last executing test programs:

5m24.042643708s ago: executing program 32 (id=6891):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000300)={0x1100, 0x0, 0x5, 0x2a40})

5m14.108273474s ago: executing program 33 (id=7297):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000001}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f000000a280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000029c0)=@newtaction={0x48, 0x5a, 0x1, 0x0, 0x0, {0x2}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)

4m47.448335982s ago: executing program 34 (id=8332):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001380)={0x2, 0x12, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, [@sadb_ident={0x2, 0xb, 0x2, 0x0, 0x9}]}, 0x20}}, 0x0)

4m42.309607793s ago: executing program 35 (id=8478):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000005280), 0x0)

4m13.395386027s ago: executing program 36 (id=9423):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e21, 0x4, @remote, 0x4}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002940)=[{{0x0, 0x57, 0x0}}], 0x62, 0x0)

3m44.036984677s ago: executing program 37 (id=10288):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r0, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r0, 0x0)

3m6.815657481s ago: executing program 38 (id=11770):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
getpriority(0x2, 0x80000000)

3m0.931147153s ago: executing program 39 (id=12015):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711041000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007301"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

2m55.299912532s ago: executing program 40 (id=12228):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
fstatfs(0xffffffffffffffff, 0x0)

2m37.480225299s ago: executing program 41 (id=12701):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
io_setup(0x3, &(0x7f0000000340))

2m19.894107706s ago: executing program 42 (id=13428):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xffffffffffffffff)

1m59.88849847s ago: executing program 4 (id=13993):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ustat(0x9, 0x0)

1m59.85888675s ago: executing program 4 (id=13994):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_alloc\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20)

1m59.840864881s ago: executing program 4 (id=13995):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000060000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
alarm(0x0)

1m59.781543581s ago: executing program 4 (id=13997):
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x8, 0x0, 0x0)
open(&(0x7f00000002c0)='./file0/file0\x00', 0x141840, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
open(&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x0)

1m59.715832692s ago: executing program 4 (id=14000):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)

1m59.604726404s ago: executing program 4 (id=14002):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x2)
lstat(0x0, 0x0)

1m59.604630864s ago: executing program 43 (id=14002):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x2)
lstat(0x0, 0x0)

1m37.336598552s ago: executing program 5 (id=14751):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x810412, &(0x7f00000005c0)=ANY=[], 0x2, 0x1e3, &(0x7f0000000b40)="$eJzsmb+PEkEUx78zuwd3F2NiY2Fj4RnPKMvuooaGGEzsTcBfnUQWgi5gYE2AxERiQ2NpYWLrP2BhQWVhZ2erhZqYWEhpvWZmh91lFwj+SCTxfRJmv2/mzZt5w/BIAARB/Ld8+fzj09Mrxep5AEdwgKzq/6ZFPjzm//H5w3PPSldfvPrw8m3n6KNpMh4D4Pubr78H4E1ZgxeYj5PjB+pZBQ/1dXCcVfomGE4rfQccN5R2wHBb6Xsx3d1TwnWMu1233mi5jikaSzR2Q0usrwOYjRnqAHZlbr7PYuP94eh+zXWdXlLs+PN1UkObiAyi6evOT+6vzFFSttifeL9uTZ6MhW2ofjN2fhY4LKULYKgoXUQWhmFERxLL/4QexdfW5c/SKYH9ev5/RRzLLfRc/kfbILFdInVFxQc67Dk+m75Lz/q6LZv/DSELF4DU0Pv9P4s8L1JLfaL6xHTgTKw+6dDD+pH32g/y/eEo12rXmk7T6dh24ZJ5wTQv2nlZiIJ2Tf3blfVpPxZ/Z4VvhmUwqHlezxoAXs8KbTtoowRQed39LudwWf84Dk8FMcRVkWlnl6/B1IvLp1CHya8UgiAIgiAIgiAIgiAIgiCIjZksWCfB5K+g6o8qfwX2Nen9MwAA///ClF/r")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
readlinkat(r0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)

1m37.248628074s ago: executing program 5 (id=14754):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='system.posix_acl_default\x00', &(0x7f0000000240), 0x24, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f00000003c0)='./bus\x00', 0x0)
renameat2(r0, &(0x7f0000000300)='./bus\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x4)

1m37.213302254s ago: executing program 5 (id=14757):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001680)=ANY=[@ANYBLOB="05000000010000008e000000c9e7000001"], 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe306, r1}, 0x38)

1m37.184493344s ago: executing program 5 (id=14758):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x880, &(0x7f00000001c0)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00'], 0x4, 0x2d5, &(0x7f00000007c0)="$eJzs3c9qXFUcB/DvTSYzYwUzC1cieEEXrkrTJ5ggKYhZWbJQFxpsCpIJQgsB/+C0K7duXLjwCQTBB3HjG/gAgjtbKFy5d+5kZuo0f0onVfv5bPLLued37u+cnJvcLHLyyetHh7fK3L7/9e/p94usDTPMgyKDrGXqXhYMvwsA8F/2oKryZzWx7Hpxb3lekaS/4toAgNU46+d/65WT6JdLKQsAWKGbH3z43vbu7s77ZdnPjaNvj/fq3+zrj5Pr27fzWUY5yLVs5lHSvChspHlbqMMbVVWNO+XDsiwHeetofLxXZx59/Gs7/vYfSZO/lc0MmqaTt40m/93dna1yYi5/XNdxpb3/sM6/ns28epK8kH99SX72unn7zbn6r2Yzv32azzPKraaISX4vuzvfbJXlO9X3f331UV1enV+Mj/d6Tb+Zav2SvzQAAAAAAAAAAAAAAAAAAAAAAPyPXW3PzumlOb+nbmrP31l/VH+ykXJqsHg+zyS/mA40fz5QVVXjKj9Oz+e5VpZl1Xac5XfyWied5zNrAAAAAAAAAAAAAAAAAAAA+He5+8WXh/uj0cGdZxIUa5NRO0ke3kyedpzhXMsbWewzTBZaeu1M9kej9u4ZHQzmBuw0LW161qd9iuTUMupJPKNlOSt4ab7C+eCnny86YP/sPhvL7/VUwZXlazjdXYf7xfI17GXa0m83yQ/dZNanm3OW0X3SpSoX2X7dJRUmmxdelu7LTTA+pU+KJxe2fvJcti3F47PoNqu6NH2jDfLYAzLbG+faz+lP0v/5vaJwWgcAAAAAAAAAAAAAAAAAAKzU7K9/l1y8f2rqWtVbWVkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKlm////AsG4TT5H527u3H3OUwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAF8HcAAAD//91tVuk=")
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x4082)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x16, 0x4, "fee8a2ab78fc179fd1f8a0a1af1ea89de2b7fb646e00000000000000000300", "2809e8db4820a100005240f45f819e00000000eaffffffffffffff133100348100", "90be8b000079b40000000000e98c72c900", [0x4, 0x1]}})
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x5)

1m37.066701106s ago: executing program 5 (id=14759):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

1m36.973981138s ago: executing program 5 (id=14763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1m36.904329459s ago: executing program 44 (id=14763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

47.637068127s ago: executing program 9 (id=16356):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r2, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x0)

47.552540128s ago: executing program 9 (id=16357):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x0, 0xfffffffd, 0x1, @mcast1, @mcast2, 0x8000, 0x0, 0x2000002}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, @local, @rand_addr=' \x01\x00'}})

47.552241658s ago: executing program 9 (id=16358):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
connect$netlink(r0, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfb}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, 0x5, 0x1, 0x101}, 0x14}}, 0x40088c0)

47.511897859s ago: executing program 9 (id=16360):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001300), 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)

47.320890672s ago: executing program 9 (id=16361):
r0 = socket(0x2, 0x3, 0xff)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x44a8, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmsg$key(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x18}}, 0x20)

47.204452023s ago: executing program 9 (id=16363):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x380c8c0, &(0x7f00000000c0)={[{@nogrpid}, {@sb={'sb', 0x3d, 0x4}}, {@grpquota}]}, 0x0, 0x606, &(0x7f00000009c0)="$eJzs3U9sHFf9APDvjP/sJnHq9PcrUkFAQlsIqKodO20U9dJWSEilqkAKnHpILXtjWV5nI/8ptbGEc+LAFUQlxAHOnDgUcUDqCSFuHJDgxqUckCpkgWIkVC2a2dnN7no3tuM/8Z/PR1rNm3lv5/ve2PNm9+3uvADOrCsRsRERwxHxbkSMRpJvT4pHvN54ZOUebK5Pb22uTydRr9/652Cxh/XqYNc+L0TED5srGw+3l9rKLK2uzU9Vq5XFYn18eeHe+NLq2ktzC1OzldnK3cnJGxM3rt28/srkgbX18sKvP/nG3Fvf/d1vv/Dxnza+9v2sfa8VeVnb2oom9Xq9kRpuLM49TsDXimMYQzFS7CGNiOx4vbWfhhwjA0V7hnvklZ9Afdib7P/x/yLiuSLd4o8HAKdWvT4a9dH29YfSjrV6PelRBgA4ebL3/CORpGPF+/+RSNOxsXwMr/xMnE+rtaXlF+/UVu7OZHkRl2IovTNXrVzLxwojSjGUZOsTeV6en69Pdq1fj4inI+LHpXP5+th0rTrzpF70AMAZd6Hr+v/vUpr2+iynB58QAMBJtrcref0Hze/GAAAn1/br/9ATqQcAcHSM5APA2dN2/S/1LfRp8Y3Bo6kSAHDIyl2//e9lxwIAwInSc/z/nYsP08+2bgcGAJwSPv8HgDPl22+/nT3q5Ujy+1/PvLe6Ml9776WZytL82MLK9Nh0bfEzA7O12mx+z56F9ucONBb327dVa7V7Ey/Hyvvjy5Wl5fGl1bXbC7WVu8u38/t6367s8t4CAMAhevryR39NImLj1XP5I5pzOfi8H0693qd594w+vT3WnDjAsTGwx/I/cWcAODV2d6UHTqNel3Ov6+Fs6fPl3tbPgXt+RSjrKD7ov0/9CBxvVz/bZ/y/+7VB50Dhp24DACdfcVobBoAzaK/j/518GAAn2aMv/H4YBKdZvZ6Yzx8Azpjud/C/+fO2lwj7GyIAjr2dbu5lJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2G8kfSTpWzAU+Emk6NhZxMSIuxVByZ65auRYRT0XEX0pDpTtzb/zxSdcZANiv9B9JMf/X1dEXRrpzh5P/lPJlRHzvZ7cG8imDG1rblz+49dP3p5aXFyd7BijFzw+/FQBAy2D3huZ1Ol9OFBvTYrm5Pv1gc326796+fvAV/OSNxuSiWdytzfXpobaqNyo/ms9RfP5fSUdjkgOamHjjckQ824j/oNX+tJV/qZj5tDt+FvviQcS/3xb/+Yv536CRk0SpI36p43lpntdYZsfi/8+1sua653TuiHcAdYbT4qOs/3m9+/yP/My6ki+L82+wszMtx4+2d66Podn/bdUb/d9WW/xs/9+6WM77ml7935Xdxnj592/2zbs/UP/cYEQz9lZb/9NQzlPN+Elb/Bd2Gf9vn//ic/0OVv0XEVdvFis94zdS48sL98aXVtd+9c0P/zBbma3cnZy8MXHj2s3rr0yO52PU482R6jbNjvDV4af6tz/ifPRuf7nV/qTn8f9ykd7p/+CX/333nS89Iv5Xn+8VP41nWvG3//2zpn1lh7hNU+c/7Dt9dxZ/pk/7BzviD3c8L9v2YvfO+vxDfvz3tZldVhUAOAJLq2vzU9VqZXE3iTTW5qeabzR3/ayOxLldF35zdG97nqpWY+/12VdiKDsIkRRbyocV68K2Lc3XYnvd4VC0tlw+ygO138T9PRQuHVY10j6nTHZCrM0PRLU5HrXjDotyG33LXHrs82t3iSuPLpM34mj7IeDodZ70AAAAAAAAAAAAAADAcbT0neKWfwf8S6Pyol8WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPj+FwAA///39Le5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

47.128193615s ago: executing program 45 (id=16363):
r0 = openat$selinux_policy(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x380c8c0, &(0x7f00000000c0)={[{@nogrpid}, {@sb={'sb', 0x3d, 0x4}}, {@grpquota}]}, 0x0, 0x606, &(0x7f00000009c0)="$eJzs3U9sHFf9APDvjP/sJnHq9PcrUkFAQlsIqKodO20U9dJWSEilqkAKnHpILXtjWV5nI/8ptbGEc+LAFUQlxAHOnDgUcUDqCSFuHJDgxqUckCpkgWIkVC2a2dnN7no3tuM/8Z/PR1rNm3lv5/ve2PNm9+3uvADOrCsRsRERwxHxbkSMRpJvT4pHvN54ZOUebK5Pb22uTydRr9/652Cxh/XqYNc+L0TED5srGw+3l9rKLK2uzU9Vq5XFYn18eeHe+NLq2ktzC1OzldnK3cnJGxM3rt28/srkgbX18sKvP/nG3Fvf/d1vv/Dxnza+9v2sfa8VeVnb2oom9Xq9kRpuLM49TsDXimMYQzFS7CGNiOx4vbWfhhwjA0V7hnvklZ9Afdib7P/x/yLiuSLd4o8HAKdWvT4a9dH29YfSjrV6PelRBgA4ebL3/CORpGPF+/+RSNOxsXwMr/xMnE+rtaXlF+/UVu7OZHkRl2IovTNXrVzLxwojSjGUZOsTeV6en69Pdq1fj4inI+LHpXP5+th0rTrzpF70AMAZd6Hr+v/vUpr2+iynB58QAMBJtrcref0Hze/GAAAn1/br/9ATqQcAcHSM5APA2dN2/S/1LfRp8Y3Bo6kSAHDIyl2//e9lxwIAwInSc/z/nYsP08+2bgcGAJwSPv8HgDPl22+/nT3q5Ujy+1/PvLe6Ml9776WZytL82MLK9Nh0bfEzA7O12mx+z56F9ucONBb327dVa7V7Ey/Hyvvjy5Wl5fGl1bXbC7WVu8u38/t6367s8t4CAMAhevryR39NImLj1XP5I5pzOfi8H0693qd594w+vT3WnDjAsTGwx/I/cWcAODV2d6UHTqNel3Ov6+Fs6fPl3tbPgXt+RSjrKD7ov0/9CBxvVz/bZ/y/+7VB50Dhp24DACdfcVobBoAzaK/j/518GAAn2aMv/H4YBKdZvZ6Yzx8Azpjud/C/+fO2lwj7GyIAjr2dbu5lJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2G8kfSTpWzAU+Emk6NhZxMSIuxVByZ65auRYRT0XEX0pDpTtzb/zxSdcZANiv9B9JMf/X1dEXRrpzh5P/lPJlRHzvZ7cG8imDG1rblz+49dP3p5aXFyd7BijFzw+/FQBAy2D3huZ1Ol9OFBvTYrm5Pv1gc326796+fvAV/OSNxuSiWdytzfXpobaqNyo/ms9RfP5fSUdjkgOamHjjckQ824j/oNX+tJV/qZj5tDt+FvviQcS/3xb/+Yv536CRk0SpI36p43lpntdYZsfi/8+1sua653TuiHcAdYbT4qOs/3m9+/yP/My6ki+L82+wszMtx4+2d66Podn/bdUb/d9WW/xs/9+6WM77ml7935Xdxnj592/2zbs/UP/cYEQz9lZb/9NQzlPN+Elb/Bd2Gf9vn//ic/0OVv0XEVdvFis94zdS48sL98aXVtd+9c0P/zBbma3cnZy8MXHj2s3rr0yO52PU482R6jbNjvDV4af6tz/ifPRuf7nV/qTn8f9ykd7p/+CX/333nS89Iv5Xn+8VP41nWvG3//2zpn1lh7hNU+c/7Dt9dxZ/pk/7BzviD3c8L9v2YvfO+vxDfvz3tZldVhUAOAJLq2vzU9VqZXE3iTTW5qeabzR3/ayOxLldF35zdG97nqpWY+/12VdiKDsIkRRbyocV68K2Lc3XYnvd4VC0tlw+ygO138T9PRQuHVY10j6nTHZCrM0PRLU5HrXjDotyG33LXHrs82t3iSuPLpM34mj7IeDodZ70AAAAAAAAAAAAAADAcbT0neKWfwf8S6Pyol8WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPj+FwAA///39Le5")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

39.828861936s ago: executing program 1 (id=16543):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f00000004c0)='system_u:object_r:hwdata_t:s0\x00', 0x1e, 0x0)

39.810321436s ago: executing program 1 (id=16545):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x30, 0x0, 0x0, 0xffffffffffffffa1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='signal_deliver\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='signal_deliver\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

39.776804077s ago: executing program 1 (id=16546):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

39.475983391s ago: executing program 1 (id=16562):
prctl$PR_SET_NAME(0xf, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46, 0x43]}, 0x2b)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

39.208535675s ago: executing program 1 (id=16568):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000b2f17db98500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000640)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
ioprio_set$pid(0x1, r2, 0x4000)

39.104977807s ago: executing program 1 (id=16573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffdfffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1c000000}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1000000}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

39.104765157s ago: executing program 46 (id=16573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffdfffff})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1c000000}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1000000}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

23.07166687s ago: executing program 7 (id=16997):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0)

23.015736841s ago: executing program 7 (id=16998):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
close(r0)

23.015192771s ago: executing program 7 (id=16999):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0b00000007000000d7c900000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x2, 0x0, &(0x7f0000000100)=<r3=>0x0)
timer_delete(r3)

22.932480562s ago: executing program 7 (id=17001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000400)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)

22.931801592s ago: executing program 7 (id=17003):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x202000, 0x0)
poll(&(0x7f0000000380)=[{r0}, {0xffffffffffffffff, 0x425a}], 0x2, 0x9)

22.775358004s ago: executing program 7 (id=17004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = dup(r2)
sendmsg$netlink(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0)

22.752032495s ago: executing program 47 (id=17004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%-010d \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = dup(r2)
sendmsg$netlink(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0)

1.247903032s ago: executing program 2 (id=17607):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8602, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_subtree(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="8fedcb5d07081196f37638e40806"], 0x66)

1.247349562s ago: executing program 2 (id=17608):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x1f, &(0x7f0000000c00)={@local, @remote, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, 'W', "71b13b", 0x6001, "c0c386817ef70118c2"}}}}}, 0x0)

1.218095542s ago: executing program 2 (id=17609):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x54, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x0, 0x8, 0xe}, {0x2, 0x6}}}]}]}]}}]}, 0x54}}, 0x0)

1.197895103s ago: executing program 2 (id=17612):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$inet6(0xa, 0x2, 0x3a)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

1.197311692s ago: executing program 0 (id=17613):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r0}, 0x10)
r1 = socket$inet6(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.136189323s ago: executing program 0 (id=17616):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r0}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000000000))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

1.116436294s ago: executing program 0 (id=17617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

1.062069644s ago: executing program 0 (id=17619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r2, 0x400, 0x2)

891.331457ms ago: executing program 0 (id=17622):
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
rt_sigpending(0x0, 0x0)
ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000100)={&(0x7f00005f2000/0x4000)=nil, 0x4000})

800.526508ms ago: executing program 6 (id=17626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000400db00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r2, 0x0, 0x400000000000000, 0x2)

760.603709ms ago: executing program 6 (id=17628):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004"], 0xfe44, 0x0)

731.185949ms ago: executing program 6 (id=17630):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

507.384953ms ago: executing program 3 (id=17640):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='percpu_free_percpu\x00', r0}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x10}, {0x4}, {0x0, 0x9}}}, 0x24}}, 0x0)

482.151933ms ago: executing program 6 (id=17642):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0xfff)

401.097014ms ago: executing program 8 (id=17643):
r0 = inotify_init1(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
rmdir(0x0)
inotify_add_watch(r0, &(0x7f0000000180)='./control\x00', 0x82000a18)

400.820494ms ago: executing program 6 (id=17644):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x1, &(0x7f0000000740)=<r2=>0x0)
io_pgetevents(r2, 0x1, 0x1, &(0x7f0000000000)=[{}], &(0x7f0000000040)={0x0, 0x3938700}, 0x0)

400.670524ms ago: executing program 3 (id=17645):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/59, 0x222000, 0x1000, 0x10, 0x1}, 0x20)

400.498224ms ago: executing program 8 (id=17646):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_encap(r2, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)

341.543535ms ago: executing program 3 (id=17647):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1cb5e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x0)

313.894326ms ago: executing program 8 (id=17648):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='freezer.state\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000240)=ANY=[], 0x118)
clock_gettime(0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r1, 0x28, 0x6, 0x0, &(0x7f0000000000))

306.092686ms ago: executing program 3 (id=17649):
bpf$PROG_LOAD(0x5, &(0x7f0000004200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r2 = socket(0x80000000000000a, 0x1, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x6, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)

256.535616ms ago: executing program 2 (id=17650):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10)
listen(r2, 0x0)

249.394086ms ago: executing program 8 (id=17651):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
close_range(r1, r2, 0x0)

249.052897ms ago: executing program 3 (id=17652):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0)

210.357698ms ago: executing program 2 (id=17653):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

128.917658ms ago: executing program 3 (id=17654):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'wg0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

128.464468ms ago: executing program 8 (id=17655):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

119.401279ms ago: executing program 6 (id=17656):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

48.97724ms ago: executing program 8 (id=17657):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x1001a, &(0x7f0000000280)={[{@quota}, {@resuid={'resuid', 0x3d, 0xee01}}, {@inlinecrypt}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x1, 0x42e, &(0x7f0000001980)="$eJzs20tvG0UcAPD/rpOUvkgo5dEHECiIiEfSpAV64AICiQsSEhzKMSRpFeI2qAkSrSIICHFFlbgjjkh8Ak5wQcAJiSsfAFWqUC4tnIzW3k1sx3k4deKCfz9pk5ndcWb+3hl7dicbQM8azn4kEYci4o+IGKxlGwsM137dXlma+ntlaSqJSuXtv5JquVsrS1NF0eJ1B/PMSBqRfp7EiRb1Lly9NjdZLs9cyfNji5c+GFu4eu352UuTF2cuzlyeOHfu7Jnxl16ceKEjcWZtunX84/mTx9549/qbU+evv/fLd0kRf1McHTK82cGnKpUOV9ddh+vSSV8XG0JbShGRna7+6vgfjFKsnbzBeP2zrjYO2FWVSqVycOPDyxXgfyyJbrcA6I7iiz67/i22PZp63BVuvlK7AMrivp1vtSN9keZl+puubztpOCLOL//zdbbF7tyHAABo8EM2/3mu1fwvjQfryt2brw0NRcR9EXEkIu6PiKMR8UBEtexDEfFwm/U3L5Ksn/+kN3YU2DZl87+X87WtxvlfMfuLoVKeO1yNvz+5MFueOZ2/JyPRvy/Lj29Sx4+v/f7lRsfq53/ZltVfzAXzdtzo29f4munJxck7ibnezU8jjve1ij9ZXQlIIuJYRBzfYR2zz3x7cqNjW8e/iQ6sM1W+iXi6dv6Xoyn+QrL5+uTYPVGeOT1W9Ir1fv3ti7c2qv+O4u+A7PwfaNn/V+MfSurXaxfa+/v7tji+0/4/kLxTTQ/k+z6aXFy8Mh4xMNfYKar7J9bni/JZ/COnWo//I7H2TpyIiKwTPxIRj0bEY3nbH4+IJyLi1CYx/vzqk+/vPP7dlcU/3db5X0sMRPOe1onS3E/fN1Q61E782fk/W02N5Hu28/m3nXa135sBAADgvymNiEORpKOr6TQdHa39v/zROJCW5xcWn70w/+Hl6dozAkPRnxZ3ugbr7oeO55f1RX6iKX8mv2/8VWl/NT86NV+e7nbw0OMObjD+M3+Wut06YNd5Xgt6l/EPvcv4h95l/EPvajH+93ejHcDea/X9/0kX2gHsvabxb9kPeojrf+hdxj/0LuMfetLC/tj6IXkJiXWJSO+KZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//9Oa5Js=")
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

0s ago: executing program 0 (id=17658):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000500)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
io_submit(0x0, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

kernel console output (not intermixed with test programs):

audit: type=1400 audit(2000000088.258:88253): avc:  denied  { write } for  pid=2775 comm="syz.3.15568" name="file2" dev="loop3" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  478.270522][   T24] audit: type=1400 audit(2000000088.305:88254): avc:  denied  { connect } for  pid=2780 comm="syz.2.15569" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  478.392251][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  478.521127][   T24] audit: type=1326 audit(2000000088.530:88255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.610808][   T24] audit: type=1326 audit(2000000088.530:88256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.713910][   T24] audit: type=1326 audit(2000000088.567:88257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.737491][   T24] audit: type=1326 audit(2000000088.567:88258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.761028][   T24] audit: type=1326 audit(2000000088.567:88259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.784574][   T24] audit: type=1326 audit(2000000088.567:88260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2794 comm="syz.9.15575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f26e3845169 code=0x7ffc0000
[  478.835319][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  478.844839][ T2803] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  478.883521][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  479.013435][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  479.380733][ T2836] netlink: 160 bytes leftover after parsing attributes in process `syz.9.15591'.
[  479.557031][ T2848] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2848 comm=syz.2.15596
[  479.705955][ T2869] syz.3.15603[2869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  479.706053][ T2869] syz.3.15603[2869] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  479.932878][T12988] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  480.048821][ T2880] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  480.065966][ T2880] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  480.082726][ T2880] F2FS-fs (loop3): fault_injection options not supported
[  480.090567][ T2880] F2FS-fs (loop3): fault_type options not supported
[  480.100204][ T2880] F2FS-fs (loop3): invalid crc value
[  480.120846][ T2880] F2FS-fs (loop3): Found nat_bits in checkpoint
[  480.171391][ T2880] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  480.178270][ T2880] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  480.210755][T12988] usb 10-1: Using ep0 maxpacket: 8
[  480.218098][ T2880] attempt to access beyond end of device
[  480.218098][ T2880] loop3: rw=2049, want=45192, limit=40427
[  480.230931][ T2880] attempt to access beyond end of device
[  480.230931][ T2880] loop3: rw=0, want=45128, limit=40427
[  480.251765][T28771] attempt to access beyond end of device
[  480.251765][T28771] loop3: rw=2049, want=45200, limit=40427
[  480.339153][T12988] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  480.354606][ T2923] netlink: 96 bytes leftover after parsing attributes in process `syz.2.15629'.
[  480.360453][T12988] usb 10-1: config 179 has no interface number 0
[  480.369774][T12988] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  480.406392][T12988] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  480.417907][T12988] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 20, changing to 8
[  480.429256][T12988] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 57696, setting to 1024
[  480.440948][T12988] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  480.454360][T12988] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  480.463486][T12988] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.493644][ T2863] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  480.518753][ T2933] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15632'.
[  480.530599][ T2933] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15632'.
[  480.531487][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  480.801805][ T2976] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  480.836997][ T2863] EXT4-fs (loop9): mounted filesystem without journal. Opts: noauto_da_alloc,max_dir_size_kb=0x0000000000000001,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue
[  481.103019][  T395] usb 10-1: USB disconnect, device number 18
[  481.108786][    C0] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  481.149025][ T3023] gretap0: refused to change device tx_queue_len
[  481.630796][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.638352][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.651613][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.658882][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.666057][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.673228][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.681168][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.689298][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.701552][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.708820][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.715981][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.723457][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.732143][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.739384][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.747759][  T322] hid-generic 00A0:0006:0003.0041: unknown main item tag 0x0
[  481.755813][  T322] hid-generic 00A0:0006:0003.0041: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  481.921391][T12981] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  482.060250][  T322] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  482.178015][T12981] usb 7-1: Using ep0 maxpacket: 16
[  482.306187][T12981] usb 7-1: config 0 has no interfaces?
[  482.477419][T12981] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  482.486352][T12981] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.494493][T12981] usb 7-1: Product: syz
[  482.498579][T12981] usb 7-1: Manufacturer: syz
[  482.498983][  T322] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  482.502894][T12981] usb 7-1: SerialNumber: syz
[  482.514277][T12981] usb 7-1: config 0 descriptor??
[  482.518203][  T322] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  482.532742][  T322] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  482.545531][  T322] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  482.554581][  T322] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.563759][  T322] usb 10-1: config 0 descriptor??
[  482.735982][ T3130] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,i_version,
[  482.746228][ T3130] ext4 filesystem being mounted at /455/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  482.778540][  T294] usb 7-1: USB disconnect, device number 20
[  482.929500][ T3149] EXT4-fs (loop3): Ignoring removed nobh option
[  482.937269][ T3149] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,nojournal_checksum,,errors=continue
[  482.948393][ T3149] ext4 filesystem being mounted at /459/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  483.088104][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.103120][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.110543][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.117996][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.129625][ T3157] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  483.129956][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.157134][  T322] plantronics 0003:047F:FFFF.0042: unknown main item tag 0x0
[  483.165356][  T322] plantronics 0003:047F:FFFF.0042: No inputs registered, leaving
[  483.175667][ T3161] netlink: 96 bytes leftover after parsing attributes in process `syz.0.15729'.
[  483.193215][  T322] plantronics 0003:047F:FFFF.0042: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  483.233698][ T3166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15730'.
[  483.242923][ T3166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15730'.
[  483.282564][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  483.299298][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  483.299763][ T3168] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  483.299763][ T3168] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  483.299763][ T3168] 
[  483.328482][ T3168] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  483.351773][T12975] usb 10-1: USB disconnect, device number 19
[  483.364969][ T3168] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,noinit_itable,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,noacl,user_xattr,quota,dioread_nolock,,errors=continue
[  483.394199][ T3181] netlink: 4 bytes leftover after parsing attributes in process `syz.6.15737'.
[  483.410221][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  483.522877][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  483.618403][ T3201] netlink: 'syz.2.15746': attribute type 4 has an invalid length.
[  483.631203][ T3201] netlink: 'syz.2.15746': attribute type 4 has an invalid length.
[  483.680840][   T24] kauditd_printk_skb: 201 callbacks suppressed
[  483.680853][   T24] audit: type=1400 audit(2000000349.368:88462): avc:  denied  { bind } for  pid=3205 comm="syz.2.15748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  483.757339][   T24] audit: type=1400 audit(2000000349.433:88463): avc:  denied  { connect } for  pid=3212 comm="syz.2.15752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  483.811676][   T24] audit: type=1400 audit(2000000349.480:88464): avc:  denied  { unlink } for  pid=3219 comm="syz.6.15755" name="#2e" dev="tmpfs" ino=485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  484.351429][   T24] audit: type=1326 audit(2000000349.994:88465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.392447][   T24] audit: type=1326 audit(2000000350.013:88466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.450191][   T24] audit: type=1400 audit(2000000350.022:88467): avc:  denied  { create } for  pid=3258 comm="syz.9.15773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  484.530562][   T24] audit: type=1326 audit(2000000350.022:88468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.555907][ T3280] tipc: Started in network mode
[  484.560600][ T3280] tipc: Own node identity ac14140f, cluster identity 4711
[  484.568157][ T3280] tipc: New replicast peer: 10.1.1.2
[  484.573590][ T3280] tipc: Enabled bearer <udp:syz0>, priority 10
[  484.590193][   T24] audit: type=1326 audit(2000000350.022:88469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.642865][   T24] audit: type=1326 audit(2000000350.022:88470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.672267][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:9' failed: Read-only file system
[  484.690324][   T24] audit: type=1326 audit(2000000350.022:88471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3249 comm="syz.0.15769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  484.717751][ T3278] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:476: comm syz.9.15782: Invalid block bitmap block 0 in block_group 0
[  484.735056][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:9' failed: Read-only file system
[  484.735202][ T3278] EXT4-fs (loop9): Remounting filesystem read-only
[  484.756057][ T3278] EXT4-fs error (device loop9): ext4_acquire_dquot:6219: comm syz.9.15782: Failed to acquire dquot type 0
[  484.772021][ T3278] EXT4-fs (loop9): 1 orphan inode deleted
[  484.784936][ T3278] EXT4-fs (loop9): mounted filesystem without journal. Opts: €�; data=ordered,errors=remount-ro,
[  484.809088][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:9' failed: Read-only file system
[  484.857583][ T3301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15791'.
[  484.866568][ T3301] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15791'.
[  484.933498][ T3311] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  485.203367][   T25] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  485.505603][   T25] usb 10-1: Using ep0 maxpacket: 32
[  485.666794][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  485.677634][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  485.687501][   T25] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  485.697167][   T25] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.705892][   T25] usb 10-1: config 0 descriptor??
[  485.751509][   T25] hub 10-1:0.0: USB hub found
[  485.769932][T12967] tipc: 32-bit node address hash set to f1414ac
[  486.999372][   T25] hub 10-1:0.0: config failed, can't read hub descriptor (err -90)
[  487.030218][  T813] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0
[  487.042525][  T813] hid-generic 0000:0000:0000.0043: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  487.451864][ T3462] device syz_tun left promiscuous mode
[  487.467990][ T3462] bridge0: port 3(syz_tun) entered disabled state
[  487.483269][   T25] hid-generic 0003:046D:C31C.0044: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.9-1/input0
[  487.638050][ T3465] F2FS-fs (loop3): fault_injection options not supported
[  487.649932][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  487.669748][ T3465] F2FS-fs (loop3): invalid crc value
[  487.689271][ T3465] F2FS-fs (loop3): Found nat_bits in checkpoint
[  487.744167][ T3465] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  487.757279][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  487.822586][  T369] usb 10-1: USB disconnect, device number 20
[  487.940313][T28771] attempt to access beyond end of device
[  487.940313][T28771] loop3: rw=2049, want=45104, limit=40427
[  488.189885][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  488.191754][ T3497] EXT4-fs (loop3): Test dummy encryption mode enabled
[  488.208541][ T3497] EXT4-fs (loop3): Ignoring removed orlov option
[  488.211901][ T3497] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,min_batch_time=0x0000000000000005,data_err=abort,,errors=continue
[  488.251411][ T3497] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2736: inode #2: comm syz.3.15873: corrupted in-inode xattr
[  488.252741][ T3497] EXT4-fs error (device loop3): ext4_xattr_ibody_get:603: inode #2: comm syz.3.15873: corrupted in-inode xattr
[  488.667012][  T369] usb 10-1: new full-speed USB device number 21 using dummy_hcd
[  489.062787][  T369] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  489.095591][   T24] kauditd_printk_skb: 131 callbacks suppressed
[  489.095606][   T24] audit: type=1326 audit(2000000354.437:88601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.125822][   T24] audit: type=1326 audit(2000000354.437:88602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.151463][   T24] audit: type=1326 audit(2000000354.437:88603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.175651][   T24] audit: type=1326 audit(2000000354.437:88604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.199535][   T24] audit: type=1326 audit(2000000354.437:88605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.218701][ T3578] netlink: 1347 bytes leftover after parsing attributes in process `syz.0.15909'.
[  489.230150][   T24] audit: type=1326 audit(2000000354.437:88606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.256691][   T24] audit: type=1326 audit(2000000354.437:88607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.281087][   T24] audit: type=1326 audit(2000000354.437:88608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3572 comm="syz.0.15907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.325241][ T3586] netlink: 35 bytes leftover after parsing attributes in process `syz.3.15913'.
[  489.334291][ T3586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15913'.
[  489.343728][  T369] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  489.358678][   T24] audit: type=1326 audit(2000000354.671:88609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.0.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.366774][  T369] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.393128][   T24] audit: type=1326 audit(2000000354.671:88610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3583 comm="syz.0.15912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  489.396952][  T369] usb 10-1: Product: syz
[  489.422222][  T369] usb 10-1: Manufacturer: syz
[  489.426901][  T369] usb 10-1: SerialNumber: syz
[  489.500912][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  489.695153][ T3510] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  489.828997][ T3619] netlink: 76 bytes leftover after parsing attributes in process `syz.6.15929'.
[  489.969363][ T3597] F2FS-fs (loop3): fault_type options not supported
[  489.975961][ T3597] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name
[  489.994695][ T9340] udevd[9340]: symlink '../../loop3' '/dev/disk/by-uuid/2a44064a-4a99-42f7-8899-4cbaeb781c24.tmp-b7:3' failed: Read-only file system
[  490.030700][ T9340] udevd[9340]: symlink '../../loop3' '/dev/disk/by-uuid/2a44064a-4a99-42f7-8899-4cbaeb781c24.tmp-b7:3' failed: Read-only file system
[  490.045326][ T3597] F2FS-fs (loop3): Found nat_bits in checkpoint
[  490.093368][ T3597] F2FS-fs (loop3): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[  490.102875][ T3597] F2FS-fs (loop3): Failed to read root inode
[  490.158464][ T3653] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15939'.
[  490.176952][ T3643] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15939'.
[  490.329023][ T3665] netlink: 16 bytes leftover after parsing attributes in process `syz.6.15948'.
[  490.401185][ T3510] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  490.418707][ T3669] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  490.655571][  T369] cdc_ncm 10-1:1.0: MAC-Address: 42:42:42:42:42:42
[  490.671634][  T369] cdc_ncm 10-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.9-1, CDC NCM, 42:42:42:42:42:42
[  490.883242][  T369] usb 10-1: USB disconnect, device number 21
[  490.901387][  T369] cdc_ncm 10-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.9-1, CDC NCM
[  491.198183][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  491.222619][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  491.234065][ T3765] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue
[  491.234160][ T3765] ext4 filesystem being mounted at /516/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  491.289331][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  491.639056][  T322] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  491.906305][T12968] usb 10-1: new full-speed USB device number 22 using dummy_hcd
[  492.066780][  T322] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  492.076948][  T322] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  492.162936][  T322] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  492.174090][  T322] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  492.181912][  T322] usb 7-1: SerialNumber: syz
[  492.291260][T12968] usb 10-1: config 0 has no interfaces?
[  492.334499][ T3851] syzkaller0: refused to change device tx_queue_len
[  492.466653][ T3861] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  492.473106][T12968] usb 10-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  492.482227][T12968] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.484513][  T322] usb 7-1: 0:2 : does not exist
[  492.490775][T12968] usb 10-1: Product: syz
[  492.499120][T12968] usb 10-1: Manufacturer: syz
[  492.508932][T12968] usb 10-1: SerialNumber: syz
[  492.515978][T12968] usb 10-1: config 0 descriptor??
[  492.522125][  T322] usb 7-1: USB disconnect, device number 21
[  492.623773][ T3867] serio: Serial port ptm0
[  492.786500][T13030] usb 10-1: USB disconnect, device number 22
[  493.002746][ T3894] SELinux: failed to load policy
[  493.577260][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  493.594633][ T3933] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  493.597912][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  493.657705][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  493.661513][ T3950] syz.3.16055[3950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  493.669049][ T3950] syz.3.16055[3950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  494.344970][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  494.379889][ T3975] EXT4-fs (loop9): mounted filesystem without journal. Opts: errors=remount-ro,nodioread_nolock,
[  494.399403][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  494.418591][ T3975] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  494.505956][   T24] kauditd_printk_skb: 154 callbacks suppressed
[  494.505969][   T24] audit: type=1400 audit(2000000359.498:88765): avc:  denied  { create } for  pid=3974 comm="syz.9.16066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  494.666962][   T24] audit: type=1326 audit(2000000359.648:88766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4000 comm="syz.3.16077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f098341f169 code=0x0
[  494.723113][ T3994] cgroup: fork rejected by pids controller in /syz9
[  494.853425][    T7] tipc: Disabling bearer <udp:syz1>
[  494.864603][    T7] tipc: Left network mode
[  494.935503][   T24] audit: type=1400 audit(2000000359.891:88767): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  494.982468][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.989551][ T4022] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.997368][ T4022] device bridge_slave_0 entered promiscuous mode
[  495.004649][ T4022] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.012074][ T4022] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.019903][ T4022] device bridge_slave_1 entered promiscuous mode
[  495.079689][ T4022] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.086710][ T4022] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.093820][ T4022] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.100751][ T4022] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.123192][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  495.131267][  T329] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.139126][  T329] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.160953][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  495.169336][  T329] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.176184][  T329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.183657][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  495.193472][  T329] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.200351][  T329] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.223449][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  495.231936][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  495.239892][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  495.253999][ T4022] device veth0_vlan entered promiscuous mode
[  495.260180][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  495.268319][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  495.276005][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  495.291350][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  495.300904][ T4022] device veth1_macvtap entered promiscuous mode
[  495.311719][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  495.324553][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  495.340663][   T24] audit: type=1400 audit(2000000360.274:88768): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/root/syzkaller.sljauc/syz-tmp" dev="sda1" ino=1976 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  495.365445][   T24] audit: type=1400 audit(2000000360.274:88769): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/root/syzkaller.sljauc/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  495.426908][   T24] audit: type=1400 audit(2000000360.274:88770): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/root/syzkaller.sljauc/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=137683 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  495.456576][   T24] audit: type=1400 audit(2000000360.302:88771): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  495.481354][   T24] audit: type=1400 audit(2000000360.302:88772): avc:  denied  { mounton } for  pid=4022 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  495.511985][   T24] audit: type=1326 audit(2000000360.433:88773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4039 comm="syz.6.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  495.547834][   T24] audit: type=1326 audit(2000000360.433:88774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4039 comm="syz.6.16091" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  495.635704][    T7] device bridge_slave_1 left promiscuous mode
[  495.642193][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.649898][    T7] device bridge_slave_0 left promiscuous mode
[  495.651920][ T4050] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  495.655867][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  495.671095][    T7] device veth1_macvtap left promiscuous mode
[  495.681157][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  495.696833][ T4052] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  495.726428][ T4052] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:3342: comm syz.9.16097: Allocating blocks 481-513 which overlap fs metadata
[  495.745539][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  495.785013][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  495.838897][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  495.855828][ T4070] netlink: 'syz.3.16103': attribute type 4 has an invalid length.
[  495.869781][ T4070] netlink: 'syz.3.16103': attribute type 4 has an invalid length.
[  495.939427][ T4084] netlink: 'syz.6.16110': attribute type 4 has an invalid length.
[  495.976932][ T4086] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4086 comm=syz.9.16112
[  496.128852][ T4101] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4101 comm=syz.9.16117
[  496.256669][ T4111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16124'.
[  496.364332][  T813] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  496.749164][  T813] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  496.762149][  T813] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  496.856519][  T813] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  496.868875][  T813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  496.887456][  T813] usb 4-1: SerialNumber: syz
[  497.108872][ T4185] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[  497.198967][  T813] usb 4-1: 0:2 : does not exist
[  497.203695][  T813] usb 4-1: unit 253 not found!
[  497.210174][  T813] usb 4-1: USB disconnect, device number 67
[  497.318234][ T4198] netlink: 'syz.0.16164': attribute type 6 has an invalid length.
[  497.425920][T12729] udevd[12729]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  497.852388][T12968] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0
[  497.868645][T12968] hid-generic 0000:0000:0000.0045: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  497.915104][ T4251] EXT4-fs (loop9): Mount option "nodioread_nolock" incompatible with ext2
[  497.928306][ T9340] udevd[9340]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  497.995257][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  498.043958][ T4268] input: syz1 as /devices/virtual/input/input71
[  498.133568][ T4279] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  498.879564][ T4322] netlink: 32 bytes leftover after parsing attributes in process `syz.6.16219'.
[  498.888814][ T4322] netem: unknown loss type 13
[  498.893365][ T4322] netem: change failed
[  499.009583][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  499.032500][ T4343] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  499.041757][ T4343] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  499.057575][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  499.082384][ T4022] EXT4-fs error (device loop9): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /50/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  499.139318][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  499.244141][ T4376] syz.3.16243[4376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  499.244212][ T4376] syz.3.16243[4376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  499.572039][ T4386] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  499.612216][ T4386] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  499.622780][ T4386] F2FS-fs (loop3): invalid crc value
[  499.630310][ T4386] F2FS-fs (loop3): Found nat_bits in checkpoint
[  499.675973][ T4386] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  499.683072][ T4386] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  499.790283][ T4386] attempt to access beyond end of device
[  499.790283][ T4386] loop3: rw=2049, want=79872, limit=40427
[  499.809511][ T4386] attempt to access beyond end of device
[  499.809511][ T4386] loop3: rw=2049, want=81920, limit=40427
[  499.834587][ T4386] attempt to access beyond end of device
[  499.834587][ T4386] loop3: rw=2049, want=53240, limit=40427
[  499.848269][ T4386] attempt to access beyond end of device
[  499.848269][ T4386] loop3: rw=2049, want=53248, limit=40427
[  499.875721][ T4386] attempt to access beyond end of device
[  499.875721][ T4386] loop3: rw=2049, want=61848, limit=40427
[  499.912797][ T4386] attempt to access beyond end of device
[  499.912797][ T4386] loop3: rw=2049, want=68624, limit=40427
[  500.277666][    T7] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  500.288014][    T7] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  500.304597][   T24] kauditd_printk_skb: 88 callbacks suppressed
[  500.304613][   T24] audit: type=1400 audit(2000000364.914:88863): avc:  denied  { read } for  pid=4412 comm="syz.2.16258" dev="sockfs" ino=138811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  500.350213][    T7] attempt to access beyond end of device
[  500.350213][    T7] loop3: rw=2049, want=55632, limit=40427
[  500.378778][    T7] attempt to access beyond end of device
[  500.378778][    T7] loop3: rw=1, want=69632, limit=40427
[  500.393684][   T24] audit: type=1326 audit(2000000364.998:88864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.423123][    T7] attempt to access beyond end of device
[  500.423123][    T7] loop3: rw=2049, want=56336, limit=40427
[  500.431078][   T24] audit: type=1326 audit(2000000364.998:88865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.461591][ T4425] SELinux:  Context system_u:object_r:systemd_logind_sessions_t:s0 is not valid (left unmapped).
[  500.486620][   T24] audit: type=1326 audit(2000000364.998:88866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.510998][   T24] audit: type=1326 audit(2000000364.998:88867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.535293][   T24] audit: type=1326 audit(2000000364.998:88868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.571396][   T24] audit: type=1326 audit(2000000365.026:88869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.2.16262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  500.595746][   T24] audit: type=1400 audit(2000000365.073:88870): avc:  denied  { relabelto } for  pid=4424 comm="syz.2.16265" name="file0" dev="tmpfs" ino=17937 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:systemd_logind_sessions_t:s0"
[  500.624312][   T24] audit: type=1400 audit(2000000365.073:88871): avc:  denied  { associate } for  pid=4424 comm="syz.2.16265" name="file0" dev="tmpfs" ino=17937 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_logind_sessions_t:s0"
[  500.657548][   T24] audit: type=1400 audit(2000000365.082:88872): avc:  denied  { unlink } for  pid=303 comm="syz-executor" name="file0" dev="tmpfs" ino=17937 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:systemd_logind_sessions_t:s0"
[  500.761313][ T4440] netlink: 40 bytes leftover after parsing attributes in process `syz.3.16259'.
[  500.994184][ T4462] exfat: Deprecated parameter 'utf8'
[  500.999337][ T4462] exfat: Deprecated parameter 'namecase'
[  501.006124][ T4462] exfat: Deprecated parameter 'utf8'
[  501.049765][ T4462] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  501.202543][ T4487] netlink: 140 bytes leftover after parsing attributes in process `syz.3.16293'.
[  501.212324][ T4487] netlink: 140 bytes leftover after parsing attributes in process `syz.3.16293'.
[  501.222266][ T4487] netlink: 140 bytes leftover after parsing attributes in process `syz.3.16293'.
[  501.229884][  T369] Bluetooth: hci0: command 0x1003 tx timeout
[  501.237192][T21883] Bluetooth: hci0: sending frame failed (-49)
[  501.258975][ T4494] device batadv_slave_1 entered promiscuous mode
[  501.277440][ T4492] device batadv_slave_1 left promiscuous mode
[  501.299957][ T4499] netlink: 104 bytes leftover after parsing attributes in process `syz.2.16299'.
[  501.618756][ T4531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16313'.
[  501.641612][ T4531] device ip6gretap0 left promiscuous mode
[  501.667640][ T4531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16313'.
[  502.462386][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  502.470919][ T4557] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[  502.481136][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  502.482984][ T4557] ext4 filesystem being mounted at /582/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.509219][ T4557] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.16323: bg 0: block 393: padding at end of block bitmap is not set
[  502.512469][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  502.524002][ T4557] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 117
[  502.547353][ T4557] EXT4-fs (loop3): This should not happen!! Data will be lost
[  502.547353][ T4557] 
[  502.623018][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  503.441458][  T369] Bluetooth: hci0: command 0x1001 tx timeout
[  503.453601][T21883] Bluetooth: hci0: sending frame failed (-49)
[  503.555952][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  503.577458][ T4643] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue
[  503.584806][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-uuid/00000000-0000-0000-0000-001000000000.tmp-b7:9' failed: Read-only file system
[  503.628497][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  503.669350][T12729] udevd[12729]: symlink '../../loop9' '/dev/disk/by-uuid/00000000-0000-0000-0000-001000000000.tmp-b7:9' failed: Read-only file system
[  503.789230][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:9' failed: Read-only file system
[  504.140056][    T7] device bridge_slave_1 left promiscuous mode
[  504.156169][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.169099][    T7] device bridge_slave_0 left promiscuous mode
[  504.185223][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.237939][    T7] device veth1_macvtap left promiscuous mode
[  504.245646][    T7] device veth0_vlan left promiscuous mode
[  504.558675][ T4649] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.576245][ T4649] bridge0: port 1(bridge_slave_0) entered disabled state
[  504.583743][ T4649] device bridge_slave_0 entered promiscuous mode
[  504.655582][ T4649] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.692302][ T4649] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.699639][ T4649] device bridge_slave_1 entered promiscuous mode
[  504.712775][ T4659] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  504.726351][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  504.756387][ T4659] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  504.800222][ T4659] F2FS-fs (loop3): Found nat_bits in checkpoint
[  504.871248][ T4659] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  504.880627][ T4659] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  505.104215][ T4677] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4677 comm=syz.0.16373
[  505.150115][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  505.158090][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  505.161685][ T4677] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4677 comm=syz.0.16373
[  505.185487][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  505.195354][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  505.204416][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.211279][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[  505.222896][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  505.232838][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  505.242335][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.249204][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[  505.288331][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  505.297514][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  505.334261][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  505.364290][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  505.381563][ T4649] device veth0_vlan entered promiscuous mode
[  505.399293][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  505.411882][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  505.420581][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  505.447708][ T4649] device veth1_macvtap entered promiscuous mode
[  505.486447][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  505.502893][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  505.547617][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  505.665118][   T20] Bluetooth: hci0: command 0x1009 tx timeout
[  505.922925][ T4725] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16394'.
[  506.160792][   T24] kauditd_printk_skb: 2064 callbacks suppressed
[  506.160808][   T24] audit: type=1326 audit(2000000370.395:90937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.211449][   T24] audit: type=1326 audit(2000000370.395:90938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.247739][   T24] audit: type=1326 audit(2000000370.395:90939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.278469][   T24] audit: type=1326 audit(2000000370.395:90940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.305975][ T4757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16409'.
[  506.321472][   T24] audit: type=1326 audit(2000000370.395:90941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.362281][   T24] audit: type=1326 audit(2000000370.423:90942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4751 comm="syz.1.16406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.383689][ T4769] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4769 comm=syz.2.16414
[  506.418416][   T24] audit: type=1326 audit(2000000370.620:90943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.1.16412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.451614][   T24] audit: type=1326 audit(2000000370.620:90944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.1.16412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.476066][   T24] audit: type=1326 audit(2000000370.620:90945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.1.16412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.500733][   T24] audit: type=1326 audit(2000000370.620:90946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4765 comm="syz.1.16412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f0d1c5169 code=0x7ffc0000
[  506.605866][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  506.615965][ T4784] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16421'.
[  506.625230][ T4784] netlink: 24 bytes leftover after parsing attributes in process `syz.1.16421'.
[  506.681348][ T4790] netlink: 9 bytes leftover after parsing attributes in process `syz.2.16424'.
[  506.690420][ T4790] device gretap0 entered promiscuous mode
[  506.698130][ T4790] netlink: 5 bytes leftover after parsing attributes in process `syz.2.16424'.
[  506.707076][ T4790] 0ªX¹¦D: renamed from gretap0
[  506.712256][ T4790] device 
30ªX¹¦D left promiscuous mode
[  506.718295][ T4790] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  506.759545][ T4795] netem: change failed
[  506.948043][T12975] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  507.125296][ T4824] overlayfs: failed to clone upperpath
[  507.332961][T12975] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  507.514800][T12975] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  507.523673][T12975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.531858][T12975] usb 2-1: Product: syz
[  507.536095][T12975] usb 2-1: Manufacturer: syz
[  507.540693][T12975] usb 2-1: SerialNumber: syz
[  507.793626][ T4788] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  508.498751][ T4788] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  508.754774][T12975] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  508.763624][T12975] cdc_ncm 2-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[  508.973563][T12975] usb 2-1: USB disconnect, device number 48
[  508.994329][T12975] cdc_ncm 2-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[  509.433137][ T4932] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  509.444002][ T4932] FAT-fs (loop5): unable to read boot sector
[  509.570429][ T4940] SELinux: failed to load policy
[  510.402101][ T5021] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  510.414444][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  510.427310][ T5021] EXT4-fs (loop3): 1 truncate cleaned up
[  510.432773][ T5021] EXT4-fs (loop3): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000002,debug_want_extra_isize=0x0000000000000068,noinit_itable,nodiscard,auto_da_alloc=0x000000000000f455,,errors=continue
[  510.460517][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  510.477527][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  510.637596][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  510.787171][ T5057] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16529'.
[  510.796272][ T5057] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  510.815075][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  510.834250][ T5048] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  510.853763][ T5048] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  510.870779][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  510.901344][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  510.939052][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  511.098795][ T5090] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  511.179568][ T5098] syz.3.16547[5098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.179639][ T5098] syz.3.16547[5098] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  511.473431][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  511.498620][ T5132] EXT4-fs (loop1): orphan cleanup on readonly fs
[  511.506395][ T5132] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.16562: bg 0: block 248: padding at end of block bitmap is not set
[  511.521721][ T5132] __quota_error: 113 callbacks suppressed
[  511.521732][ T5132] Quota error (device loop1): write_blk: dquota write failed
[  511.536895][ T5132] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  511.546871][ T5132] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.16562: Failed to acquire dquot type 1
[  511.559057][ T5132] EXT4-fs (loop1): 1 truncate cleaned up
[  511.566635][ T5132] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[  511.583384][   T24] audit: type=1400 audit(2000000375.465:91060): avc:  denied  { execute } for  pid=5131 comm="syz.1.16562" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  511.606830][ T5132] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  511.609591][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  511.637438][ T5132] Quota error (device loop1): write_blk: dquota write failed
[  511.647180][ T5132] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  511.658034][ T5142] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16565'.
[  511.667318][ T5132] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.16562: Failed to acquire dquot type 1
[  511.698150][ T5132] EXT4-fs warning (device loop1): ext4_enable_quotas:6467: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix.
[  511.724161][ T4649] EXT4-fs error (device loop1): ext4_lookup:1834: inode #2: comm syz-executor: deleted inode referenced: 12
[  511.738322][ T4649] EXT4-fs error (device loop1): ext4_lookup:1834: inode #2: comm syz-executor: deleted inode referenced: 12
[  511.874342][ T5159] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  511.899034][ T5162] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  511.952746][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.959629][ T5160] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.967119][ T5160] device bridge_slave_0 entered promiscuous mode
[  511.974085][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.980926][ T5160] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.988339][ T5160] device bridge_slave_1 entered promiscuous mode
[  512.035020][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.041898][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.049160][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.056008][ T5160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.077314][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  512.084899][  T389] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.092111][  T389] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.101996][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  512.110225][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.117312][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.128076][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  512.136250][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.143090][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.158441][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  512.168142][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  512.183867][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  512.197269][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  512.208454][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  512.222934][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  512.232638][ T5160] device veth0_vlan entered promiscuous mode
[  512.265671][   T24] audit: type=1326 audit(2000000376.101:91061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5171 comm="syz.0.16581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  512.300465][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  512.300835][   T24] audit: type=1326 audit(2000000376.101:91062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5171 comm="syz.0.16581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  512.332482][   T24] audit: type=1326 audit(2000000376.101:91063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5171 comm="syz.0.16581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  512.356185][   T24] audit: type=1326 audit(2000000376.101:91064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5171 comm="syz.0.16581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  512.366039][ T5160] device veth1_macvtap entered promiscuous mode
[  512.386893][   T24] audit: type=1326 audit(2000000376.101:91065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5171 comm="syz.0.16581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  512.413094][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  512.421814][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  512.486314][  T329] device bridge_slave_1 left promiscuous mode
[  512.496522][  T329] bridge0: port 2(bridge_slave_1) entered disabled state
[  512.504969][  T329] device bridge_slave_0 left promiscuous mode
[  512.511610][  T329] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.520199][  T329] device veth1_macvtap left promiscuous mode
[  512.526401][  T329] device veth0_vlan left promiscuous mode
[  512.581957][  T813] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  512.615479][ T5192] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5192 comm=syz.3.16587
[  512.628167][ T5192] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5192 comm=syz.3.16587
[  512.801151][ T5209] netlink: 96 bytes leftover after parsing attributes in process `syz.7.16595'.
[  512.849317][  T813] usb 7-1: Using ep0 maxpacket: 32
[  512.977640][  T813] usb 7-1: config 0 has no interfaces?
[  513.148719][  T813] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  513.157717][  T813] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.165735][  T813] usb 7-1: Product: syz
[  513.170060][  T813] usb 7-1: Manufacturer: syz
[  513.174520][  T813] usb 7-1: SerialNumber: syz
[  513.183334][  T813] usb 7-1: config 0 descriptor??
[  513.450416][T12981] usb 7-1: USB disconnect, device number 22
[  514.379725][ T5268] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  514.830442][ T5318] netlink: 'syz.0.16645': attribute type 1 has an invalid length.
[  514.932424][ T5324] netlink: 96 bytes leftover after parsing attributes in process `syz.2.16646'.
[  515.077913][ T5347] netlink: 1319 bytes leftover after parsing attributes in process `syz.0.16657'.
[  515.757077][   T20] Bluetooth: hci0: command 0x1003 tx timeout
[  515.763057][T21883] Bluetooth: hci0: sending frame failed (-49)
[  516.048984][ T5413] ip6t_REJECT: ECHOREPLY is not supported
[  516.054351][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  516.102621][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  516.147903][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  516.217648][ T5442] syz.2.16702[5442] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.217724][ T5442] syz.2.16702[5442] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.262185][ T5446] netlink: 'syz.2.16704': attribute type 5 has an invalid length.
[  516.350843][ T5453] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16706'.
[  516.523614][ T5461] device pim6reg1 entered promiscuous mode
[  517.532398][ T5496] netlink: 96 bytes leftover after parsing attributes in process `syz.6.16723'.
[  517.555804][   T24] kauditd_printk_skb: 127 callbacks suppressed
[  517.555819][   T24] audit: type=1326 audit(2000000381.050:91193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.6.16724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.587614][   T24] audit: type=1326 audit(2000000381.050:91194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.6.16724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.615176][   T24] audit: type=1326 audit(2000000381.050:91195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.6.16724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.639438][   T24] audit: type=1326 audit(2000000381.087:91196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5497 comm="syz.6.16724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.681593][   T24] audit: type=1400 audit(2000000381.171:91197): avc:  denied  { bind } for  pid=5501 comm="syz.6.16726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  517.901285][   T24] audit: type=1326 audit(2000000381.377:91198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.6.16730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.925237][   T24] audit: type=1326 audit(2000000381.377:91199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.6.16730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.956311][   T24] audit: type=1326 audit(2000000381.377:91200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.6.16730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  517.985130][  T395] Bluetooth: hci0: command 0x1001 tx timeout
[  517.991389][T21883] Bluetooth: hci0: sending frame failed (-49)
[  518.006041][   T24] audit: type=1326 audit(2000000381.405:91201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5509 comm="syz.6.16730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  518.099436][   T24] audit: type=1326 audit(2000000381.564:91202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5523 comm="syz.6.16737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  518.186713][ T5532] syz.2.16741[5532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.186780][ T5532] syz.2.16741[5532] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.618960][ T5573] syz.6.16757[5573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.631404][ T5573] syz.6.16757[5573] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.667928][ T5573] incfs: Options parsing error. -22
[  518.688720][ T5573] incfs: mount failed -22
[  518.883064][ T5595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5595 comm=syz.2.16771
[  518.966237][ T5603] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  519.380197][ T9340] udevd[9340]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  519.466243][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  519.830639][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  519.866710][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  519.966560][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  519.994843][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  520.130983][ T5640] xt_hashlimit: size too large, truncated to 1048576
[  520.136035][ T5638] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;
[  520.204456][T13030] Bluetooth: hci0: command 0x1009 tx timeout
[  520.258773][ T5643] device wireguard0 entered promiscuous mode
[  520.591675][ T5656] syz.6.16797[5656] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  520.591758][ T5656] syz.6.16797[5656] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  520.611317][   T49] Bluetooth: hci1: Frame reassembly failed (-84)
[  520.628860][ T5656] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  521.001556][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  521.411771][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  521.439012][ T5680] ------------[ cut here ]------------
[  521.444335][ T5680] WARNING: CPU: 1 PID: 5680 at mm/page_alloc.c:5332 __alloc_pages_nodemask+0x4f6/0xaf0
[  521.454148][ T5680] Modules linked in:
[  521.458289][ T5680] CPU: 1 PID: 5680 Comm: syz.7.16806 Tainted: G        W         5.10.234-syzkaller-00033-g094fc3778d6b #0
[  521.467825][ T5682] netlink: 80 bytes leftover after parsing attributes in process `syz.2.16808'.
[  521.469896][ T5680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  521.478780][ T5682] netlink: 40 bytes leftover after parsing attributes in process `syz.2.16808'.
[  521.488927][ T5680] RIP: 0010:__alloc_pages_nodemask+0x4f6/0xaf0
[  521.503586][ T5680] Code: 84 24 20 01 00 00 0f 85 bb 03 00 00 4c 89 f8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 f7 c3 00 20 00 00 0f 85 c1 fc ff ff <0f> 0b 45 31 ff eb 98 31 db 8b 7c 24 10 e9 6c fc ff ff 48 89 df 44
[  521.523438][ T5680] RSP: 0018:ffffc90001007580 EFLAGS: 00010246
[  521.529386][ T5680] RAX: ffffc90001007650 RBX: 0000000000040dc0 RCX: 0000000000000000
[  521.537444][ T5680] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc90001007668
[  521.545580][ T5680] RBP: ffffc900010076e8 R08: dffffc0000000000 R09: ffffc90001007650
[  521.553606][ T5680] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000016
[  521.561580][ T5680] R13: dffffc0000000000 R14: 1ffff92000200ec0 R15: 0000000000000016
[  521.569766][ T5680] FS:  00007f16d9b0a6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  521.578788][ T5680] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  521.585800][ T5680] CR2: 00000000ffffffff CR3: 0000000115d03000 CR4: 00000000003506a0
[  521.593740][ T5680] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  521.602446][ T5680] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  521.611282][ T5680] Call Trace:
[  521.614408][ T5680]  ? show_regs+0x58/0x60
[  521.619019][ T5680]  ? __warn+0x160/0x2f0
[  521.623370][ T5680]  ? __alloc_pages_nodemask+0x4f6/0xaf0
[  521.629108][ T5680]  ? report_bug+0x3d9/0x5b0
[  521.633500][ T5680]  ? __alloc_pages_nodemask+0x4f6/0xaf0
[  521.639278][ T5680]  ? handle_bug+0x41/0x70
[  521.643508][ T5680]  ? exc_invalid_op+0x1b/0x50
[  521.648566][ T5680]  ? asm_exc_invalid_op+0x12/0x20
[  521.653476][ T5680]  ? __alloc_pages_nodemask+0x4f6/0xaf0
[  521.659236][ T5680]  ? ____kasan_kmalloc+0xed/0x110
[  521.664132][ T5680]  ? ____kasan_kmalloc+0xdb/0x110
[  521.669572][ T5680]  ? __kasan_kmalloc+0x9/0x10
[  521.674123][ T5680]  ? kmem_cache_alloc_trace+0x18a/0x2e0
[  521.679505][ T5680]  ? class_read+0x5c/0xf20
[  521.684100][ T5680]  ? policydb_read+0xb79/0x2c10
[  521.688831][ T5680]  ? security_load_policy+0x1b3/0x13e0
[  521.694554][ T5680]  ? sel_write_load+0x339/0x550
[  521.699282][ T5680]  ? vfs_write+0x36a/0xe70
[  521.703813][ T5680]  ? ksys_write+0x199/0x2c0
[  521.708257][ T5680]  ? do_syscall_64+0x34/0x70
[  521.713065][ T5680]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  521.719902][ T5680]  ? gfp_pfmemalloc_allowed+0x120/0x120
[  521.725748][ T5680]  kmalloc_order+0x4c/0x170
[  521.730119][ T5680]  kmalloc_order_trace+0x18/0x90
[  521.735305][ T5680]  __kmalloc+0x1f1/0x330
[  521.739414][ T5680]  hashtab_init+0x9a/0x130
[  521.743672][ T5680]  symtab_init+0x41/0x60
[  521.747898][ T5680]  class_read+0x2c3/0xf20
[  521.752107][ T5680]  policydb_read+0xb79/0x2c10
[  521.756686][ T5680]  security_load_policy+0x1b3/0x13e0
[  521.761804][ T5680]  ? __kasan_check_write+0x14/0x20
[  521.766828][ T5680]  ? up_read+0x14/0x90
[  521.770664][ T5680]  ? selinux_policy_commit+0xe40/0xe40
[  521.776519][ T5680]  ? refcount_dec_and_lock_irqsave+0xd1/0x160
[  521.788422][ T5680]  ? copy_user_enhanced_fast_string+0xe/0x40
[  521.794263][ T5680]  ? _copy_from_user+0x96/0xd0
[  521.799236][ T5680]  sel_write_load+0x339/0x550
[  521.803990][ T5680]  ? sel_make_dir+0x270/0x270
[  521.808825][ T5680]  ? security_file_permission+0x86/0xb0
[  521.814207][ T5680]  ? rw_verify_area+0x1c3/0x360
[  521.819005][ T5680]  ? sel_make_dir+0x270/0x270
[  521.823521][ T5680]  vfs_write+0x36a/0xe70
[  521.827590][ T5680]  ? futex_exit_release+0x1e0/0x1e0
[  521.832738][ T5680]  ? kernel_write+0x3d0/0x3d0
[  521.837366][ T5680]  ? __kasan_check_write+0x14/0x20
[  521.842762][ T5680]  ? mutex_lock+0xa5/0x110
[  521.847018][ T5680]  ? mutex_trylock+0xa0/0xa0
[  521.851495][ T5680]  ? __fdget_pos+0x2e7/0x3a0
[  521.855885][ T5680]  ? ksys_write+0x77/0x2c0
[  521.860127][ T5680]  ksys_write+0x199/0x2c0
[  521.864542][ T5680]  ? __ia32_sys_read+0x90/0x90
[  521.869146][ T5680]  ? fpu__clear_all+0x20/0x20
[  521.873714][ T5680]  ? __kasan_check_read+0x11/0x20
[  521.878521][ T5680]  __x64_sys_write+0x7b/0x90
[  521.883144][ T5680]  do_syscall_64+0x34/0x70
[  521.888450][ T5680]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  521.894510][ T5680] RIP: 0033:0x7f16db4a0169
[  521.898808][ T5680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.918840][ T5680] RSP: 002b:00007f16d9b0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  521.927163][ T5680] RAX: ffffffffffffffda RBX: 00007f16db6b8fa0 RCX: 00007f16db4a0169
[  521.935141][ T5680] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  521.943203][ T5680] RBP: 00007f16db5212a0 R08: 0000000000000000 R09: 0000000000000000
[  521.951392][ T5680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  521.959441][ T5680] R13: 0000000000000000 R14: 00007f16db6b8fa0 R15: 00007ffdf2dcad78
[  521.967391][ T5680] ---[ end trace 9357d56d82128721 ]---
[  521.972796][ T5680] SELinux: failed to load policy
[  522.006022][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  522.034752][ T5705] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3435572954 (6871145908 ns) > initial count (1845465872 ns). Using initial count to start timer.
[  522.356226][ T5754] netlink: 20 bytes leftover after parsing attributes in process `syz.0.16841'.
[  522.365414][ T5754] IPv6: Can't replace route, no match found
[  522.770058][  T813] Bluetooth: hci1: command 0x1003 tx timeout
[  522.776067][ T5658] Bluetooth: hci1: sending frame failed (-49)
[  522.927805][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  522.958642][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  522.989269][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  523.009423][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  523.262452][   T24] kauditd_printk_skb: 95 callbacks suppressed
[  523.262467][   T24] audit: type=1326 audit(2000000386.391:91298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.292959][   T24] audit: type=1326 audit(2000000386.391:91299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.316798][   T24] audit: type=1326 audit(2000000386.391:91300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.340581][   T24] audit: type=1326 audit(2000000386.391:91301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.364574][   T24] audit: type=1326 audit(2000000386.391:91302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.388203][   T24] audit: type=1326 audit(2000000386.391:91303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.412744][   T24] audit: type=1326 audit(2000000386.419:91304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.436599][   T24] audit: type=1326 audit(2000000386.419:91305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.461635][   T24] audit: type=1326 audit(2000000386.419:91306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.504818][   T24] audit: type=1326 audit(2000000386.447:91307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5807 comm="syz.0.16867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53d787a169 code=0x7ffc0000
[  523.920180][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  523.962541][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  524.022143][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  524.288299][ T5873] device ip6gre1 entered promiscuous mode
[  524.700078][ T5903] bridge: RTM_NEWNEIGH with invalid ether address
[  524.993757][T12981] Bluetooth: hci1: command 0x1001 tx timeout
[  524.999837][T18111] Bluetooth: hci1: sending frame failed (-49)
[  526.135948][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  526.542471][ T5992] incfs: Error accessing: ./file0.
[  526.547694][ T5992] incfs: mount failed -20
[  526.685339][ T6006] overlayfs: failed to clone lowerpath
[  526.798890][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  526.843784][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  526.868854][ T6025] input: syz1 as /devices/virtual/input/input72
[  526.907436][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  526.999278][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.043677][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.087594][ T6031] cgroup: fork rejected by pids controller in /syz7
[  527.140154][   T49] Bluetooth: hci0: Frame reassembly failed (-84)
[  527.147455][ T6034] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  527.160775][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.217485][T12975] Bluetooth: hci1: command 0x1009 tx timeout
[  527.298651][ T6050] overlayfs: failed to clone upperpath
[  527.330640][ T6047] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.337641][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.345050][ T6047] device bridge_slave_0 entered promiscuous mode
[  527.356414][ T6047] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.363284][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state
[  527.370983][ T6047] device bridge_slave_1 entered promiscuous mode
[  527.435349][ T6047] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.442425][ T6047] bridge0: port 2(bridge_slave_1) entered forwarding state
[  527.449530][ T6047] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.456427][ T6047] bridge0: port 1(bridge_slave_0) entered forwarding state
[  527.490562][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  527.498945][  T389] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.512413][  T389] bridge0: port 2(bridge_slave_1) entered disabled state
[  527.533362][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  527.541539][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.548393][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[  527.556234][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  527.565616][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.572495][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[  527.599211][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  527.617516][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  527.633535][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  527.644957][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  527.652967][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  527.661402][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  527.675130][ T6047] device veth0_vlan entered promiscuous mode
[  527.709022][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  527.719086][ T6047] device veth1_macvtap entered promiscuous mode
[  527.733748][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  527.747714][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  527.780704][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.821516][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.870281][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.895876][T12729] udevd[12729]: symlink '../../loop7' '/dev/disk/by-label/syzkaller.tmp-b7:7' failed: Read-only file system
[  527.927118][   T49] device bridge_slave_1 left promiscuous mode
[  527.933098][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  527.947312][   T49] device bridge_slave_0 left promiscuous mode
[  527.968436][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.988152][   T49] device veth1_macvtap left promiscuous mode
[  528.005524][   T49] device veth0_vlan left promiscuous mode
[  528.253757][ T6115] bridge0: port 1(bridge_slave_0) entered blocking state
[  528.260767][ T6115] bridge0: port 1(bridge_slave_0) entered disabled state
[  528.269056][ T6115] device bridge_slave_0 entered promiscuous mode
[  528.276768][ T6115] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.283905][ T6115] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.291379][ T6115] device bridge_slave_1 entered promiscuous mode
[  528.355182][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  528.362966][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  528.372516][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  528.380808][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  528.389197][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[  528.396186][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[  528.403717][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  528.413125][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  528.421802][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  528.429971][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.436833][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[  528.452509][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  528.461773][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  528.479648][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  528.492394][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  528.500703][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  528.508069][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  528.519289][ T6115] device veth0_vlan entered promiscuous mode
[  528.530954][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  528.540300][ T6115] device veth1_macvtap entered promiscuous mode
[  528.559412][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  528.567841][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  528.583659][ T6123] overlayfs: failed to clone lowerpath
[  528.643198][   T24] kauditd_printk_skb: 77 callbacks suppressed
[  528.643215][   T24] audit: type=1400 audit(2000000391.423:91385): avc:  denied  { write } for  pid=6132 comm="syz.8.17011" path="socket:[145085]" dev="sockfs" ino=145085 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  528.679200][   T24] audit: type=1400 audit(2000000391.451:91386): avc:  denied  { setopt } for  pid=6134 comm="syz.0.17012" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  528.802830][ T6149] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  528.827073][ T6151] overlayfs: failed to clone upperpath
[  528.900492][ T6153] syz.2.17020[6153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  528.900547][ T6153] syz.2.17020[6153] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  528.968492][   T24] audit: type=1326 audit(2000000391.723:91387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6154 comm="syz.2.17021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  529.003238][   T24] audit: type=1326 audit(2000000391.723:91388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6154 comm="syz.2.17021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  529.027110][   T24] audit: type=1326 audit(2000000391.723:91389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6154 comm="syz.2.17021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  529.050688][   T24] audit: type=1326 audit(2000000391.723:91390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6154 comm="syz.2.17021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  529.074591][   T24] audit: type=1326 audit(2000000391.723:91391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6154 comm="syz.2.17021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  529.355908][T12981] Bluetooth: hci0: command 0x1003 tx timeout
[  529.361827][ T5658] Bluetooth: hci0: sending frame failed (-49)
[  529.538000][   T49] device bridge_slave_1 left promiscuous mode
[  529.544047][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.551606][   T49] device bridge_slave_0 left promiscuous mode
[  529.557600][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.565718][   T49] device veth1_macvtap left promiscuous mode
[  529.571745][   T49] device veth0_vlan left promiscuous mode
[  529.714393][ T6179] netlink: 'syz.8.17031': attribute type 13 has an invalid length.
[  529.766807][ T6179] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.773859][ T6179] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.803874][ T6181] device wireguard0 entered promiscuous mode
[  529.857664][   T24] audit: type=1400 audit(2000000392.555:91392): avc:  denied  { relabelto } for  pid=6185 comm="syz.8.17033" name="" dev="pipefs" ino=145655 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:systemd_logind_var_run_t:s0"
[  530.151401][ T6223] device wireguard0 entered promiscuous mode
[  530.268726][ T6231] netlink: 'syz.8.17053': attribute type 27 has an invalid length.
[  530.292743][ T6231] bridge0: port 1(bridge_slave_0) entered blocking state
[  530.299660][ T6231] bridge0: port 1(bridge_slave_0) entered forwarding state
[  530.308115][ T6231] bridge0: port 2(bridge_slave_1) entered blocking state
[  530.314950][ T6231] bridge0: port 2(bridge_slave_1) entered forwarding state
[  530.329424][ T6231] device veth0_vlan left promiscuous mode
[  530.335507][ T6231] device veth0_vlan entered promiscuous mode
[  530.342926][ T6231] device veth1_macvtap left promiscuous mode
[  530.349929][ T6231] device veth1_macvtap entered promiscuous mode
[  530.356713][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  530.364436][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  530.372243][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  530.380641][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  530.389571][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  530.398623][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  530.407015][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  530.415725][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  530.425694][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  530.434889][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  530.443514][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  530.451795][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  530.459897][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  530.471763][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  530.482121][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  530.491549][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  530.499812][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  530.507895][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  530.516111][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  531.579740][T12975] Bluetooth: hci0: command 0x1001 tx timeout
[  531.585683][ T5658] Bluetooth: hci0: sending frame failed (-49)
[  532.359904][ T6274] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6274 comm=syz.8.17069
[  532.972752][   T24] audit: type=1326 audit(2000000395.473:91393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.8.17076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25de041169 code=0x7ffc0000
[  533.042544][   T24] audit: type=1326 audit(2000000395.502:91394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6289 comm="syz.8.17076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f25de041169 code=0x7ffc0000
[  533.386366][ T6308] syz.6.17085[6308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  533.386438][ T6308] syz.6.17085[6308] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  533.405144][ T6309] netlink: 12 bytes leftover after parsing attributes in process `syz.8.17084'.
[  533.635571][ T6332] overlayfs: missing 'lowerdir'
[  533.810298][ T6238] Bluetooth: hci0: command 0x1009 tx timeout
[  534.392030][   T24] kauditd_printk_skb: 34 callbacks suppressed
[  534.392044][   T24] audit: type=1326 audit(2000000396.802:91429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.424887][   T24] audit: type=1326 audit(2000000396.830:91430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.448843][   T24] audit: type=1326 audit(2000000396.830:91431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.511365][   T24] audit: type=1326 audit(2000000396.830:91432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.578672][ T6390] netlink: 'syz.6.17121': attribute type 27 has an invalid length.
[  534.601238][   T24] audit: type=1326 audit(2000000396.830:91433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.659529][ T6390] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.666750][ T6390] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.707097][   T24] audit: type=1326 audit(2000000396.830:91434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.784070][   T24] audit: type=1326 audit(2000000396.886:91435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.834739][ T6393] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  534.851384][   T24] audit: type=1326 audit(2000000396.886:91436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.906711][ T6393] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.913575][ T6393] bridge0: port 1(bridge_slave_0) entered forwarding state
[  534.914673][   T24] audit: type=1326 audit(2000000396.886:91437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  534.964858][ T6393] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.971744][ T6393] bridge0: port 2(bridge_slave_1) entered forwarding state
[  534.974304][   T24] audit: type=1326 audit(2000000396.886:91438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6378 comm="syz.2.17117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5766f53169 code=0x7ffc0000
[  535.055801][ T6393] device veth0_vlan left promiscuous mode
[  535.085786][ T6393] device veth0_vlan entered promiscuous mode
[  535.096180][ T6404] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[  535.103412][ T6393] device veth1_macvtap left promiscuous mode
[  535.109231][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:8' failed: Read-only file system
[  535.123889][ T6404] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  535.129843][ T6393] device veth1_macvtap entered promiscuous mode
[  535.140145][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  535.150450][ T6404] F2FS-fs (loop8): invalid crc value
[  535.156372][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  535.172195][ T6404] F2FS-fs (loop8): Found nat_bits in checkpoint
[  535.185472][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  535.203755][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  535.212205][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  535.220733][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  535.229083][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  535.237404][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  535.245514][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  535.253946][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  535.262441][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  535.270769][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  535.279165][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  535.287752][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  535.295854][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  535.304143][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  535.312016][ T6404] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  535.312358][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  535.327288][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  535.337393][  T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  535.341434][ T6404] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  535.385798][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  535.427209][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:8' failed: Read-only file system
[  535.467397][ T6115] attempt to access beyond end of device
[  535.467397][ T6115] loop8: rw=2049, want=45104, limit=40427
[  535.614500][ T6422] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6422 comm=syz.2.17135
[  535.727159][ T6236] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  536.047863][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  536.096395][ T6437] netlink: 96 bytes leftover after parsing attributes in process `syz.8.17141'.
[  536.892580][T13981] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  536.900502][T13981] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  536.988585][T12968] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  537.245172][T12968] usb 7-1: Using ep0 maxpacket: 16
[  537.255919][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  537.373505][T12968] usb 7-1: config 1 interface 0 altsetting 254 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  537.386886][T12968] usb 7-1: config 1 interface 0 has no altsetting 0
[  537.469822][T12968] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  537.482245][T12968] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  537.499292][T12968] usb 7-1: SerialNumber: syz
[  537.918849][T12968] cdc_ether: probe of 7-1:1.0 failed with error -71
[  537.946988][T12968] usb 7-1: USB disconnect, device number 23
[  538.542879][ T6550] netlink: 8 bytes leftover after parsing attributes in process `syz.6.17191'.
[  538.915852][ T6564] x_tables: duplicate underflow at hook 4
[  539.481038][ T6605] 9pnet: p9_errstr2errno: server reported unknown error e_free
[  539.692152][ T6622] netlink: 'syz.3.17223': attribute type 13 has an invalid length.
[  539.784428][   T24] kauditd_printk_skb: 10619 callbacks suppressed
[  539.784444][   T24] audit: type=1400 audit(2000000401.844:102058): avc:  denied  { map } for  pid=6629 comm="syz.2.17226" path="socket:[146268]" dev="sockfs" ino=146268 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  539.841595][   T24] audit: type=1400 audit(2000000401.844:102059): avc:  denied  { read accept } for  pid=6629 comm="syz.2.17226" path="socket:[146268]" dev="sockfs" ino=146268 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  539.992194][ T6644] device wireguard0 entered promiscuous mode
[  540.057285][   T24] audit: type=1326 audit(2000000402.105:102060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6652 comm="syz.6.17236" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f57aa12a169 code=0x0
[  540.643050][   T24] audit: type=1326 audit(2000000402.648:102061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.3.17242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098341f169 code=0x7ffc0000
[  540.671384][   T24] audit: type=1326 audit(2000000402.676:102062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.3.17242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f098341f169 code=0x7ffc0000
[  540.696731][   T24] audit: type=1326 audit(2000000402.676:102063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6666 comm="syz.3.17242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098341f169 code=0x7ffc0000
[  540.721964][ T6671] EXT4-fs (loop8): Ignoring removed mblk_io_submit option
[  540.735020][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  540.757602][ T6671] EXT4-fs (loop8): mounted filesystem without journal. Opts: mblk_io_submit,auto_da_alloc,,errors=continue
[  540.762897][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  540.809210][ T9340] udevd[9340]: symlink '../../loop3' '/dev/disk/by-label/\x86\x5b.tmp-b7:3' failed: Read-only file system
[  540.822575][   T24] audit: type=1400 audit(2000000402.816:102064): avc:  denied  { remount } for  pid=6670 comm="syz.8.17243" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  540.830085][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  540.846137][ T6675] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  540.857391][ T6671] EXT4-fs (loop8): re-mounted. Opts: (null)
[  540.867797][ T6675] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  540.872430][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/\x86\x5b.tmp-b7:3' failed: Read-only file system
[  540.877010][ T6675] EXT4-fs (loop3): 1 truncate cleaned up
[  540.892449][ T6675] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,usrjquota="data=ordered,noload,grpid,grpjquota="init_itable,jqfmt=vfsold,noblock_validity,,errors=continue
[  540.921720][   T24] audit: type=1400 audit(2000000402.901:102065): avc:  denied  { getattr } for  pid=6680 comm="syz.2.17245" name="/" dev="dax" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  540.959614][ T9340] udevd[9340]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  540.977058][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/\x86\x5b.tmp-b7:3' failed: Read-only file system
[  541.029258][ T6693] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  541.072148][   T24] audit: type=1326 audit(2000000403.041:102066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.3.17251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098341f169 code=0x7ffc0000
[  541.112286][   T24] audit: type=1326 audit(2000000403.041:102067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.3.17251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098341f169 code=0x7ffc0000
[  541.172022][ T6707] netlink: 96 bytes leftover after parsing attributes in process `syz.0.17256'.
[  541.211994][ T6713] device lo entered promiscuous mode
[  541.220406][ T6712] device lo left promiscuous mode
[  541.340134][ T6731] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6731 comm=syz.8.17268
[  541.398339][ T6737] syz.8.17270[6737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  541.398435][ T6737] syz.8.17270[6737] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  541.585587][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  541.608189][ T6719] F2FS-fs (loop3): invalid crc value
[  541.618771][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  541.633646][ T6719] F2FS-fs (loop3): Found nat_bits in checkpoint
[  541.667960][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  541.732744][ T6719] F2FS-fs (loop3): Start checkpoint disabled!
[  541.745995][ T6719] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  541.759723][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system
[  541.953195][ T6745] F2FS-fs (loop8): Found nat_bits in checkpoint
[  542.012761][ T6745] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  542.068111][ T6783] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  542.120865][ T6783] EXT4-fs (loop3): 1 truncate cleaned up
[  542.130839][ T6783] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,inlinecrypt,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[  542.272586][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17293'.
[  542.283778][ T6796] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  542.470328][ T6816] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  542.482393][ T6816] EXT4-fs (loop8): Online resizing not supported with bigalloc
[  542.536348][ T6826] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6826 comm=syz.0.17306
[  542.909357][ T6866] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6866 comm=syz.3.17324
[  542.923762][ T6866] device ipip0 entered promiscuous mode
[  543.227599][ T6900] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  543.777761][ T6984] device syzkaller0 entered promiscuous mode
[  543.806975][ T6979] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  543.970406][ T7016] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  544.035447][ T7029] netlink: 44 bytes leftover after parsing attributes in process `syz.0.17400'.
[  544.168298][ T7048] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=7048 comm=syz.0.17407
[  544.184671][ T7048] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=7048 comm=syz.0.17407
[  544.376229][T12967] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  544.760748][T12967] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.942867][T12967] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  544.954953][T12967] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.975492][T12967] usb 4-1: Product: syz
[  544.989563][T12967] usb 4-1: Manufacturer: syz
[  544.994217][T12967] usb 4-1: SerialNumber: syz
[  545.135277][   T24] kauditd_printk_skb: 2736 callbacks suppressed
[  545.135293][   T24] audit: type=1326 audit(2000000406.857:104804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.200256][ T7117] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17438'.
[  545.220446][   T24] audit: type=1326 audit(2000000406.857:104805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.299316][   T24] audit: type=1326 audit(2000000406.857:104806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.325018][   T24] audit: type=1326 audit(2000000406.857:104807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.349258][   T24] audit: type=1326 audit(2000000406.857:104808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.373575][   T24] audit: type=1326 audit(2000000406.857:104809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.406849][   T24] audit: type=1326 audit(2000000406.857:104810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.430964][   T24] audit: type=1326 audit(2000000406.857:104811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.456540][   T24] audit: type=1326 audit(2000000406.857:104812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.502149][   T24] audit: type=1326 audit(2000000406.857:104813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7080 comm="syz.2.17422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5766eef359 code=0x7ffc0000
[  545.602786][ T7141] overlayfs: failed to clone upperpath
[  545.905320][ T7176] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7176 comm=syz.2.17464
[  546.079570][ T7197] netlink: 96 bytes leftover after parsing attributes in process `syz.2.17473'.
[  546.225401][T12967] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  546.231787][T12968] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  546.239297][T12967] cdc_ncm 4-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  546.250115][T12967] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  546.274707][ T7215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17482'.
[  546.284136][ T7215] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  546.389371][ T7232] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17490'.
[  546.518862][ T7244] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17495'.
[  546.680955][T12967] cdc_ncm 4-1:1.0: setting tx_max = 88
[  546.687983][T12967] cdc_ncm 4-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM, 42:42:42:42:42:42
[  546.700669][T12967] usb 4-1: USB disconnect, device number 69
[  546.706932][T12967] cdc_ncm 4-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM
[  546.781472][T12968] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  546.792725][T12968] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  546.949712][ T7264] netlink: 'syz.0.17502': attribute type 6 has an invalid length.
[  546.984437][T12968] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  546.997437][T12968] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.005371][T12968] usb 7-1: Product: syz
[  547.010364][T12968] usb 7-1: Manufacturer: syz
[  547.025733][T12968] usb 7-1: SerialNumber: syz
[  547.048519][ T7179] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  547.607375][ T7329] device wireguard0 entered promiscuous mode
[  547.661156][ T7336] 9pnet: p9_fd_create_tcp (7336): problem connecting socket to 127.0.0.1
[  547.709813][ T7344] incfs: Error accessing: ./bus.
[  547.719375][ T7344] incfs: mount failed -20
[  547.833749][ T7363] x_tables: duplicate underflow at hook 4
[  548.004637][ T7381] SELinux: security_context_str_to_sid(u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  548.235180][T12968] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  548.241552][T12968] cdc_ncm 7-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  548.253063][T12968] cdc_ncm 7-1:1.0: setting rx_max = 2048
[  548.325498][ T7405] device ipip1 entered promiscuous mode
[  548.459878][T12968] cdc_ncm 7-1:1.0: setting tx_max = 56
[  548.707054][T12968] cdc_ncm 7-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM, 42:42:42:42:42:42
[  548.719173][T12968] usb 7-1: USB disconnect, device number 24
[  548.725294][T12968] cdc_ncm 7-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM
[  548.901024][ T7445] syz.3.17583[7445] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  548.901075][ T7445] syz.3.17583[7445] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  548.945610][ T7449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17585'.
[  548.966340][ T7449] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  549.246783][ T7455] netlink: 'syz.6.17587': attribute type 13 has an invalid length.
[  549.332285][ T7466] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	•
[  549.383919][ T7470] overlayfs: failed to clone upperpath
[  549.394919][ T7455] bridge0: port 2(bridge_slave_1) entered disabled state
[  549.401915][ T7455] bridge0: port 1(bridge_slave_0) entered disabled state
[  549.417124][ T7472] netlink: 20 bytes leftover after parsing attributes in process `syz.3.17596'.
[  549.672287][ T7493] device vlan2 entered promiscuous mode
[  549.754927][ T7508] netlink: 96 bytes leftover after parsing attributes in process `syz.0.17613'.
[  549.780322][ T7504] EXT4-fs (loop3): Ignoring removed bh option
[  549.786006][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  549.799168][ T7504] EXT4-fs (loop3): Ignoring removed nobh option
[  549.809494][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  549.821052][ T7504] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  549.837012][ T7514] blk_update_request: I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  549.848621][ T7514] FAT-fs (loop17): unable to read boot sector
[  549.876193][ T7504] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,data_err=abort,bh,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,usrjquota=,dioread_nolock,dioread_nolock,,errors=continue
[  549.910580][T12729] udevd[12729]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  549.919463][ T7527] netlink: 72 bytes leftover after parsing attributes in process `syz.8.17620'.
[  549.940090][ T7504] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3342: comm syz.3.17610: Allocating blocks 497-513 which overlap fs metadata
[  549.954585][ T7504] EXT4-fs (loop3): pa ffff88810ff60738: logic 128, phys. 385, len 8
[  549.958755][ T7527] netlink: 260 bytes leftover after parsing attributes in process `syz.8.17620'.
[  549.962583][ T7504] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1
[  550.050561][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  550.139875][ T7539] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue
[  550.150075][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  550.178333][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  550.245844][T12729] udevd[12729]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  550.437874][ T7575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17640'.
[  550.502246][   T24] kauditd_printk_skb: 1565 callbacks suppressed
[  550.502260][   T24] audit: type=1326 audit(2000000411.871:106379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.543750][   T24] audit: type=1326 audit(2000000411.908:106380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.567632][   T24] audit: type=1326 audit(2000000411.908:106381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.602941][   T24] audit: type=1326 audit(2000000411.908:106382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.632856][   T24] audit: type=1326 audit(2000000411.908:106383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.658411][   T24] audit: type=1326 audit(2000000411.908:106384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.682739][   T24] audit: type=1326 audit(2000000411.908:106385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.732617][   T24] audit: type=1326 audit(2000000411.908:106386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.756875][   T24] audit: type=1326 audit(2000000411.955:106387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.781354][T28771] ------------[ cut here ]------------
[  550.786738][T28771] WARNING: CPU: 0 PID: 28771 at fs/inode.c:304 drop_nlink+0xc1/0x110
[  550.809775][T28771] Modules linked in:
[  550.820617][T28771] CPU: 0 PID: 28771 Comm: syz-executor Tainted: G        W         5.10.234-syzkaller-00033-g094fc3778d6b #0
[  550.841200][T28771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  550.853940][   T24] audit: type=1326 audit(2000000411.955:106388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.6.17644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57aa12a169 code=0x7ffc0000
[  550.879204][T28771] RIP: 0010:drop_nlink+0xc1/0x110
[  550.884413][T28771] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 67 cb f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 0f 2a b3 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[  550.897482][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  550.918564][T28771] RSP: 0018:ffffc90000be7cc0 EFLAGS: 00010293
[  550.924623][T28771] RAX: ffffffff81b79541 RBX: 0000000000000000 RCX: ffff88810c0513c0
[  550.933282][T28771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  550.938229][ T7609] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  550.941299][T28771] RBP: ffffc90000be7ce8 R08: ffffffff81b794c4 R09: 0000000000000003
[  550.941309][T28771] R10: fffff5200017cf88 R11: dffffc0000000001 R12: dffffc0000000000
[  550.941318][T28771] R13: 1ffff1102386a755 R14: ffff88811c353a60 R15: ffff88811c353aa8
[  550.941330][T28771] FS:  000055558eca3500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  550.941338][T28771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  550.941346][T28771] CR2: 00007f25de0245a0 CR3: 0000000116e64000 CR4: 00000000003506a0
[  550.941365][T28771] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  551.006237][T28771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  551.015050][T28771] Call Trace:
[  551.018095][T28771]  ? show_regs+0x58/0x60
[  551.022179][T28771]  ? __warn+0x160/0x2f0
[  551.026300][T28771]  ? drop_nlink+0xc1/0x110
[  551.030553][T28771]  ? report_bug+0x3d9/0x5b0
[  551.034984][T28771]  ? drop_nlink+0xc1/0x110
[  551.039368][T28771]  ? handle_bug+0x41/0x70
[  551.043548][T28771]  ? exc_invalid_op+0x1b/0x50
[  551.048310][T28771]  ? asm_exc_invalid_op+0x12/0x20
[  551.053371][T28771]  ? drop_nlink+0x44/0x110
[  551.057685][T28771]  ? drop_nlink+0xc1/0x110
[  551.061872][T28771]  ? drop_nlink+0xc1/0x110
[  551.066137][T28771]  shmem_rmdir+0x59/0x90
[  551.070365][T28771]  vfs_rmdir+0x2b7/0x3f0
[  551.074531][T28771]  incfs_kill_sb+0x108/0x220
[  551.079016][T28771]  deactivate_locked_super+0xad/0x110
[  551.084166][T28771]  deactivate_super+0xbe/0xf0
[  551.088835][T28771]  cleanup_mnt+0x45c/0x510
[  551.093405][T28771]  __cleanup_mnt+0x19/0x20
[  551.097724][T28771]  task_work_run+0x129/0x190
[  551.097847][ T7609] EXT4-fs (loop8): 1 truncate cleaned up
[  551.107730][ T7609] EXT4-fs (loop8): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,inlinecrypt,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[  551.108978][T28771]  exit_to_user_mode_loop+0xbf/0xd0
[  551.139284][T28771]  syscall_exit_to_user_mode+0xa2/0x1a0
[  551.145086][T28771]  do_syscall_64+0x40/0x70
[  551.149340][T28771]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  551.155255][T28771] RIP: 0033:0x7f0983420497
[  551.159497][T28771] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  551.162686][T12729] udevd[12729]: symlink '../../loop8' '/dev/disk/by-label/syzkaller.tmp-b7:8' failed: Read-only file system
[  551.179181][T28771] RSP: 002b:00007ffffc9e07c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  551.198821][T28771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0983420497
[  551.206875][T28771] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffffc9e0880
[  551.215172][T28771] RBP: 00007ffffc9e0880 R08: 0000000000000000 R09: 0000000000000000
[  551.223232][T28771] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffffc9e1910
[  551.231067][T28771] R13: 00007f09834a008c R14: 00000000000800f3 R15: 00007ffffc9e1950
[  551.239721][T28771] ---[ end trace 9357d56d82128722 ]---
[  551.245255][T28771] ==================================================================
[  551.253158][T28771] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  551.259203][T28771] Write of size 4 at addr 0000000000000170 by task syz-executor/28771
[  551.267180][T28771] 
[  551.269359][T28771] CPU: 0 PID: 28771 Comm: syz-executor Tainted: G        W         5.10.234-syzkaller-00033-g094fc3778d6b #0
[  551.280737][T28771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  551.290738][T28771] Call Trace:
[  551.293868][T28771]  dump_stack_lvl+0x1e2/0x24b
[  551.298368][T28771]  ? panic+0x812/0x812
[  551.302290][T28771]  ? bfq_pos_tree_add_move+0x43b/0x43b
[  551.307574][T28771]  ? __kasan_check_write+0x14/0x20
[  551.312517][T28771]  ? _raw_spin_lock+0xa4/0x1b0
[  551.317128][T28771]  ? _raw_spin_trylock_bh+0x190/0x190
[  551.322322][T28771]  kasan_report+0x167/0x1c0
[  551.326670][T28771]  ? ihold+0x20/0x60
[  551.330394][T28771]  ? ihold+0x20/0x60
[  551.334130][T28771]  kasan_check_range+0x293/0x2a0
[  551.338903][T28771]  __kasan_check_write+0x14/0x20
[  551.343670][T28771]  ihold+0x20/0x60
[  551.347230][T28771]  vfs_rmdir+0x200/0x3f0
[  551.351310][T28771]  incfs_kill_sb+0x108/0x220
[  551.355738][T28771]  deactivate_locked_super+0xad/0x110
[  551.360949][T28771]  deactivate_super+0xbe/0xf0
[  551.365462][T28771]  cleanup_mnt+0x45c/0x510
[  551.369714][T28771]  __cleanup_mnt+0x19/0x20
[  551.373972][T28771]  task_work_run+0x129/0x190
[  551.378389][T28771]  exit_to_user_mode_loop+0xbf/0xd0
[  551.383426][T28771]  syscall_exit_to_user_mode+0xa2/0x1a0
[  551.388814][T28771]  do_syscall_64+0x40/0x70
[  551.393066][T28771]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  551.398789][T28771] RIP: 0033:0x7f0983420497
[  551.403048][T28771] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  551.422481][T28771] RSP: 002b:00007ffffc9e07c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  551.430725][T28771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0983420497
[  551.438686][T28771] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffffc9e0880
[  551.446489][T28771] RBP: 00007ffffc9e0880 R08: 0000000000000000 R09: 0000000000000000
[  551.454390][T28771] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffffc9e1910
[  551.462193][T28771] R13: 00007f09834a008c R14: 00000000000800f3 R15: 00007ffffc9e1950
[  551.470009][T28771] ==================================================================
[  551.477896][T28771] Disabling lock debugging due to kernel taint
[  551.491525][T28771] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  551.499165][T28771] #PF: supervisor write access in kernel mode
[  551.505067][T28771] #PF: error_code(0x0002) - not-present page
[  551.510889][T28771] PGD 112ec0067 P4D 112ec0067 PUD 0 
[  551.516019][T28771] Oops: 0002 [#1] PREEMPT SMP KASAN
[  551.521040][T28771] CPU: 1 PID: 28771 Comm: syz-executor Tainted: G    B   W         5.10.234-syzkaller-00033-g094fc3778d6b #0
[  551.532522][T28771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  551.542418][T28771] RIP: 0010:ihold+0x25/0x60
[  551.546751][T28771] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 21 22 b3 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 50 c3 f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 a4 25 b3
[  551.566228][T28771] RSP: 0018:ffffc90000be7d00 EFLAGS: 00010246
[  551.572090][T28771] RAX: ffff88810c051300 RBX: 0000000000000001 RCX: ffff88810c0513c0
[  551.579936][T28771] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[  551.587713][T28771] RBP: ffffc90000be7d10 R08: ffffffff813e2b8b R09: 0000000000000003
[  551.595525][T28771] R10: fffffbfff0e11248 R11: dffffc0000000001 R12: dffffc0000000000
[  551.603335][T28771] R13: ffff88813f348550 R14: 0000000000000000 R15: 0000000000000000
[  551.611149][T28771] FS:  000055558eca3500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  551.619913][T28771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  551.626338][T28771] CR2: 0000000000000170 CR3: 0000000116e64000 CR4: 00000000003506a0
[  551.634149][T28771] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  551.641957][T28771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  551.649776][T28771] Call Trace:
[  551.652905][T28771]  ? __die_body+0x62/0xb0
[  551.657065][T28771]  ? __die+0x7e/0x90
[  551.660795][T28771]  ? no_context+0x9f9/0xd20
[  551.665140][T28771]  ? is_prefetch+0x5c0/0x5c0
[  551.669559][T28771]  ? preempt_schedule+0xd9/0xe0
[  551.674246][T28771]  ? __kasan_check_read+0x11/0x20
[  551.679114][T28771]  ? preempt_schedule_common+0xbe/0xf0
[  551.684402][T28771]  ? preempt_schedule+0xd9/0xe0
[  551.689100][T28771]  ? schedule_preempt_disabled+0x20/0x20
[  551.694558][T28771]  ? sysvec_apic_timer_interrupt+0xcb/0xe0
[  551.700198][T28771]  ? __bad_area_nosemaphore+0xc4/0x430
[  551.705493][T28771]  ? bad_area_nosemaphore+0x2d/0x40
[  551.710525][T28771]  ? exc_page_fault+0x3df/0x5b0
[  551.715221][T28771]  ? asm_exc_page_fault+0x1e/0x30
[  551.720081][T28771]  ? check_panic_on_warn+0x5b/0xb0
[  551.725027][T28771]  ? ihold+0x25/0x60
[  551.728753][T28771]  vfs_rmdir+0x200/0x3f0
[  551.732835][T28771]  incfs_kill_sb+0x108/0x220
[  551.737258][T28771]  deactivate_locked_super+0xad/0x110
[  551.742471][T28771]  deactivate_super+0xbe/0xf0
[  551.746986][T28771]  cleanup_mnt+0x45c/0x510
[  551.751231][T28771]  __cleanup_mnt+0x19/0x20
[  551.755485][T28771]  task_work_run+0x129/0x190
[  551.759916][T28771]  exit_to_user_mode_loop+0xbf/0xd0
[  551.764947][T28771]  syscall_exit_to_user_mode+0xa2/0x1a0
[  551.770325][T28771]  do_syscall_64+0x40/0x70
[  551.774579][T28771]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  551.780302][T28771] RIP: 0033:0x7f0983420497
[  551.784559][T28771] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  551.803997][T28771] RSP: 002b:00007ffffc9e07c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  551.812242][T28771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0983420497
[  551.820053][T28771] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffffc9e0880
[  551.827865][T28771] RBP: 00007ffffc9e0880 R08: 0000000000000000 R09: 0000000000000000
[  551.835675][T28771] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffffc9e1910
[  551.843574][T28771] R13: 00007f09834a008c R14: 00000000000800f3 R15: 00007ffffc9e1950
[  551.851387][T28771] Modules linked in:
[  551.855131][T28771] CR2: 0000000000000170
[  551.859124][T28771] ---[ end trace 9357d56d82128723 ]---
[  551.864419][T28771] RIP: 0010:ihold+0x25/0x60
[  551.868751][T28771] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 21 22 b3 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 50 c3 f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 a4 25 b3
[  551.888188][T28771] RSP: 0018:ffffc90000be7d00 EFLAGS: 00010246
[  551.894087][T28771] RAX: ffff88810c051300 RBX: 0000000000000001 RCX: ffff88810c0513c0
[  551.901905][T28771] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[  551.909712][T28771] RBP: ffffc90000be7d10 R08: ffffffff813e2b8b R09: 0000000000000003
[  551.917524][T28771] R10: fffffbfff0e11248 R11: dffffc0000000001 R12: dffffc0000000000
[  551.925334][T28771] R13: ffff88813f348550 R14: 0000000000000000 R15: 0000000000000000
[  551.933156][T28771] FS:  000055558eca3500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  551.941912][T28771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  551.948337][T28771] CR2: 0000000000000170 CR3: 0000000116e64000 CR4: 00000000003506a0
[  551.956148][T28771] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  551.963953][T28771] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  551.971784][T28771] Kernel panic - not syncing: Fatal exception
[  551.977872][T28771] Kernel Offset: disabled
[  551.982009][T28771] Rebooting in 86400 seconds..