b4b4e3e3eb816601927156af0fb233e03dd54ac3b5e1c8387ca28f390bd4920b006aaa4a85676c5bc2a53134d3abffa3dfd87f0dcb4afc925097aa1375001a139192756feabcd4b5d60ceef6acba9ec43a7d9b00ba7f7a65be29d0bf97c18005a1b55c811903c120ecb72331999775e0529d6df2e2ae728f254a97d96bdcb2d121990b587f329888440a0d2e8bce84da5bf8f4379f5643684b466bca8bc894d7b867c393e13da40ad14b6a9741edd86d9f0d5375f18110b4b92eaa83c80af6227c5f4b01c6dc76f2699658ada5a9100753d13a6c80aa4d4b498e081d22de69a2cd32bdc5039b881f87bdbd37699642dc697362668ddab5d587aa11aa61c6628fa31a8df6b0f5579d6f08fe14a47eab578157cd471f04cf8f086a0b5f8ea9321fbfd570dd6fb82e69ba0280cacbb6dcb1af7ca40d23748271b6e662f215ed01b9ac9b76b534dd2443d9a8fc0cf2008c3fefe1916becd644e3018e0480be837012322e4ff82907d5970136505fc04d7c7becfe1702d265709bc9973184715a71e055b7d3c6f4db2540c45c7e7b71debfd66c77c852b61d8618b2580e50b952802cc0634abaa63e01b149ecc7e5d1808d4bec804093e094f25a2e7d7f5f6b930ce8a9b0cec21d7aa795cd6a43c983755796831fde64e706f154342b3517ca5bea66c9e2ecbe6215d927e48f078899a18795afa32798e26d73b8f0717caee5091365fafdfdbd10092ace486dc79c9840f74733e596a4ac9108c9c06434604f7b53610f76b178a43a61f016fe3594011f330f02713623256009a6158a11aa7323184c4db80e165e7ed41d0df3364a99379a669801e08eba567e4990506831136da340f3d3c47cec53d7d754573d1333f163ade87cf105daf13f523991705b3452587ce597489c6a3ec03340fbcb042f71fe50b8d4c59e11f06d76d76f70f47b8bf15169e1e6b20e8bd25d25a14fba0b5817baa95c64043a20a4bfda19ab5ea752852e0148025a97a2b4de1152af19f7e1735f8517a2b0708f09ccdf6543afa5354679308f775d967f8e355f4159c0e54f36465ebd198b15a57e256e4f5a93512d7840fc733608d5867844035b08bd9bbd77b3734d73ee3f20bee4fdf3f190a68e6274a67ee65d80228472601812d90a5f83a7334ae23222f185aa7f1e1b57736bc20141c03739bfae7f9163d2c27b41b60081c0af1f9cf113535cc71e9d9810fbc73d8026f7908311f4ed528f640dafbec42598c11be381bce3e04260b7ccbd65102283585961be095afa54ba5b3b12100408f88aa46c11ecaf7719a3ede0f1312aaaec2e89fa7c3634461ed47c62f408cae132fb4cd388526ed4ec2a210d3d7b6b49e9f9558d0c10b7a5f62b786cab23ce712c194bd4c0083d7e7643d6207368c2c81759de968b96d0cd285ee0b48d650cb2f1f8e12d7a1d98418e6d911312657bf7aaa978c0ca1657c71236352c13de7965c03d07179dc8e1a6c283bb7450a8a5206341109069e6b68b4e40bd7405fe24e69385e3cd637277b89d952fdc35f4c64c891f094448fc196a3a86a7b5f9fa0072a469591aa732667002df80a784541cfa7fbd6d2fa51ce29cc98fba36d90842fb2217caa4228cdab45286f0b4890320d49b4a39bf1ee2acfadf78f4b8ecf1741394b97b7fc1c7af6f856664ce5f2a5d52c007a003ebe509bd6b50ed87188b98c2abccbd4451fb7fc59687058fd09849beb4f6783927602ac32b293e55fea12953c5daff2f7e4c62f1376686adbe049fb40875b6b512803b7e794247069171b97a9ddcf8ef87f90ca73d99525b407eb67694d8aaefb84d7bbee3dd289c6c2a2025530eadb3e16fd632e0be94dc7f980d7aaec2989eb951a7f3f9719cb256c4082b3706f1811f72b395f091ef63aa4c7755760be27a4df2a8d7f9f755152c6c3b240aa3ab1eeac62288ba9519f9e2723afde5da722ea11f776acc0b9d1c65fc078f48f2acac506300df8fba1f61c43c7de97a09754ac6a7fe3bcd645ffa140caa531e7d7d5cb1a48d2b18fad06823aef2b6d4ccf33a2d4159124247e1a5855fac1d02e0a392163e41d1db09e9fe83e0c918e8a35d415545e8d155fb95b54d95bde17fcfdaf9f50b406c23e2f6fcba0ec4acac1f3cbd38d946b7ab92a299bdc30c983eade2c8a2c2f8552166233937bc1ca5a927d77525bc402b7cb9fc47640b5fe872e1ab3342272167e904ea6618d773091ea89bbac39815cc5d592a40ff4e0a3a94f99758a6f7cf1d36cf92101b188c1f84169d7d18f040dcf4d1467cc8b7ff684d58395d97e63436448b0a687ba863e5cd82637534418d34beefc22cd75cd7fa3aecf20ff782c63aee877feec50a1c6bd05883159306ef4e1f4c2e255fe923116f5ed6d8bd3e609cd0fc4194eeda58337228c2c559cb0ec7b2c0b0c9622420961f2de69a6d94b25bf2c3ef66faa15a2cdb6f0f49aef9db0b60953fc207c6dcec30b34780cd30fa3a5745af1eb96e69582bb98ff8dba1051fe4189be2ed2f225866289efe85e749cb1d106102c31a15cc9fdeb0cdaeac7f63a50fee3cc4cf7ec771666b2870a582d6b38248ccdfadca14dfea1ad3946cea4d912859e807412b38e41dd81a06258a4c32e406e9449e0213af4aafaad9e175485f7ed62482d4922afc7d05257624987e75472c87fb7f2d9340f847f2aa13a417136d2876929bcdb7f37b3544e50a746ef353cb41c5e5d785bdd28bac609f76bfac8a39d5b2cd365472c2daa388479ce0e00fb0d972d63e991c51d824cb6515599326126d002aff62d61d46ac8c7b53c85dccb9933b9d210671915c87b9e4ff7e6790e054620231a21e881c5fadafd86ac580f603ff84af57f5a5fe0e27cc6bc79eb73fc42a63c188d6a815419c68cd1e1ab480bf90dfe5f6245963cc40defa8b12feb6e761703817ac4371c70cf07d5a6c8f0e711c8ee8676acea8c06e5877d7d2483796619d8e4ae4b9e30fded5d90e30872414f7cbeed75820db10f34cdc36dfd57dc4ac513740c19212516cd13796af83b70de09e7a3c51d3f22be1b6501437718f90925b689f75ec2b8a19cc7b8e1cfdd3404e06a4eb608f36f8ddfad7d1c71d93ca8fcf1f6b7f552b31a330bdad8f3e9b54ed3fecbb6b0f3ff293c92390b1278b7890713f8bf156ae700aff9b5ae59e8f8d15640fcde53a937bee19b011b71ff891ef13985cf363a0530a801eed05e67ea55f7f6e01fba19eb0669dfef7b7f4a655ec22951eb5cc7ebb4c87693cc4e04c2e9e839734b0996e6e0caa3080decb7ee3e3b17604230af4d060f23aec4f0264b188bb9c1486bc8c20c0e7fbdef0ab521537f97b181ab24e75f06993cf1c8267f104cbf6ba0373b1bfb1e3f5be26cb691143192455fff61e60f73d18fa4640d741dfc11ed71f725fc1fdec35dca69dbf7cdd5e66eba3bcfb63d0638d0397803e6f3e5d6f478a8fbfc0f704190cb676e6db81793f890938a93c1e67470ab5ce07d86992e3cfb62eff041318781d2b65621d298069e8387035b6172b4799d8deae87f7be057f8339485983af16aec70d152228e31c03481a7e78866288a3648261be76c699552f7e1001f28040ca783fbc317295d4e0c3d54526f7027dde0767cd182c2bbcb2708ef1492062e1fc62d64d4c589de56e52f745faea5f738e4c985eba8005b8e7967f92aeb45f71a17c2f56c7b3b95ebb9ca31c3acf9951c15ee6af519ae75170be18c076425c3032865c469254c653cc6219b44e277f020f72a78bfaf1290f49ae63c35f3ef1c82bf8fd2739b117d9ca1a90396bb17b47a26bb40edc0bc5c6d0ba4b7d6abb483b5f4ccf169f0ccca753006d9f9e95d0134a94da8adda6705197a9e4489d89fb9d26df3392b42aa1d2a461c9806cd64aaf28a0e37343bca3bcbbbc2b9b166c673f7e0a676f41e2605e7a6cafc46225fe3e32ac9b4e6328cdce7c927e135b735d3450c1f84df18d953219aa5ab0b332af2dd0091394aa705e503ff003c7d8f01b932f0592e05e896bb6ae091ffefc49bbbdc69bf26463b1686acba8e57234149a712aad44294dcd1861ab4b37d39c2ed34d7788fbd4b64622bb595d3a5382d7cd9109b5043c9c742f06063d3cd30dfdab98f512d38be515ecfa0466d188c1f858ffe0dbf08b6eac672d3353a333235179de182d5daeb0f44e2c5f87a7b0fa53ac59384ebdca45d586dee08309c16ed34e1757e2b4c01b6b0286aac7b22d51828a8e3a15feeccef7cbc5518ec84440daa1f5e467b67471764878f116c18a7d580b2756c55f6051a2228f6078b88e6c7afa6bd6fe48d6ad9e51a7e8092c6fbb673f0bf4a89376d0dd6856d8b53cbb32c3bb67ea1ec9d1b7837064e847aa5ec4ccabcd59366c30be2bda4789af25b9de0337b46c0eb419d81c8eeb3ae7517882ab5f6a85d4b0148d46cd6bb3e5275ef8979c3ed6ad0f02a014676e912a5b39c61c6f9ec5b6442c464b1a027f2fa2614b8555ac9871831c69c730e276952f86f370dfa8fbcc601fe383fb5a4dfbabcb72206be64b7939ab0b74644fc4b3e651e883c21a5b478324626a5309c803a4e28093a46db81efd0f642d27f79df8438003ca04809eb4284615e1becfe9c47c0055d0849a01e1"}, @INET_DIAG_REQ_BYTECODE={0x18, 0x1, "74b451278332a3cceee18fef26894f139382502d"}, @INET_DIAG_REQ_BYTECODE={0xf, 0x1, "d43b6b1668f34aabf52249"}, @INET_DIAG_REQ_BYTECODE={0x19, 0x1, "e8e37a46a5a856a9ca058c7a899fcf33711d402eff"}, @INET_DIAG_REQ_BYTECODE={0x31, 0x1, "60e1471db17dfb585615c6b1c716350f7cd36d3da9afed61e89603b44b3c264643b6bed37df5fc387a0958e9ab"}]}, 0x1138}, 0x1, 0x0, 0x0, 0x1}, 0x20004000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffff7a, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000240)={&(0x7f00000004c0)=""/73, 0x49, <r3=>0x0, &(0x7f0000000540)=""/146, 0x92}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073b22ba643ed30c4d14ceec603336de0e00d92969490a3867823d6109afb868280bcd039a2571c3b6a8425ad6623bc5b998394332d34dacc507daf62f993713f0e5b01dcc335ba4c3df9adcf6575f26c10a545253b6817e7747974b5af9a3b334a80e752d8fc51d51a11f1f54876536c64"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, r3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x5, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00'}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)

3m56.140431445s ago: executing program 5 (id=206):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg0\x00', <r1=>0x0})
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0x5384, 0xfffffffffffffffe, 0x6})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20}, [@RTA_IP_PROTO={0x5, 0x1b, 0x11}, @RTA_IIF={0x8, 0x3, r1}]}, 0x2c}}, 0x0)

3m56.140101875s ago: executing program 5 (id=207):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
write$selinux_validatetrans(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a726573746f7265636f6e645f766172dbd79b0f999e08ef302073797374656d5f753a6f626a6563745f723a67726f75706164645f657865635f743a7330203030303030303030303030303030303030303032202f"], 0x8a)

3m56.137718245s ago: executing program 5 (id=208):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = epoll_create(0x2)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r5=>0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c51000/0x2000)=nil)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x2031, 0xffffffffffffffff, 0x0)
munlockall()
chmod(&(0x7f0000000000)='./bus/file0\x00', 0x121)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x20)
mremap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000280)={0xa0, 0x0, 0x0, {{0x20, 0x1, 0x5, 0x6, 0x1000, 0x6, {0x1, 0x0, 0x65cd, 0x0, 0xffffffffffff15ef, 0x9, 0x1, 0x7fff, 0x7, 0x4000, 0xe, r5, 0x0, 0x4, 0x10000}}, {0x0, 0x1}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',privport,access=', @ANYRESDEC=r5])
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000140)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="021100090a00000000000000000000026421060000000e00020000000a010102080000000000000002000a00a29600000000001000000000030005000000000002004e22ac1414bb0000000000000000"], 0x50}}, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

3m55.938334932s ago: executing program 5 (id=210):
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)=0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r2)
r3 = socket$unix(0x1, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1004014, &(0x7f0000001540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
read(r3, &(0x7f00000003c0)=""/203, 0xcb)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
lseek(r4, 0x339, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x6, 0x1, 0x2, 0x40010, r4, 0xdc, '\x00', 0x0, r0, 0x3, 0x1, 0x0, 0x1}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)

3m55.762772536s ago: executing program 5 (id=211):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000053c0)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x1, 0x4800)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open(&(0x7f0000000080)='./bus\x00', 0x169242, 0x10)
rename(&(0x7f0000000440)='./bus\x00', &(0x7f00000003c0)='./file1\x00')
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0xa, 0x0, 0x20, 0x8}, {0x0, 0x30000000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x1d}, {0x0, 0x2, 0x0, 0x2dd}}, [@tmpl={0x144, 0x5, [{{@in=@loopback, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@empty, 0x3502, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{@in6=@loopback, 0x4d2, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@empty, 0x0, 0x2b}, 0x0, @in6=@private0, 0x0, 0x1}]}]}, 0x1fc}}, 0x0)

3m55.743579717s ago: executing program 33 (id=211):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000053c0)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x1, 0x4800)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open(&(0x7f0000000080)='./bus\x00', 0x169242, 0x10)
rename(&(0x7f0000000440)='./bus\x00', &(0x7f00000003c0)='./file1\x00')
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0xa, 0x0, 0x20, 0x8}, {0x0, 0x30000000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x1d}, {0x0, 0x2, 0x0, 0x2dd}}, [@tmpl={0x144, 0x5, [{{@in=@loopback, 0x0, 0x2b}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff}, {{@in6=@private2, 0x0, 0x32}, 0x0, @in6=@empty, 0x3502, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {{@in6=@loopback, 0x4d2, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x0, 0x3c}, 0x2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in6=@empty, 0x0, 0x2b}, 0x0, @in6=@private0, 0x0, 0x1}]}]}, 0x1fc}}, 0x0)

3m49.487990077s ago: executing program 1 (id=269):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="05000000030000000400000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000300))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000009c0)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff000000000000000000000000fe8000000000000000000000000000bb000000000000fffd0000000000000000d5baae95fa29a008bffa6a3eb87fcc8f0151bfad05a3bcdbe8f85a88bb53f7785cc92e6be07b4f65be6ca1cb4d7c7f8260d3d78aaf361830ff00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200040000000000000048000200656362286369706865725f6e756c6c2900"/240], 0x138}, 0x1, 0xe}, 0x0)
r6 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\a\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x0)
write$binfmt_misc(r6, &(0x7f0000000180)="e502", 0x2)
execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x0, 0x111, 0x4b4, 0x0, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [], 'vlan0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x128, 0x190, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)

3m48.161441865s ago: executing program 1 (id=278):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x46f, &(0x7f0000001200)="$eJzs3M1vFOUfAPDv7G7hx2v3h/gCoqJoJL60tKBy8KKJiQdNTPSAx1oKQRZqaE2ENLYYghcTJeFuTLyY+Bd48kTUk4lXvBsSYriAelkz3dllu91tt91tt3U/n2To83Sf3ef7nZln55kZpgH0rYPpP0nEzoi4GRGDEZGrb7CtsqTt7t2ZGf/rzsx4EuXyu38m6dvi7p2Z8WrTJPu5o1IppB+Uu5JEsUm/UxcvnR0rlSYuZPXh6XMfDU9dvPTimXNjpydOT5wfPX782NGRV14efakreaYx3d3/6eSBfW++f+3t8RPXPvj5+0q85fL1G0cW5NEdAxExU1snjZ7pbmc9t6uunBR6GAgrsjUiCtneejMGI39ld+21wXjjs54GB6ypcrlcHm398lwZ+A9LotcRAL1RPdCn57/VpX4C8M/aTj967vZrlROgNO972VJ5pRCXszYDDee33XQwIk7M/f11ukTD9RQAgLXwYzr/eaHJ/K8Y8VBdu93ZvaFiRPw/IvZExAMRsTciHoxK24cj4pEV9n+wob54/pO7tbrM2pPO/17N7m0tnP/V7oIV81lt13z+A8mpM6WJI9k6ORwDW9P6SNNPTyLm0p+/fdmq//r5X7qk/VfnglkctwpbF77n5Nj0WMeJZ25fjthfaJZ/EoX7WcS+iNi/yj7OPPfdgYW/yddKy+e/hC7cZyp/E/FsZfvPRUP+VcnS9yeH/xeliSPD1b1isV9+vfpOq/47yr8L0u2/ven+X8u/mNTfr51a9BFbluvj6u+ftzynWe3+vyV5b0Hnn4xNT18YidiSvLX493UXuKv1avs0/8OHmo//PXF/TTwaEelO/FhEPB4RT2SxPxkRT0XEoSXy/+n1pz9cff5rK81/dkXbf+WF/NkbP7Tqv73tf6xamQ+qne+/dgPsZN0BAADAZpGLiJ2R5IZq5VxuaKjy/+X3xvZcaXJq+vlTkx+fP1l5RqAYA7nqla7BuuuhI9m14Wp9NKvPZvWj2XXj6/lt8/Wh8cnSyV4nD31uR4vxn/oj3+vogDXneS3oX8Y/9K/Vj3/fHLDZLTOKc+sVB7D+HMWhfzUb/7M9iANYf47/0L9q4/+rNhrXPe7V+PAmsPk4/kP/Mv6hL3XyXP+GKMS3EUu3STZKqCsqfNHJ2wvrEGHkNsaKWsfCaD6ih2EU2v2rFnGxPNtxp73+ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiOfwMAAP//Oyno9g==")
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x20000050)
r1 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpgrp(0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x540, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fsmount(r1, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x7ffffffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'bridge0\x00', <r8=>0x0})
sendto$packet(r7, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r8, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r1, @ANYRES8=0x0, @ANYRESDEC=r4], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000002c0000002c00000008000000000000000100000d0000000005000000020000000000000025000004000000000200000001000000feffffff00000000005f5f00"], 0x0, 0x4c}, 0x20)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

3m47.12241584s ago: executing program 1 (id=286):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
time(0x0)

3m46.99749607s ago: executing program 1 (id=287):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f0000000300)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@sysvgroups}]}, 0x1, 0x43a, &(0x7f00000015c0)="$eJzs289rHFUcAPDv7Cat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdre7aZJuMtH9fGDa92be8r7fnXm7b+ZlA+hZw+k/ScT+iPg9Igbq1eYGw/X/bi0vTv29vDiVRLX61l9Jrd3N5cWpvGn+un15pS+i9FkSR9r0O3/5yvnJSmXmUlYfW7jw/tj85SvPzV6YPDdzbubixOnTJ0+Mv3Bq4vmu5JnmdXPoo7mjh19759obU2euvfvzt0mef0seXTK81sEnq9Uud1esAw3lpK/AQNiQcn2YRn9t/A9EOVZP3kC8+mmhwQFbqlqtVh/ofHipCvyPJVF0BEAx8i/69P4337Zp6rEj3HipfgOU5n0r2+pH+qKUtelvub/tpuGIOLP0z1fpFlvzHAIAoMn36fzn2Xbzv1I0Phe6N1tDGYyI+yLiYESciohDEXF/RK3tgxHx0Ab7b10kuX3+U7q+qcTWKZ3/vZitbTXP//LZXwyWs9qBWv79ydnZyszx7D0Zif7daX18jT5+eOW3Lzoda5z/pVvafz4XzOK43re7+TXTkwuTd5NzoxufRAz1tcs/WVkJSCLicEQMbbKP2ae/Odrp2J3zX0MX1pmqX0c8VT//S9GSfy5Ze31y7J6ozBwfy6+K2/3y69U3O/V/V/l3QXr+97a9/lfyH0wa12vnN97H1T8+73hPs9nrf1fydtO+DycXFi6NR+xKXq8H3bh/oqXdxGr7NP+RY+3H/8FYfSeORER6ET8cEY9ExKNZ7I9FxOMRcazWsjnQvPbTy0+8t/n8t1aa//SGzv9qYVe07mlfKJ//8bumTgc3kn96/k/WSiPZnvV8/q0nrs1dzQAAAPDfU4qI/ZGURlfKpdLoaP1v+A/F3lJlbn7hmbNzH1ycrv9GYDD6S/mTroGG56Hj2W19Xp9oqZ/Inht/Wd5Tq49OzVWmi04eety+DuM/9We56OiALef3WtC7jH/oXcY/9C7jH3pXm/G/p4g4gO3X7vv/4wLiALZf8/hPCosD2H7u/6F3Gf/Qu4x/6Enze+LOP5IvspAvROyUeBSyQpR2RBgKW1Qo+IMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS/4NAAD//3UB424=")
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000001f00)=ANY=[], 0xe00f, 0x0)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, 0x0, 0x4040000)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x2043, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x280008a, &(0x7f00000007c0)=ANY=[@ANYRES64, @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=0,shortname=mixed,uni_xlate=0,shortname=winnt,\x00'], 0x96, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt(r5, 0x111, 0x3, 0x0, &(0x7f0000000080))
syz_clone3(&(0x7f0000001540)={0x41000, 0x0, 0x0, 0x0, {0x6}, &(0x7f0000000540)=""/4096, 0x1000, &(0x7f0000000440)=""/35, &(0x7f0000000480)}, 0x58)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, &(0x7f0000000140)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x2}, 0x94)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000200000200000089000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000044010500000000000000000000000000000000000000000032"], 0x1fc}}, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

3m45.76232721s ago: executing program 1 (id=292):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000680)=@newtaction={0x44c, 0x31, 0x1, 0x0, 0x0, {}, [{0x438, 0x1, [@m_police={0x434, 0x0, 0x0, 0x0, {{0xb}, {0x408, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa1, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0xb1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400044, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0xd, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x5, 0x40, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x1]}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x44c}}, 0x0)

3m44.625597703s ago: executing program 1 (id=297):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
time(0x0)

3m44.603001904s ago: executing program 34 (id=297):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
time(0x0)

1m18.94094665s ago: executing program 3 (id=898):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1m18.869006356s ago: executing program 3 (id=901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kfree\x00', r1}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='mm_shrink_slab_end\x00', r3, 0x0, 0x2000000}, 0x18)
close(r2)

1m18.772068494s ago: executing program 3 (id=903):
fsopen(&(0x7f0000000000)='erofs\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x4a5, &(0x7f0000000bc0)="$eJzs3E1oHFUcAPD/bJJ+t4m1VltbjVax+JE06Yc9eFBR8KAg6KEeY7KttdtGkgi2BI0i9SgF7+JR8OjJmxdRDyJ4VfAohaJBaOopMl/pNtlNkzTpttnfDzb73szsvvefeW/zdt7OBNC2etM/ScS2iPg9Irrz7I0b9OZPM9OTw9emJ4eTmJ194+8k2+7q9ORwuWn5uq1F5mAlovJpEs8nC8sdP3/hzFCtVh0r8v0TZ9/rHz9/4ZnTZ4dOVU9Vzw0eP37k8MCzxwaPLjumzQ2WpXFd3fvh6L49r7x16bXhE5fe/umbtFq79+fr6+O4qWsNAmqgN91r/8xm5q97fMmF3R2216WTzhZWhGXpiIj0cHVl/b87OuL6weuOlz9paeWANZX+b9rYfPXULLCOJdHqGgCtUf6jT7//lo/bNPS4I1x5IWJDkZ6ZnhyemYu/MyrF8q41LL83Ik5M/fdl+ojlnocAAFiBbGzzdKPxXyV2Z8/5XMeOYg6lJyLuiYidEXFvROyKiPsism3vj4gH8hfPdi+x/N55+YXjn8rlhnVeJen477m6sd9MXfzFU09Hkduexd+VnDxdqx4q9snB6NqY5gcWKeP7l377vNm6+vFf+kjLL8eCRQUud+Yn6MphaowMTQyt1k648nHE3s5G8SdzMwFpC9gTEXuX99Y7ysTpJ7/e12yjm8e/iFWYZ5r9KuKJ/PhPxbz4S0mT+cm0jR8bPNq/KWrVQ/1lq1jo518vvt6s/FuKfxWkx3/Lje1/3hbd/yb5fG1X1GrVsfHll3Hxj8+afqdZRvufk7b/Dcmb2Zz1L+/kyz4YmpgYG4jYkLya5cvOki0fvP7aMl9un8Z/8EDj/r+zeE0a/4MRkTbi/RE7HoqIh4u6PxIRj0bEgUXi//HFx95dJP4kkmjp8R9p+Pk31/57kvr5+hUkOs788F2zGfOlHf8jMZV91uayz7+bWGoFb3H3AQAAwF2hEhHbIqn05enebVGp9PXlv+HfFVsqtdHxiadOjr5/biS/RqAnuirlma7uuvOhA8lU8Y55frA4V1yuP1ycN/6iY3OW7xserY20OHZod1tv7P9R9v/UXx2trh2w5prPoy1yaQCwLszv/5UW1QO4/ZbyOxrfBWB9atD/G91DA1iH3K8F2lej/v/RvPyC8b8RAqwLC/v/nw1uWQesR8b/0L70f2hf+j+0pVu5rn/lifJigZW/z6YlX+HfLonyjhdrWdbmuL4kKi0Pee0TEfHtHVCN6ljaY25voXU3HAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiL/R8AAP//bDTlOQ==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0xffffffffffffffde, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})

1m18.69125891s ago: executing program 3 (id=904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x14711, &(0x7f00000003c0)={[{@lazytime}, {@inlinecrypt}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@data_err_ignore}, {@bsdgroups}, {@errors_remount}, {@test_dummy_encryption}, {@bsdgroups}]}, 0x3, 0x453, &(0x7f0000000c40)="$eJzs281vFOUfAPDvzLbw+/HWivgColbR2PjS0oLKwYtGEw+amOgBj7UtBFmooTUR0mg1Bo+GxLvxaOJf4EkvRj2ZeNW7ISHaC+hpzczOlO2yu7R06xb280kGnmfm2T7Pt888O8/MMw2gb41k/yQRuyLit4gYqmdXFxip/3dteXH67+XF6SRqtTf/TPJyV5cXp8ui5ed2FpnRNCL9NCkqWW3+/IXTU9Xq7LkiP75w5r3x+fMXnjl1Zurk7MnZs5PHjh09MvH8c5PPrj2YJGl7aHfW1gMfzh3c/+rbl16fPn7pnZ++yUrvKo43xrERaUN6JAv8r1quudzj3ahsC9ndkE4Gbl6GraESEVl3Debjfygqcb3zhuKVT3raOGBTZdem7e0PL9VaqbTcC9x2kuh1C4DeKC/02f1vuf1HU48t4cqL9Rugq8ni9LXl+lY/MrByLz+4ifeuIxFxfOmfL7MtuvgcAgCgne+y+c/TreZ/adzbUG5PsTY0HBF3RcTeiLg7IvZFxD0Redn7IuL+G2pIO9bfvDR04/wnvXzLwa1BNv97oVjbWj3/W2n3cKXI7c7jH0xOnKrOHi5+J6MxuD3LT3So4/uXf/283bHG+V+2ZfWXc8GiHZcHmh7QzUwtTOWT0i648nHEgYFW8ScrKwFJROyPiAPr+9F7ysSpJ78+2K7QzePvoM0603rUvop4Iuv/WrIUTfGXks7rk+P/i+rs4fHyrLjRz79cfKNd/RuKvwuy/t+x+vxvLjKcNK7Xzq+/jou/f9b2nuZWz/9tyVt5v2wr9n0wtbBwbiJiW/Janl+1f/L6Z8t8WT6Lf/RQ6/G/t/hMVs8DEZGdxA9GxEMR8XDR9kci4tGIONQh/h9feuzdW49/c2Xxz7T8/ls5/5v6f/2Jyukfvm1X/9r6/2ieGi325N9/N7HWBm7kdwcAAAC3izR/Bz5Jx1bSaTo2Vn+Hf1/sSKtz8wtPnZh7/+xM/V354RhMyyddQw3PQyeSpeIn1vOTxbPi8viR4rnxF5X/5/mx6bnqTI9jh363s834z/xR6XXrgE3XhXU04DbVPP47v7IB3Elc/6F/Gf/Qv4x/6F+txv9HTXlrAXBncv2H/mX8Q/8y/qF/Gf/Qlzbyd/0S/ZyIdEs0Y5MSQ1ujGT1M9PqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DQAA//82merZ")
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x4009, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB='\x00\x00'])
read$FUSE(r4, &(0x7f0000008340)={0x2020, 0x0, <r5=>0x0}, 0x2020)
llistxattr(&(0x7f0000000680)='./file0\x00', 0x0, 0x63)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x21, 0x3, 0x8000000}}, 0x50)
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10, 0xffffffffffffffda, r6}, 0x10)
listxattr(&(0x7f0000000580)='./file0\x00', 0x0, 0xff45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_page_alloc\x00', r3}, 0x10)
mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000080))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000013000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
syz_clone3(&(0x7f00000003c0)={0x44084000, 0x0, 0x0, 0x0, {0x3}, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0x0], 0x1}, 0x58)
socket$netlink(0x10, 0x3, 0x0)

1m18.438440111s ago: executing program 3 (id=907):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xc}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000170000009500000000000000133629fb8c30"], &(0x7f00000005c0)='GPL\x00'}, 0x80)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r2, r1, 0x25, 0x2, @void}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
alarm(0x8000000000000001)
alarm(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaa"], 0x0)

1m18.314375361s ago: executing program 3 (id=911):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socket$key(0xf, 0x3, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f000000e280)={0x2020}, 0x2020)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast2, 0x4000}, {@remote}, {@loopback}, {@private=0xa010101, 0x8}, {@remote, 0x1}, {@multicast2, 0x5}, {@empty, 0xb}]}, @rr={0x7, 0x3, 0xf7}]}}}}}}}, 0x0)

1m18.298246323s ago: executing program 35 (id=911):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x1a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socket$key(0xf, 0x3, 0x2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB, @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f000000e280)={0x2020}, 0x2020)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000240)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @rand_addr, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast2, 0x4000}, {@remote}, {@loopback}, {@private=0xa010101, 0x8}, {@remote, 0x1}, {@multicast2, 0x5}, {@empty, 0xb}]}, @rr={0x7, 0x3, 0xf7}]}}}}}}}, 0x0)

1m0.572137796s ago: executing program 4 (id=1046):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x18)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount$incfs(&(0x7f0000000b40)='./file0\x00', &(0x7f0000000b80)='.\x00', &(0x7f0000000bc0), 0x1, &(0x7f0000000c00)={[{@read_timeout_ms={'read_timeout_ms', 0x3d, 0x5}}], [{@obj_type={'obj_type', 0x3d, '\x00'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_usb_connect(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb4, 0x6a, 0x2c, 0x10, 0x7b4, 0x10a, 0x102, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd6, 0x2, 0x2, 0x2b, 0x57, 0x33, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x81, 0x2, 0x40, 0x0, 0x3d, 0x1}}]}}]}}]}}, 0x0)

57.518539365s ago: executing program 4 (id=1070):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x30)
pipe2$9p(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x4080, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})

56.700460252s ago: executing program 4 (id=1084):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, 0x0, 0x0}, 0x20)
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$netlink(0x10, 0x3, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
socket$key(0xf, 0x3, 0x2)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff800000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000002000800000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200370000000000000048000200656362286369706865725f6e756c6c2900"/240], 0x138}, 0x1, 0xe}, 0x0)

55.461385612s ago: executing program 4 (id=1089):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@grpid}, {@debug}, {@noload}, {@noauto_da_alloc}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@mblk_io_submit}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, 0x0, 0x4004000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000004c0)={[{@jqfmt_vfsv1}, {@noblock_validity}, {@bh}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@debug}, {@inlinecrypt}, {@orlov}, {@jqfmt_vfsv1}, {@errors_remount}]}, 0x0, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDv7CZ5kzbvm/ZFxBbFgIcWpGlSi1UvtvVgDwUL9iDioaFJauj2B00KthZMwYOCgohXkV78B7xL795EUG+ehSpSUVDpyszOpptkN9222Z008/nAZud5Znaf57tPnswzM3l2Aiit8fRHJWJXxJ1TScRYy7rRaKwcz7e7/du10+kjiXr99V+TSPK85vZJ/rw9TwxHxLdHI/5fXVvuwpWrZ6dr9Yb3IvYvnru4f+HK1X3z56bPzJ6ZPT914IWDhyZfnDo4tSFxbs+fjx1/7cmP33/7+bnvavuSOBwnB9+diVVxbJTxGI87eYit+QMRcShdaPO5PGq2QAilVs1/Hwcj4vEYi2qWahiL+Y8KrRzQU/VqRB0oqUT/h5JqjgOax/bdHQef7PGopH9uHWkcAK2Nf6BxbiSGs2OjbbeTliOjxrmNHRtQflrGP9d2f54+YsV5iD+XW2dgA8rpZOl6RDzRLv4kq9uOLNI0/sqK1yURMRkRQ3n9XnmIOiQty704D7Oe+4m/tR3ST+Nw/pzmH33A8sdXpfsdPwDldPNIviNfSlN393/p2KM5/ok245/RNvuuB1H0/q/z+K+5vx/OzpFXVo3D0jHLifZvObg646cPj33aqfzW8V/6SMtvjgX74db1iN2r4v8gG+oly+2ftGn/dJNTh7sr49XvfznWaV3R8ddvROxpe/xzd1SaLq1zfXL/3HxtdrLxs20ZX3/z1pedyi86/rT9t3WIv6X9K6tfl34mF7ss46sTN851Wjd6z/grPw8ljePNoTznnenFxUtTEUPJ8XyTlvwD69eluU3zPdL49z7Tvv+v+P2/vvJ9Rpp/Mrtw8Y2ztzute5D2b7mYfKfeZR06SeOfuXf7r+n/ad4nXZbxx5uXn+q0br34Rx4mMAAAAAAAACihSnYNNqlMLC9XKhMTjfmyj8W2Su3CwuKzcxcun5+J2Jv9P+RgpXmle6yRTtL0VP7/sM30gVXp5yJiZ0R8Vh3J0hOnL9Rmig4eAAAAAAAAAAAAAAAAAAAANont+fz/5n2qf6825v8DJdHLG8wBm5v+D+WV9f81t3gCysD+H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v+hvPR/AAAAANiSdj5988ckIpZeGskeqaF8nRlBsLUNFl0BoDDVoisAFGb50r/BPpROV+P/v/IvB+x9dYACJO0ys8FBff3Of7PtKwEAAAAAAAAAAACAHtizq/P8f3ODYWsz7Q/K6yHm//vqAHjE+ep/KC/H+MC9ZvEPd1ph/j8AAAAAAAAAAAAA9M1o9kgqE/lc4NGoVCYmIv4bETtiMJmbr81ORsT/IuKH6uB/0vRU0ZUGAAAAAAAAAAAAAAAAAACALWbhytWz07Xa7KXWhb/X5GztheZdUPtQ1stxn6+KpP8fy0hEFN4oPVsYaMlJIpbSlt8UFbu0EJujGtlCwX+YAAAAAAAAAAAAAAAAAACghFrmHre3+4s+1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u/u/f97t1B0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAo+nfAAAA//8MWEAo")
syz_mount_image$fuse(0x0, &(0x7f0000000900)='./file0\x00', 0x1a5000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000b00)='./file0/file0\x00', 0x4)

55.275684488s ago: executing program 4 (id=1092):
r0 = syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000100)={[{@minixdf}, {@nodioread_nolock}]}, 0x1, 0x581, &(0x7f0000000980)="$eJzs3T9sG2UbAPDnzvHXf/m+9JO+TwLUoQKkIlV1kv6BwtSuiEqVOiCxQOS4URUnruIEmihDuleIDghQl7LBwAhiYEAsjKwsIGakikYgNR3AyPY5TRMnOKWJS+73k85+33vPft678/Pad7qTA8ito82HNOLpiLiYRAytaRuIrPFoe7mV5cXy/eXFchKNxqVfkkgi4t7yYrmzfJI9H4qIpYh4KiK+KUYcTzfGrc8vTI5Vq5WZrD48O3V1uD6/cOLK1NhEZaIyfeqll8+cPX1m9OTo2pfdb6ytFbe3rjd+vPnuje9evX3z08+OLJXfH0viXAxmbWvX43Fqb5NinFs3//ROBOujpN8d4JEUsjxvptL/YygKWdZ30xja1a4BO6yxL6IB5FQi/yGnOr8Dmse/nWk3f3/cOd8+AGnGXcmmdstA+9xE7G8dmxz8NXnoyKR5vHl4NzvKnrR0PSJGBgY2fv6T7PP36EYeRwfZUV+fb++ojfs/XR1/osv4M9g5d/o3dca/lQ3j34P4hU3Gv4s9xvj9jZ8+2jT+9YhnusZPVuMnXeKnEfFWj/Fvvf7l2c3aGh9HHIvu8TuSrc8PD1++Uq2MtB+7xvjq2JFXtlr/g5vEb5+z3d/6mum2/buc1u7qi28/f3Zpi/gvPLf1/u+2/Q9ExHs9xv/vvU9e26ztzvXkbvNXwHb3fxLFuN1j/BfPHf2hx0UBAAAAAAAAAIBtSFvXsiVpabWcpqVS+x7e/8XBtFqrzx6/XJubHm9f83Y4imnnSquhdj1p1kez63H3Ze97Mqt32k8VsobCgVa9VK5Vx/u43gAAAAAAAAAAAAAAAAAAAPAkObTu/v/fCq37/9f/XTWwV23+l9/AXif/Ib8ezv+kb/0Adp/vf8ithvyH/JL/kF/yH/JL/kN+yX/IL/kP+SX/AQAAAAAAAAAAAAAAAAAAAAAAAABgR1y8cKE5Ne4vL5ab9fGB+bnJ2tsnxiv1ydLUXLlUrs1cLU3UahPVSqlcm/qr90tqtasjMT13bXi2Up8drs8vvDlVm5vu/KdopbjjawQAAAAAAAAAAAAAAAAAAAD/PIOtKUlLEZG2ymlaKkX8OyIOJ5FcvlKtjETEfyLi+0JxX7M+2u9OAwAAAAAAAAAAAAAAAAAAwB5Tn1+YHKtWKzM5KQxsZ+GIWHq83Wi+Y68L7+8Uitm+elK2oUIeCn0emAAAAAAAAAAAAAAAAAAAIIce3PTb6yv+2NkOAQAAAAAAAAAAAAAAAAAAQC6lPycR0ZyODT0/uL71X8lKofUcEe/cuvTBtbHZ2ZnR5vy7q/NnP8zmn+xH/4FedfK0k8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAA/X5hSSq1cpMfX5hcmxnCv1eRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH8WcAAAD//yXN1DE=") (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x800700, &(0x7f0000000200)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdd0}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
chdir(&(0x7f0000000400)='./file0\x00') (async)
creat(&(0x7f0000000040)='./bus\x00', 0x0) (async)
mount(&(0x7f00000001c0)=@rnullb, &(0x7f0000000940)='./file1\x00', 0x0, 0x75948d062b659fa0, 0x0) (async)
r1 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0) (async)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000080)={0xc8f9, 0x0, 0x1}) (async)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000240)={0x27800000000, 0x0, 0x1, 0xffffffffffffffff, 0x1})
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000040)=@x86={0x6, 0x3, 0x0, 0x0, 0x2, 0xdf, 0x6, 0x4, 0xa8, 0x4d, 0x0, 0x2f, 0x0, 0x5, 0x8, 0x0, 0x7b, 0x0, 0xbb, '\x00', 0x4, 0x403}) (async)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000015000072000040"]) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x11, r1, 0x0)
write$FUSE_ATTR(r1, &(0x7f0000000440)={0x78, 0x0, 0x0, {0x2000000000000000, 0x4, 0x0, {0xffffffffff7ffffd, 0x7, 0x0, 0x6, 0x0, 0x6, 0x4, 0x6288f668, 0x9, 0xc000, 0x9}}}, 0x78) (async)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000000)) (async)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
getdents64(r5, &(0x7f0000000340)=""/79, 0x4f)
socket$inet6(0xa, 0x2, 0x0)
timerfd_create(0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000005880)={0x0, 0x0, &(0x7f0000005840)={&(0x7f0000000000)=@getsa={0x34, 0x12, 0x1, 0x70bd2b, 0x25dfdbfd, {@in6=@mcast1, 0x4d4, 0x2, 0xff}, [@mark={0xc, 0x15, {0x35075a, 0x2}}]}, 0x34}, 0x1, 0x0, 0x0, 0x1090}, 0x40080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)

54.742439781s ago: executing program 4 (id=1096):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f00000001c0)={[{@rodir}, {@numtail}, {@utf8no}, {@fat=@discard}, {@shortname_mixed}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@fat=@check_normal}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@utf8no}, {@rodir}]}, 0x1, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
fcntl$getown(r0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000c020000000000000000000001050000018000000000000000010000850200000000000000010000000000000400000000da"], 0x0, 0x52}, 0x28)

54.63407819s ago: executing program 36 (id=1096):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f00000001c0)={[{@rodir}, {@numtail}, {@utf8no}, {@fat=@discard}, {@shortname_mixed}, {@utf8no}, {@shortname_winnt}, {@utf8no}, {@fat=@check_normal}, {@fat=@codepage={'codepage', 0x3d, '1251'}}, {@fat=@check_strict}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'euc-jp'}}, {@utf8no}, {@rodir}]}, 0x1, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
fcntl$getown(r0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000c020000000000000000000001050000018000000000000000010000850200000000000000010000000000000400000000da"], 0x0, 0x52}, 0x28)

1.510264387s ago: executing program 9 (id=1972):
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
mount$fuse(0x0, 0x0, 0x0, 0xa02002, &(0x7f00000004c0)=ANY=[@ANYBLOB="66643dc6953bd340e3272b71d8f75d2e259bf1b1641dbb07e599bb12e499abcbe83cb20c3beb0dfa38c10e940b6828039ec26a486cc445322e0a22037201a9aafdefaad479199cd361137641824dfeb422ab103c6a236f4c9ae516aaf718425b7cbf0a21a98a672989ebb66211460e26e8d8f0a8338d62ea54b8dbc1492deefab8989d8802bb1b8c5d61349a79922cad342e87ed63595e043a81fa36feb0f49bca508854", @ANYRESDEC, @ANYBLOB="40ef35a971d35097635122028eb919802534a9e95b3ca94bf84415370e72798ba993e10be6a82eee4caa011b2c213a3a032f32435692c0ba1dc1f06b1de6bc83e6d684a1f35cf6", @ANYRESOCT])
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000040)=0x8001)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "0180000000000000000000001700"}})

1.510137187s ago: executing program 9 (id=1973):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000009c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x4, {{@in6=@mcast1, @in=@rand_addr=0x64010100, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xf884db3de8f75228}, [@migrate={0x50, 0x11, [{@in6=@mcast2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@local, 0x3c, 0x0, 0x0, 0xfffffffd, 0xa, 0x2}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)

1.510041237s ago: executing program 9 (id=1974):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a050000000000000000000100fffc0900010073047a30000000002c000000080a010100000000000000000100000009000300"], 0xc4}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1.509977147s ago: executing program 9 (id=1975):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fd\x00')
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002)

1.509818097s ago: executing program 9 (id=1976):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018020000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1.509713677s ago: executing program 9 (id=1977):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0xf3a, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/144, 0x90}], 0x1)

1.458302011s ago: executing program 0 (id=1981):
timer_create(0x1, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x4, 0x80, 0x1, 0x100000000, 0x82f4, 0x8a93, 0x7, 0x80000000}, &(0x7f0000000140)={0x4, 0x1000, 0x8, 0x400, 0x401, 0x4, 0x2fc06000, 0xfffffff800000000}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={[0x8]}, 0x8})

1.458216791s ago: executing program 0 (id=1982):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', <r2=>0x0})
bind$xdp(r0, &(0x7f0000000140)={0x2c, 0x1, r2, 0xb}, 0x10)

1.448796232s ago: executing program 0 (id=1983):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x4000050, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
syz_open_dev$usbmon(0x0, 0x6a2, 0x20000)
r6 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0xfe44, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
writev(r7, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
write$binfmt_script(r5, &(0x7f00000004c0), 0x208e24b)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008040)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r0, 0x0, 0x800)

1.126488268s ago: executing program 0 (id=1993):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000ffdbdf253500000008000300", @ANYRES32=r2, @ANYBLOB="0600fd000300000004003400"], 0x3c}}, 0x22044800)

1.114841369s ago: executing program 0 (id=1995):
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xdf6, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb}, 0x18)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x0, 0x2000000000001]}})
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5019, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x20, 0xa8, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x26, 0x42, 0xf1}}}}}]}}]}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)

898.586697ms ago: executing program 6 (id=2009):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x9, 0x7, 0x2, 0x1c, 0x5, 0x2, 0x7, 0x4, 0xf9, 0x7, 0x2, 0x10, 0x8}, {0x0, 0x80, 0x45, 0xd4, 0x4, 0x3, 0x6, 0x3, 0x7, 0x1, 0xdb, 0xfd, 0x2}, {0x9, 0x1b, 0x1, 0x19, 0x2, 0xd, 0x8, 0x8, 0xff, 0x6, 0x9, 0x0, 0x100}], 0x2})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x1, 0x41, 0x0, 0xffff, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x1, 0x7fffffff, 0x100000000004], 0x80a0000})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

898.253857ms ago: executing program 6 (id=2011):
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1c", 0x1, 0x0, 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_procfs(0x0, &(0x7f0000000080)='mountstats\x00')
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(r1, 0x0, 0x0, 0xfffffe04, 0x1)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x40000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000000)=0x5)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0x7, 0x2550, 0xfffffffe, 0xfffffff8, 0x14, "0c7a08dc8a83bc28b20f69b129a7511bdfd103"})

587.923122ms ago: executing program 0 (id=2013):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
listen(0xffffffffffffffff, 0x8)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
epoll_create1(0x80000)
socket$netlink(0x10, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time_for_children\x00')
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x2001}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r4, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x1004)

249.97932ms ago: executing program 7 (id=2018):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'syz_tun\x00', &(0x7f0000000180)=@ethtool_link_settings={0x25, 0x400, 0xf, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1]}})

247.24932ms ago: executing program 7 (id=2019):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="080100001000030400"/20, @ANYRES32=0x0, @ANYBLOB="4606090000000000d800128009000100766c616e00000000c8000280640004800c000100fcffffff9c5100000c00010009000000090000000c00010006000000040000000c00010000000000001000000c0001002b000000c00000000c00010060d7db55090000000c00010010000000040000000c00010002000000050000000600010002000000400003800c00010004000000080000000c00010008000000bca2480a0c00010009000000010400000c00010007000000b40000000c00010003000000000001000c0002000100000010000000040003800600050088a8000008000500", @ANYRES32=r2], 0x108}, 0x1, 0x0, 0x0, 0x600}, 0x0)

223.311662ms ago: executing program 7 (id=2020):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000007300004000000000ff"])

212.558633ms ago: executing program 7 (id=2021):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0xc3b, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, 0x0, 0x6200}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x21f3}, @IFLA_GRE_ENCAP_TYPE={0x6}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x180}, 0x40080c0)

162.505467ms ago: executing program 7 (id=2022):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/122, 0x7a}}], 0x1, 0x45833af92e4a39bf, 0x0)

153.430938ms ago: executing program 7 (id=2023):
r0 = syz_usb_connect(0x2, 0x4a, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x6d, 0xf5, 0x71, 0x8, 0x4e2, 0x1424, 0xc7eb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x38, 0x2, 0x96, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xcc, 0x7, 0x0, 0x2, 0x59, 0x61, 0x5, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x890, 0x0, 0x7, 0x8}, {0x6, 0x24, 0x1a, 0x5, 0x11}}]}}, {{0x9, 0x4, 0x1, 0xff, 0x0, 0x6e, 0xb8, 0xc1}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

69.325295ms ago: executing program 6 (id=2024):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000000c0)={0x0, 0x5, 0x303, 0x400, 0x0, 0x0, 0x0})

42.645997ms ago: executing program 6 (id=2025):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, &(0x7f0000000900)=[{&(0x7f0000000000)="c7", 0x1}], 0x1, 0x18, 0x0)

42.457687ms ago: executing program 6 (id=2026):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3c}]}]}, 0x28}}, 0x0)

42.268997ms ago: executing program 8 (id=2027):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000240)={@local, @random="b9890c6f9ebb", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0xfffe, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x16, 0x40, 0x2, 0x0, 0x932, {[@window={0x3, 0x3, 0x3}, @timestamp={0x8, 0xa, 0x200, 0xb}, @exp_smc={0xfe, 0x6}, @sack={0x5, 0x12, [0x5, 0x2, 0x1, 0x0]}, @generic={0x22, 0xe, "790348ff5395e18ef0931438"}, @sack={0x5, 0xe, [0x5, 0x9, 0x7f]}]}}}}}}}, 0x0)

42.175047ms ago: executing program 6 (id=2028):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000380)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x7, 0x7}, {}, {0x8, 0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffd, 0x400, 0x7, 0x6, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0x0, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

350.43µs ago: executing program 8 (id=2029):
r0 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet(0x2, 0x3, 0x6)
r2 = dup3(r0, r1, 0x0)
setsockopt$inet_int(r2, 0x0, 0x5, &(0x7f00000002c0)=0x200007, 0x4)

217.69µs ago: executing program 8 (id=2030):
socket(0x10, 0x803, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd71, 0xffffffffffffffff}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x118)
ioctl$PPPIOCSMRU1(r1, 0x4020744f, &(0x7f0000000080)=0xffffffff)

142.561µs ago: executing program 8 (id=2031):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000580)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @multicast1}, 0x2, 0x1, 0x2}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, 0x0)

82.971µs ago: executing program 8 (id=2032):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x4, 0x20, 0x66, 0x0, 0x7, 0x2, 0x0, @private=0xa010102, @local}, {0x11, 0x1, 0x0, @empty, "00030000"}}}}}, 0x0)

0s ago: executing program 8 (id=2033):
r0 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x11)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064", 0x14}, {0x0}], 0x2}}], 0x1, 0x4004040)

kernel console output (not intermixed with test programs):

): ext4_free_blocks:5685: comm syz.4.789: Freeing blocks not in datazone - block = 0, count = 4096
[  197.454355][ T2989] EXT4-fs error (device loop4): ext4_map_blocks:630: inode #3: block 1: comm syz.4.789: lblock 1 mapped to illegal pblock 1 (length 1)
[  197.488131][ T3012] syz.3.795[3012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  197.488205][ T3012] syz.3.795[3012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  197.491373][ T2989] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.789: Failed to acquire dquot type 0
[  197.541349][   T15] usb 1-1: USB disconnect, device number 8
[  197.561042][ T2989] EXT4-fs (loop4): 1 orphan inode deleted
[  197.566802][ T2989] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,noload,noauto_da_alloc,sb=0x0000000000000002,usrjquota=./file0,nomblk_io_submit,,errors=continue
[  197.611600][ T3012] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  197.622842][ T3015] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  197.624008][ T3012] EXT4-fs (loop3): 1 truncate cleaned up
[  197.638222][ T3012] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,
[  197.663269][ T3015] EXT4-fs error (device loop0): ext4_get_journal_inode:5243: inode #32: comm syz.0.794: iget: special inode unallocated
[  197.663445][ T2989] EXT4-fs error (device loop4): ext4_search_dir:1521: inode #2: block 16: comm syz.4.789: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  197.702532][ T3015] EXT4-fs (loop0): no journal found
[  197.707940][ T3015] EXT4-fs (loop0): can't get journal size
[  197.708022][ T2989] EXT4-fs error (device loop4): ext4_search_dir:1521: inode #2: block 16: comm syz.4.789: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  197.743761][ T3015] EXT4-fs (loop0): filesystem is read-only
[  197.750585][ T3015] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,bsdgroups,resuid=0x0000000000000000,
[  198.068318][ T3027] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  198.502665][ T3035] overlayfs: failed to resolve './bus': -2
[  198.502671][ T3037] netlink: 12 bytes leftover after parsing attributes in process `syz.7.800'.
[  198.519615][ T3038] netlink: 68 bytes leftover after parsing attributes in process `syz.0.798'.
[  198.768812][ T3060] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  198.951086][ T2122] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  199.086673][    T7] Bluetooth: hci0: Frame reassembly failed (-84)
[  199.201004][ T2122] usb 7-1: Using ep0 maxpacket: 8
[  199.321051][ T2122] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.332181][ T2122] usb 7-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  199.341288][ T2122] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.354665][ T2122] usb 7-1: config 0 descriptor??
[  199.360125][ T3066] syz.0.810[3066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  199.360219][ T3066] syz.0.810[3066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  199.402182][ T3066] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  199.424432][ T3066] EXT4-fs (loop0): 1 truncate cleaned up
[  199.430067][ T3066] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,
[  199.574057][ T3072] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c01c, mo2=0002]
[  199.582525][ T3072] System zones: 1-12
[  199.586998][ T3072] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.812: error while reading EA inode 32 err=-116
[  199.600109][ T3072] EXT4-fs (loop3): 1 orphan inode deleted
[  199.607340][ T3072] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,debug,inode_readahead_blks=0x0000000004000000,noauto_da_alloc,bsdgroups,jqfmt=vfsv1,abort,data_err=ignore,,errors=continue
[  199.661539][ T3077] xt_CT: No such helper "snmp_trap"
[  199.981646][ T2122] belkin 0003:050D:3201.000A: unknown main item tag 0x2
[  199.988704][ T2122] belkin 0003:050D:3201.000A: unknown main item tag 0x3
[  200.214707][ T2122] belkin 0003:050D:3201.000A: ignoring exceeding usage max
[  200.223850][ T2122] belkin 0003:050D:3201.000A: hiddev96,hidraw0: USB HID v0.00 Device [HID 050d:3201] on usb-dummy_hcd.6-1/input0
[  200.237662][ T2122] usb 7-1: USB disconnect, device number 6
[  200.251177][ T3088] fido_id[3088]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  200.278273][ T3090] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=3090 comm=syz.0.817
[  200.290697][ T3090] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3090 comm=syz.0.817
[  200.304273][ T3090] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  200.362500][ T3092] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodiscard,bsddf,acl,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000080,jqfmt=vfsv1,nodelalloc,auto_da_alloc,norecovery,,errors=continue
[  200.568332][ T3102] overlayfs: failed to resolve './bus': -2
[  200.633057][ T3104] netlink: 'syz.7.820': attribute type 3 has an invalid length.
[  200.816620][ T3111] netlink: 72 bytes leftover after parsing attributes in process `syz.6.824'.
[  200.825672][ T3111] netlink: 24 bytes leftover after parsing attributes in process `syz.6.824'.
[  200.835579][ T3111] netlink: 24 bytes leftover after parsing attributes in process `syz.6.824'.
[  201.110996][ T2122] Bluetooth: hci0: command 0x1003 tx timeout
[  201.118215][   T40] Bluetooth: hci0: sending frame failed (-49)
[  201.121014][  T297] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  201.531058][  T297] usb 7-1: unable to get BOS descriptor or descriptor too short
[  201.571075][  T297] usb 7-1: not running at top speed; connect to a high speed hub
[  201.860574][  T297] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  201.871015][  T297] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  201.879896][  T297] usb 7-1: too many endpoints for config 1 interface 0 altsetting 255: 231, using maximum allowed: 30
[  201.890934][  T297] usb 7-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 231
[  201.904332][  T297] usb 7-1: config 1 interface 0 has no altsetting 1
[  202.102069][ T3131] xt_CT: No such helper "snmp_trap"
[  202.227518][  T297] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  202.236657][  T297] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.245032][  T297] usb 7-1: Product:  嚸疇��ゅ溺��쮼අ샆�齱慠ㄘ氒㲌է밤ۄ꺠��뺖믥췜ꋴ末좭蹹傗턷᫖뛲㥛疢郑箧俼�Ṿạ칒庂ᤖ�겥ꗒᬤ硶魾䞮콬贀괹펃戟刹麵䖽ꪼ턳䘀燘�⡅㺘셾�忊嵌ߖ�譪멵㱸�傟⠮剚噰伞腊��닔ᅃ戯슠떬ğ��酜痣桹웘
[  202.276308][  T297] usb 7-1: Manufacturer: ÑŽ
[  202.281163][  T297] usb 7-1: SerialNumber: 鋑캼�涮苓꼄�飒᰸㫱뢷鰤辟�藀木潎�์伃趯➜趴ɯ쨖༄�蔜Ꙓ둾장浕璑⽯憡�抭핳ȅ藕촡横砊ꌒ㒼㤡�ꂔ�㚌傽ޡឩ曱骩鷩ᣉ絲暪ꤗ�뻧⚟��ﳭ费핇빵㇦觰촀Ⳁ纓욑�꭫稉｢ἅ髽硵�鉒਷馅롷맪逾泉क़뤑䗀
[  202.319602][   T24] kauditd_printk_skb: 171 callbacks suppressed
[  202.319613][   T24] audit: type=1400 audit(212.298:1454): avc:  denied  { validate_trans } for  pid=3134 comm="syz.7.832" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  202.459573][ T3142] netlink: 96 bytes leftover after parsing attributes in process `syz.7.835'.
[  202.621056][   T24] audit: type=1400 audit(212.578:1455): avc:  denied  { create } for  pid=3114 comm="syz.6.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  202.750127][   T24] audit: type=1400 audit(212.728:1456): avc:  denied  { mounton } for  pid=3141 comm="syz.7.835" path="/syzcgroup/unified/syz7" dev="cgroup2" ino=164 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  202.773457][   T24] audit: type=1400 audit(212.728:1457): avc:  denied  { mount } for  pid=3141 comm="syz.7.835" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  202.773583][  T297] usb 7-1: 0:1 : does not exist
[  202.809389][  T297] usb 7-1: 0:2 : does not exist
[  202.954188][  T297] usb 7-1: USB disconnect, device number 7
[  203.191027][  T708] Bluetooth: hci0: command 0x1001 tx timeout
[  203.197373][   T40] Bluetooth: hci0: sending frame failed (-49)
[  203.340480][ T3159] netlink: 16 bytes leftover after parsing attributes in process `syz.3.840'.
[  203.361098][   T24] audit: type=1400 audit(213.348:1458): avc:  denied  { bind } for  pid=3153 comm="syz.6.839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  203.449302][ T3169] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  203.467434][ T3177] netlink: 12 bytes leftover after parsing attributes in process `syz.7.844'.
[  203.913382][ T3185] EXT4-fs (loop7): Test dummy encryption mode enabled
[  203.920256][ T3185] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  204.315565][ T3189] cgroup: subsys name conflicts with all
[  204.709693][ T3185] EXT4-fs (loop7): 1 truncate cleaned up
[  204.715490][ T3185] EXT4-fs (loop7): mounted filesystem without journal. Opts: nogrpid,block_validity,debug_want_extra_isize=0x0000000000000068,barrier,nobarrier,quota,test_dummy_encryption,,errors=continue
[  205.078691][   T24] audit: type=1400 audit(215.058:1459): avc:  denied  { create } for  pid=3195 comm="syz.7.848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  205.180850][   T24] audit: type=1400 audit(215.158:1460): avc:  denied  { append } for  pid=3210 comm="syz.6.856" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  205.206230][ T3212] kvm [3210]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x40000074
[  205.227283][ T3218] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  205.271059][  T708] Bluetooth: hci0: command 0x1009 tx timeout
[  205.371467][ T3224] EXT4-fs (loop0): Ignoring removed orlov option
[  205.445873][ T3224] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  205.575106][   T24] audit: type=1400 audit(215.558:1461): avc:  denied  { setattr } for  pid=3231 comm="syz.3.860" name="file0" dev="9p" ino=7016996764471618667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[  205.843640][ T3236] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[  205.843640][ T3236] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  205.843640][ T3236] 
[  205.872737][ T3236] Quota error (device loop3): v2_read_file_info: Block with free entry too big (83886085 >= 6).
[  205.883354][ T3236] EXT4-fs warning (device loop3): ext4_enable_quotas:6491: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  205.898386][ T3236] EXT4-fs (loop3): mount failed
[  206.046107][ T3236] EXT4-fs (loop3): #blocks per group too big: 466944
[  206.057972][   T24] audit: type=1326 audit(221.033:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3247 comm="syz.0.865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeb7635be9 code=0x7ffc0000
[  206.134018][ T3246] FAT-fs (loop7): Directory bread(block 64) failed
[  206.140675][ T3246] FAT-fs (loop7): Directory bread(block 65) failed
[  206.147920][ T3246] FAT-fs (loop7): Directory bread(block 66) failed
[  206.154874][ T3246] FAT-fs (loop7): Directory bread(block 67) failed
[  206.161763][ T3246] FAT-fs (loop7): Directory bread(block 68) failed
[  206.168361][ T3246] FAT-fs (loop7): Directory bread(block 69) failed
[  206.174971][ T3246] FAT-fs (loop7): Directory bread(block 70) failed
[  206.181611][ T3246] FAT-fs (loop7): Directory bread(block 71) failed
[  206.188125][ T3246] FAT-fs (loop7): Directory bread(block 72) failed
[  206.194715][ T3246] FAT-fs (loop7): Directory bread(block 73) failed
[  206.255274][ T3250] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,noauto_da_alloc,jqfmt=vfsold,stripe=0x0000000000000003,noauto_da_alloc,auto_da_alloc=0x0000000000000005,resuid=0x0000000000000000,dioread_lock,jqfmt=vfsv1,,errors=continue
[  206.371959][ T3258] SELinux: failed to load policy
[  206.405436][ T3262] netlink: 104 bytes leftover after parsing attributes in process `syz.6.869'.
[  206.470902][ T3264] netlink: 68 bytes leftover after parsing attributes in process `syz.7.866'.
[  207.296490][ T3274] binder: 3273:3274 ioctl 4018620d 0 returned -22
[  207.512300][ T3276] exfat: Unknown parameter 'fsmagic'
[  207.596291][ T3276] netlink: 68 bytes leftover after parsing attributes in process `syz.6.874'.
[  208.059108][ T3289] netlink: 72 bytes leftover after parsing attributes in process `syz.0.873'.
[  208.073390][ T3284] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[  208.177520][ T3289] netlink: 24 bytes leftover after parsing attributes in process `syz.0.873'.
[  208.201533][ T3289] netlink: 24 bytes leftover after parsing attributes in process `syz.0.873'.
[  208.250986][   T24] kauditd_printk_skb: 12 callbacks suppressed
[  208.250997][   T24] audit: type=1400 audit(223.153:1475): avc:  denied  { mounton } for  pid=3283 comm="syz.7.878" path="/109/file0/file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  208.287890][ T3291] overlayfs: failed to resolve './bus': -2
[  208.319087][   T24] audit: type=1400 audit(223.153:1476): avc:  denied  { write } for  pid=3283 comm="syz.7.878" name="bus" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  208.341335][   T24] audit: type=1400 audit(223.153:1477): avc:  denied  { add_name } for  pid=3283 comm="syz.7.878" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  208.361011][   T24] audit: type=1400 audit(223.153:1478): avc:  denied  { setattr } for  pid=3283 comm="syz.7.878" name="work" dev="loop7" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  208.388082][   T24] audit: type=1400 audit(223.153:1479): avc:  denied  { remove_name } for  pid=3283 comm="syz.7.878" name="#11" dev="loop7" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  208.409802][   T24] audit: type=1400 audit(223.153:1480): avc:  denied  { unlink } for  pid=3283 comm="syz.7.878" name="#11" dev="loop7" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  208.431724][   T24] audit: type=1400 audit(223.153:1481): avc:  denied  { unlink } for  pid=3283 comm="syz.7.878" name="#12" dev="loop7" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  208.453402][   T24] audit: type=1400 audit(223.153:1482): avc:  denied  { remount } for  pid=3283 comm="syz.7.878" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  208.472605][   T24] audit: type=1400 audit(223.153:1483): avc:  denied  { link } for  pid=3283 comm="syz.7.878" name="file2" dev="overlay" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  208.494439][   T24] audit: type=1400 audit(223.153:1484): avc:  denied  { read } for  pid=3283 comm="syz.7.878" name="file2" dev="loop7" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  208.531901][ T3293] FAT-fs (loop6): Directory bread(block 64) failed
[  208.532281][ T3301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.883'.
[  208.542856][ T3293] FAT-fs (loop6): Directory bread(block 65) failed
[  208.549697][ T3301] netlink: 12 bytes leftover after parsing attributes in process `syz.0.883'.
[  208.564607][ T3293] FAT-fs (loop6): Directory bread(block 66) failed
[  208.583130][ T3303] netlink: 32 bytes leftover after parsing attributes in process `syz.0.884'.
[  208.584110][ T3293] FAT-fs (loop6): Directory bread(block 67) failed
[  208.598870][ T3303] xt_CT: No such helper "pptp"
[  208.614175][ T3293] FAT-fs (loop6): Directory bread(block 68) failed
[  208.620723][ T3293] FAT-fs (loop6): Directory bread(block 69) failed
[  208.627589][ T3293] FAT-fs (loop6): Directory bread(block 70) failed
[  208.634209][ T3293] FAT-fs (loop6): Directory bread(block 71) failed
[  208.644015][ T3293] FAT-fs (loop6): Directory bread(block 72) failed
[  208.650660][ T3293] FAT-fs (loop6): Directory bread(block 73) failed
[  209.282750][ T3316] netlink: 104 bytes leftover after parsing attributes in process `syz.7.888'.
[  210.084059][ T3325] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  210.103323][ T3325] EXT4-fs (loop7): 1 truncate cleaned up
[  210.109055][ T3325] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  210.758224][ T3339] netlink: 12 bytes leftover after parsing attributes in process `syz.6.896'.
[  210.818892][ T3342] binder: 3341:3342 ioctl 4018620d 0 returned -22
[  210.891039][ T2122] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  210.964094][ T3358] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #15: comm syz.3.903: casefold flag without casefold feature
[  210.976849][ T3358] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.903: couldn't read orphan inode 15 (err -117)
[  210.988771][ T3358] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue
[  211.093536][ T3362] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  211.100856][ T3362] EXT4-fs (loop3): Test dummy encryption mode enabled
[  211.108383][ T3362] EXT4-fs (loop3): orphan cleanup on readonly fs
[  211.114818][   T15] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  211.120329][ T3362] EXT4-fs error (device loop3): ext4_free_branches:1026: inode #13: comm syz.3.904: invalid indirect mapped block 234881024 (level 0)
[  211.136459][ T3362] EXT4-fs (loop3): Remounting filesystem read-only
[  211.143477][ T3362] EXT4-fs (loop3): 1 truncate cleaned up
[  211.149428][ T3362] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,inlinecrypt,noblock_validity,abort,mblk_io_submit,data_err=ignore,bsdgroups,errors=remount-ro,test_dummy_encryption,bsdgroups,
[  211.232168][  T276] EXT4-fs error (device loop3): htree_dirblock_to_tree:1092: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  211.253169][  T276] EXT4-fs error (device loop3): ext4_lookup:1834: inode #2: comm syz-executor: deleted inode referenced: 15
[  211.265427][  T276] EXT4-fs error (device loop3): ext4_lookup:1834: inode #2: comm syz-executor: deleted inode referenced: 15
[  211.281047][ T2122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.297232][ T2122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.307207][ T2122] usb 1-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00
[  211.316383][ T2122] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.324902][ T2122] usb 1-1: config 0 descriptor??
[  211.458558][ T3378] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.465684][ T3378] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.473333][ T3378] device bridge_slave_0 entered promiscuous mode
[  211.485091][ T3378] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.492193][ T3378] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.499645][ T3378] device bridge_slave_1 entered promiscuous mode
[  211.501220][   T15] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  211.514339][   T15] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  211.524139][   T15] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  211.534469][   T15] usb 7-1: config 220 has no interface number 2
[  211.540854][   T15] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  211.554168][   T15] usb 7-1: config 220 interface 0 has no altsetting 0
[  211.561406][   T15] usb 7-1: config 220 interface 76 has no altsetting 0
[  211.568300][   T15] usb 7-1: config 220 interface 1 has no altsetting 0
[  211.591004][ T3378] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.598040][ T3378] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.605321][ T3378] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.612355][ T3378] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.631168][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.638736][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.646355][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.653707][  T708] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  211.666448][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  211.674971][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.682014][  T306] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.700360][ T3378] device veth0_vlan entered promiscuous mode
[  211.707868][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  211.716529][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  211.724505][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  211.732066][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  211.739630][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.747813][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.754839][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.762176][   T15] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  211.762301][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  211.771224][   T15] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.771233][   T15] usb 7-1: Product: syz
[  211.771241][   T15] usb 7-1: Manufacturer: syz
[  211.771249][   T15] usb 7-1: SerialNumber: syz
[  211.782125][ T2122] saitek 0003:06A3:0CFA.000B: item fetching failed at offset 5/7
[  211.787566][  T306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  211.791992][ T2122] saitek 0003:06A3:0CFA.000B: parse failed
[  211.822058][ T2122] saitek: probe of 0003:06A3:0CFA.000B failed with error -22
[  211.837769][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  211.849090][ T3378] device veth1_macvtap entered promiscuous mode
[  211.860616][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  211.863530][ T3383] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  211.877969][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  211.886622][  T396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  211.888516][ T3383] EXT4-fs (loop7): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,grpquota,nomblk_io_submit,stripe=0x000000000004ffff,norecovery,errors=remount-ro,max_batch_time=0x0000000000000814,
[  211.941021][  T708] usb 5-1: device descriptor read/64, error -71
[  211.953705][ T3383] EXT4-fs error (device loop7): ext4_find_dest_de:2079: inode #12: block 5: comm syz.7.913: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=7952, size=56 fake=0
[  211.972946][ T3383] EXT4-fs (loop7): Remounting filesystem read-only
[  211.996812][ T2125] usb 1-1: USB disconnect, device number 9
[  212.047490][ T3383] incfs: Can't find or create .index dir in ./file0
[  212.054342][ T3383] incfs: mount failed -30
[  212.068405][ T2568] device bridge_slave_1 left promiscuous mode
[  212.076327][ T2568] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.086652][ T2568] device bridge_slave_0 left promiscuous mode
[  212.093647][ T2568] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.106806][ T2568] device veth1_macvtap left promiscuous mode
[  212.144265][ T2568] device veth0_vlan left promiscuous mode
[  212.301116][   T15] uvcvideo: Found UVC 7.01 device syz (8086:0b07)
[  212.307618][   T15] uvcvideo: No valid video chain found.
[  212.392408][   T15] usb 7-1: USB disconnect, device number 8
[  212.401103][  T708] usb 5-1: device descriptor read/64, error -71
[  212.545825][ T3399] netlink: 'syz.6.916': attribute type 3 has an invalid length.
[  212.671024][  T708] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  212.859284][ T3411] netlink: 64 bytes leftover after parsing attributes in process `syz.8.921'.
[  212.941004][  T708] usb 5-1: device descriptor read/64, error -71
[  213.223806][ T3422] EXT4-fs (loop7): Test dummy encryption mode enabled
[  213.231863][ T3422] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.926: bg 0: block 127: padding at end of block bitmap is not set
[  213.246436][ T3422] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.926: inode #1: comm syz.7.926: iget: illegal inode #
[  213.259687][ T3422] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.926: error while reading EA inode 1 err=-117
[  213.272715][ T3422] EXT4-fs (loop7): 1 orphan inode deleted
[  213.278518][ T3422] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpjquota=,discard,norecovery,noinit_itable,test_dummy_encryption,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,jqfmt=vfsold,dioread_lock,noblock_validity,nouid32,,errors=continue
[  213.305181][ T3422] EXT4-fs error (device loop7): ext4_lookup:1834: inode #2: comm syz.7.926: deleted inode referenced: 15
[  213.320763][   T24] kauditd_printk_skb: 41 callbacks suppressed
[  213.320774][   T24] audit: type=1400 audit(233.299:1526): avc:  denied  { watch } for  pid=3421 comm="syz.7.926" path="/120/bus" dev="loop7" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  213.356354][   T24] audit: type=1400 audit(233.339:1527): avc:  denied  { unmount } for  pid=3421 comm="syz.7.926" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  213.371010][  T708] usb 5-1: device descriptor read/64, error -71
[  213.453511][ T3428] netlink: 200 bytes leftover after parsing attributes in process `syz.6.927'.
[  213.490208][ T3432] binder: 3431:3432 ioctl c0306201 0 returned -14
[  213.559498][ T3430] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  213.561451][  T708] usb usb5-port1: attempt power cycle
[  214.151114][  T708] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  214.215386][ T3453] syz.0.937[3453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  214.215440][ T3453] syz.0.937[3453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  214.252622][ T3453] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  214.281989][ T3453] EXT4-fs (loop0): 1 truncate cleaned up
[  214.287659][ T3453] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,
[  214.328075][ T3450] F2FS-fs (loop8): Small segment_count (9 < 1 * 24)
[  214.334881][ T3450] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  214.348367][  T708] usb 5-1: device descriptor read/8, error -71
[  214.366029][ T3458] overlayfs: failed to clone upperpath
[  214.395736][ T3462] device bridge0 entered promiscuous mode
[  214.401843][ T3462] device macsec1 entered promiscuous mode
[  214.408144][ T3462] bridge0: port 1(macsec1) entered blocking state
[  214.414665][ T3462] bridge0: port 1(macsec1) entered disabled state
[  214.422384][ T3462] device bridge0 left promiscuous mode
[  214.427896][ T3450] F2FS-fs (loop8): Found nat_bits in checkpoint
[  214.463043][ T3450] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  214.470229][ T3450] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  214.571074][  T708] usb 5-1: device descriptor read/8, error -71
[  214.925345][   T24] audit: type=1400 audit(234.909:1528): avc:  denied  { map } for  pid=3449 comm="syz.8.936" path="/9/file2/memory.events.local" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  214.950703][ T3471] netlink: 12 bytes leftover after parsing attributes in process `syz.7.942'.
[  215.004447][   T24] audit: type=1400 audit(234.989:1529): avc:  denied  { write } for  pid=3449 comm="syz.8.936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  215.023904][   T24] audit: type=1326 audit(235.009:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3449 comm="syz.8.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2624cabe9 code=0x7ffc0000
[  215.046786][   T24] audit: type=1326 audit(235.009:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3449 comm="syz.8.936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2624cabe9 code=0x7ffc0000
[  215.073052][ T3378] handle_bad_sector: 1509 callbacks suppressed
[  215.073062][ T3378] attempt to access beyond end of device
[  215.073062][ T3378] loop8: rw=2049, want=45104, limit=40427
[  215.228617][ T3479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.945'.
[  215.240868][ T3479] netlink: 12 bytes leftover after parsing attributes in process `syz.0.945'.
[  215.288092][ T3487] netlink: 8 bytes leftover after parsing attributes in process `syz.8.949'.
[  215.342402][ T3491] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  215.355820][ T3491] EXT4-fs (loop4): 1 truncate cleaned up
[  215.363108][ T3491] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue
[  215.396234][ T3504] netlink: 12 bytes leftover after parsing attributes in process `syz.6.947'.
[  215.423408][ T3504] netlink: 48 bytes leftover after parsing attributes in process `syz.6.947'.
[  215.649783][ T3510] netlink: 28 bytes leftover after parsing attributes in process `syz.8.955'.
[  215.668843][   T24] audit: type=1400 audit(235.609:1532): avc:  denied  { create } for  pid=3505 comm="syz.8.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  215.755572][   T24] audit: type=1400 audit(235.629:1533): avc:  denied  { write } for  pid=3505 comm="syz.8.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  216.795289][ T3551] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  216.913984][ T3551] EXT4-fs (loop8): 1 truncate cleaned up
[  216.920735][ T3551] EXT4-fs (loop8): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,
[  217.011932][ T3564] device bridge0 entered promiscuous mode
[  217.018221][ T3564] bridge0: port 3(macsec1) entered blocking state
[  217.025094][ T3564] bridge0: port 3(macsec1) entered disabled state
[  217.032593][ T3564] device bridge0 left promiscuous mode
[  217.111230][ T3570] EXT4-fs error (device loop8): ext4_generic_delete_entry:2683: inode #2: block 13: comm syz.8.967: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  217.149193][   T24] audit: type=1400 audit(237.099:1534): avc:  denied  { rename } for  pid=3550 comm="syz.8.967" name="file0" dev="loop8" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  217.153536][ T3570] EXT4-fs (loop8): Remounting filesystem read-only
[  217.177303][ T3570] EXT4-fs error (device loop8) in ext4_delete_entry:2741: Corrupt filesystem
[  217.353428][ T3570] EXT4-fs warning (device loop8): ext4_rename_delete:3901: inode #2: comm syz.8.967: Deleting old file: nlink 5, error=-117
[  217.433330][   T24] audit: type=1400 audit(237.419:1535): avc:  denied  { ioctl } for  pid=3580 comm="syz.4.976" path="socket:[27088]" dev="sockfs" ino=27088 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  217.841446][ T3587] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  218.377404][ T3592] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  218.397027][ T3592] EXT4-fs (loop4): 1 truncate cleaned up
[  218.402820][ T3592] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,discard,journal_ioprio=0x0000000000000003,errors=remount-ro,lazytime,minixdf,noquota,usrjquota=,
[  218.421891][ T3592] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.980: bg 0: block 256: padding at end of block bitmap is not set
[  218.436366][ T3592] EXT4-fs (loop4): Remounting filesystem read-only
[  218.443269][ T3592] EXT4-fs error (device loop4): ext4_get_verity_descriptor_location:302: inode #15: comm syz.4.980: verity file has no extents
[  218.460921][ T3592] fs-verity (loop4, inode 15): Error -117 getting verity descriptor size
[  218.673049][ T3614] netlink: 'syz.4.984': attribute type 3 has an invalid length.
[  219.062404][ T3618] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  219.146251][ T3618] EXT4-fs (loop8): 1 truncate cleaned up
[  219.162712][ T3618] EXT4-fs (loop8): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,
[  219.562260][   T24] kauditd_printk_skb: 1 callbacks suppressed
[  219.562272][   T24] audit: type=1326 audit(239.529:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3626 comm="syz.4.989" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f021c905be9 code=0x0
[  219.637621][ T3633] netlink: 68 bytes leftover after parsing attributes in process `syz.6.992'.
[  219.689548][ T3638] overlayfs: failed to resolve './bus': -2
[  219.768434][ T3644] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  219.778376][ T3644] EXT4-fs error (device loop6): ext4_get_journal_inode:5243: inode #32: comm syz.6.996: iget: special inode unallocated
[  219.798407][ T3644] EXT4-fs (loop6): no journal found
[  219.802928][   T24] audit: type=1326 audit(239.789:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3646 comm="syz.0.997" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feeb7635be9 code=0x0
[  219.804228][ T3644] EXT4-fs (loop6): can't get journal size
[  219.832651][ T3644] EXT4-fs (loop6): filesystem is read-only
[  219.838546][ T3644] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,bsdgroups,resuid=0x0000000000000000,
[  220.663033][ T3660] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  220.673731][ T3660] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  220.689727][ T3660] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  221.060384][ T3664] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  221.164200][ T3664] EXT4-fs (loop8): 1 truncate cleaned up
[  221.243597][ T3664] EXT4-fs (loop8): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,
[  221.833858][ T3676] EXT4-fs error (device loop8): ext4_generic_delete_entry:2683: inode #2: block 13: comm syz.8.1000: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  221.854314][ T3676] EXT4-fs (loop8): Remounting filesystem read-only
[  221.860821][ T3676] EXT4-fs error (device loop8) in ext4_delete_entry:2741: Corrupt filesystem
[  221.869779][ T3676] EXT4-fs warning (device loop8): ext4_rename_delete:3901: inode #2: comm syz.8.1000: Deleting old file: nlink 5, error=-117
[  221.898706][ T3681] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1004'.
[  221.951007][   T15] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  222.129832][ T3690] xt_limit: Overflow, try lower: 268435456/134217728
[  222.290002][ T3689] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  222.427600][   T24] audit: type=1326 audit(242.409:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3695 comm="syz.7.1009" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f303f19bbe9 code=0x0
[  222.454466][ T3692] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  222.556439][ T3692] EXT4-fs (loop8): 1 truncate cleaned up
[  222.562248][ T3692] EXT4-fs (loop8): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  222.681226][   T15] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.692769][   T15] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.703975][   T15] usb 1-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00
[  222.716533][   T15] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.190435][   T15] usb 1-1: config 0 descriptor??
[  223.293266][ T3707] binder: BINDER_SET_CONTEXT_MGR already set
[  223.309521][ T3707] binder: 3704:3707 ioctl 4018620d 200000004a80 returned -16
[  223.394990][   T24] audit: type=1400 audit(243.379:1540): avc:  denied  { ioctl } for  pid=3713 comm="syz.8.1014" path="socket:[27325]" dev="sockfs" ino=27325 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  223.676266][   T24] audit: type=1400 audit(243.579:1541): avc:  denied  { bind } for  pid=3713 comm="syz.8.1014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.702101][   T24] audit: type=1400 audit(243.589:1542): avc:  denied  { read } for  pid=3713 comm="syz.8.1014" path="socket:[28064]" dev="sockfs" ino=28064 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  223.726838][   T15] saitek 0003:06A3:0CFA.000C: item fetching failed at offset 5/7
[  223.734691][   T15] saitek 0003:06A3:0CFA.000C: parse failed
[  223.740526][   T15] saitek: probe of 0003:06A3:0CFA.000C failed with error -22
[  223.823607][ T3726] EXT4-fs (loop4): Ignoring removed bh option
[  223.829805][ T3726] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  223.838686][ T3726] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bh,nomblk_io_submit,,errors=continue
[  223.905672][   T24] audit: type=1326 audit(243.889:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3712 comm="syz.6.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  223.930346][   T15] usb 1-1: USB disconnect, device number 10
[  223.959150][   T24] audit: type=1326 audit(243.939:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3712 comm="syz.6.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  223.982238][   T24] audit: type=1326 audit(243.939:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3712 comm="syz.6.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  224.005244][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  224.022291][   T24] audit: type=1326 audit(243.999:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3712 comm="syz.6.1018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  225.275204][   T24] kauditd_printk_skb: 19 callbacks suppressed
[  225.275216][   T24] audit: type=1326 audit(245.259:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3742 comm="syz.0.1024" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feeb7635be9 code=0x0
[  226.554280][ T3765] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[  227.104856][ T3769] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[  227.451049][   T24] audit: type=1400 audit(247.429:1567): avc:  denied  { mounton } for  pid=3784 comm="syz.8.1036" path="/25/file0" dev="tmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  227.640069][ T3799] hub 8-0:1.0: USB hub found
[  227.644846][ T3799] hub 8-0:1.0: 1 port detected
[  227.823989][ T3798] overlayfs: failed to resolve './file1': -2
[  228.629189][   T24] audit: type=1400 audit(248.609:1568): avc:  denied  { setopt } for  pid=3763 comm="syz.4.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  228.650672][   T24] audit: type=1326 audit(248.629:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3815 comm="syz.7.1042" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f303f19bbe9 code=0x0
[  228.682055][ T3808] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3808 comm=syz.6.1037
[  229.710340][   T24] audit: type=1400 audit(249.689:1570): avc:  granted  { setsecparam } for  pid=3831 comm="syz.0.1047" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  229.752932][   T24] audit: type=1326 audit(249.739:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3835 comm="syz.7.1050" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f303f19bbe9 code=0x0
[  229.834853][ T3841] incfs: Options parsing error. -22
[  229.846894][ T3841] incfs: mount failed -22
[  229.909205][   T24] audit: type=1400 audit(249.889:1572): avc:  denied  { unmount } for  pid=1026 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  230.075854][ T3848] netlink: 200 bytes leftover after parsing attributes in process `syz.6.1052'.
[  230.088320][ T3849] netlink: 64 bytes leftover after parsing attributes in process `syz.8.1051'.
[  230.138762][ T3843] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  230.150175][   T15] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  230.248176][ T3843] EXT4-fs (loop0): 1 truncate cleaned up
[  230.253975][ T3843] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  230.564056][   T15] usb 5-1: Using ep0 maxpacket: 16
[  230.800019][ T3860] FAT-fs (loop8): bogus logical sector size 0
[  230.806336][ T3860] FAT-fs (loop8): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  230.815882][ T3860] FAT-fs (loop8): Can't find a valid FAT filesystem
[  230.924470][   T15] usb 5-1: config 1 has an invalid interface number: 214 but max is 0
[  230.932815][   T15] usb 5-1: config 1 has no interface number 0
[  230.939033][   T15] usb 5-1: config 1 interface 214 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  230.949235][   T15] usb 5-1: config 1 interface 214 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  230.959532][   T15] usb 5-1: config 1 interface 214 has no altsetting 0
[  231.341077][   T15] usb 5-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  231.350200][   T24] audit: type=1400 audit(251.329:1573): avc:  denied  { block_suspend } for  pid=3876 comm="syz.6.1060" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  231.371720][   T15] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.379955][   T15] usb 5-1: Product: syz
[  231.384173][   T15] usb 5-1: Manufacturer: syz
[  231.388788][   T15] usb 5-1: SerialNumber: syz
[  231.411047][ T3841] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  231.418066][ T3841] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  231.431438][   T15] ums-alauda 5-1:1.214: USB Mass Storage device detected
[  231.439413][   T15] scsi host1: usb-storage 5-1:1.214
[  231.642391][   T15] usb 5-1: USB disconnect, device number 16
[  231.804612][ T3886] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1062'.
[  231.869449][ T3894] incfs: Options parsing error. -22
[  231.875013][ T3894] incfs: mount failed -22
[  231.963978][ T3899] EXT4-fs (loop0): Test dummy encryption mode enabled
[  231.971887][ T3899] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption=v1,nolazytime,,errors=continue
[  231.985885][   T24] audit: type=1400 audit(251.969:1574): avc:  denied  { ioctl } for  pid=3898 comm="syz.0.1067" path="/191/mnt/bus" dev="loop0" ino=12 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  231.989583][ T3899] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1067'.
[  232.151626][   T24] audit: type=1326 audit(252.139:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3907 comm="syz.4.1070" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f021c905be9 code=0x0
[  232.530815][   T24] audit: type=1400 audit(252.509:1576): avc:  granted  { setsecparam } for  pid=3914 comm="syz.8.1073" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  232.563798][ T3918] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  232.584331][ T3918] EXT4-fs (loop6): 1 truncate cleaned up
[  232.590054][ T3918] EXT4-fs (loop6): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,
[  232.626533][ T3923] EXT4-fs (loop8): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue
[  232.661103][ T3923] EXT4-fs error (device loop8): ext4_map_blocks:740: inode #15: block 3: comm syz.8.1074: lblock 3 mapped to illegal pblock 3 (length 3)
[  232.681599][ T3923] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  232.694195][ T3923] EXT4-fs (loop8): This should not happen!! Data will be lost
[  232.694195][ T3923] 
[  232.709779][ T2568] EXT4-fs error (device loop8): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:6: lblock 8 mapped to illegal pblock 8 (length 8)
[  232.724570][ T2568] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  232.737066][ T2568] EXT4-fs (loop8): This should not happen!! Data will be lost
[  232.737066][ T2568] 
[  232.750211][ T3933] EXT4-fs error (device loop6): ext4_generic_delete_entry:2683: inode #2: block 13: comm syz.6.1072: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  232.771247][ T3933] EXT4-fs (loop6): Remounting filesystem read-only
[  232.776205][ T3934] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1078'.
[  232.777759][ T3933] EXT4-fs error (device loop6) in ext4_delete_entry:2741: Corrupt filesystem
[  232.778467][ T3933] EXT4-fs warning (device loop6): ext4_rename_delete:3901: inode #2: comm syz.6.1072: Deleting old file: nlink 5, error=-117
[  232.787241][ T3934] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1078'.
[  232.818184][ T3934] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1078'.
[  232.858419][ T3939] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1077'.
[  232.928242][   T24] audit: type=1400 audit(252.909:1577): avc:  denied  { create } for  pid=3944 comm="syz.8.1080" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1
[  232.976767][   T24] audit: type=1400 audit(252.959:1578): avc:  denied  { ioctl } for  pid=3950 comm="syz.0.1083" path="socket:[28754]" dev="sockfs" ino=28754 ioctlcmd=0x1500 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  233.031506][ T3954] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1081'.
[  233.261068][ T2125] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  233.493025][ T3959] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  233.500355][ T3959] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  233.512542][ T3959] EXT4-fs (loop6): can't mount with journal_async_commit, fs mounted w/o journal
[  233.531032][ T2125] usb 1-1: Using ep0 maxpacket: 8
[  233.660888][ T2125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.671225][ T2125] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  233.680271][ T2125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.692281][ T2125] usb 1-1: config 0 descriptor??
[  234.222391][ T3970] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  234.329235][ T3972] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  234.336518][ T3972] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  234.337108][ T3972] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  234.337142][ T3972] System zones: 1-12
[  234.338455][ T3972] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.1089: corrupted in-inode xattr
[  234.338607][ T3972] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.1089: couldn't read orphan inode 15 (err -117)
[  234.338723][ T3972] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,noload,noauto_da_alloc,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,mblk_io_submit,,errors=continue
[  234.381486][  T278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  234.431933][  T278] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  234.451537][  T278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  234.451815][  T278] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  234.452014][  T278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  234.452186][  T278] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  234.452375][  T278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  234.452540][  T278] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  234.452722][  T278] EXT4-fs error (device loop4): ext4_readdir:263: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[  234.452854][ T2125] kone 0003:1E7D:2CED.000D: item fetching failed at offset 0/2
[  234.452940][  T278] EXT4-fs error (device loop4): ext4_empty_dir:3115: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[  234.453296][ T2125] kone 0003:1E7D:2CED.000D: parse failed
[  234.453349][ T2125] kone: probe of 0003:1E7D:2CED.000D failed with error -22
[  234.607959][   T24] audit: type=1400 audit(254.589:1579): avc:  denied  { bind } for  pid=3982 comm="syz.7.1093" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  234.608086][   T24] audit: type=1400 audit(254.589:1580): avc:  denied  { node_bind } for  pid=3982 comm="syz.7.1093" saddr=fec0:ffff::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  234.677141][ T3951] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1083'.
[  234.710559][ T2568] tipc: Disabling bearer <udp:£>
[  234.711699][ T2568] tipc: Left network mode
[  234.867585][  T711] usb 1-1: USB disconnect, device number 11
[  235.010568][   T24] audit: type=1400 audit(254.989:1581): avc:  denied  { setopt } for  pid=3988 comm="GPL" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  235.160318][ T3993] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.169908][ T3993] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.177450][ T3993] device bridge_slave_0 entered promiscuous mode
[  235.184612][ T3993] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.191835][ T3993] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.199940][ T3993] device bridge_slave_1 entered promiscuous mode
[  235.243084][ T3993] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.250134][ T3993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.257412][ T3993] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.264444][ T3993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.280802][ T4003] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1100'.
[  235.339577][ T4005] xt_CT: No such helper "snmp_trap"
[  235.433890][ T2568] device bridge_slave_1 left promiscuous mode
[  235.442467][ T2568] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.469779][ T2568] device bridge_slave_0 left promiscuous mode
[  235.476046][ T2568] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.484899][ T2568] device veth1_macvtap left promiscuous mode
[  235.492448][ T2568] device veth0_vlan left promiscuous mode
[  235.636792][ T4009] erofs: (device loop0): mounted with root inode @ nid 36.
[  235.678893][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  235.690724][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.709558][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  235.743529][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  235.756913][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  235.757840][ T4016] overlayfs: failed to resolve './bus': -2
[  235.778765][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  235.790129][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  235.790172][   T24] audit: type=1326 audit(255.769:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4017 comm="syz.0.1105" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feeb7635be9 code=0x0
[  235.806793][ T3993] device veth0_vlan entered promiscuous mode
[  235.828227][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  235.837949][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  235.851698][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  235.863884][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  235.884231][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  235.896228][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  235.904456][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  235.913562][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  235.922426][ T3993] device veth1_macvtap entered promiscuous mode
[  235.944798][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  235.953195][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  235.961900][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  235.982367][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  236.031780][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  236.050228][ T4021] netlink: 56 bytes leftover after parsing attributes in process `syz.8.1106'.
[  236.212010][ T4035] cgroup: syz.8.1111 (4035) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
[  236.228784][ T4035] cgroup: "memory" requires setting use_hierarchy to 1 on the root
[  236.290311][ T4038] netlink: 'syz.9.1097': attribute type 3 has an invalid length.
[  236.494163][ T4043] 9pnet: Insufficient options for proto=fd
[  236.517564][ T4047] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1115'.
[  236.533640][ T4044] EXT4-fs (loop8): Ignoring removed mblk_io_submit option
[  236.549790][ T4044] EXT4-fs (loop8): Test dummy encryption mode enabled
[  236.557224][ T4044] EXT4-fs (loop8): Ignoring removed mblk_io_submit option
[  236.564455][ T4044] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  236.583778][ T4044] EXT4-fs (loop8): 1 truncate cleaned up
[  236.593713][ T4044] EXT4-fs (loop8): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,
[  236.673428][ T4057] device veth1_macvtap left promiscuous mode
[  236.687749][ T4057] device macsec0 entered promiscuous mode
[  236.694120][   T24] kauditd_printk_skb: 23 callbacks suppressed
[  236.694131][   T24] audit: type=1400 audit(256.679:1606): avc:  denied  { read write } for  pid=4041 comm="syz.8.1114" name="uhid" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  236.729678][ T2125] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x4
[  236.740610][ T2125] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x2
[  236.759666][ T2125] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x3
[  236.762208][   T24] audit: type=1400 audit(256.709:1607): avc:  denied  { open } for  pid=4041 comm="syz.8.1114" path="/dev/uhid" dev="devtmpfs" ino=261 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  236.788608][ T2125] hid-generic 0000:3000000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  236.844413][ T4068] 9pnet: Insufficient options for proto=fd
[  236.848568][ T4064] fido_id[4064]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  237.372042][ T4079] FAT-fs (loop9): Unrecognized mount option "0xffffffffffffffffÿ01777777777777777777777¬‚ú=¨ËdÌž¬·Y ýS«38`¿·˜�›‚" or missing value
[  237.681779][ T4079] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  238.251348][ T4092] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1130'.
[  238.260339][ T4092] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1130'.
[  238.343870][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  238.355822][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  238.366063][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  238.377355][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  238.385786][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  238.394462][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  238.402860][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  238.411665][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  238.420024][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  238.793501][  T112] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  239.501291][    C0] tap0: tun_net_xmit 90
[  239.516927][ T4107] tap0: tun_chr_ioctl cmd 1074025677
[  239.522286][ T4107] tap0: Linktype set failed because interface is up
[  239.555562][ T4124] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1139'.
[  239.564595][ T4124] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1139'.
[  239.573646][ T4124] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1139'.
[  239.650975][ T4120] EXT4-fs (loop9): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue
[  240.134295][ T4120] EXT4-fs error (device loop9): ext4_map_blocks:740: inode #15: block 3: comm syz.9.1138: lblock 3 mapped to illegal pblock 3 (length 3)
[  240.149180][ T4120] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  240.161983][ T4120] EXT4-fs (loop9): This should not happen!! Data will be lost
[  240.161983][ T4120] 
[  240.184185][ T2568] EXT4-fs error (device loop9): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:6: lblock 8 mapped to illegal pblock 8 (length 8)
[  240.206031][ T2568] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  240.218726][ T2568] EXT4-fs (loop9): This should not happen!! Data will be lost
[  240.218726][ T2568] 
[  240.535001][ T4154] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  240.691895][ T4154] EXT4-fs (loop0): 1 truncate cleaned up
[  240.697643][ T4154] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  241.173530][   T24] audit: type=1400 audit(266.150:1608): avc:  denied  { execute } for  pid=4156 comm="syz.7.1152" name="file0" dev="tmpfs" ino=984 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  241.200423][ T4159] x_tables: duplicate underflow at hook 4
[  241.213837][   T24] audit: type=1400 audit(266.170:1609): avc:  denied  { execute_no_trans } for  pid=4156 comm="syz.7.1152" path="/183/file0" dev="tmpfs" ino=984 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  241.316480][ T4161] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  241.434339][   T24] audit: type=1326 audit(266.410:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.474227][ T4175] overlayfs: failed to resolve './file1': -2
[  241.474305][   T24] audit: type=1326 audit(266.410:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.511407][   T24] audit: type=1326 audit(266.410:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.535262][ T4180] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1155'.
[  241.535660][   T24] audit: type=1326 audit(266.410:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.598406][   T24] audit: type=1326 audit(266.410:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.624176][   T24] audit: type=1326 audit(266.410:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4169 comm="syz.6.1153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  241.676239][ T4186] EXT4-fs (loop0): Ignoring removed bh option
[  241.691677][ T4186] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  241.734073][ T4186] EXT4-fs error (device loop0): ext4_orphan_get:1421: comm syz.0.1158: bad orphan inode 131083
[  241.759842][ T4186] EXT4-fs (loop0): mounted filesystem without journal. Opts: bh,init_itable,noload,,errors=continue
[  242.206567][ T4196] tipc: Started in network mode
[  242.216590][ T4196] tipc: Own node identity ac14140f, cluster identity 4711
[  242.225433][ T4196] tipc: New replicast peer: 255.255.255.255
[  242.252098][ T4196] tipc: Enabled bearer <udp:s>, priority 10
[  243.178795][ T4218] EXT4-fs error (device loop6): ext4_orphan_get:1395: inode #15: comm syz.6.1166: casefold flag without casefold feature
[  243.192089][ T4218] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.1166: couldn't read orphan inode 15 (err -117)
[  243.205409][ T4218] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobarrier,,errors=continue
[  243.211022][ T2125] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  243.337068][ T4229] overlayfs: failed to clone upperpath
[  243.372279][ T2121] tipc: 32-bit node address hash set to f1414ac
[  243.407851][ T4224] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  243.426422][ T4224] EXT4-fs (loop6): 1 truncate cleaned up
[  243.432850][ T4224] EXT4-fs (loop6): mounted filesystem without journal. Opts: barrier=0x0000000000000101,errors=remount-ro,
[  243.919849][   T24] kauditd_printk_skb: 24 callbacks suppressed
[  243.939031][ T4242] EXT4-fs error (device loop6): ext4_generic_delete_entry:2683: inode #2: block 13: comm syz.6.1167: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  243.960831][ T4242] EXT4-fs (loop6): Remounting filesystem read-only
[  243.967406][ T4242] EXT4-fs error (device loop6) in ext4_delete_entry:2741: Corrupt filesystem
[  243.976859][   T24] audit: type=1400 audit(268.830:1640): avc:  denied  { map } for  pid=4225 comm="syz.8.1168" path="/dev/uinput" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  244.000365][ T4242] EXT4-fs warning (device loop6): ext4_rename_delete:3901: inode #2: comm syz.6.1167: Deleting old file: nlink 5, error=-117
[  244.029099][   T24] audit: type=1326 audit(268.890:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.053852][   T24] audit: type=1326 audit(268.890:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.076871][   T24] audit: type=1326 audit(268.890:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.078086][ T4238] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  244.111375][   T24] audit: type=1326 audit(268.890:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.134633][   T24] audit: type=1326 audit(268.890:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.183292][   T24] audit: type=1326 audit(268.890:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.206976][ T4238] EXT4-fs (loop8): 1 truncate cleaned up
[  244.212964][ T4238] EXT4-fs (loop8): mounted filesystem without journal. Opts: quota,discard,inlinecrypt,debug_want_extra_isize=0x0000000000000080,nojournal_checksum,jqfmt=vfsv1,,errors=continue
[  244.251979][   T24] audit: type=1326 audit(268.890:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.275509][ T2125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.289856][ T4250] wireguard: wg1: Could not create IPv4 socket
[  244.298974][ T2125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.306440][   T24] audit: type=1326 audit(268.890:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.331955][   T24] audit: type=1326 audit(268.890:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4235 comm="syz.7.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f303f19bbe9 code=0x7ffc0000
[  244.333432][ T2125] usb 1-1: New USB device found, idVendor=06a3, idProduct=0cfa, bcdDevice= 0.00
[  244.366503][ T4252] fuse: Bad value for 'user_id'
[  244.371283][ T4248] overlayfs: statfs failed on './file0'
[  244.381679][ T2125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.394194][ T2125] usb 1-1: config 0 descriptor??
[  244.493452][ T4258] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4258 comm=syz.8.1179
[  244.506072][ T4258] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4258 comm=syz.8.1179
[  244.653873][ T4262] netlink: 'syz.6.1175': attribute type 3 has an invalid length.
[  244.895384][ T4268] overlayfs: failed to resolve './bus': -2
[  245.012155][ T2125] saitek 0003:06A3:0CFA.000F: item fetching failed at offset 5/7
[  245.023360][ T2125] saitek 0003:06A3:0CFA.000F: parse failed
[  245.034544][ T2125] saitek: probe of 0003:06A3:0CFA.000F failed with error -22
[  245.086638][ T4270] netlink: 200 bytes leftover after parsing attributes in process `syz.8.1182'.
[  245.262637][  T431] usb 1-1: USB disconnect, device number 12
[  245.282395][ T4274] 9pnet: Insufficient options for proto=fd
[  245.466366][ T4279] EXT4-fs (loop8): mounted filesystem without journal. Opts: usrjquota=,bsddf,,errors=continue
[  245.843751][ T4291] xt_limit: Overflow, try lower: 268435456/134217728
[  246.263073][ T4299] xt_limit: Overflow, try lower: 268435456/134217728
[  246.661211][ T2125] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  246.684413][ T4310] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  246.699140][ T4316] EXT4-fs (loop8): Test dummy encryption mode enabled
[  246.710592][ T4310] EXT4-fs error (device loop9): ext4_find_dest_de:2079: inode #2: block 16: comm syz.9.1194: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1
[  246.729517][ T4316] EXT4-fs (loop8): unsupported descriptor size 255
[  246.957837][ T4327] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  246.965116][ T4327] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  246.972676][ T4327] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  246.981563][ T4327] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c11c, mo2=0002]
[  246.989569][ T4327] System zones: 1-12
[  246.994382][ T4327] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2219: inode #15: comm syz.9.1200: corrupted in-inode xattr
[  247.371464][ T4336] xt_limit: Overflow, try lower: 268435456/134217728
[  247.383457][ T4327] EXT4-fs error (device loop9): ext4_orphan_get:1400: comm syz.9.1200: couldn't read orphan inode 15 (err -117)
[  247.397396][ T4327] EXT4-fs (loop9): mounted filesystem without journal. Opts: jqfmt=vfsold,grpid,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000009,debug,usrjquota=,nolazytime,mblk_io_submit,,errors=continue
[  247.780194][ T2125] usb 7-1: config 1 interface 0 altsetting 165 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  247.846670][ T2125] usb 7-1: config 1 interface 0 has no altsetting 0
[  247.932905][ T4344] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  247.943651][ T4344] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  247.960812][ T4344] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  248.121450][ T2125] usb 7-1: New USB device found, idVendor=18d1, idProduct=503c, bcdDevice= 0.40
[  248.155464][ T2125] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.190469][ T2125] usb 7-1: Product: syz
[  248.218821][ T2125] usb 7-1: Manufacturer: syz
[  248.243048][ T2125] usb 7-1: SerialNumber: syz
[  248.790912][ T4352] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1208'.
[  248.802075][ T4352] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1208'.
[  249.551011][ T2125] usbhid 7-1:1.0: can't add hid device: -71
[  249.557089][ T2125] usbhid: probe of 7-1:1.0 failed with error -71
[  249.570123][ T2125] usb 7-1: USB disconnect, device number 9
[  249.755826][   T24] kauditd_printk_skb: 27 callbacks suppressed
[  249.755837][   T24] audit: type=1326 audit(274.730:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4373 comm="syz.8.1214" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2624cabe9 code=0x0
[  249.845397][ T4372] EXT4-fs (loop9): Ignoring removed orlov option
[  249.962101][ T4372] EXT4-fs (loop9): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue
[  250.004045][   T24] audit: type=1400 audit(274.980:1678): avc:  denied  { read } for  pid=4371 comm="syz.9.1212" name="rtc0" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  250.239483][ T4387] xt_limit: Overflow, try lower: 268435456/134217728
[  250.248015][ T4387] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  250.313342][ T4384] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1280) !
[  250.326880][   T24] audit: type=1326 audit(275.300:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.350496][   T24] audit: type=1326 audit(275.300:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.374028][   T24] audit: type=1326 audit(275.300:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.425497][   T24] audit: type=1326 audit(275.300:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.448432][   T24] audit: type=1326 audit(275.300:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.471432][   T24] audit: type=1326 audit(275.300:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.507574][   T24] audit: type=1326 audit(275.300:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.580819][ T4388] EXT4-fs (loop9): Ignoring removed orlov option
[  250.604881][   T24] audit: type=1326 audit(275.300:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4380 comm="syz.6.1215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  250.648970][ T4388] EXT4-fs (loop9): Remounting file system with no journal so ignoring journalled data option
[  250.727665][ T4388] EXT4-fs (loop9): re-mounted. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,sb=0x00000000000050cf,orlov,norecovery,barrier,data=journal,
[  250.856678][ T4396] EXT4-fs (loop6): mounted filesystem without journal. Opts: lazytime,min_batch_time=0x0000000000000004,,errors=continue
[  251.904416][ T4419] overlayfs: failed to resolve './bus': -2
[  252.151061][ T4438] xt_limit: Overflow, try lower: 268435456/134217728
[  252.220780][ T4438] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  252.522756][ T4436] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  252.533443][ T4436] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  252.549169][ T4436] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  254.135036][ T4459] syz.6.1237[4459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.135094][ T4459] syz.6.1237[4459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  254.230688][ T4472] netlink: 200 bytes leftover after parsing attributes in process `syz.7.1241'.
[  254.264132][ T4459] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  254.276520][ T4459] EXT4-fs (loop6): 1 truncate cleaned up
[  254.282281][ T4459] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,
[  254.365533][ T4483] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1244'.
[  254.613854][ T4494] xt_limit: Overflow, try lower: 268435456/134217728
[  254.644507][ T4494] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  255.178060][ T4496] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  255.199294][ T4499] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1248'.
[  255.214486][ T4496] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  255.237677][ T4496] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  255.308396][ T4496] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  255.381588][ T4501] device wg2 entered promiscuous mode
[  255.391033][ T4496] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e041e01c, mo2=0000]
[  255.398846][ T4496] EXT4-fs (loop6): failed to initialize system zone (-117)
[  255.435781][ T4496] EXT4-fs (loop6): mount failed
[  256.277913][ T4496] device lo entered promiscuous mode
[  256.288879][ T4496] device tunl0 entered promiscuous mode
[  256.298456][ T4496] device gre0 entered promiscuous mode
[  256.305426][ T4496] device gretap0 entered promiscuous mode
[  256.312437][ T4496] device erspan0 entered promiscuous mode
[  256.319586][ T4496] device ip_vti0 entered promiscuous mode
[  256.326471][   T24] kauditd_printk_skb: 26 callbacks suppressed
[  256.326480][   T24] audit: type=1400 audit(281.310:1713): avc:  denied  { accept } for  pid=4495 comm="syz.6.1247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  256.352066][ T4517] EXT4-fs (loop9): quotafile must be on filesystem root
[  256.387985][ T4517] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4517 comm=syz.9.1253
[  256.401082][ T4496] device ip6_vti0 entered promiscuous mode
[  256.422113][ T4496] device sit0 entered promiscuous mode
[  256.435069][ T4496] device ip6tnl0 entered promiscuous mode
[  256.442187][ T4496] device ip6gre0 entered promiscuous mode
[  256.448603][ T4517] overlayfs: failed to resolve './file0': -2
[  256.462134][ T4496] device syz_tun entered promiscuous mode
[  256.474872][ T4496] device ip6gretap0 entered promiscuous mode
[  256.482291][ T4496] device dummy0 entered promiscuous mode
[  256.489773][ T4496] device veth0 entered promiscuous mode
[  256.496933][ T4496] device veth1 entered promiscuous mode
[  256.504659][ T4496] device wg0 entered promiscuous mode
[  256.511811][ T4496] device wg1 entered promiscuous mode
[  256.511864][   T24] audit: type=1400 audit(281.490:1714): avc:  denied  { wake_alarm } for  pid=4532 comm="syz.7.1259" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  256.540336][ T4496] device wg2 entered promiscuous mode
[  256.547388][ T4496] device veth0_to_bridge entered promiscuous mode
[  256.554793][ T4496] device bridge_slave_0 entered promiscuous mode
[  256.561757][ T4496] device veth1_to_bridge entered promiscuous mode
[  256.568921][ T4496] device bridge_slave_1 entered promiscuous mode
[  256.576413][ T4496] device veth0_to_bond entered promiscuous mode
[  256.583230][ T4496] device bond_slave_0 entered promiscuous mode
[  256.589575][ T4496] device veth1_to_bond entered promiscuous mode
[  256.596833][ T4496] device bond_slave_1 entered promiscuous mode
[  256.604958][ T4496] device veth0_to_team entered promiscuous mode
[  256.611554][ T4529] EXT4-fs (loop8): Ignoring removed bh option
[  256.612306][ T4496] device team_slave_0 entered promiscuous mode
[  256.623923][ T4529] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  256.634004][ T4496] device veth1_to_team entered promiscuous mode
[  256.642135][ T4529] EXT4-fs (loop8): mounted filesystem without journal. Opts: discard,bh,nomblk_io_submit,,errors=continue
[  256.645165][ T4496] device team_slave_1 entered promiscuous mode
[  256.659996][ T4496] device veth0_to_batadv entered promiscuous mode
[  256.667485][ T4496] device batadv_slave_0 entered promiscuous mode
[  256.675221][ T4496] device veth1_to_batadv entered promiscuous mode
[  256.683273][ T4496] device batadv_slave_1 entered promiscuous mode
[  256.690823][ T4496] device xfrm0 entered promiscuous mode
[  256.697906][ T4496] device veth0_to_hsr entered promiscuous mode
[  256.705435][ T4496] device hsr_slave_0 entered promiscuous mode
[  256.712543][ T4496] device veth1_to_hsr entered promiscuous mode
[  256.721136][   T24] audit: type=1400 audit(281.690:1715): avc:  denied  { call } for  pid=4538 comm="syz.9.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  256.725992][ T4541] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4541 comm=syz.7.1259
[  256.746214][   T24] audit: type=1400 audit(281.690:1716): avc:  denied  { transfer } for  pid=4538 comm="syz.9.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  256.752263][ T4496] device hsr_slave_1 entered promiscuous mode
[  256.776627][ T4541] overlayfs: unrecognized mount option "/" or missing value
[  256.784977][ T4496] device veth1_virt_wifi entered promiscuous mode
[  256.792501][ T4541] overlayfs: failed to clone upperpath
[  256.801537][ T4496] device veth0_virt_wifi entered promiscuous mode
[  256.809013][ T4496] device veth1_vlan entered promiscuous mode
[  256.820071][ T4496] device vlan0 entered promiscuous mode
[  256.825964][ T4496] device vlan1 entered promiscuous mode
[  256.833143][ T4496] device veth0_macvtap entered promiscuous mode
[  256.841669][ T4496] device macsec0 entered promiscuous mode
[  256.848091][ T4496] device bridge1 entered promiscuous mode
[  256.855631][ T4496] device ip6tnl1 entered promiscuous mode
[  256.861821][ T4496] device sit1 entered promiscuous mode
[  256.868587][ T4496] device sit2 entered promiscuous mode
[  256.874414][ T4496] device bridge0 entered promiscuous mode
[  256.880440][ T4496] device sit3 entered promiscuous mode
[  256.887098][ T4496] device bridge2 entered promiscuous mode
[  256.897879][ T4496] device bridge3 entered promiscuous mode
[  256.904454][ T4496] device bridge4 entered promiscuous mode
[  256.974428][ T4533] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1259'.
[  257.084504][ T4562] fuse: Invalid rootmode
[  257.089131][ T4564] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1267'.
[  257.871430][ T4575] EXT4-fs (loop9): Ignoring removed mblk_io_submit option
[  257.884709][ T4575] EXT4-fs (loop9): Test dummy encryption mode enabled
[  257.893740][ T4575] EXT4-fs (loop9): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[  257.934218][   T24] audit: type=1400 audit(282.910:1717): avc:  denied  { append } for  pid=4573 comm="syz.9.1271" name="file0" dev="loop9" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  257.934497][ T4575] fs-verity: sha512 using implementation "sha512-avx2"
[  258.023156][   T24] audit: type=1400 audit(282.910:1718): avc:  denied  { ioctl } for  pid=4573 comm="syz.9.1271" path=2F32372F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C65302F66696C6530 dev="loop9" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  258.278319][ T4595] EXT4-fs (loop6): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue
[  258.498697][ T4595] EXT4-fs error (device loop6): ext4_map_blocks:740: inode #15: block 3: comm syz.6.1278: lblock 3 mapped to illegal pblock 3 (length 3)
[  258.513197][ T4595] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  258.525804][ T4595] EXT4-fs (loop6): This should not happen!! Data will be lost
[  258.525804][ T4595] 
[  258.531001][  T711] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  258.544013][  T396] EXT4-fs error (device loop6): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:4: lblock 8 mapped to illegal pblock 8 (length 8)
[  258.558444][  T396] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  258.571183][  T396] EXT4-fs (loop6): This should not happen!! Data will be lost
[  258.571183][  T396] 
[  258.782366][ T4607] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  258.812715][ T4607] EXT4-fs (loop8): 1 truncate cleaned up
[  258.818502][ T4607] EXT4-fs (loop8): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  259.123847][ T4616] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  259.196612][ T4616] EXT4-fs (loop6): 1 truncate cleaned up
[  259.202368][ T4616] EXT4-fs (loop6): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  259.272198][ T2123] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  259.850957][ T2123] usb 10-1: Using ep0 maxpacket: 16
[  259.971057][ T2123] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  259.982486][ T2123] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  259.992666][ T2123] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.005249][ T2123] usb 10-1: config 0 descriptor??
[  260.054791][ T4634] EXT4-fs (loop6): Ignoring removed bh option
[  260.061009][ T4634] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  260.069988][ T4634] EXT4-fs (loop6): mounted filesystem without journal. Opts: discard,bh,nomblk_io_submit,,errors=continue
[  260.151090][  T711] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  260.160380][  T711] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.169187][  T711] usb 1-1: config 0 descriptor??
[  260.532002][ T2123] lua 0003:1E7D:2C2E.0010: global environment stack underflow
[  260.539918][ T2123] lua 0003:1E7D:2C2E.0010: item 0 4 1 11 parsing failed
[  260.547483][ T2123] lua 0003:1E7D:2C2E.0010: parse failed
[  260.553409][ T2123] lua: probe of 0003:1E7D:2C2E.0010 failed with error -22
[  260.621004][  T711] usb 1-1: Cannot read MAC address
[  260.626283][  T711] MOSCHIP usb-ethernet driver: probe of 1-1:0.0 failed with error -71
[  260.635763][  T711] usb 1-1: USB disconnect, device number 13
[  260.745845][  T431] usb 10-1: USB disconnect, device number 2
[  261.522778][ T4655] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1280) !
[  261.535706][   T24] audit: type=1326 audit(286.510:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.725741][   T24] audit: type=1326 audit(286.510:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.755412][   T24] audit: type=1326 audit(286.510:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.780748][   T24] audit: type=1326 audit(286.510:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.810560][   T24] audit: type=1326 audit(286.510:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.833775][   T24] audit: type=1326 audit(286.510:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.857140][   T24] audit: type=1326 audit(286.510:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.880274][   T24] audit: type=1326 audit(286.510:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.888306][ T4662] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1297'.
[  261.903610][   T24] audit: type=1326 audit(286.510:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.912478][ T4658] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  261.935226][   T24] audit: type=1326 audit(286.510:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4651 comm="syz.6.1295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef166a6be9 code=0x7ffc0000
[  261.971740][ T4658] EXT4-fs (loop9): 1 truncate cleaned up
[  261.977728][ T4658] EXT4-fs (loop9): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  262.094481][ T4671] overlayfs: failed to resolve './bus': -2
[  263.371354][ T4697] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1308'.
[  263.398596][ T4692] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  263.423313][ T4692] EXT4-fs (loop8): 1 truncate cleaned up
[  263.429017][ T4692] EXT4-fs (loop8): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000000012,i_version,max_batch_time=0x0000000000000007,,errors=continue
[  263.589815][ T4710] netlink: 'syz.9.1307': attribute type 3 has an invalid length.
[  264.120512][ T4727] netlink: 'syz.8.1317': attribute type 3 has an invalid length.
[  266.472865][ T4805] device wg2 left promiscuous mode
[  266.486912][ T4805] device wg2 entered promiscuous mode
[  266.554543][   T24] kauditd_printk_skb: 201 callbacks suppressed
[  266.554554][   T24] audit: type=1400 audit(291.530:1930): avc:  denied  { read write } for  pid=1026 comm="syz-executor" name="loop6" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  266.620686][   T24] audit: type=1400 audit(291.570:1931): avc:  denied  { map_create } for  pid=4810 comm="syz.7.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  266.660999][   T24] audit: type=1400 audit(291.570:1932): avc:  denied  { prog_load } for  pid=4810 comm="syz.7.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  266.699828][   T24] audit: type=1400 audit(291.570:1933): avc:  denied  { prog_load } for  pid=4810 comm="syz.7.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  266.739438][   T24] audit: type=1400 audit(291.570:1934): avc:  denied  { bpf } for  pid=4810 comm="syz.7.1344" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0
[  266.781913][   T24] audit: type=1400 audit(291.570:1935): avc:  denied  { create } for  pid=4812 comm="syz.6.1345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  266.883370][   T24] audit: type=1400 audit(291.570:1936): avc:  denied  { create } for  pid=4812 comm="syz.6.1345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[  266.924320][   T24] audit: type=1400 audit(291.570:1937): avc:  denied  { create } for  pid=4812 comm="syz.6.1345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  266.944825][   T24] audit: type=1400 audit(291.570:1938): avc:  denied  { read } for  pid=4812 comm="syz.6.1345" dev="nsfs" ino=4026532462 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[  266.971119][   T24] audit: type=1400 audit(291.590:1939): avc:  denied  { map_create } for  pid=4814 comm="syz.7.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  268.141604][ T4892] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1379'.
[  268.152317][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1379'.
[  268.950518][ T4923] FAULT_INJECTION: forcing a failure.
[  268.950518][ T4923] name failslab, interval 1, probability 0, space 0, times 0
[  268.989139][ T4923] CPU: 1 PID: 4923 Comm: syz.9.1387 Not tainted 5.10.240-syzkaller #0
[  268.997319][ T4923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  269.007373][ T4923] Call Trace:
[  269.010665][ T4923]  __dump_stack+0x21/0x24
[  269.014985][ T4923]  dump_stack_lvl+0x169/0x1d8
[  269.019653][ T4923]  ? thaw_kernel_threads+0x220/0x220
[  269.024922][ T4923]  ? show_regs_print_info+0x18/0x18
[  269.030109][ T4923]  dump_stack+0x15/0x1c
[  269.034259][ T4923]  should_fail+0x3c1/0x510
[  269.038671][ T4923]  ? audit_log_start+0x3df/0x860
[  269.043592][ T4923]  __should_failslab+0xa4/0xe0
[  269.048335][ T4923]  should_failslab+0x9/0x20
[  269.052832][ T4923]  __kmalloc_track_caller+0x5f/0x320
[  269.058101][ T4923]  ? kmem_cache_alloc+0x165/0x2e0
[  269.063125][ T4923]  ? __alloc_skb+0x9e/0x520
[  269.067614][ T4923]  ? audit_log_start+0x3df/0x860
[  269.072525][ T4923]  __alloc_skb+0xdc/0x520
[  269.076827][ T4923]  audit_log_start+0x3df/0x860
[  269.081661][ T4923]  ? ____kasan_slab_free+0x130/0x160
[  269.086926][ T4923]  ? audit_serial+0x30/0x30
[  269.091400][ T4923]  ? kstrtouint_from_user+0x1a0/0x200
[  269.096744][ T4923]  ? kmem_cache_free+0x100/0x2d0
[  269.101654][ T4923]  ? memset+0x35/0x40
[  269.105611][ T4923]  audit_seccomp+0x62/0x160
[  269.110084][ T4923]  __seccomp_filter+0xb4c/0x1990
[  269.115002][ T4923]  ? proc_fail_nth_read+0x210/0x210
[  269.120172][ T4923]  ? rw_verify_area+0x1c0/0x360
[  269.124993][ T4923]  ? preempt_count_add+0x90/0x1b0
[  269.130001][ T4923]  ? __secure_computing+0x290/0x290
[  269.135207][ T4923]  ? vfs_write+0xac8/0xd60
[  269.139621][ T4923]  ? __kasan_slab_free+0x11/0x20
[  269.144705][ T4923]  ? kernel_write+0x3c0/0x3c0
[  269.149366][ T4923]  ? __kasan_check_write+0x14/0x20
[  269.154447][ T4923]  ? mutex_lock+0x8c/0xe0
[  269.158747][ T4923]  ? mutex_trylock+0xa0/0xa0
[  269.163318][ T4923]  ? __fget_files+0x2c4/0x320
[  269.167970][ T4923]  ? __kasan_check_write+0x14/0x20
[  269.173068][ T4923]  ? fput_many+0x15a/0x1a0
[  269.177455][ T4923]  ? __kasan_check_write+0x14/0x20
[  269.182538][ T4923]  ? switch_fpu_return+0x197/0x340
[  269.187620][ T4923]  __secure_computing+0xea/0x290
[  269.192619][ T4923]  syscall_trace_enter+0xb5/0x170
[  269.197616][ T4923]  syscall_enter_from_user_mode+0x20/0x30
[  269.203303][ T4923]  do_syscall_64+0x13/0x40
[  269.207695][ T4923]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  269.213557][ T4923] RIP: 0033:0x7f4e389cbbe9
[  269.217947][ T4923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.237522][ T4923] RSP: 002b:00007f4e37413038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d4
[  269.245906][ T4923] RAX: ffffffffffffffda RBX: 00007f4e38bf3090 RCX: 00007f4e389cbbe9
[  269.253849][ T4923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  269.261859][ T4923] RBP: 00007f4e37413090 R08: 0000000000000000 R09: 0000000000000000
[  269.269976][ T4923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.278046][ T4923] R13: 00007f4e38bf3128 R14: 00007f4e38bf3090 R15: 00007ffe62167f48
[  269.313543][ T4930] xt_CT: No such helper "snmp_trap"
[  269.646689][ T4938] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  269.655862][ T4938] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  269.664985][ T4938] device xfrm0 entered promiscuous mode
[  269.671534][ T4938] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1396'.
[  269.684890][ T4938] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  269.753910][ T4946] FAULT_INJECTION: forcing a failure.
[  269.753910][ T4946] name failslab, interval 1, probability 0, space 0, times 0
[  269.782431][ T4946] CPU: 0 PID: 4946 Comm: syz.9.1400 Not tainted 5.10.240-syzkaller #0
[  269.790610][ T4946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  269.800658][ T4946] Call Trace:
[  269.803953][ T4946]  __dump_stack+0x21/0x24
[  269.808275][ T4946]  dump_stack_lvl+0x169/0x1d8
[  269.812999][ T4946]  ? thaw_kernel_threads+0x220/0x220
[  269.818376][ T4946]  ? show_regs_print_info+0x18/0x18
[  269.823571][ T4946]  dump_stack+0x15/0x1c
[  269.827724][ T4946]  should_fail+0x3c1/0x510
[  269.832135][ T4946]  ? proc_pid_attr_write+0x1d7/0x2e0
[  269.837419][ T4946]  __should_failslab+0xa4/0xe0
[  269.842184][ T4946]  should_failslab+0x9/0x20
[  269.846711][ T4946]  __kmalloc_track_caller+0x5f/0x320
[  269.851999][ T4946]  memdup_user+0x25/0xb0
[  269.856248][ T4946]  proc_pid_attr_write+0x1d7/0x2e0
[  269.861360][ T4946]  ? proc_pid_attr_read+0x270/0x270
[  269.866560][ T4946]  vfs_write+0x32d/0xd60
[  269.870801][ T4946]  ? __kasan_slab_free+0x11/0x20
[  269.875013][ T4954] device pim6reg1 entered promiscuous mode
[  269.875732][ T4946]  ? kernel_write+0x3c0/0x3c0
[  269.875743][ T4946]  ? __kasan_check_write+0x14/0x20
[  269.875761][ T4946]  ? mutex_lock+0x8c/0xe0
[  269.895605][ T4946]  ? mutex_trylock+0xa0/0xa0
[  269.900170][ T4946]  ? __fget_files+0x2c4/0x320
[  269.904856][ T4946]  ? __fdget_pos+0x2d2/0x380
[  269.909420][ T4946]  ? ksys_write+0x71/0x240
[  269.913848][ T4946]  ksys_write+0x140/0x240
[  269.918160][ T4946]  ? __ia32_sys_read+0x90/0x90
[  269.922898][ T4946]  ? fpu__clear_all+0x20/0x20
[  269.927548][ T4946]  __x64_sys_write+0x7b/0x90
[  269.932130][ T4946]  do_syscall_64+0x31/0x40
[  269.936522][ T4946]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  269.942385][ T4946] RIP: 0033:0x7f4e389cbbe9
[  269.946790][ T4946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.966399][ T4946] RSP: 002b:00007f4e37434038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  269.974810][ T4946] RAX: ffffffffffffffda RBX: 00007f4e38bf2fa0 RCX: 00007f4e389cbbe9
[  269.982760][ T4946] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000005
[  269.990710][ T4946] RBP: 00007f4e37434090 R08: 0000000000000000 R09: 0000000000000000
[  269.998667][ T4946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.006713][ T4946] R13: 00007f4e38bf3038 R14: 00007f4e38bf2fa0 R15: 00007ffe62167f48
[  270.958941][ T4999] FAULT_INJECTION: forcing a failure.
[  270.958941][ T4999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.973073][ T5000] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1280) !
[  271.003711][ T4999] CPU: 1 PID: 4999 Comm: syz.0.1420 Not tainted 5.10.240-syzkaller #0
[  271.011892][ T4999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  271.021935][ T4999] Call Trace:
[  271.025221][ T4999]  __dump_stack+0x21/0x24
[  271.029546][ T4999]  dump_stack_lvl+0x169/0x1d8
[  271.034233][ T4999]  ? thaw_kernel_threads+0x220/0x220
[  271.039516][ T4999]  ? vsnprintf+0x1871/0x1960
[  271.044109][ T4999]  ? show_regs_print_info+0x18/0x18
[  271.049397][ T4999]  dump_stack+0x15/0x1c
[  271.053559][ T4999]  should_fail+0x3c1/0x510
[  271.057967][ T4999]  should_fail_usercopy+0x1a/0x20
[  271.062972][ T4999]  _copy_to_user+0x20/0x90
[  271.067367][ T4999]  simple_read_from_buffer+0xe9/0x160
[  271.072716][ T4999]  proc_fail_nth_read+0x19a/0x210
[  271.077717][ T4999]  ? proc_fault_inject_write+0x2f0/0x2f0
[  271.083321][ T4999]  ? rw_verify_area+0x1c0/0x360
[  271.088238][ T4999]  ? proc_fault_inject_write+0x2f0/0x2f0
[  271.093858][ T4999]  vfs_read+0x1fe/0xa10
[  271.097997][ T4999]  ? kernel_read+0x70/0x70
[  271.102401][ T4999]  ? __kasan_check_write+0x14/0x20
[  271.107574][ T4999]  ? mutex_lock+0x8c/0xe0
[  271.111964][ T4999]  ? mutex_trylock+0xa0/0xa0
[  271.116528][ T4999]  ? __fget_files+0x2c4/0x320
[  271.121176][ T4999]  ? __fdget_pos+0x2d2/0x380
[  271.125748][ T4999]  ? ksys_read+0x71/0x240
[  271.130051][ T4999]  ksys_read+0x140/0x240
[  271.134269][ T4999]  ? vfs_write+0xd60/0xd60
[  271.138674][ T4999]  __x64_sys_read+0x7b/0x90
[  271.143153][ T4999]  do_syscall_64+0x31/0x40
[  271.147542][ T4999]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  271.153420][ T4999] RIP: 0033:0x7feeb76345fc
[  271.157859][ T4999] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  271.177450][ T4999] RSP: 002b:00007feeb609e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  271.185848][ T4999] RAX: ffffffffffffffda RBX: 00007feeb785cfa0 RCX: 00007feeb76345fc
[  271.193842][ T4999] RDX: 000000000000000f RSI: 00007feeb609e0a0 RDI: 0000000000000004
[  271.201790][ T4999] RBP: 00007feeb609e090 R08: 0000000000000000 R09: 0000000000000000
[  271.209734][ T4999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.217681][ T4999] R13: 00007feeb785d038 R14: 00007feeb785cfa0 R15: 00007ffc7d253968
[  271.580491][   T24] kauditd_printk_skb: 1321 callbacks suppressed
[  271.580502][   T24] audit: type=1400 audit(301.557:3259): avc:  denied  { prog_load } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.606131][ T5040] device wg2 left promiscuous mode
[  271.619077][ T5040] device wg2 entered promiscuous mode
[  271.635520][   T24] audit: type=1400 audit(301.557:3260): avc:  denied  { map_create } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.654622][   T24] audit: type=1400 audit(301.557:3261): avc:  denied  { prog_load } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.674280][   T24] audit: type=1400 audit(301.557:3262): avc:  denied  { prog_load } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.693484][   T24] audit: type=1400 audit(301.557:3263): avc:  denied  { map_create } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.752965][   T24] audit: type=1400 audit(301.557:3264): avc:  denied  { prog_load } for  pid=5039 comm="syz.9.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.808358][   T24] audit: type=1400 audit(301.597:3265): avc:  denied  { map_create } for  pid=5029 comm="syz.7.1432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.840391][   T24] audit: type=1400 audit(301.597:3266): avc:  denied  { prog_load } for  pid=5029 comm="syz.7.1432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  271.879168][   T24] audit: type=1400 audit(301.597:3267): avc:  denied  { create } for  pid=5029 comm="syz.7.1432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  271.919401][   T24] audit: type=1400 audit(301.597:3268): avc:  denied  { module_request } for  pid=5029 comm="syz.7.1432" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0
[  273.710281][ T5103] netlink: 72 bytes leftover after parsing attributes in process `syz.9.1459'.
[  273.733661][ T5103] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1459'.
[  273.753457][ T5103] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1459'.
[  273.866509][ T5120] device bridge_slave_1 left promiscuous mode
[  273.873448][ T5120] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.881448][ T5120] device bridge_slave_0 left promiscuous mode
[  273.887692][ T5120] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.041292][ T5129] device wg2 entered promiscuous mode
[  274.329691][ T5150] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1476'.
[  275.743639][ T5237] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  276.122872][ T5263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1517'.
[  276.221941][ T5269] xt_limit: Overflow, try lower: 268435456/134217728
[  276.542222][ T5282] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1525'.
[  276.589771][   T24] kauditd_printk_skb: 598 callbacks suppressed
[  276.589781][   T24] audit: type=1400 audit(311.560:3867): avc:  denied  { execmem } for  pid=5283 comm="syz.6.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=0
[  276.657937][   T24] audit: type=1400 audit(311.630:3868): avc:  denied  { bpf } for  pid=5285 comm="syz.7.1524" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=0
[  276.693899][   T24] audit: type=1400 audit(311.660:3869): avc:  denied  { map_create } for  pid=5283 comm="syz.6.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  276.719079][   T24] audit: type=1400 audit(311.660:3870): avc:  denied  { prog_load } for  pid=5283 comm="syz.6.1526" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  276.737636][   T24] audit: type=1400 audit(311.660:3871): avc:  denied  { prog_load } for  pid=5288 comm="syz.7.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  276.756336][   T24] audit: type=1400 audit(311.660:3872): avc:  denied  { map_create } for  pid=5288 comm="syz.7.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  276.783548][   T24] audit: type=1400 audit(311.660:3873): avc:  denied  { prog_load } for  pid=5288 comm="syz.7.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  276.817160][   T24] audit: type=1400 audit(311.660:3874): avc:  denied  { append } for  pid=5283 comm="syz.6.1526" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=0
[  276.852421][   T24] audit: type=1400 audit(311.690:3875): avc:  denied  { create } for  pid=5290 comm="syz.7.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  276.873550][   T24] audit: type=1400 audit(311.690:3876): avc:  denied  { create } for  pid=5290 comm="syz.7.1528" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=0
[  277.024354][ T5301] xt_limit: Overflow, try lower: 268435456/134217728
[  277.232746][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  277.241106][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  277.249351][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  277.258796][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  277.267303][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  277.275671][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  277.284095][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  277.293174][ T2568] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  278.236431][ T5360] netlink: 72 bytes leftover after parsing attributes in process `syz.9.1554'.
[  278.245568][ T5360] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1554'.
[  278.255141][ T5360] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1554'.
[  278.820207][ T5413] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  278.830365][ T5413] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  279.729195][ T5462] FAULT_INJECTION: forcing a failure.
[  279.729195][ T5462] name failslab, interval 1, probability 0, space 0, times 0
[  279.741860][ T5462] CPU: 0 PID: 5462 Comm: syz.0.1593 Not tainted 5.10.240-syzkaller #0
[  279.750002][ T5462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  279.760053][ T5462] Call Trace:
[  279.763348][ T5462]  __dump_stack+0x21/0x24
[  279.767679][ T5462]  dump_stack_lvl+0x169/0x1d8
[  279.772360][ T5462]  ? show_regs_print_info+0x18/0x18
[  279.777556][ T5462]  dump_stack+0x15/0x1c
[  279.781719][ T5462]  should_fail+0x3c1/0x510
[  279.786145][ T5462]  ? audit_log_d_path+0xa2/0x200
[  279.791092][ T5462]  __should_failslab+0xa4/0xe0
[  279.795849][ T5462]  should_failslab+0x9/0x20
[  279.800353][ T5462]  kmem_cache_alloc_trace+0x3a/0x2e0
[  279.805644][ T5462]  ? audit_log_n_string+0x3af/0x5a0
[  279.810841][ T5462]  audit_log_d_path+0xa2/0x200
[  279.815605][ T5462]  audit_log_d_path_exe+0x42/0x70
[  279.820621][ T5462]  audit_log_task+0x205/0x2e0
[  279.825276][ T5462]  ? audit_core_dumps+0x110/0x110
[  279.830278][ T5462]  ? memset+0x35/0x40
[  279.834236][ T5462]  audit_seccomp+0x7f/0x160
[  279.838713][ T5462]  __seccomp_filter+0xb4c/0x1990
[  279.843625][ T5462]  ? proc_fail_nth_read+0x210/0x210
[  279.848798][ T5462]  ? rw_verify_area+0x1c0/0x360
[  279.853625][ T5462]  ? preempt_count_add+0x90/0x1b0
[  279.858620][ T5462]  ? __secure_computing+0x290/0x290
[  279.863789][ T5462]  ? vfs_write+0xac8/0xd60
[  279.868187][ T5462]  ? __kasan_slab_free+0x11/0x20
[  279.873128][ T5462]  ? kernel_write+0x3c0/0x3c0
[  279.877783][ T5462]  ? __kasan_check_write+0x14/0x20
[  279.882888][ T5462]  ? mutex_lock+0x8c/0xe0
[  279.887190][ T5462]  ? mutex_trylock+0xa0/0xa0
[  279.891751][ T5462]  ? __fget_files+0x2c4/0x320
[  279.896405][ T5462]  ? __kasan_check_write+0x14/0x20
[  279.901506][ T5462]  ? fput_many+0x15a/0x1a0
[  279.905910][ T5462]  ? __kasan_check_write+0x14/0x20
[  279.910998][ T5462]  ? switch_fpu_return+0x197/0x340
[  279.916084][ T5462]  __secure_computing+0xea/0x290
[  279.920995][ T5462]  syscall_trace_enter+0xb5/0x170
[  279.925993][ T5462]  syscall_enter_from_user_mode+0x20/0x30
[  279.931800][ T5462]  do_syscall_64+0x13/0x40
[  279.936195][ T5462]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  279.942072][ T5462] RIP: 0033:0x7feeb7635be9
[  279.946467][ T5462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.966054][ T5462] RSP: 002b:00007feeb607d038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d4
[  279.974447][ T5462] RAX: ffffffffffffffda RBX: 00007feeb785d090 RCX: 00007feeb7635be9
[  279.982500][ T5462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  279.990446][ T5462] RBP: 00007feeb607d090 R08: 0000000000000000 R09: 0000000000000000
[  279.998489][ T5462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.006438][ T5462] R13: 00007feeb785d128 R14: 00007feeb785d090 R15: 00007ffc7d253968
[  280.141384][ T5486] xt_limit: Overflow, try lower: 268435456/134217728
[  280.243609][ T5489] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  280.576346][ T5510] xt_limit: Overflow, try lower: 268435456/134217728
[  280.786176][ T5526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5526 comm=syz.8.1620
[  281.001911][ T5529] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1620'.
[  281.044056][ T5537] xt_limit: Overflow, try lower: 268435456/134217728
[  281.311810][ T5554] FAULT_INJECTION: forcing a failure.
[  281.311810][ T5554] name failslab, interval 1, probability 0, space 0, times 0
[  281.325182][ T5554] CPU: 1 PID: 5554 Comm: syz.8.1632 Not tainted 5.10.240-syzkaller #0
[  281.333335][ T5554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  281.343380][ T5554] Call Trace:
[  281.346669][ T5554]  __dump_stack+0x21/0x24
[  281.350992][ T5554]  dump_stack_lvl+0x169/0x1d8
[  281.355666][ T5554]  ? thaw_kernel_threads+0x220/0x220
[  281.360947][ T5554]  ? show_regs_print_info+0x18/0x18
[  281.366140][ T5554]  ? 0xffffffffa002c000
[  281.370292][ T5554]  ? is_bpf_text_address+0x177/0x190
[  281.375570][ T5554]  dump_stack+0x15/0x1c
[  281.379712][ T5554]  should_fail+0x3c1/0x510
[  281.384127][ T5554]  ? security_context_to_sid_core+0xc6/0x560
[  281.390109][ T5554]  __should_failslab+0xa4/0xe0
[  281.394873][ T5554]  should_failslab+0x9/0x20
[  281.399373][ T5554]  __kmalloc_track_caller+0x5f/0x320
[  281.404657][ T5554]  kmemdup_nul+0x2c/0xa0
[  281.408908][ T5554]  security_context_to_sid_core+0xc6/0x560
[  281.415141][ T5554]  ? avc_has_perm+0x234/0x360
[  281.419807][ T5554]  ? security_context_to_sid+0x50/0x50
[  281.425253][ T5554]  security_context_to_sid+0x3a/0x50
[  281.430530][ T5554]  selinux_setprocattr+0x485/0x950
[  281.435631][ T5554]  ? selinux_getprocattr+0x3e0/0x3e0
[  281.440901][ T5554]  ? __kasan_check_write+0x14/0x20
[  281.446005][ T5554]  ? mutex_lock_interruptible+0x8c/0xe0
[  281.451538][ T5554]  ? ww_mutex_unlock+0x110/0x110
[  281.456462][ T5554]  security_setprocattr+0xcb/0xe0
[  281.461477][ T5554]  proc_pid_attr_write+0x2a1/0x2e0
[  281.466577][ T5554]  ? proc_pid_attr_read+0x270/0x270
[  281.471784][ T5554]  vfs_write+0x32d/0xd60
[  281.476019][ T5554]  ? kernel_write+0x3c0/0x3c0
[  281.480708][ T5554]  ? __kasan_check_write+0x14/0x20
[  281.485805][ T5554]  ? mutex_lock+0x8c/0xe0
[  281.490129][ T5554]  ? mutex_trylock+0xa0/0xa0
[  281.494705][ T5554]  ? __fget_files+0x2c4/0x320
[  281.499386][ T5554]  ? __fdget_pos+0x2d2/0x380
[  281.503965][ T5554]  ? ksys_write+0x71/0x240
[  281.508376][ T5554]  ksys_write+0x140/0x240
[  281.512692][ T5554]  ? __ia32_sys_read+0x90/0x90
[  281.517442][ T5554]  ? __x64_sys_clock_gettime+0x207/0x250
[  281.523069][ T5554]  __x64_sys_write+0x7b/0x90
[  281.527658][ T5554]  do_syscall_64+0x31/0x40
[  281.532072][ T5554]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  281.537960][ T5554] RIP: 0033:0x7fd2624cabe9
[  281.542366][ T5554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.561964][ T5554] RSP: 002b:00007fd260f33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  281.570380][ T5554] RAX: ffffffffffffffda RBX: 00007fd2626f1fa0 RCX: 00007fd2624cabe9
[  281.578341][ T5554] RDX: 000000000000001d RSI: 0000200000000100 RDI: 0000000000000005
[  281.586302][ T5554] RBP: 00007fd260f33090 R08: 0000000000000000 R09: 0000000000000000
[  281.594279][ T5554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.602262][ T5554] R13: 00007fd2626f2038 R14: 00007fd2626f1fa0 R15: 00007ffe129c7378
[  281.616261][   T24] kauditd_printk_skb: 635 callbacks suppressed
[  281.616271][   T24] audit: type=1400 audit(316.590:4512): avc:  denied  { read write } for  pid=279 comm="syz-executor" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  281.673004][   T24] audit: type=1400 audit(316.630:4513): avc:  denied  { prog_load } for  pid=5558 comm="syz.0.1633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.701851][   T24] audit: type=1400 audit(316.630:4514): avc:  denied  { map_create } for  pid=5558 comm="syz.0.1633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.721393][   T24] audit: type=1400 audit(316.630:4515): avc:  denied  { prog_load } for  pid=5558 comm="syz.0.1633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.748867][   T24] audit: type=1400 audit(316.630:4516): avc:  denied  { prog_load } for  pid=5558 comm="syz.0.1633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.773554][   T24] audit: type=1400 audit(316.630:4517): avc:  denied  { read write } for  pid=1026 comm="syz-executor" name="loop6" dev="devtmpfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  281.802445][   T24] audit: type=1400 audit(316.630:4518): avc:  denied  { read write } for  pid=3378 comm="syz-executor" name="loop8" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  281.827101][   T24] audit: type=1400 audit(316.630:4519): avc:  denied  { map_create } for  pid=5560 comm="syz.6.1634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.859658][   T24] audit: type=1400 audit(316.630:4520): avc:  denied  { prog_load } for  pid=5560 comm="syz.6.1634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  281.879121][   T24] audit: type=1400 audit(316.630:4521): avc:  denied  { mounton } for  pid=5560 comm="syz.6.1634" path="/279/file0" dev="tmpfs" ino=1504 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[  282.171491][ T5589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1645'.
[  282.225348][ T5593] device wg2 entered promiscuous mode
[  283.636626][ T5707] device wg2 left promiscuous mode
[  283.669144][ T5707] device wg2 entered promiscuous mode
[  285.192793][ T5851] wireguard: wg1: Could not create IPv4 socket
[  285.199068][ T5851] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  285.217955][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  285.226603][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  285.387842][ T5898] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1783'.
[  285.498822][ T5932] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1800'.
[  285.508425][ T5932] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1800'.
[  286.048603][ T5952] device syzkaller0 entered promiscuous mode
[  286.300832][ T6034] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1851'.
[  286.323337][ T6044] netlink: 27 bytes leftover after parsing attributes in process `syz.9.1856'.
[  286.395161][ T6066] netlink: 27 bytes leftover after parsing attributes in process `syz.7.1866'.
[  286.579303][ T6122] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1893'.
[  286.628203][   T24] kauditd_printk_skb: 795 callbacks suppressed
[  286.628215][   T24] audit: type=1400 audit(321.600:5317): avc:  denied  { read write } for  pid=3378 comm="syz-executor" name="loop8" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  286.668413][   T24] audit: type=1400 audit(321.640:5318): avc:  denied  { create } for  pid=6134 comm="syz.8.1899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  286.705094][   T24] audit: type=1400 audit(321.640:5319): avc:  denied  { create } for  pid=6134 comm="syz.8.1899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  286.713728][ T6140] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1901'.
[  286.729682][   T24] audit: type=1400 audit(321.650:5320): avc:  denied  { read write } for  pid=3378 comm="syz-executor" name="loop8" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  286.757930][   T24] audit: type=1400 audit(321.660:5321): avc:  denied  { create } for  pid=6119 comm="syz.9.1892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  286.790362][   T24] audit: type=1400 audit(321.670:5322): avc:  denied  { module_request } for  pid=6137 comm="syz.8.1900" kmod="tcp-ulp-tls" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=0
[  286.817821][   T24] audit: type=1400 audit(321.670:5323): avc:  denied  { read write } for  pid=3378 comm="syz-executor" name="loop8" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  286.848385][   T24] audit: type=1400 audit(321.680:5324): avc:  denied  { create } for  pid=6139 comm="syz.8.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[  286.868524][   T24] audit: type=1400 audit(321.760:5325): avc:  denied  { read } for  pid=6131 comm="syz.6.1898" name="binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  286.897290][   T24] audit: type=1400 audit(321.760:5326): avc:  denied  { read } for  pid=6131 comm="syz.6.1898" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=0
[  287.464468][ T6222] device sit2 entered promiscuous mode
[  289.459647][ T6401] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2019'.
[  289.663785][ T6419] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2028'.
[  289.672864][ T6419] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2028'.
[  289.682544][ T6419] ==================================================================
[  289.690650][ T6419] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0x842/0x3280
[  289.698804][ T6419] Read of size 8 at addr ffff88811d6baec0 by task syz.6.2028/6419
[  289.706605][ T6419] 
[  289.708942][ T6419] CPU: 1 PID: 6419 Comm: syz.6.2028 Not tainted 5.10.240-syzkaller #0
[  289.717085][ T6419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
[  289.727217][ T6419] Call Trace:
[  289.730488][ T6419]  __dump_stack+0x21/0x24
[  289.734799][ T6419]  dump_stack_lvl+0x169/0x1d8
[  289.739468][ T6419]  ? show_regs_print_info+0x18/0x18
[  289.744651][ T6419]  ? thaw_kernel_threads+0x220/0x220
[  289.749916][ T6419]  print_address_description+0x7f/0x2c0
[  289.755441][ T6419]  ? tc_setup_flow_action+0x842/0x3280
[  289.760887][ T6419]  kasan_report+0xe2/0x130
[  289.765290][ T6419]  ? flow_action_cookie_create+0x28/0x90
[  289.770900][ T6419]  ? tc_setup_flow_action+0x842/0x3280
[  289.776372][ T6419]  __asan_report_load8_noabort+0x14/0x20
[  289.781980][ T6419]  tc_setup_flow_action+0x842/0x3280
[  289.787263][ T6419]  ? __kmalloc+0x1a7/0x330
[  289.791656][ T6419]  ? flow_rule_alloc+0x32/0x2c0
[  289.796499][ T6419]  mall_replace_hw_filter+0x293/0x810
[  289.801848][ T6419]  ? pcpu_block_update_hint_alloc+0x8bc/0xc50
[  289.807892][ T6419]  ? mall_set_parms+0x410/0x410
[  289.812743][ T6419]  ? tcf_exts_destroy+0xb0/0xb0
[  289.817569][ T6419]  ? pcpu_alloc+0xf8a/0x16b0
[  289.822136][ T6419]  ? mall_set_parms+0x19d/0x410
[  289.826959][ T6419]  mall_change+0x528/0x750
[  289.831358][ T6419]  ? __kasan_check_write+0x14/0x20
[  289.836441][ T6419]  ? mall_get+0xa0/0xa0
[  289.840603][ T6419]  ? tcf_chain_tp_insert_unique+0xac1/0xc10
[  289.846477][ T6419]  ? nla_strcmp+0xf4/0x140
[  289.850912][ T6419]  tc_new_tfilter+0x13f6/0x1a10
[  289.855761][ T6419]  ? mall_get+0xa0/0xa0
[  289.859903][ T6419]  ? tcf_gate_entry_destructor+0x20/0x20
[  289.865545][ T6419]  ? security_capable+0x87/0xb0
[  289.870393][ T6419]  ? ns_capable+0x8c/0xf0
[  289.874702][ T6419]  ? netlink_net_capable+0x125/0x160
[  289.879966][ T6419]  ? tcf_gate_entry_destructor+0x20/0x20
[  289.885579][ T6419]  rtnetlink_rcv_msg+0x800/0xb90
[  289.890490][ T6419]  ? rtnetlink_bind+0x80/0x80
[  289.895168][ T6419]  ? arch_stack_walk+0xee/0x140
[  289.899994][ T6419]  ? stack_trace_save+0x98/0xe0
[  289.904916][ T6419]  ? stack_trace_snprint+0xf0/0xf0
[  289.910032][ T6419]  ? memcpy+0x56/0x70
[  289.914011][ T6419]  ? avc_has_perm+0x234/0x360
[  289.918672][ T6419]  ? __kasan_slab_alloc+0xbd/0xf0
[  289.923676][ T6419]  ? slab_post_alloc_hook+0x5d/0x2f0
[  289.928953][ T6419]  ? ___sys_sendmsg+0x1f0/0x260
[  289.933783][ T6419]  ? avc_has_perm_noaudit+0x240/0x240
[  289.939143][ T6419]  ? selinux_nlmsg_lookup+0x3fb/0x4a0
[  289.944494][ T6419]  netlink_rcv_skb+0x1e0/0x430
[  289.949237][ T6419]  ? rtnetlink_bind+0x80/0x80
[  289.953927][ T6419]  ? netlink_ack+0xb80/0xb80
[  289.958500][ T6419]  ? __netlink_lookup+0x387/0x3b0
[  289.963503][ T6419]  rtnetlink_rcv+0x1c/0x20
[  289.967898][ T6419]  netlink_unicast+0x876/0xa40
[  289.972644][ T6419]  netlink_sendmsg+0x88d/0xb30
[  289.977387][ T6419]  ? netlink_getsockopt+0x530/0x530
[  289.982562][ T6419]  ? security_socket_sendmsg+0x82/0xa0
[  289.988000][ T6419]  ? netlink_getsockopt+0x530/0x530
[  289.993175][ T6419]  ____sys_sendmsg+0x5a2/0x8c0
[  289.997921][ T6419]  ? __sys_sendmsg_sock+0x40/0x40
[  290.002939][ T6419]  ? import_iovec+0x7c/0xb0
[  290.007436][ T6419]  ___sys_sendmsg+0x1f0/0x260
[  290.012105][ T6419]  ? __sys_sendmsg+0x250/0x250
[  290.016857][ T6419]  ? __fdget+0x1a1/0x230
[  290.021084][ T6419]  __x64_sys_sendmsg+0x1e2/0x2a0
[  290.025998][ T6419]  ? ___sys_sendmsg+0x260/0x260
[  290.030824][ T6419]  ? switch_fpu_return+0x197/0x340
[  290.035914][ T6419]  do_syscall_64+0x31/0x40
[  290.040347][ T6419]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  290.046215][ T6419] RIP: 0033:0x7fef166a6be9
[  290.050610][ T6419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.070193][ T6419] RSP: 002b:00007fef1510f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.078585][ T6419] RAX: ffffffffffffffda RBX: 00007fef168cdfa0 RCX: 00007fef166a6be9
[  290.086534][ T6419] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  290.094479][ T6419] RBP: 00007fef16729e19 R08: 0000000000000000 R09: 0000000000000000
[  290.102451][ T6419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  290.110402][ T6419] R13: 00007fef168ce038 R14: 00007fef168cdfa0 R15: 00007ffeca101718
[  290.118347][ T6419] 
[  290.120651][ T6419] Allocated by task 6419:
[  290.124962][ T6419]  __kasan_kmalloc+0xda/0x110
[  290.129615][ T6419]  __kmalloc+0x1a7/0x330
[  290.133832][ T6419]  tcf_idr_create+0x5f/0x790
[  290.138397][ T6419]  tcf_idr_create_from_flags+0x61/0x70
[  290.143829][ T6419]  tcf_gact_init+0x2b4/0x520
[  290.148394][ T6419]  tcf_action_init_1+0x3e1/0x670
[  290.153309][ T6419]  tcf_action_init+0x1e6/0x700
[  290.158051][ T6419]  tcf_exts_validate+0x215/0x510
[  290.162962][ T6419]  mall_set_parms+0x4b/0x410
[  290.167521][ T6419]  mall_change+0x45c/0x750
[  290.171926][ T6419]  tc_new_tfilter+0x13f6/0x1a10
[  290.176771][ T6419]  rtnetlink_rcv_msg+0x800/0xb90
[  290.181692][ T6419]  netlink_rcv_skb+0x1e0/0x430
[  290.186426][ T6419]  rtnetlink_rcv+0x1c/0x20
[  290.190816][ T6419]  netlink_unicast+0x876/0xa40
[  290.195550][ T6419]  netlink_sendmsg+0x88d/0xb30
[  290.200463][ T6419]  ____sys_sendmsg+0x5a2/0x8c0
[  290.205209][ T6419]  ___sys_sendmsg+0x1f0/0x260
[  290.209877][ T6419]  __x64_sys_sendmsg+0x1e2/0x2a0
[  290.214804][ T6419]  do_syscall_64+0x31/0x40
[  290.219197][ T6419]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  290.225055][ T6419] 
[  290.227362][ T6419] The buggy address belongs to the object at ffff88811d6bae00
[  290.227362][ T6419]  which belongs to the cache kmalloc-192 of size 192
[  290.241477][ T6419] The buggy address is located 0 bytes to the right of
[  290.241477][ T6419]  192-byte region [ffff88811d6bae00, ffff88811d6baec0)
[  290.255066][ T6419] The buggy address belongs to the page:
[  290.260687][ T6419] page:ffffea000475ae80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d6ba
[  290.270997][ T6419] flags: 0x4000000000000200(slab)
[  290.276005][ T6419] raw: 4000000000000200 ffffea0004ad4d80 0000000600000006 ffff888100043380
[  290.284568][ T6419] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  290.293126][ T6419] page dumped because: kasan: bad access detected
[  290.299508][ T6419] page_owner tracks the page as allocated
[  290.305207][ T6419] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4798, ts 266228529057, free_ts 264968758531
[  290.321349][ T6419]  prep_new_page+0x179/0x180
[  290.325932][ T6419]  get_page_from_freelist+0x2235/0x23d0
[  290.331458][ T6419]  __alloc_pages_nodemask+0x268/0x5f0
[  290.336896][ T6419]  new_slab+0x84/0x3f0
[  290.340946][ T6419]  ___slab_alloc+0x2a6/0x450
[  290.345770][ T6419]  __slab_alloc+0x63/0xa0
[  290.350072][ T6419]  __kmalloc_track_caller+0x1ef/0x320
[  290.355419][ T6419]  kmemdup+0x26/0x60
[  290.359293][ T6419]  neigh_parms_alloc+0x85/0x430
[  290.364121][ T6419]  ipv6_add_dev+0x301/0x10a0
[  290.368694][ T6419]  addrconf_notify+0x582/0xe90
[  290.373432][ T6419]  raw_notifier_call_chain+0x90/0x100
[  290.378781][ T6419]  call_netdevice_notifiers+0x111/0x190
[  290.384388][ T6419]  register_netdevice+0x1043/0x13c0
[  290.389560][ T6419]  __ip_tunnel_create+0x2bf/0x380
[  290.394592][ T6419]  ip_tunnel_init_net+0x290/0x740
[  290.399591][ T6419] page last free stack trace:
[  290.404266][ T6419]  free_unref_page_prepare+0x2b7/0x2d0
[  290.409729][ T6419]  __free_pages+0x14b/0x380
[  290.414208][ T6419]  free_pages+0x82/0x90
[  290.418347][ T6419]  kasan_depopulate_vmalloc_pte+0x6b/0x90
[  290.424037][ T6419]  __apply_to_page_range+0x74e/0x9e0
[  290.429297][ T6419]  apply_to_existing_page_range+0x38/0x50
[  290.434989][ T6419]  kasan_release_vmalloc+0x97/0xb0
[  290.440078][ T6419]  __purge_vmap_area_lazy+0x133b/0x1470
[  290.445597][ T6419]  _vm_unmap_aliases+0x2f8/0x380
[  290.450511][ T6419]  vm_unmap_aliases+0x19/0x20
[  290.455164][ T6419]  change_page_attr_set_clr+0x311/0xc10
[  290.460771][ T6419]  set_memory_ro+0x89/0xd0
[  290.465167][ T6419]  bpf_int_jit_compile+0x860b/0x8ae0
[  290.470427][ T6419]  bpf_prog_select_runtime+0x742/0x9e0
[  290.475974][ T6419]  bpf_prepare_filter+0xed9/0x1080
[  290.481057][ T6419]  bpf_prog_create+0x147/0x210
[  290.485791][ T6419] 
[  290.488092][ T6419] Memory state around the buggy address:
[  290.493700][ T6419]  ffff88811d6bad80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  290.501914][ T6419]  ffff88811d6bae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  290.510052][ T6419] >ffff88811d6bae80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  290.518174][ T6419]                                            ^
[  290.524303][ T6419]  ffff88811d6baf00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.532339][ T6419]  ffff88811d6baf80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  290.540369][ T6419] ==================================================================
[  290.548416][ T6419] Disabling lock debugging due to kernel taint
Jan  1 00:05:25 syzkaller kern.alert kernel: [  290.299508][ T6419] page_owner tracks the page as allocated
Jan  1 00:05:25 syzkaller kern.alert kernel: [  290.305207][ T6419] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 4798, ts 266228529057, free_ts 264968758531
Jan  1 00:05:25 syzkaller kern.alert kernel: [  290.399591][ T6419] page last free stack trace:
[  292.126948][   T24] kauditd_printk_skb: 258 callbacks suppressed
[  292.126959][   T24] audit: type=1400 audit(327.100:5585): avc:  denied  { read write } for  pid=279 comm="syz-executor" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0