last executing test programs:

1m50.687216577s ago: executing program 1 (id=885):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000280)='./file2\x00', 0x1008, &(0x7f0000000240)=ANY=[@ANYRES8=r1], 0x0, 0x1ce, &(0x7f0000000800)="$eJzslc+q00AUxr+Z1KQVn8CNCy94XZgmqYqbC3XjyoXgn+JCsNi0VFMrbRa2IOITuHfnwscQ6taHkCqIguhGXY/MnyRjaYTW1iw8P+jJN5npmTNn4AsIgvhv+fD+51L8OPpUB3ACB/DM+89OsYZb69/Vvz15c/VK5/mdV2+9pd/4PZu38f41AIvLDlIzFkIIe/7APG+A5/omOM4a3QGDb/RdcNwyOgbDbaPvW3os1/t+f5jE/r1x0pMikCGUIZKhtVrf12cMPas+Zs1PZ/MH3SSJJ3sU6zu3+JLXVweOrPrs+/Khqw2s/oXgCI1ugeG60ZfgZb3RLbHOf7JW5Hf+eH4Xf3nsjwCKN/19dtaVW231d4D9k7vfs3CgRHajldezc4HazhIKD6j6OCXidVvfX17qUz3eLE+7ZMrdMI/pfO6f4iXDGcuftJW8UB+LZjp61JzO5ueGo+4gHsQPo6h1MTgfBBeipjIiHddboMrfUP50vMjfKFvrMhePu2k6CXXMx5GO6xyXK//jODyNY3Is3dRdyfsdQLYpMz+unlIdOqXFEwRBVMgpMOXJypczYb4m+YQQ0bWK6yQIgiAIgiAIgiAIYnt+BQAA//9We18t")
r2 = fspick(0xffffffffffffff9c, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_XCRS(r4, 0x4188aea7, &(0x7f0000000040)={0xb, 0x0, [{0x1, 0x0, 0x1}, {0x6a5e, 0x0, 0x80000006}, {0x20008, 0x0, 0x31}, {0x3, 0x0, 0x549200e6}, {0xfffffff8, 0x0, 0xffffffffffffffff}, {0x3ff, 0x0, 0x2}, {0x3, 0x0, 0x2}, {0x5, 0x0, 0x7fff}, {0x2, 0x0, 0x6}, {0x8, 0x0, 0x18cdd92b}, {0x8, 0x0, 0x10}, {0x7f, 0x0, 0xffbfffffffff610c}, {0x6, 0x0, 0x1}, {0x3, 0x0, 0xa}, {0xfffffff7, 0x0, 0x9}, {0x3, 0x0, 0x4}]})

1m50.395536136s ago: executing program 1 (id=887):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

1m50.395423346s ago: executing program 1 (id=888):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x10000, &(0x7f0000000d40)=ANY=[@ANYRES16=0x0], 0xfe, 0x2b7, &(0x7f0000001340)="$eJzs3T9vW1UUAPDzHPvFJUMyMCEk3tCBhajpyoArFCREJpAH/khQ0VaqYqtSLFkqIKxOfAIGBr4HGzsSC98AiQ/ARoUqXfT8Xmxju3ad4hSlv9+Sq3PP8T3X7yUerHfzxev90zsPBvceffN7tNtZNDrRicdZHEQjzqVaAABXwuOU4s8Lfb43G9vqCQDYrpnP/9ZTUnYXQ+9suy0AYIs++viTD26dnBx/WBTtiP53w24W1c9q/ta9uB+9uBs3Yj+eTL8LSKkav/f+yXE0i9JBXO+Pht2ysv/5r5PUPMb1R7EfB8vrj4rKTP1o2G3FK7uRZRH3O2UjN2M/Xl2oL+ePby6pj24eb7brTZbrH8Z+/PZlPIhe3Bl/pzFd/9s8infT9399/WmZXNZno2F3d5w3lXYu+9oAAAAAAAAAAAAAAAAAAAAAAHB1HRYTB3G9X4bq83d2noznD/81Pz5fpzGer+qziHw8mDsfaJTix/PzdW4URZGyKn9yvs+1ZrzWjOYL2zgAAAAAAAAAAAAAAAAAAAD8jwwefnV6u9e7e/afDOqH/CeP9V/0dTozkTdidfLuRmvFTp1e9jqfc/TLZ/1JpNzERZoftoqIVT23FiLXyn7Wv/LfKaWUZRHPd5laz7LWmsHe6pzyDf75h723Tm9n697D9vmF+2l2Ko+zwcO5axrZJh2mjW6/fEVOXt8xz/Q6e8/5S/T2H9VidSRbs4vWTKRVD+Jpt197o/v58v4GAQAAAAAAAAAAAAAAAAAAlelDv0smH60sbWytKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ZNP//z8dxEJkbjCqi5fnpJRGk0geZ4MXvEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeAv8EAAD//yiCbKI=")
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000000))

1m50.295022046s ago: executing program 1 (id=893):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000001400), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1m49.74939676s ago: executing program 1 (id=899):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$pokeuser(0x6, r0, 0x105, 0x4)

1m49.323764772s ago: executing program 1 (id=904):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x11, 0x17e, &(0x7f00000004c0)="$eJzsmL9PwkAUx793RYjGRGcXTSQBBktb1MjgwOygib/iJpFK0CIGOgibf4Wzf4EzcSHxz9BBnVxwc3KoaXvQB/4c1MT4PsO77zse17vX5NvkwDDMv+X+7un2IpW80gCMI4mEmn/QohpJ6tsTz5nryurlmfF40+6s5IfXEwA87+vPjwHoFDS4Kve8wX8n1bgB2debkMgovQ0BXeldSGwpbUNgR+kDomt+va7vVxxb36s5JV8YfjD9YPkhN7y/7qlAiexPkN8bzdZh0XHs+g+Kz/rXLUgsk/3R99XrjUH6Z0LCVDoHgXWll5Do9SZsCTn/VCxaX/vl87NgweKvicifvHOBFPGnGPGPrFs9zjaarblKtVi2y/aRZeUWjXnDWLCygRGF8QP/Gw38aYysP/JObVzEcVJ03boZxn5uhfEtx40H/ieRng1zoeYowfdgUsz4Q1pTOcMwDMMwDMMwDMMwDMMwzDcR3UlOQwS3oAPkX01Za0H1SwAAAP//eg52cw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x2000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)

1m48.885011645s ago: executing program 32 (id=904):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x11, 0x17e, &(0x7f00000004c0)="$eJzsmL9PwkAUx793RYjGRGcXTSQBBktb1MjgwOygib/iJpFK0CIGOgibf4Wzf4EzcSHxz9BBnVxwc3KoaXvQB/4c1MT4PsO77zse17vX5NvkwDDMv+X+7un2IpW80gCMI4mEmn/QohpJ6tsTz5nryurlmfF40+6s5IfXEwA87+vPjwHoFDS4Kve8wX8n1bgB2debkMgovQ0BXeldSGwpbUNgR+kDomt+va7vVxxb36s5JV8YfjD9YPkhN7y/7qlAiexPkN8bzdZh0XHs+g+Kz/rXLUgsk/3R99XrjUH6Z0LCVDoHgXWll5Do9SZsCTn/VCxaX/vl87NgweKvicifvHOBFPGnGPGPrFs9zjaarblKtVi2y/aRZeUWjXnDWLCygRGF8QP/Gw38aYysP/JObVzEcVJ03boZxn5uhfEtx40H/ieRng1zoeYowfdgUsz4Q1pTOcMwDMMwDMMwDMMwDMMwzDcR3UlOQwS3oAPkX01Za0H1SwAAAP//eg52cw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x2000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)

10.879985969s ago: executing program 2 (id=1291):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00'}, 0x18)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000040)=ANY=[], 0x0, 0x295, &(0x7f0000000140)="$eJzs3E1rK1UYAOB3mtx7a0HShVAUwRE3rkJbceGuRSqIAUUJoriw2BQlUwsNFJJFPzb6JxT/gS7dCi7EjQv/gAhSBTd2JyJE8mmaTpJaSYPe59nM4cx5z/vORztlmJ53nzyo7x029i8vk7OIJIpJbMUfEauxFIUAAP6Pfm+347d2z6JrAQDuxuTn/yOLKgkAmLP8539xfNhrvc3pXZYGAMzJv3v/7x0BAPwXvfHW269sVyo7r6fpcsTBx8fV42p3O3i078cHkUUt1qMUf0a0h3rtl16u7KynHT+vRvXgtB9/elztfT24PYjfiFKs5sUnOxtpz9X4e7HSj/9hJWqxGaV4LD//Zm78/Xj2mZH85SjF9+/FYWSxF53Yv+NPNtL0xVcraRRjJP5Bd1xX/p85vpcAAAAAAAAAAAAAAAAAAAAAAODWyulQ7vo95fKk/b347cnrAy1fXR9ofH2eYjxxbZlhAAAAAAAAAAAAAAAAAAAAeDg1mq36bpbVjqY1Pvz2868jpo9pXnx39uaMeZqtetLPOzvpvBuPPv3TJ5PHnCezz08yI0WhP8c/LOyrp8Z63inkz7M02pOc3SDFcv/szy6jMKPUby7ef/y5xtrz13cNcnR7ho2x8AdzuKb3pt1av5YicqPOb5Er7VyMYc8XncbgqO/8Nh4c9cjPV/7gtU+3dr88+fGXm8489189AAAAAAAAAAAAAAAAAADAmO6/kd/IRy/MuxYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWJRGs1XfzbLa/Wi2Possqx0NeqY1kogY9Cz1Z5octeBDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+CsAAP//3Pl/Vg==")
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

10.639150302s ago: executing program 5 (id=1294):
rmdir(0x0)
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="830300", 0x3}], 0x1}}], 0x1, 0x4004c800)
sendto$inet6(r1, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0xce}], 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYRES64=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000380)={0x1})
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff})

8.911721532s ago: executing program 5 (id=1296):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f0000000180)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r5, 0x0, 0x0, 0x4800)
creat(0x0, 0xd931d3864d39dcdb)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf2500000000f1002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)

8.208529782s ago: executing program 2 (id=1303):
mkdirat(0xffffffffffffff9c, 0x0, 0x19a)
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000002000)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)="830300", 0x3}], 0x1}}], 0x1, 0x4004c800)
sendto$inet6(r1, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
readv(r2, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0xce}], 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYRES64=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000380)={0x1})
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000380)={0x0, 0x0, 0x103ff})

7.221552419s ago: executing program 5 (id=1305):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x18)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000040)=ANY=[], 0x0, 0x295, &(0x7f0000000140)="$eJzs3E1rK1UYAOB3mtx7a0HShVAUwRE3rkJbceGuRSqIAUUJoriw2BQlUwsNFJJFPzb6JxT/gS7dCi7EjQv/gAhSBTd2JyJE8mmaTpJaSYPe59nM4cx5z/vORztlmJ53nzyo7x029i8vk7OIJIpJbMUfEauxFIUAAP6Pfm+347d2z6JrAQDuxuTn/yOLKgkAmLP8539xfNhrvc3pXZYGAMzJv3v/7x0BAPwXvfHW269sVyo7r6fpcsTBx8fV42p3O3i078cHkUUt1qMUf0a0h3rtl16u7KynHT+vRvXgtB9/elztfT24PYjfiFKs5sUnOxtpz9X4e7HSj/9hJWqxGaV4LD//Zm78/Xj2mZH85SjF9+/FYWSxF53Yv+NPNtL0xVcraRRjJP5Bd1xX/p85vpcAAAAAAAAAAAAAAAAAAAAAAODWyulQ7vo95fKk/b347cnrAy1fXR9ofH2eYjxxbZlhAAAAAAAAAAAAAAAAAAAAeDg1mq36bpbVjqY1Pvz2868jpo9pXnx39uaMeZqtetLPOzvpvBuPPv3TJ5PHnCezz08yI0WhP8c/LOyrp8Z63inkz7M02pOc3SDFcv/szy6jMKPUby7ef/y5xtrz13cNcnR7ho2x8AdzuKb3pt1av5YicqPOb5Er7VyMYc8XncbgqO/8Nh4c9cjPV/7gtU+3dr88+fGXm8489189AAAAAAAAAAAAAAAAAADAmO6/kd/IRy/MuxYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWJRGs1XfzbLa/Wi2Possqx0NeqY1kogY9Cz1Z5octeBDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+CsAAP//3Pl/Vg==")
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

7.044122297s ago: executing program 2 (id=1307):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
add_key(0x0, &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000040)={0xfffffffffffffe9c, &(0x7f0000000180)=ANY=[], 0x0, 0x0})

6.924761588s ago: executing program 4 (id=1310):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'veth0_vlan\x00', @random="0100002010ff"})

6.872168263s ago: executing program 4 (id=1311):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
userfaultfd(0x80801)

5.911739198s ago: executing program 5 (id=1313):
syz_usb_connect$cdc_ncm(0x3, 0x87, 0x0, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065b00400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)

4.915142416s ago: executing program 0 (id=1316):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x7, 0x0, 0x7ffc0002}]})
r2 = socket$tipc(0x1e, 0x5, 0x0)
listen(r2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000100000"], 0x0, 0xfa50, 0x0, 0x0, 0x0, 0x48}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

4.890970138s ago: executing program 4 (id=1317):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0}) (async)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x200, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="7f000000000000009500000000000000"], 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") (async)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x4c, 0x24, 0xe0b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1ff, 0x6, 0xfffffffd, 0x0, 0xa57, 0x32d}}}}]}, 0x4c}}, 0x0) (async)
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000040)={@rand_addr=' \x01\x00', 0x44}) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x7f, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000eb000000000000000007653d40ce1b3d9b327c3e00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)

4.867610711s ago: executing program 4 (id=1318):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x40001f9, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mount$binderfs(0x0, &(0x7f0000000040)='./binderfs\x00', 0x0, 0x42c, &(0x7f00000000c0)=ANY=[@ANYBLOB='context='])

3.976947108s ago: executing program 0 (id=1319):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000040018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x45, 0x1488, 0xffffffffffffffff, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000040000000000005081b239a78362e3e545aab9cc", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1500000006000000050000000300000002820000", @ANYRES32=r8, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32, @ANYBLOB="00000000d4af3c862d2c022bd797f9ec8b4dcbc1b2831d428b3c81d09910414ac463390aafebb6b5a25b8f3d8ee69b067a9e8af42dee49a27060a3f80f6f90d211cd1020ab58cc4f7f78cf1c889f5c7d6f8a7c5802c52d93dbe997d0caf54c688fd7cd5f20fe45ddb12335568f3b30a5d0eec7d572b9e73c0be8c526993cf0e23d4bfbdd630cb730da2b050754e3b0dacfd01b962ce17948e108d98b4f145e7a96"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r8}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r10, &(0x7f0000000d40), 0x0}, 0x20)
write$UHID_INPUT(r6, &(0x7f0000002b40)={0xe, {"a2e3ad099b0d09f91b5f2f0987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f323063090810e0879b0f0a75e70a9b334d959b669a240d5b0af3988f7ef31952010afde8d178708c523c921b1b5b07070d075b0936cd3b78130daa61d8e81a3f00005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397273ce1766769f0c91c00305d3f46635eb016d5b1dda98e2d739be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b7638354a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc3609aa24b7d520c829d095083bba2987a67399eac430d145d546a40b9f6ff14ac488ec130bb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b2860d1b3cff57d8b6d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a4f0492d48604675fde2b34cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827955e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb9754fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94e7475cb74642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd72ea4998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5ff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c58b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b50517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864af090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d885b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1a85ae7e69fd1a47a284f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cef8473b53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b344340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cccf8a97406bb5a68a1f0c4549820a73c8859dde0712ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcb7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c2e14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ec00000000000000b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a52830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec685f068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000e00f96f06817fb903729a7fb6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x942}}, 0x1006)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r11)
sendmsg$IEEE802154_ADD_IFACE(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)

3.791836967s ago: executing program 4 (id=1320):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r6=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',privport,access=', @ANYRESDEC=r6])
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)

3.732164092s ago: executing program 2 (id=1321):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x18)
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
socket$inet6(0xa, 0x80002, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000040)=ANY=[], 0x0, 0x295, &(0x7f0000000140)="$eJzs3E1rK1UYAOB3mtx7a0HShVAUwRE3rkJbceGuRSqIAUUJoriw2BQlUwsNFJJFPzb6JxT/gS7dCi7EjQv/gAhSBTd2JyJE8mmaTpJaSYPe59nM4cx5z/vORztlmJ53nzyo7x029i8vk7OIJIpJbMUfEauxFIUAAP6Pfm+347d2z6JrAQDuxuTn/yOLKgkAmLP8539xfNhrvc3pXZYGAMzJv3v/7x0BAPwXvfHW269sVyo7r6fpcsTBx8fV42p3O3i078cHkUUt1qMUf0a0h3rtl16u7KynHT+vRvXgtB9/elztfT24PYjfiFKs5sUnOxtpz9X4e7HSj/9hJWqxGaV4LD//Zm78/Xj2mZH85SjF9+/FYWSxF53Yv+NPNtL0xVcraRRjJP5Bd1xX/p85vpcAAAAAAAAAAAAAAAAAAAAAAODWyulQ7vo95fKk/b347cnrAy1fXR9ofH2eYjxxbZlhAAAAAAAAAAAAAAAAAAAAeDg1mq36bpbVjqY1Pvz2868jpo9pXnx39uaMeZqtetLPOzvpvBuPPv3TJ5PHnCezz08yI0WhP8c/LOyrp8Z63inkz7M02pOc3SDFcv/szy6jMKPUby7ef/y5xtrz13cNcnR7ho2x8AdzuKb3pt1av5YicqPOb5Er7VyMYc8XncbgqO/8Nh4c9cjPV/7gtU+3dr88+fGXm8489189AAAAAAAAAAAAAAAAAADAmO6/kd/IRy/MuxYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWJRGs1XfzbLa/Wi2Possqx0NeqY1kogY9Cz1Z5octeBDBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA+CsAAP//3Pl/Vg==")
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x84, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

3.05017994s ago: executing program 4 (id=1325):
syz_emit_ethernet(0x2a, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfdc1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r2}, 0x10)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r2, 0xf507, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
open(&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x135)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61154400000000006113100000000000bfa000000000000007000000ee00160e5e0301000000000014050000000000006916320000000000bf07000000000000360507000fff0720670600001f000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xf000000}, 0xffffffffffffffd2}, 0x48)

3.004181524s ago: executing program 3 (id=1326):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010b28bd03000000df25130000000c000980060002"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4800) (async)
sendmsg$TIPC_NL_MON_PEER_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010b28bd03000000df25130000000c000980060002"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4800)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
setsockopt$inet_mreqsrc(r5, 0x0, 0x25, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=@base={0xa, 0x15, 0x363d, 0x2}, 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r6, &(0x7f0000001940), 0x0}, 0x20)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x70449, &(0x7f0000000040)={[], [], 0x2e}, 0x6, 0x48d, &(0x7f0000000980)="$eJzs3EtvG1UbAOB3xnV6/5qv3wV6AQIFEXFJmrRAF2xAIHWDhARIZRnStCpNG9QEiVYVTREqS9RfACyR+AWsYIOAFYgtSGyQEFKFuqGwGjT2TOpcHGzHjil+HsntOTNnfM47M8c+MyfjAAbWSP5PErErIr4fithTzy4vMFL/79bNy9O/37w8nUSWvfRrUiv3283L02XRcrudRWY0jUjfTeLAGvXOX7x0dmp2duZCkR9fOPfG+PzFS4+fOTd1eub0zPnJY8eOHpl46snJJ7oS5+68rfvfnju47/ir11+YPnH9ta8+yZfvKtY3xlE33PJ7b2+yfCRGlu/LBg9F/JRlWct1/N3tbkgnW/rYENpSiYj8cFXz/h97ohK3D96eeP6dvjYO6Kksy7Ktq5ZWysRiBvyDJdF0VbqpDQE2WflFn1//lq9NHH703Y1n6hdAedy3ild9zZZIizLVFde33TQSEScW//ggf8Wa9yEAALrrs3z889ha4780/t9Q7l9Rnxsajoh/R8TeiPhPRPw3Iv4XUSt7V0Tc3Wb9Iyvyq8c/3zabXumKfPz3dDG3dXv8N1SLvzBcKXK7a/FXk1NnZmcOF/tkNKpb8/zEOnV8/tx37y9lti1f1zj+y195/eVYsC79ZcuKG3QnpxamuhB6zY2rS4GuGP8mSzMBSUTsi4j9Hbx/vs/OPPLxwWbr/zr+dXRhnin7KOLh+vFfjBXxl5L15yfHt8XszOHx8qxY7etvrr3YrP4Nxd8FN65G7Fh1/kdj/MNJ43ztfPt1XPvhvabXNJ2e/0PJy7X0ULHsramFhQsTEUPJ4urlk7e3LfNl+Tz+0UNrxZ/W3uPDYrsDEZGfxPdExL0RcV/R9vsj4oGIOLRO/F8+++DrncffW3n8J9s6/u0nKme/+LRZ/a0d/6O11GixpJXPv1YbuJF9BwAAAHeKtPY38Ek6tpRO07GxiFdq93Z3pLNz8wuPnpp78/zJ+t/KD0c1Le90pQ33QyeKe8NlfnJF/kjtvnGWZdn2Wn5sem62V3PqQGt2Nun/uZ8r/W4d0HNtzaM1e6INuCO11f9XPy0E3ME8rw2Dq9X+X+1xO4DN5/sfBtda/f9KxK0+NAXYZL7/YXDp/zC49H8YXPo/DKSNPNe/XmLv8Y43zzZUe/n7Kh1u/mNP9sZ6iUqnm29t42cOepCIdM1V1YjoS3vaSqS9qyI/+drbKj+QrRa+0umJ3XZi2cfEUD8+mwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhzwAAAP//dNfhIw==")

2.934576241s ago: executing program 0 (id=1327):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
userfaultfd(0x80801)

2.700556614s ago: executing program 3 (id=1328):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f00000000c0)=0x8, 0x4)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
listen(r3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000100000"], 0x0, 0xfa50, 0x0, 0x0, 0x0, 0x48}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r10, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.663913538s ago: executing program 5 (id=1329):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
dup(r0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x7, 0x0, 0x7ffc0002}]})
r2 = socket$tipc(0x1e, 0x5, 0x0)
listen(r2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000100000"], 0x0, 0xfa50, 0x0, 0x0, 0x0, 0x48}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r8)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r9, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.587852395s ago: executing program 2 (id=1330):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4009004}, 0x4040004)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
openat$vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x44600, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/vmallocinfo\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
ptrace$ARCH_GET_FS(0x1e, r3, 0x0, 0x1003)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
r7 = epoll_create(0x50000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f00000001c0)={0x80000000})
ioctl$TIOCSPTLCK(r6, 0x40045431, &(0x7f0000000000))
r8 = ioctl$TIOCGPTPEER(r6, 0x5441, 0xb3d)
ioctl$TIOCSTI(r8, 0x5412, 0x0)
sendfile(r1, r2, 0x0, 0x2)

1.686719714s ago: executing program 3 (id=1331):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4009004}, 0x4040004)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
openat$vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x44600, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/vmallocinfo\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
r5 = epoll_create(0x50000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000001c0)={0x80000000})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)

1.458561396s ago: executing program 5 (id=1332):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0)={[{@delalloc}, {@nombcache}, {@barrier}, {@dioread_lock}, {@stripe={'stripe', 0x3d, 0x8}}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2, 0x96)
pwrite64(r0, &(0x7f0000000140)='2', 0x155c2, 0x8000c64)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x441, 0x105)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r5}, 0x18)
socket$inet6(0xa, 0x3, 0x8000000003c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x21c0, 0x103)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000680)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
keyctl$dh_compute(0x17, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
add_key$user(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x3}, &(0x7f00000007c0), 0x0, 0xffffffffffffffff)
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000400)=ANY=[], 0x1, 0x0, 0x0)

517.936669ms ago: executing program 2 (id=1333):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r3 = getpid()
r4 = socket(0x10, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x30d)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="07000000040000000800000001000000"], 0x48)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="0100fcffffff00000000010000009c0008809800008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922200004000a00000900000007000000000000000000000000000000000300000024000200e4409eacd37428be90e5e4be303c615526ef55da8446757fa15b4b8da7c99c2f2c00098028000080060001000a00000014000200ff010000000000000000000000000001050003000100000024000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e"], 0xd4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
syz_open_pts(0xffffffffffffffff, 0x101003)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}, 0x1, 0x0, 0x8000000, 0x8000}, 0x0)

517.310749ms ago: executing program 3 (id=1334):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x230, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f00000005c0)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x15, 0x1}, &(0x7f0000000140)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000180)) (async)
timer_settime(r2, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}}, &(0x7f00000002c0)) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bridge0\x00'}) (async)
r4 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
lseek(r4, 0x0, 0x4) (async)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x8850}, 0x40080) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r5, 0x3, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0xca}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

474.530403ms ago: executing program 0 (id=1335):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073113f00000000008510000002000000850000007600000095000000000000009500a50500000006"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

388.234472ms ago: executing program 3 (id=1336):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0)=<r6=>0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5, @ANYBLOB=',privport,access=', @ANYRESDEC=r6])
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)

371.316783ms ago: executing program 0 (id=1337):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000c80)=ANY=[@ANYBLOB="020000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffa4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000002000000ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1e0001000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007f000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x590)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e22, @multicast2}}}, 0x108)

48.499245ms ago: executing program 3 (id=1338):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="180000000000"], 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r5, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffff001cffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)

0s ago: executing program 0 (id=1339):
r0 = syz_clone(0xc0080a00, &(0x7f0000000000)="428c69e5ac47095b48904098c707e2f485bc5c567d5ecd2c301b879e7d4ab194828e72dac405684f8bd4f39dd72ee9df681a73e8d4511917fa421c6ca166022a75e41cdb8ddb6647671aae351edaf5fcf9189b747786e6e4ab710dea87ad4afdc0bd11d494171838c3b1716cfa81f1095233d059420a23c4", 0x78, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="b3a57da1ecc00a90f40479e91741392ef3da29f85721ce72a7a1062dc9c7b63264ff183978ad0d1bd08a699d159916f82716ef4cf1ec97be61a50c7c1922ff08213fba736f611947b5f60865e35c34b515e76404c8ae6f2bdd")
setpriority(0x1, r0, 0x2)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
ptrace$ARCH_MAP_VDSO_X32(0x1e, r1, 0x9, 0x2001)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000002200)={@initdev, @remote, <r2=>0x0}, &(0x7f0000002240)=0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002540)={0xffffffffffffffff, 0xe0, &(0x7f0000002440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000002280)=[0x0, 0x0, 0x0, 0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x3, 0x7, &(0x7f00000022c0)=[0x0, 0x0, 0x0], &(0x7f0000002300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x87, &(0x7f0000002340)=[{}], 0x8, 0x10, &(0x7f0000002380), &(0x7f00000023c0), 0x8, 0x2f, 0x8, 0x8, &(0x7f0000002400)}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000002580)={'team0\x00', <r4=>0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000002640)={'syztnl1\x00', &(0x7f00000025c0)={'syztnl2\x00', <r5=>0x0, 0x8, 0x7, 0x4, 0x2, {{0x17, 0x4, 0x3, 0x5, 0x5c, 0x67, 0x0, 0x4, 0x2f, 0x0, @rand_addr=0x64010102, @multicast2, {[@lsrr={0x83, 0xf, 0xbc, [@rand_addr=0x64010101, @rand_addr=0x64010101, @remote]}, @ssrr={0x89, 0x2b, 0x64, [@dev={0xac, 0x14, 0x14, 0x1d}, @remote, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0xf}, @loopback, @empty, @multicast2, @remote, @rand_addr=0x64010102]}, @noop, @generic={0x82, 0xb, "8233720d2de4a0092d"}]}}}}})
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000002680)={@empty, @broadcast, <r6=>0x0}, &(0x7f00000026c0)=0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002800)={&(0x7f00000021c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000027c0)={&(0x7f0000002700)=@RTM_NEWMDB={0xb8, 0x54, 0x4, 0x70bd26, 0x25dfdbfb, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x1, 0x4, {@ip4=@broadcast}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x2, 0x4, {@ip4=@broadcast, 0x82dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x1, 0x3, {@ip4=@multicast2, 0xcb5b3c25510a854b}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r5, 0x1, 0x0, 0x3, {@ip4=@private=0xa010102, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x1, 0x2, 0x4, {@ip4=@multicast1, 0x86dd}}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x50}, 0x2008810)
ptrace$ARCH_SHSTK_LOCK(0x1e, r0, 0x0, 0x5003)
recvmmsg(0xffffffffffffffff, &(0x7f0000003980)=[{{&(0x7f0000002840)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00000038c0)=[{&(0x7f00000028c0)=""/4096, 0x1000}], 0x1, &(0x7f0000003900)=""/122, 0x7a}}], 0x1, 0x1, &(0x7f00000039c0)={0x77359400})
r7 = socket$key(0xf, 0x3, 0x2)
read(r7, &(0x7f0000003a00)=""/4096, 0x1000)
write(r7, &(0x7f0000004a00)="c996074f73ae79e6a0aa4021d875ca945481cb83cdd8ff0e7595807b4a73f33999f4ee31c2993fdc848a5b53562d1042f626c40f7603978238f58d582936344b6d904c356f2cbd", 0x47)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r8, 0x65, 0x5, &(0x7f0000004a80), 0x4)
stat(&(0x7f0000004ac0)='./file0\x00', &(0x7f0000004b00))
r9 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000004b80), 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r9, 0xc0505405, &(0x7f0000004bc0)={{0x0, 0x3, 0xe3, 0x0, 0x173d}, 0xebe, 0x9, 0x7})
read$FUSE(r9, &(0x7f0000004c40)={0x2020}, 0x2020)
getsockname$packet(r9, &(0x7f0000006c80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000006cc0)=0x14)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r9, 0xf507, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000006d00)=[@ioring_restriction_register_op={0x0, 0x9}, @ioring_restriction_sqe_op={0x1, 0x1}, @ioring_restriction_sqe_flags_required={0x3, 0xa}, @ioring_restriction_register_op={0x0, 0x1a}], 0x4)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006d80), r9)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000006dc0)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r9, &(0x7f0000006f00)={&(0x7f0000006d40)={0x10, 0x0, 0x0, 0xc0000}, 0xc, &(0x7f0000006ec0)={&(0x7f0000006e00)={0xa4, r10, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r11}, @val={0xc, 0x99, {0x3, 0x72}}}}, [@NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x4c, 0xa6, 0x0, 0x1, [{0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0xa4}, 0x1, 0x0, 0x0, 0x10000851}, 0x4000)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$mptcp(&(0x7f0000006f80), r9)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r12, &(0x7f0000007200)={&(0x7f0000006f40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000071c0)={&(0x7f0000007140)={0x80, r13, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xba}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0xfffffffa}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x6}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000800}, 0x4004880)

kernel console output (not intermixed with test programs):

5819][  T662] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  147.322051][   T26] usb 4-1: USB disconnect, device number 12
[  147.435079][  T687] usb 5-1: USB disconnect, device number 6
[  147.464457][  T403] usb 2-1: Using ep0 maxpacket: 32
[  147.744626][  T403] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.756544][  T403] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.909084][  T403] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  147.928406][  T403] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  147.948609][  T403] usb 2-1: Product: syz
[  147.957486][  T403] usb 2-1: Manufacturer: syz
[  147.968637][ T2503] loop2: detected capacity change from 0 to 512
[  148.005337][  T403] hub 2-1:4.0: USB hub found
[  148.026332][ T2503] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.038035][ T2503] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  148.169551][ T2526] loop2: detected capacity change from 0 to 16
[  148.224485][  T403] hub 2-1:4.0: 11 ports detected
[  148.229543][  T687] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  148.239946][ T2526] erofs: (device loop2): mounted with root inode @ nid 36.
[  148.254509][  T403] hub 2-1:4.0: insufficient power available to use all downstream ports
[  148.549587][  T403] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  148.556192][  T403] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  148.595712][  T403] usb 2-1: USB disconnect, device number 6
[  148.874675][  T687] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  148.901187][  T687] usb 5-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  148.902969][ T2540] loop2: detected capacity change from 0 to 4096
[  148.940969][ T2540] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  148.949906][  T687] usb 5-1: Product: syz
[  149.031733][  T687] usb 5-1: Manufacturer: syz
[  149.083189][  T687] usb 5-1: SerialNumber: syz
[  149.152075][  T687] usb 5-1: config 0 descriptor??
[  149.188688][ T2549] loop1: detected capacity change from 0 to 256
[  149.190622][ T2553] loop3: detected capacity change from 0 to 512
[  149.278237][ T2553] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  149.295235][ T2553] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  149.303848][ T2553] EXT4-fs (loop3): orphan cleanup on readonly fs
[  149.310828][ T2553] EXT4-fs error (device loop3): ext4_orphan_get:1427: comm syz.3.626: bad orphan inode 267
[  149.326845][ T2549] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  149.344649][ T2553] EXT4-fs (loop3): Remounting filesystem read-only
[  149.347894][ T2549] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  149.351248][ T2553] EXT4-fs (loop3): mounted filesystem without journal. Opts: nojournal_checksum,noblock_validity,discard,errors=remount-ro,inode_readahead_blks=0x0000000000004000. Quota mode: none.
[  149.391161][ T2549] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  149.540786][ T2573] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=6672 sclass=netlink_xfrm_socket pid=2573 comm=syz.0.636
[  149.883096][ T2578] loop3: detected capacity change from 0 to 2048
[  150.140667][ T2578] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=continue,auto_da_alloc,noblock_validity,errors=remount-ro,. Quota mode: none.
[  150.242037][ T2589] input: syz0 as /devices/virtual/input/input6
[  150.503552][ T2578] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.639: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  150.575407][ T2598] loop2: detected capacity change from 0 to 2048
[  150.582480][ T2578] EXT4-fs (loop3): Remounting filesystem read-only
[  150.646133][ T2578] EXT4-fs error (device loop3): ext4_find_extent:929: inode #2: comm syz.3.639: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  150.662879][ T2578] EXT4-fs (loop3): Remounting filesystem read-only
[  150.704048][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  150.704065][   T30] audit: type=1400 audit(1760520583.246:1366): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  150.743816][ T2602] loop0: detected capacity change from 0 to 512
[  150.779831][ T2602] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  150.796301][   T30] audit: type=1400 audit(1760520583.346:1367): avc:  denied  { append } for  pid=2601 comm="syz.0.645" name="loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  150.804624][ T2602] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 21: comm syz.0.645: bad entry in directory: inode out of bounds - offset=0, inode=2, rec_len=12, size=1024 fake=1
[  150.828370][   T30] audit: type=1400 audit(1760520583.346:1368): avc:  denied  { map } for  pid=2601 comm="syz.0.645" path="/dev/loop0" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  150.850314][ T2602] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5867: Corrupt filesystem
[  150.872983][ T2602] EXT4-fs error (device loop0): ext4_dirty_inode:6071: inode #2: comm syz.0.645: mark_inode_dirty error
[  150.930839][  T284] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5867: Corrupt filesystem
[  150.940560][  T284] EXT4-fs error (device loop0): ext4_quota_off:6506: inode #3: comm syz-executor: mark_inode_dirty error
[  150.958332][  T284] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5867: Corrupt filesystem
[  150.963652][ T2616] loop1: detected capacity change from 0 to 512
[  150.968382][  T284] EXT4-fs error (device loop0): ext4_quota_off:6506: inode #4: comm syz-executor: mark_inode_dirty error
[  151.011299][ T2618] loop0: detected capacity change from 0 to 128
[  151.056500][ T2618] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  151.067256][ T2618] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  151.082945][ T2616] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.113819][ T2622] loop0: detected capacity change from 0 to 512
[  151.120181][ T2616] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  151.135311][ T2616] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.649: bg 0: block 248: padding at end of block bitmap is not set
[  151.150003][ T2616] Quota error (device loop1): write_blk: dquota write failed
[  151.157847][ T2616] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  151.168182][ T2616] EXT4-fs error (device loop1): ext4_acquire_dquot:6200: comm syz.1.649: Failed to acquire dquot type 1
[  151.180303][ T2616] EXT4-fs (loop1): 1 truncate cleaned up
[  151.186062][ T2616] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  151.217899][ T2622] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  151.225359][ T2622] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  151.241556][ T2622] EXT4-fs (loop0): 1 truncate cleaned up
[  151.263417][ T2622] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,dioread_lock,nodiscard,nomblk_io_submit,noblock_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  151.287155][ T2631] loop1: detected capacity change from 0 to 512
[  151.297761][ T2633] loop3: detected capacity change from 0 to 512
[  151.310419][ T2633] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  151.325363][ T2633] EXT4-fs (loop3): 1 truncate cleaned up
[  151.331155][ T2633] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,resgid=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  151.356173][  T663] usb 5-1: USB disconnect, device number 7
[  151.366939][ T2631] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present
[  151.399346][   T30] audit: type=1400 audit(1760520583.946:1369): avc:  denied  { write } for  pid=2638 comm="syz.4.656" name="ptype" dev="proc" ino=4026532570 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  151.426186][ T2631] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  151.436203][ T2631] EXT4-fs error (device loop1): ext4_acquire_dquot:6200: comm syz.1.653: Failed to acquire dquot type 1
[  151.480248][ T2631] EXT4-fs (loop1): 1 truncate cleaned up
[  151.486229][ T2631] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  151.554854][ T2631] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.568407][ T2631] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  151.772150][ T2655] loop1: detected capacity change from 0 to 512
[  151.806335][ T2655] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  151.817726][ T2655] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.920521][ T2668] loop1: detected capacity change from 0 to 1024
[  151.935460][ T2668] EXT4-fs (loop1): Ignoring removed nobh option
[  151.955915][ T2668] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,grpid,barrier=0x0000000000000001,i_version,grpquota,max_dir_size_kb=0x0000000000000000,abort,nodelalloc,nobh,user_xattr,dioread_lock,errors=remount-ro,. Quota mode: writeback.
[  151.988960][   T30] audit: type=1400 audit(1760520584.536:1370): avc:  denied  { mounton } for  pid=2667 comm="syz.1.666" path="/134/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.017757][ T2668] EXT4-fs error (device loop1): ext4_remount:6026: comm syz.1.666: Abort forced by user
[  152.028354][ T2668] EXT4-fs (loop1): Remounting filesystem read-only
[  152.033197][   T30] audit: type=1400 audit(1760520584.576:1371): avc:  denied  { search } for  pid=2672 comm="syz.2.667" name="/" dev="configfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  152.035043][ T2668] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: writeback.
[  152.527209][ T2707] loop3: detected capacity change from 0 to 512
[  152.959366][ T2707] EXT4-fs warning (device loop3): ext4_enable_quotas:6452: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  153.089351][ T2707] EXT4-fs (loop3): mount failed
[  153.099081][ T2728] loop0: detected capacity change from 0 to 512
[  153.184485][ T2728] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  153.242356][ T2728] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  153.293158][ T2728] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.689: attempt to clear invalid blocks 2 len 1
[  153.346166][ T2728] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  153.410823][ T2728] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.689: invalid indirect mapped block 1819239214 (level 0)
[  153.468634][ T2728] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.689: invalid indirect mapped block 1819239214 (level 1)
[  153.516107][ T2728] EXT4-fs (loop0): 1 truncate cleaned up
[  153.519020][ T2754] device sit0 entered promiscuous mode
[  153.521911][ T2728] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,init_itable=0x0000000000000004,mblk_io_submit,minixdf,jqfmt=vfsv0,usrjquota=..,errors=continue. Quota mode: writeback.
[  153.547719][ T2754] netlink: 'syz.2.700': attribute type 1 has an invalid length.
[  153.556806][ T2754] netlink: 1 bytes leftover after parsing attributes in process `syz.2.700'.
[  153.567227][ T2728] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.689: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  153.590164][ T2757] netlink: 12 bytes leftover after parsing attributes in process `syz.4.701'.
[  153.738768][ T2760] pit: kvm: requested 129904 ns i8254 timer period limited to 200000 ns
[  153.781130][ T2771] loop0: detected capacity change from 0 to 4096
[  153.785477][ T2760] pit: kvm: requested 135771 ns i8254 timer period limited to 200000 ns
[  153.807946][ T2760] pit: kvm: requested 118171 ns i8254 timer period limited to 200000 ns
[  153.812470][ T2771] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  153.822358][ T2760] pit: kvm: requested 25142 ns i8254 timer period limited to 200000 ns
[  153.844921][ T2760] pit: kvm: requested 191923 ns i8254 timer period limited to 200000 ns
[  153.889171][ T2771] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  153.894293][ T2760] pit: kvm: requested 24304 ns i8254 timer period limited to 200000 ns
[  153.918488][ T2760] pit: kvm: requested 68723 ns i8254 timer period limited to 200000 ns
[  153.936988][ T2760] pit: kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  153.951803][ T2760] pit: kvm: requested 136609 ns i8254 timer period limited to 200000 ns
[  153.975003][ T2760] pit: kvm: requested 74590 ns i8254 timer period limited to 200000 ns
[  154.114901][ T2783] loop2: detected capacity change from 0 to 128
[  154.176030][ T2783] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  154.211941][ T2783] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,,errors=continue. Quota mode: none.
[  154.226748][ T2783] ext4 filesystem being mounted at /172/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  154.515579][ T2813] netlink: 44 bytes leftover after parsing attributes in process `syz.0.721'.
[  154.537554][ T2816] loop1: detected capacity change from 0 to 2048
[  154.575408][  T337]  loop1: p1 < > p2 p3 p4 < p5 >
[  154.585314][  T337] loop1: p2 size 458752 extends beyond EOD, truncated
[  154.587621][ T2820] loop0: detected capacity change from 0 to 512
[  154.601802][  T337] loop1: p3 start 4284289 is beyond EOD, truncated
[  154.610390][  T337] loop1: p5 size 458752 extends beyond EOD, truncated
[  154.619962][ T2816]  loop1: p1 < > p2 p3 p4 < p5 >
[  154.625126][ T2820] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22
[  154.625152][ T2820] SELinux:  duplicate or incompatible mount options
[  154.642048][ T2816] loop1: p2 size 458752 extends beyond EOD, truncated
[  154.649396][ T2816] loop1: p3 start 4284289 is beyond EOD, truncated
[  154.656689][ T2816] loop1: p5 size 458752 extends beyond EOD, truncated
[  154.714470][  T102]  loop1: p1 < > p2 p3 p4 < p5 >
[  154.722465][  T102] loop1: p2 size 458752 extends beyond EOD, truncated
[  154.733036][  T102] loop1: p3 start 4284289 is beyond EOD, truncated
[  154.742315][  T102] loop1: p5 size 458752 extends beyond EOD, truncated
[  154.889257][  T337] udevd[337]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  154.899955][  T402] udevd[402]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  154.910337][  T447] udevd[447]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  154.921055][  T374] udevd[374]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  154.947015][ T2833] udevd[2833]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  154.959097][  T447] udevd[447]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  154.968951][  T402] udevd[402]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  154.991380][  T337] udevd[337]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  155.009367][  T402] udevd[402]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  155.012625][  T337] udevd[337]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  155.149407][ T2856] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  155.585188][ T2866] netlink: 24 bytes leftover after parsing attributes in process `syz.4.743'.
[  156.069264][ T2877] loop1: detected capacity change from 0 to 512
[  156.129280][ T2877] EXT4-fs (loop1): Test dummy encryption mode enabled
[  156.144398][ T2877] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  156.175296][ T2877] EXT4-fs error (device loop1): ext4_orphan_get:1427: comm syz.1.748: bad orphan inode 131083
[  156.200177][ T2877] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue. Quota mode: none.
[  156.258886][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  156.258903][   T30] audit: type=1400 audit(1760520588.806:1377): avc:  denied  { create } for  pid=2876 comm="syz.1.748" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  156.317974][   T30] audit: type=1400 audit(1760520588.836:1378): avc:  denied  { write open } for  pid=2876 comm="syz.1.748" path="/148/bus/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  156.374408][   T30] audit: type=1400 audit(1760520588.836:1379): avc:  denied  { ioctl } for  pid=2876 comm="syz.1.748" path="/148/bus/bus" dev="loop1" ino=18 ioctlcmd=0x5879 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  156.847808][ T2891] netlink: 52 bytes leftover after parsing attributes in process `syz.2.752'.
[  156.986798][   T30] audit: type=1400 audit(1760520589.536:1380): avc:  denied  { write } for  pid=2900 comm="syz.1.757" name="usbmon9" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  157.053427][ T2894] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  157.107580][ T2894] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  157.138364][ T2905] loop2: detected capacity change from 0 to 2048
[  157.229443][ T2911] loop1: detected capacity change from 0 to 512
[  157.356402][ T2905] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  157.385448][ T2911] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.396834][ T2911] EXT4-fs (loop1): orphan cleanup on readonly fs
[  157.419232][ T2911] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters
[  157.624741][  T403] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  157.697421][ T2911] Quota error (device loop1): write_blk: dquota write failed
[  157.717861][ T2911] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  157.733607][ T2911] EXT4-fs error (device loop1): ext4_acquire_dquot:6200: comm syz.1.762: Failed to acquire dquot type 0
[  157.755982][ T2911] EXT4-fs (loop1): 1 truncate cleaned up
[  157.774895][ T2911] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,noblock_validity,inode_readahead_blks=0x0000000000000002,barrier=0x0000000000000000,nogrpid,resgid=0x000000000000ee01,noinit_itable,noinit_itable,journal_dev=0x00000000000000072,errors=continue. Quota mode: writeback.
[  157.934203][ T2930] loop1: detected capacity change from 0 to 16
[  157.940548][  T403] usb 1-1: Using ep0 maxpacket: 16
[  157.959056][ T2932] loop2: detected capacity change from 0 to 512
[  157.967584][ T2930] erofs: (device loop1): mounted with root inode @ nid 36.
[  158.029879][ T2932] EXT4-fs (loop2): Ignoring removed nobh option
[  158.049743][ T2932] EXT4-fs (loop2): dax option not supported
[  158.063748][   T30] audit: type=1400 audit(1760520590.606:1381): avc:  denied  { listen } for  pid=2934 comm="syz.1.769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  158.066565][ T2937] loop3: detected capacity change from 0 to 256
[  158.092492][ T2937] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  158.156387][  T403] usb 1-1: config 0 interface 0 has no altsetting 0
[  158.166409][  T403] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  158.173376][ T2939] loop4: detected capacity change from 0 to 128
[  158.175549][  T403] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.193551][ T2937] FAT-fs (loop3): Directory bread(block 64) failed
[  158.200401][ T2937] FAT-fs (loop3): Directory bread(block 65) failed
[  158.200844][  T403] usb 1-1: config 0 descriptor??
[  158.224637][ T2937] FAT-fs (loop3): Directory bread(block 66) failed
[  158.232598][ T2937] FAT-fs (loop3): Directory bread(block 67) failed
[  158.239558][ T2937] FAT-fs (loop3): Directory bread(block 68) failed
[  158.246417][ T2937] FAT-fs (loop3): Directory bread(block 69) failed
[  158.253737][ T2937] FAT-fs (loop3): Directory bread(block 70) failed
[  158.262311][ T2937] FAT-fs (loop3): Directory bread(block 71) failed
[  158.269335][ T2937] FAT-fs (loop3): Directory bread(block 72) failed
[  158.277289][ T2937] FAT-fs (loop3): Directory bread(block 73) failed
[  158.318579][ T2942] loop2: detected capacity change from 0 to 128
[  158.378285][ T2942] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  158.390004][ T2942] ext4 filesystem being mounted at /186/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  158.421869][ T2955] netlink: 24 bytes leftover after parsing attributes in process `syz.4.778'.
[  158.488197][ T2963] loop4: detected capacity change from 0 to 4096
[  158.525562][ T2963] EXT4-fs (loop4): Test dummy encryption mode enabled
[  158.552017][ T2963] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  158.567701][ T2963] System zones: 0-5
[  158.581051][ T2963] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  158.684408][  T687] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  158.685994][ T2971] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=2971 comm=syz.4.785
[  158.696223][  T403] hid (null): unknown global tag 0xd
[  158.710523][  T403] hid (null): invalid report_size 22610
[  159.081657][ T2976] netlink: 'syz.4.786': attribute type 4 has an invalid length.
[  159.094758][  T687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  159.110826][  T687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  159.123642][ T2976] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.786'.
[  159.157119][  T662] usb 1-1: USB disconnect, device number 8
[  159.163070][   T30] audit: type=1400 audit(1760520591.706:1382): avc:  denied  { create } for  pid=2977 comm="syz.1.787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  159.176826][  T687] usb 4-1: New USB device found, idVendor=0404, idProduct=0755, bcdDevice= 0.00
[  159.192226][  T687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.203725][  T687] usb 4-1: config 0 descriptor??
[  159.218153][ T2983] loop1: detected capacity change from 0 to 512
[  159.224556][ T2950] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  159.246851][ T2983] EXT4-fs warning (device loop1): ext4_enable_quotas:6452: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  159.262529][ T2983] EXT4-fs (loop1): mount failed
[  159.310334][ T2996] loop4: detected capacity change from 0 to 4096
[  159.344794][ T2996] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  159.356527][ T2996] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,jqfmt=vfsold,init_itable=0x0000000000000009,,errors=continue. Quota mode: writeback.
[  159.445895][   T30] audit: type=1400 audit(1760520591.996:1383): avc:  denied  { nlmsg_read } for  pid=2947 comm="syz.3.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  159.446552][ T2950] UDC core: couldn't find an available UDC or it's busy: -16
[  159.474321][  T403] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  159.474468][ T2950] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  159.540775][ T2999] futex_wake_op: syz.4.793 tries to shift op by 36; fix this program
[  159.564559][  T687] usbhid 4-1:0.0: can't add hid device: -71
[  159.571305][  T687] usbhid: probe of 4-1:0.0 failed with error -71
[  159.581916][  T687] usb 4-1: USB disconnect, device number 13
[  159.758862][ T3001] loop0: detected capacity change from 0 to 512
[  159.844551][  T403] usb 3-1: config 1 has an invalid descriptor of length 78, skipping remainder of the config
[  159.855380][  T403] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  159.864730][  T403] usb 3-1: New USB device found, idVendor=0dba, idProduct=5000, bcdDevice=3d.88
[  159.874196][  T403] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.891985][ T3001] EXT4-fs (loop0): Test dummy encryption mode enabled
[  159.899470][ T3001] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  159.915375][ T3001] EXT4-fs (loop0): 1 truncate cleaned up
[  159.927737][ T3001] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,test_dummy_encryption=v1,noauto_da_alloc,resgid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,quota,. Quota mode: writeback.
[  159.990181][ T3004] loop1: detected capacity change from 0 to 512
[  159.990836][   T30] audit: type=1400 audit(1760520592.536:1384): avc:  denied  { read append } for  pid=3000 comm="syz.0.794" path="/148/file2/file0/cgroup.controllers" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  160.151122][ T2981] netlink: 8 bytes leftover after parsing attributes in process `syz.2.788'.
[  160.163701][ T2981] netlink: 8 bytes leftover after parsing attributes in process `syz.2.788'.
[  160.173382][  T403] usb 3-1: USB disconnect, device number 8
[  160.312434][ T3004] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  160.324526][ T3004] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.373964][ T3021] loop0: detected capacity change from 0 to 8192
[  160.435139][ T3025] netlink: 1319 bytes leftover after parsing attributes in process `syz.4.806'.
[  160.446747][ T3026] loop3: detected capacity change from 0 to 128
[  160.521175][ T3018] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  160.530750][ T3018] FAT-fs (loop3): Filesystem has been set read-only
[  160.537449][ T3018] attempt to access beyond end of device
[  160.537449][ T3018] loop3: rw=524288, want=2073, limit=128
[  160.548969][ T3018] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  160.557007][ T3018] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  160.592018][ T3018] attempt to access beyond end of device
[  160.592018][ T3018] loop3: rw=0, want=2073, limit=128
[  160.603310][ T3018] attempt to access beyond end of device
[  160.603310][ T3018] loop3: rw=0, want=2073, limit=128
[  160.614772][ T3018] attempt to access beyond end of device
[  160.614772][ T3018] loop3: rw=0, want=2073, limit=128
[  160.625652][ T3018] attempt to access beyond end of device
[  160.625652][ T3018] loop3: rw=0, want=2073, limit=128
[  160.636423][ T3018] attempt to access beyond end of device
[  160.636423][ T3018] loop3: rw=0, want=2073, limit=128
[  160.647285][ T3018] attempt to access beyond end of device
[  160.647285][ T3018] loop3: rw=0, want=2073, limit=128
[  160.658132][ T3018] attempt to access beyond end of device
[  160.658132][ T3018] loop3: rw=0, want=2073, limit=128
[  160.668942][ T3018] attempt to access beyond end of device
[  160.668942][ T3018] loop3: rw=0, want=2073, limit=128
[  160.679733][ T3018] attempt to access beyond end of device
[  160.679733][ T3018] loop3: rw=0, want=2073, limit=128
[  160.930393][ T3048] loop2: detected capacity change from 0 to 16
[  160.993120][ T3048] erofs: (device loop2): mounted with root inode @ nid 36.
[  161.509857][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  161.509873][   T30] audit: type=1400 audit(1760520594.056:1387): avc:  denied  { name_bind } for  pid=3067 comm="syz.4.822" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  161.538705][ T3068] loop2: detected capacity change from 0 to 16
[  161.567765][ T3068] erofs: (device loop2): mounted with root inode @ nid 36.
[  162.622394][  T687] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  162.686311][ T3091] device batadv_slave_0 entered promiscuous mode
[  162.756585][ T3090] device batadv_slave_0 left promiscuous mode
[  162.794476][  T662] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  162.841125][   T30] audit: type=1400 audit(1760520595.386:1388): avc:  denied  { mounton } for  pid=3108 comm="syz.4.839" path="/180/file0" dev="tmpfs" ino=1014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  162.991536][   T30] audit: type=1400 audit(1760520595.536:1389): avc:  denied  { append } for  pid=3113 comm="syz.4.841" name="event1" dev="devtmpfs" ino=257 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  163.015505][  T687] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  163.026206][  T687] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  163.037748][  T687] usb 2-1: config 220 has no interface number 2
[  163.143471][  T687] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  163.159566][  T687] usb 2-1: config 220 interface 0 has no altsetting 0
[  163.168317][  T687] usb 2-1: config 220 interface 76 has no altsetting 0
[  163.176454][  T687] usb 2-1: config 220 interface 1 has no altsetting 0
[  163.354537][  T687] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  163.368079][  T687] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.377970][  T687] usb 2-1: Product: syz
[  163.382592][  T687] usb 2-1: Manufacturer: syz
[  163.387826][  T687] usb 2-1: SerialNumber: syz
[  163.525128][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  163.754687][  T687] usb 2-1: selecting invalid altsetting 0
[  163.814457][  T662] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  163.822919][  T662] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.833309][  T662] usb 4-1: config 0 has no interface number 0
[  163.881680][  T687] usb 2-1: Found UVC 7.01 device syz (8086:0b07)
[  163.888138][  T687] usb 2-1: No valid video chain found.
[  163.971026][  T687] usb 2-1: USB disconnect, device number 7
[  164.024686][  T662] usb 4-1: New USB device found, idVendor=061c, idProduct=c084, bcdDevice=f5.fc
[  164.037725][  T662] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.048364][  T662] usb 4-1: Product: syz
[  164.052629][  T662] usb 4-1: Manufacturer: syz
[  164.060565][  T662] usb 4-1: SerialNumber: syz
[  164.069046][  T662] usb 4-1: config 0 descriptor??
[  164.098499][ T3146] loop4: detected capacity change from 0 to 512
[  164.115328][ T3146] EXT4-fs (loop4): Ignoring removed oldalloc option
[  164.127350][ T3146] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobarrier,nodioread_nolock,quota,oldalloc,mb_optimize_scan=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  164.145718][ T3146] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.165589][ T3146] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.852: corrupted xattr block 33
[  164.177676][ T3146] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  164.187503][ T3146] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.852: corrupted xattr block 33
[  164.201847][ T3146] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=15
[  164.211522][ T3146] EXT4-fs error (device loop4): ext4_xattr_block_find:1866: inode #15: comm syz.4.852: corrupted xattr block 33
[  164.224228][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  164.232599][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  164.241814][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  164.250159][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  164.258674][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  164.266938][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  164.275353][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  164.283799][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  164.326536][  T662] usb 4-1: USB disconnect, device number 14
[  164.355785][ T3157] loop4: detected capacity change from 0 to 1024
[  164.386149][ T3157] EXT4-fs (loop4): Ignoring removed oldalloc option
[  164.392966][ T3157] EXT4-fs (loop4): Ignoring removed bh option
[  164.399494][ T3157] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  164.423538][ T3157] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,abort,bsdgroups,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,norecovery,nodelalloc,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  164.537558][ T3165] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3871: comm syz.4.856: Allocating blocks 497-513 which overlap fs metadata
[  164.580611][ T3165] EXT4-fs (loop4): pa ffff88811168b930: logic 256, phys. 385, len 8
[  164.588709][ T3165] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4888: group 0, free 0, pa_free 1
[  164.666908][ T3170] loop2: detected capacity change from 0 to 512
[  164.692207][ T3170] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  164.710087][ T3170] EXT4-fs (loop2): orphan cleanup on readonly fs
[  164.837224][ T3170] EXT4-fs warning (device loop2): ext4_enable_quotas:6452: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  164.853238][ T3170] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  164.861121][ T3170] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #13: comm syz.2.860: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  164.880588][ T3170] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.860: couldn't read orphan inode 13 (err -117)
[  164.894000][ T3170] EXT4-fs (loop2): mounted filesystem without journal. Opts: sysvgroups,noblock_validity,min_batch_time=0x000000000000082f,grpquota,debug,journal_dev=0x0000000000000001,grpid,inode_readahead_blks=0x0000000000002000,,errors=continue. Quota mode: writeback.
[  164.960658][ T3170] EXT4-fs error (device loop2): ext4_lookup:1858: comm syz.2.860: inode #15: comm syz.2.860: iget: illegal inode #
[  164.985012][  T663] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  165.156234][ T3178] netlink: 4 bytes leftover after parsing attributes in process `syz.2.863'.
[  165.177806][ T3180] netlink: 64 bytes leftover after parsing attributes in process `syz.2.864'.
[  165.337645][   T30] audit: type=1400 audit(1760520597.886:1390): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=1134 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  165.364511][  T663] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  165.379375][  T663] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.392526][   T30] audit: type=1400 audit(1760520597.886:1391): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1134 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  165.406727][  T678] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  165.421921][  T663] usb 5-1: config 0 descriptor??
[  165.440384][   T30] audit: type=1400 audit(1760520597.886:1392): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1134 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  165.474398][   T30] audit: type=1400 audit(1760520605.019:1393): avc:  denied  { bind } for  pid=3198 comm="syz.1.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  165.501925][   T30] audit: type=1400 audit(1760520605.019:1394): avc:  denied  { name_bind } for  pid=3198 comm="syz.1.873" src=28193 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  165.528358][   T30] audit: type=1400 audit(1760520605.019:1395): avc:  denied  { node_bind } for  pid=3198 comm="syz.1.873" saddr=224.0.0.1 src=28193 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  165.556492][  T687] Bluetooth: hci0: command 0x1003 tx timeout
[  165.562581][ T3126] Bluetooth: hci0: sending frame failed (-49)
[  165.682507][  T660] usb 5-1: USB disconnect, device number 8
[  165.752821][ T3217] loop2: detected capacity change from 0 to 512
[  165.763032][ T3217] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  165.772589][ T3217] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  165.785052][ T3217] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  165.793323][ T3217] System zones: 0-2, 18-18, 34-34
[  165.801509][ T3217] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.881: inode #15: comm syz.2.881: iget: illegal inode #
[  165.815351][ T3217] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.881: couldn't read orphan inode 15 (err -117)
[  165.827860][ T3217] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  165.874282][  T678] usb 4-1: unable to get BOS descriptor or descriptor too short
[  165.934233][  T678] usb 4-1: not running at top speed; connect to a high speed hub
[  166.014245][  T678] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[  166.050811][ T3230] loop1: detected capacity change from 0 to 16
[  166.184171][  T678] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  166.197403][  T678] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.213720][  T678] usb 4-1: Product: syz
[  166.223340][  T678] usb 4-1: Manufacturer: syz
[  166.233210][  T678] usb 4-1: SerialNumber: syz
[  166.272590][ T3236] loop1: detected capacity change from 0 to 256
[  166.325829][ T3236] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  166.416769][ T3247] loop1: detected capacity change from 0 to 2048
[  166.604836][  T678] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  166.624690][ T3247] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  166.678095][ T3247] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.835271][   T30] audit: type=1400 audit(1760520606.379:1396): avc:  denied  { map } for  pid=3246 comm="syz.1.893" path="/178/file0/file0/memory.events.local" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  166.924382][  T283] EXT4-fs error (device loop1): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /178/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  166.951834][   T30] audit: type=1400 audit(1760520606.489:1397): avc:  denied  { unlink } for  pid=283 comm="syz-executor" name="memory.events.local" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  167.055025][ T3266] xt_NFQUEUE: number of queues (65535) out of range (got 65541)
[  167.113639][  T678] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  167.263715][   T30] audit: type=1400 audit(1760520606.790:1398): avc:  denied  { shutdown } for  pid=3272 comm="syz.3.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  167.299383][   T30] audit: type=1400 audit(1760520606.790:1399): avc:  denied  { connect } for  pid=3272 comm="syz.3.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  167.493438][  T678] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  167.542654][   T30] audit: type=1326 audit(1760520607.080:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  167.652159][  T687] Bluetooth: hci0: command 0x1001 tx timeout
[  167.665534][ T3126] Bluetooth: hci0: sending frame failed (-49)
[  167.764290][   T30] audit: type=1326 audit(1760520607.110:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  167.810302][ T3285] loop3: detected capacity change from 0 to 256
[  167.853246][  T678] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  167.863484][ T3285] FAT-fs (loop3): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  167.903011][   T30] audit: type=1326 audit(1760520607.110:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  167.943351][   T30] audit: type=1326 audit(1760520607.110:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  167.979777][   T30] audit: type=1326 audit(1760520607.110:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  168.027394][ T3285] loop3: detected capacity change from 0 to 256
[  168.047229][   T30] audit: type=1326 audit(1760520607.110:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3279 comm="syz.4.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  168.149891][ T3290] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.157169][ T3290] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.165218][ T3290] device bridge_slave_0 entered promiscuous mode
[  168.204129][  T678] usb 4-1: 5:0: cannot get min/max values for control 4 (id 5)
[  168.491014][ T3290] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.512376][  T678] usb 4-1: USB disconnect, device number 15
[  168.513285][ T3290] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.616884][ T3290] device bridge_slave_1 entered promiscuous mode
[  169.023508][ T3290] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.030676][ T3290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.038000][ T3290] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.045054][ T3290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.131632][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  169.139424][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  169.150961][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  169.161918][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  169.171353][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  169.180092][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  169.188851][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  169.197167][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  169.204872][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  169.298933][ T3318] loop3: detected capacity change from 0 to 1024
[  169.587166][ T3318] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.915: Invalid block bitmap block 0 in block_group 0
[  169.601597][ T3318] EXT4-fs error (device loop3): ext4_acquire_dquot:6200: comm syz.3.915: Failed to acquire dquot type 0
[  169.614559][ T3318] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.915: Freeing blocks not in datazone - block = 0, count = 4096
[  169.628599][ T3318] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.915: Invalid inode bitmap blk 0 in block_group 0
[  169.642573][ T3318] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  169.651625][ T3318] EXT4-fs (loop3): 1 orphan inode deleted
[  169.657460][ T3318] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  169.730867][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6236: comm kworker/u4:1: Failed to release dquot type 0
[  169.917113][   T45] device veth1_macvtap left promiscuous mode
[  169.950700][   T45] device veth0_vlan left promiscuous mode
[  170.525421][  T678] Bluetooth: hci0: command 0x1009 tx timeout
[  170.534807][ T3290] device veth0_vlan entered promiscuous mode
[  170.557876][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  170.566196][  T338] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  170.595979][ T3290] device veth1_macvtap entered promiscuous mode
[  170.615657][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  170.632208][ T3323] loop2: detected capacity change from 0 to 40427
[  170.643517][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  170.653473][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  170.671802][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  170.681604][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.980549][ T3337] loop2: detected capacity change from 0 to 40427
[  171.026303][ T3337] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  171.071623][ T3337] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  171.141792][ T3337] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  171.495319][ T3355] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  172.015436][   T30] kauditd_printk_skb: 69 callbacks suppressed
[  172.015455][   T30] audit: type=1400 audit(1760520611.562:1472): avc:  denied  { mounton } for  pid=3358 comm="syz.4.927" path="/207/file0" dev="tmpfs" ino=1160 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  172.045712][ T3359] fuse: Bad value for 'fd'
[  172.093076][   T30] audit: type=1400 audit(1760520611.632:1473): avc:  denied  { map } for  pid=3358 comm="syz.4.927" path="/207/file0" dev="tmpfs" ino=1160 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  172.513062][ T3337] loop2: detected capacity change from 0 to 2048
[  172.581509][   T30] audit: type=1326 audit(1760520612.122:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  172.608105][   T30] audit: type=1326 audit(1760520612.122:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  172.608973][  T337] Alternate GPT is invalid, using primary GPT.
[  172.632538][   T30] audit: type=1326 audit(1760520612.122:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  172.661816][   T30] audit: type=1326 audit(1760520612.122:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  172.711249][  T337]  loop2: p1 p2 p3
[  173.734326][   T30] audit: type=1326 audit(1760520612.122:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  173.763658][   T30] audit: type=1326 audit(1760520612.122:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  173.778740][ T3337] Alternate GPT is invalid, using primary GPT.
[  173.793513][   T30] audit: type=1326 audit(1760520612.122:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  173.833881][ T3384] loop5: detected capacity change from 0 to 4096
[  173.852176][   T30] audit: type=1326 audit(1760520612.122:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3379 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  173.876265][ T3337]  loop2: p1 p2 p3
[  173.903093][ T3387] loop3: detected capacity change from 0 to 256
[  173.925122][ T3384] EXT4-fs (loop5): Test dummy encryption mode enabled
[  173.948038][ T3384] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  173.956729][ T3384] System zones: 0-5
[  173.978186][ T3384] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  174.021092][ T3387] FAT-fs (loop3): Unrecognized mount option "usefr%e" or missing value
[  174.050385][ T2833] udevd[2833]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  174.061702][  T402] udevd[402]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  174.086461][  T337] udevd[337]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  174.125497][ T2833] udevd[2833]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  174.147821][  T402] udevd[402]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  174.186700][  T337] udevd[337]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  175.108912][ T3413] loop3: detected capacity change from 0 to 512
[  175.279915][ T3415] overlayfs: failed to clone upperpath
[  175.473063][ T3413] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  175.609642][ T3413] EXT4-fs (loop3): 1 truncate cleaned up
[  175.615521][ T3413] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,jqfmt=vfsv0,,errors=continue. Quota mode: none.
[  177.175481][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  177.175497][   T30] audit: type=1326 audit(1760520616.725:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.212696][ T3453] loop3: detected capacity change from 0 to 256
[  177.233693][ T3453] FAT-fs (loop3): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  177.275528][   T30] audit: type=1326 audit(1760520616.765:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.311879][   T30] audit: type=1326 audit(1760520616.765:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.335638][   T30] audit: type=1326 audit(1760520616.765:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.436964][   T30] audit: type=1326 audit(1760520616.765:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.472616][   T30] audit: type=1326 audit(1760520616.765:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.609104][ T3461] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  177.701302][   T30] audit: type=1326 audit(1760520616.765:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.820739][ T3463] binder: 3462:3463 ioctl c0306201 200000000080 returned -14
[  177.853121][ T3463] mmap: syz.2.959 (3463) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  177.906212][   T30] audit: type=1326 audit(1760520616.765:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  177.961721][   T30] audit: type=1326 audit(1760520616.765:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  178.006833][   T30] audit: type=1326 audit(1760520616.765:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3454 comm="syz.4.956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  178.799945][ T3475] loop3: detected capacity change from 0 to 1024
[  180.328862][ T3475] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.962: Invalid block bitmap block 0 in block_group 0
[  180.343653][ T3475] EXT4-fs error (device loop3): ext4_acquire_dquot:6200: comm syz.3.962: Failed to acquire dquot type 0
[  180.356836][ T3475] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.962: Freeing blocks not in datazone - block = 0, count = 4096
[  180.371511][ T3475] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.962: Invalid inode bitmap blk 0 in block_group 0
[  180.384523][ T3475] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  180.393634][   T45] EXT4-fs error (device loop3): ext4_release_dquot:6236: comm kworker/u4:2: Failed to release dquot type 0
[  180.405476][ T3475] EXT4-fs (loop3): 1 orphan inode deleted
[  180.411428][ T3475] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  180.448671][ T3475] netlink: 12 bytes leftover after parsing attributes in process `syz.3.962'.
[  180.754003][ T3487] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.761311][ T3487] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.999570][ T3505] netlink: 'syz.0.971': attribute type 4 has an invalid length.
[  181.007559][ T3505] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.971'.
[  182.437118][ T3516] binfmt_misc: register: failed to install interpreter file ./file2
[  182.446031][  T403] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  182.493811][   T30] kauditd_printk_skb: 92 callbacks suppressed
[  182.493826][   T30] audit: type=1326 audit(1760520622.047:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3522 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  182.524096][   T30] audit: type=1326 audit(1760520622.047:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3522 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  182.556004][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  182.568473][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  182.577512][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  182.586118][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  182.594193][   T30] audit: type=1326 audit(1760520622.047:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3522 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  182.619417][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  182.628095][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  182.636802][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  182.644960][   T30] audit: type=1326 audit(1760520622.047:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3522 comm="syz.2.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  182.652338][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  182.686980][ T3530] loop5: detected capacity change from 0 to 256
[  182.726364][ T3530] FAT-fs (loop5): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  182.756074][  T403] usb 4-1: Using ep0 maxpacket: 16
[  183.533373][ T3535] loop2: detected capacity change from 0 to 1024
[  183.660084][ T3535] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.981: Invalid block bitmap block 0 in block_group 0
[  183.674786][ T3535] Quota error (device loop2): write_blk: dquota write failed
[  183.682356][ T3535] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  183.692583][ T3535] EXT4-fs error (device loop2): ext4_acquire_dquot:6200: comm syz.2.981: Failed to acquire dquot type 0
[  183.708276][ T3535] EXT4-fs error (device loop2): ext4_free_blocks:6218: comm syz.2.981: Freeing blocks not in datazone - block = 0, count = 4096
[  183.722594][ T3535] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.981: Invalid inode bitmap blk 0 in block_group 0
[  183.736824][ T3535] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  183.746954][   T45] Quota error (device loop2): remove_tree: Getting block too big (0 >= 9)
[  183.755911][ T3535] EXT4-fs (loop2): 1 orphan inode deleted
[  183.761845][ T3535] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  183.791859][ T3535] netlink: 12 bytes leftover after parsing attributes in process `syz.2.981'.
[  183.901009][   T45] EXT4-fs error (device loop2): ext4_release_dquot:6236: comm kworker/u4:2: Failed to release dquot type 0
[  184.186758][ T3541] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  184.411496][  T403] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.497823][  T403] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.508065][  T403] usb 4-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.00
[  184.517463][  T403] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.530818][  T403] usb 4-1: config 0 descriptor??
[  186.669521][   T30] audit: type=1326 audit(1760520626.229:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  186.698187][   T30] audit: type=1326 audit(1760520626.259:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  186.722471][   T30] audit: type=1326 audit(1760520626.259:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3560 comm="syz.3.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  186.757484][  T657] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  186.778091][ T3567] loop5: detected capacity change from 0 to 1024
[  186.787910][ T3567] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22
[  186.803769][  T403] usbhid 4-1:0.0: can't add hid device: -71
[  186.810187][  T403] usbhid: probe of 4-1:0.0 failed with error -71
[  186.818008][  T403] usb 4-1: USB disconnect, device number 16
[  186.856995][ T3567] EXT4-fs (loop5): Mount option "noacl" will be removed by 3.5
[  186.856995][ T3567] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  186.856995][ T3567] 
[  186.903721][ T3567] EXT4-fs (loop5): Mount option "noacl" will be removed by 3.5
[  186.903721][ T3567] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  186.903721][ T3567] 
[  186.922540][ T3567] EXT4-fs (loop5): Unrecognized mount option "hash" or missing value
[  187.098573][  T657] usb 1-1: Using ep0 maxpacket: 16
[  188.272002][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  188.272017][   T30] audit: type=1400 audit(1760520627.820:1626): avc:  denied  { map } for  pid=3582 comm="syz.3.996" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  188.330474][ T3583] netlink: 56 bytes leftover after parsing attributes in process `syz.3.996'.
[  188.485827][  T657] usb 1-1: config 0 has no interfaces?
[  188.491496][  T657] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  188.510388][  T657] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.557551][  T657] usb 1-1: config 0 descriptor??
[  188.811577][  T332] Bluetooth: hci0: Frame reassembly failed (-84)
[  188.819142][  T403] usb 1-1: USB disconnect, device number 9
[  189.286579][ T3595] binder: 3594:3595 ioctl c0306201 200000000080 returned -14
[  189.294249][  T657] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  189.330138][   T30] audit: type=1326 audit(1760520628.881:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.358108][   T30] audit: type=1326 audit(1760520628.881:1628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.382218][   T30] audit: type=1326 audit(1760520628.881:1629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.409712][   T30] audit: type=1326 audit(1760520628.881:1630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.433441][   T30] audit: type=1326 audit(1760520628.881:1631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.492601][   T30] audit: type=1326 audit(1760520628.911:1632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.516881][   T30] audit: type=1326 audit(1760520628.911:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  189.540480][   T30] audit: type=1326 audit(1760520628.911:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  190.134594][   T30] audit: type=1326 audit(1760520628.911:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3596 comm="syz.2.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  190.288425][ T3616] 9pnet: Insufficient options for proto=fd
[  190.658603][ T3620] loop2: detected capacity change from 0 to 1024
[  190.810956][ T3620] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1005: Invalid block bitmap block 0 in block_group 0
[  190.826255][ T3620] EXT4-fs error (device loop2): ext4_acquire_dquot:6200: comm syz.2.1005: Failed to acquire dquot type 0
[  190.838836][ T3620] EXT4-fs error (device loop2): ext4_free_blocks:6218: comm syz.2.1005: Freeing blocks not in datazone - block = 0, count = 4096
[  190.853890][ T3620] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1005: Invalid inode bitmap blk 0 in block_group 0
[  190.867352][ T3620] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  190.877804][ T3620] EXT4-fs (loop2): 1 orphan inode deleted
[  190.883679][ T3620] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  190.926273][ T3620] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1005'.
[  190.946064][  T332] EXT4-fs error (device loop2): ext4_release_dquot:6236: comm kworker/u4:3: Failed to release dquot type 0
[  191.231603][ T3624] device macsec1 entered promiscuous mode
[  191.237489][ T3624] device bridge0 entered promiscuous mode
[  191.265194][ T3624] bridge0: port 3(macsec1) entered blocking state
[  191.293857][ T3624] bridge0: port 3(macsec1) entered disabled state
[  191.309401][ T3624] device bridge0 left promiscuous mode
[  191.397816][  T403] Bluetooth: hci0: command 0x1003 tx timeout
[  191.480794][ T3126] Bluetooth: hci0: sending frame failed (-49)
[  192.417773][ T3654] 9pnet: Insufficient options for proto=fd
[  192.490904][  T660] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  192.569685][ T3663] loop5: detected capacity change from 0 to 512
[  193.000072][ T3663] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  193.343125][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  193.343153][   T30] audit: type=1326 audit(1760520632.853:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3658 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  193.753985][   T30] audit: type=1326 audit(1760520632.853:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3658 comm="syz.4.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  193.780995][  T403] Bluetooth: hci0: command 0x1001 tx timeout
[  193.787087][ T3126] Bluetooth: hci0: sending frame failed (-49)
[  193.884490][ T3666] loop2: detected capacity change from 0 to 512
[  194.012002][ T3666] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  194.198208][ T3663] EXT4-fs (loop5): 1 truncate cleaned up
[  194.204098][ T3663] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,jqfmt=vfsv0,,errors=continue. Quota mode: none.
[  195.300787][ T3666] EXT4-fs (loop2): 1 truncate cleaned up
[  195.306553][ T3666] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,jqfmt=vfsv0,,errors=continue. Quota mode: none.
[  195.852842][ T3680] xt_l2tp: missing protocol rule (udp|l2tpip)
[  195.919235][  T657] usb 1-1: device descriptor read/all, error -110
[  196.007741][ T3686] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1025'.
[  199.217561][  T657] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  199.267774][ T3697] 9pnet: Insufficient options for proto=fd
[  199.324395][ T3695] loop3: detected capacity change from 0 to 256
[  199.354383][ T3699] loop2: detected capacity change from 0 to 7
[  199.420726][ T3695] FAT-fs (loop3): Unrecognized mount option "	" or missing value
[  200.077438][   T30] audit: type=1326 audit(1760520639.646:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  200.123549][   T30] audit: type=1326 audit(1760520639.666:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  200.148382][   T30] audit: type=1326 audit(1760520639.716:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  200.255933][   T30] audit: type=1326 audit(1760520639.716:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  200.381500][   T30] audit: type=1326 audit(1760520639.936:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  201.029400][ T3721] device sit0 left promiscuous mode
[  201.166824][   T30] audit: type=1326 audit(1760520639.936:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  201.238585][   T30] audit: type=1326 audit(1760520639.936:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  201.286977][   T30] audit: type=1326 audit(1760520639.936:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  201.310996][   T30] audit: type=1326 audit(1760520639.936:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  201.966653][   T30] audit: type=1326 audit(1760520639.936:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3715 comm="syz.2.1032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  203.195198][ T3772] loop5: detected capacity change from 0 to 256
[  203.266157][ T3772] FAT-fs (loop5): Unrecognized mount option "" or missing value
[  204.041676][ T3785] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1054'.
[  204.356276][ T3799] loop5: detected capacity change from 0 to 256
[  204.596461][ T3799] FAT-fs (loop5): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  204.742779][ T3802] loop0: detected capacity change from 0 to 256
[  204.755175][ T3802] FAT-fs (loop0): Unrecognized mount option "" or missing value
[  204.791537][ T3799] loop5: detected capacity change from 0 to 256
[  205.008668][ T3812] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  205.357894][ T3819] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1068'.
[  205.397316][   T30] kauditd_printk_skb: 129 callbacks suppressed
[  205.397331][   T30] audit: type=1326 audit(1760520644.969:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  205.741846][ T3830] loop2: detected capacity change from 0 to 1024
[  206.495528][ T3830] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:476: comm syz.2.1070: Invalid block bitmap block 0 in block_group 0
[  206.510058][ T3830] Quota error (device loop2): write_blk: dquota write failed
[  206.517585][ T3830] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  206.527734][ T3830] EXT4-fs error (device loop2): ext4_acquire_dquot:6200: comm syz.2.1070: Failed to acquire dquot type 0
[  206.540545][ T3830] EXT4-fs error (device loop2): ext4_free_blocks:6218: comm syz.2.1070: Freeing blocks not in datazone - block = 0, count = 4096
[  206.557190][ T3830] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.1070: Invalid inode bitmap blk 0 in block_group 0
[  206.570707][ T3830] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem
[  206.579757][  T338] Quota error (device loop2): remove_tree: Getting block too big (0 >= 9)
[  206.588606][ T3830] EXT4-fs (loop2): 1 orphan inode deleted
[  206.594599][ T3830] EXT4-fs (loop2): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  207.551221][  T338] EXT4-fs error (device loop2): ext4_release_dquot:6236: comm kworker/u4:4: Failed to release dquot type 0
[  207.631572][   T30] audit: type=1326 audit(1760520645.969:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  208.028904][ T3849] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.036325][ T3849] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.054275][ T3846] loop5: detected capacity change from 0 to 256
[  208.090697][ T3846] FAT-fs (loop5): Unrecognized mount option "" or missing value
[  208.113425][   T30] audit: type=1326 audit(1760520645.999:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  208.192903][   T30] audit: type=1326 audit(1760520646.009:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  208.241120][   T30] audit: type=1326 audit(1760520646.009:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  208.264634][   T30] audit: type=1326 audit(1760520646.019:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  208.288133][   T30] audit: type=1326 audit(1760520646.039:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3822 comm="syz.3.1071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  209.044330][ T3861] loop3: detected capacity change from 0 to 1024
[  210.227114][ T3861] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1079: Invalid block bitmap block 0 in block_group 0
[  210.241571][ T3861] EXT4-fs error (device loop3): ext4_acquire_dquot:6200: comm syz.3.1079: Failed to acquire dquot type 0
[  210.254081][ T3861] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.1079: Freeing blocks not in datazone - block = 0, count = 4096
[  210.268428][ T3861] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1079: Invalid inode bitmap blk 0 in block_group 0
[  210.281640][   T10] EXT4-fs error (device loop3): ext4_release_dquot:6236: comm kworker/u4:1: Failed to release dquot type 0
[  210.293598][ T3861] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  210.302926][ T3861] EXT4-fs (loop3): 1 orphan inode deleted
[  210.308849][ T3861] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  210.660424][ T3868] loop0: detected capacity change from 0 to 1024
[  210.667738][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  210.667751][   T30] audit: type=1326 audit(1760520650.221:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  210.749944][ T3868] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1081: Invalid block bitmap block 0 in block_group 0
[  210.763763][ T3868] Quota error (device loop0): write_blk: dquota write failed
[  210.771313][ T3868] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  210.781784][ T3868] EXT4-fs error (device loop0): ext4_acquire_dquot:6200: comm syz.0.1081: Failed to acquire dquot type 0
[  210.794207][ T3868] EXT4-fs error (device loop0): ext4_free_blocks:6218: comm syz.0.1081: Freeing blocks not in datazone - block = 0, count = 4096
[  210.808635][ T3868] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1081: Invalid inode bitmap blk 0 in block_group 0
[  210.821736][ T3868] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  210.830524][ T3868] EXT4-fs (loop0): 1 orphan inode deleted
[  210.836319][ T3868] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  210.848275][   T45] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9)
[  210.852586][   T30] audit: type=1326 audit(1760520650.221:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  210.870241][   T45] EXT4-fs error (device loop0): ext4_release_dquot:6236: comm kworker/u4:2: Failed to release dquot type 0
[  210.923452][ T3872] loop2: detected capacity change from 0 to 256
[  210.960029][   T30] audit: type=1326 audit(1760520650.221:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  210.995025][   T30] audit: type=1326 audit(1760520650.221:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  211.019051][   T30] audit: type=1326 audit(1760520650.221:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  211.042648][   T30] audit: type=1326 audit(1760520650.221:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  211.066124][   T30] audit: type=1326 audit(1760520650.221:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3866 comm="syz.0.1081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  211.073916][ T3872] FAT-fs (loop2): Unrecognized mount option "" or missing value
[  211.666600][ T3894] loop0: detected capacity change from 0 to 256
[  211.678275][ T3894] FAT-fs (loop0): Unrecognized mount option "" or missing value
[  213.796433][ T3921] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1098'.
[  213.880994][  T664] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  214.861446][ T3941] 9pnet: Insufficient options for proto=fd
[  215.060922][ T3909] UDC core: couldn't find an available UDC or it's busy: -16
[  215.075972][ T3954] loop3: detected capacity change from 0 to 256
[  215.083742][ T3909] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  215.142803][ T3954] FAT-fs (loop3): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  215.249750][  T664] usb 1-1: unable to read config index 0 descriptor/start: -71
[  215.257850][  T664] usb 1-1: can't read configurations, error -71
[  215.971146][ T3954] loop3: detected capacity change from 0 to 256
[  215.993319][ T3967] loop2: detected capacity change from 0 to 256
[  216.246567][ T3971] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  217.726411][ T3977] loop0: detected capacity change from 0 to 1024
[  218.045581][ T3981] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  218.783660][ T3977] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1116: Invalid block bitmap block 0 in block_group 0
[  218.798408][ T3977] __quota_error: 121 callbacks suppressed
[  218.798441][ T3977] Quota error (device loop0): write_blk: dquota write failed
[  218.811862][ T3977] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  218.822023][ T3977] EXT4-fs error (device loop0): ext4_acquire_dquot:6200: comm syz.0.1116: Failed to acquire dquot type 0
[  218.834294][ T3977] EXT4-fs error (device loop0): ext4_free_blocks:6218: comm syz.0.1116: Freeing blocks not in datazone - block = 0, count = 4096
[  218.849758][ T3977] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1116: Invalid inode bitmap blk 0 in block_group 0
[  218.863045][ T3977] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  218.872307][ T3977] EXT4-fs (loop0): 1 orphan inode deleted
[  218.878150][ T3977] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  218.890352][  T338] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9)
[  219.067634][  T338] EXT4-fs error (device loop0): ext4_release_dquot:6236: comm kworker/u4:4: Failed to release dquot type 0
[  223.046501][ T3998] loop3: detected capacity change from 0 to 512
[  223.134695][ T3998] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.1121: iget: bad i_size value: 38620345925642
[  223.152721][ T4005] 9pnet: Insufficient options for proto=fd
[  223.164830][ T3998] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1121: couldn't read orphan inode 15 (err -117)
[  223.188690][ T3998] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  223.436615][ T4017] loop2: detected capacity change from 0 to 256
[  223.480619][ T4017] FAT-fs (loop2): bogus logical sector size 128
[  223.488140][ T4017] FAT-fs (loop2): Can't find a valid FAT filesystem
[  223.599684][ T4017] 9pnet: Insufficient options for proto=fd
[  223.815344][ T4003] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  223.927965][   T30] audit: type=1326 audit(1760520663.508:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  223.990042][   T30] audit: type=1326 audit(1760520663.508:1986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  225.722333][   T30] audit: type=1326 audit(1760520663.508:1987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  225.867976][   T30] audit: type=1326 audit(1760520663.508:1988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.149172][   T30] audit: type=1326 audit(1760520663.508:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.188795][   T30] audit: type=1326 audit(1760520663.508:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.196664][ T4044] loop2: detected capacity change from 0 to 256
[  226.241354][   T30] audit: type=1326 audit(1760520663.508:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.302991][   T10] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1980 with error 28
[  226.313610][ T4050] loop5: detected capacity change from 0 to 256
[  226.315722][   T10] EXT4-fs (loop3): This should not happen!! Data will be lost
[  226.315722][   T10] 
[  226.321942][   T30] audit: type=1326 audit(1760520663.508:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.331534][   T10] EXT4-fs (loop3): Total free blocks count 0
[  226.331551][   T10] EXT4-fs (loop3): Free/Dirty block details
[  226.368393][ T4044] FAT-fs (loop2): Unrecognized mount option "�" or missing value
[  226.379150][   T30] audit: type=1326 audit(1760520663.508:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.403062][   T30] audit: type=1326 audit(1760520663.508:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4024 comm="syz.2.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  226.428234][   T10] EXT4-fs (loop3): free_blocks=0
[  226.433258][   T10] EXT4-fs (loop3): dirty_blocks=1980
[  226.439140][   T10] EXT4-fs (loop3): Block reservation details
[  226.445506][   T10] EXT4-fs (loop3): i_reserved_data_blocks=1980
[  226.577943][ T4042] 9pnet: Insufficient options for proto=fd
[  226.980338][ T4057] syz.3.1140[4057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  226.980416][ T4057] syz.3.1140[4057] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  229.045642][ T4085] loop3: detected capacity change from 0 to 256
[  229.186809][ T4092] 9pnet: Insufficient options for proto=fd
[  229.559984][ T4092] netlink: 'syz.0.1151': attribute type 12 has an invalid length.
[  229.613449][ T4085] FAT-fs (loop3): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  229.668518][   T30] kauditd_printk_skb: 99 callbacks suppressed
[  229.668534][   T30] audit: type=1326 audit(1760520669.241:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.023040][ T4085] loop3: detected capacity change from 0 to 256
[  230.332218][ T4111] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  230.621917][   T30] audit: type=1326 audit(1760520669.271:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.645754][   T30] audit: type=1326 audit(1760520669.671:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.689101][   T30] audit: type=1326 audit(1760520669.811:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.720448][   T30] audit: type=1326 audit(1760520669.821:2098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.793372][   T30] audit: type=1326 audit(1760520669.831:2099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.817022][   T30] audit: type=1326 audit(1760520669.841:2100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.865255][   T30] audit: type=1326 audit(1760520670.191:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.892491][ T4098] cgroup: Invalid name
[  230.926679][   T30] audit: type=1326 audit(1760520670.191:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  230.964121][ T4119] loop5: detected capacity change from 0 to 256
[  230.970651][   T30] audit: type=1326 audit(1760520670.251:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4103 comm="syz.0.1155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  231.003375][ T4119] FAT-fs (loop5): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  231.103971][ T4119] loop5: detected capacity change from 0 to 256
[  231.330270][ T4135] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  231.639039][ T4139] loop0: detected capacity change from 0 to 1024
[  231.698586][ T4139] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.1163: Invalid block bitmap block 0 in block_group 0
[  231.712607][ T4139] EXT4-fs error (device loop0): ext4_acquire_dquot:6200: comm syz.0.1163: Failed to acquire dquot type 0
[  231.724583][ T4139] EXT4-fs error (device loop0): ext4_free_blocks:6218: comm syz.0.1163: Freeing blocks not in datazone - block = 0, count = 4096
[  231.738553][ T4139] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1163: Invalid inode bitmap blk 0 in block_group 0
[  231.751889][ T4139] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  231.760661][ T4139] EXT4-fs (loop0): 1 orphan inode deleted
[  231.766709][ T4139] EXT4-fs (loop0): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  231.782020][   T45] EXT4-fs error (device loop0): ext4_release_dquot:6236: comm kworker/u4:2: Failed to release dquot type 0
[  234.789811][   T30] kauditd_printk_skb: 103 callbacks suppressed
[  234.789864][   T30] audit: type=1326 audit(1760520674.043:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4160 comm="syz.3.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  235.101400][   T30] audit: type=1326 audit(1760520674.043:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4160 comm="syz.3.1170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  235.414818][ T4192] syz.0.1180[4192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  235.414904][ T4192] syz.0.1180[4192] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  236.010190][   T30] audit: type=1326 audit(1760520675.594:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.078636][   T30] audit: type=1326 audit(1760520675.594:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.113004][   T30] audit: type=1326 audit(1760520675.634:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.144134][   T30] audit: type=1326 audit(1760520675.634:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.171922][   T30] audit: type=1326 audit(1760520675.634:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.681552][   T30] audit: type=1326 audit(1760520675.634:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  236.749004][   T30] audit: type=1326 audit(1760520675.634:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  237.745702][   T30] audit: type=1326 audit(1760520675.634:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4202 comm="syz.0.1181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  237.778500][ T4220] loop0: detected capacity change from 0 to 1024
[  237.929382][ T4220] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  240.225784][ T4233] loop3: detected capacity change from 0 to 512
[  240.269833][ T4220] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,noinit_itable,,errors=continue. Quota mode: none.
[  240.349488][ T4233] EXT4-fs (loop3): Ignoring removed nobh option
[  240.394595][ T4233] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.1189: iget: bad i_size value: 38620345925642
[  240.524133][ T4245] 9pnet: Insufficient options for proto=fd
[  240.530732][ T4233] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1189: couldn't read orphan inode 15 (err -117)
[  240.657889][ T4246] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  240.721653][ T4233] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  240.848142][   T30] kauditd_printk_skb: 91 callbacks suppressed
[  240.848157][   T30] audit: type=1326 audit(1760520680.436:2305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  240.901845][   T30] audit: type=1326 audit(1760520680.436:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  240.933452][   T30] audit: type=1326 audit(1760520680.436:2307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  240.977142][   T30] audit: type=1326 audit(1760520680.436:2308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  241.006007][   T30] audit: type=1326 audit(1760520680.436:2309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.379279][ T4259] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  242.669269][   T30] audit: type=1326 audit(1760520680.436:2310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.692805][   T30] audit: type=1326 audit(1760520680.436:2311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.718838][   T30] audit: type=1326 audit(1760520680.436:2312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.742763][   T30] audit: type=1326 audit(1760520680.466:2313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.784194][   T30] audit: type=1326 audit(1760520680.466:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4247 comm="syz.2.1195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d81c7fec9 code=0x7ffc0000
[  242.848898][ T4265] loop5: detected capacity change from 0 to 256
[  242.884864][ T4255] EXT4-fs error (device loop3): empty_inline_dir:1877: inode #12: block 7: comm syz.3.1189: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=4278190093, rec_len=255, size=60 fake=0
[  242.912288][ T4255] EXT4-fs warning (device loop3): empty_inline_dir:1884: bad inline directory (dir #12) - inode 4278190093, rec_len 255, name_len 0inline size 60
[  242.928107][ T4265] FAT-fs (loop5): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  242.960309][ T4269] loop0: detected capacity change from 0 to 256
[  243.197477][  T332] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm kworker/u4:3: bg 0: block 5: invalid block bitmap
[  243.325662][ T4269] exfat: Unknown parameter '0x0000000000000003'
[  243.342624][  T332] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  243.369904][  T332] EXT4-fs (loop3): This should not happen!! Data will be lost
[  243.369904][  T332] 
[  243.441028][ T4274] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  243.818461][ T4275] SELinux: security_context_str_to_sid(@) failed for (dev ?, type ?) errno=-22
[  244.084291][ T4275] SELinux: security_context_str_to_sid(@) failed for (dev binder, type binder) errno=-22
[  244.096989][  T332] EXT4-fs (loop3): Total free blocks count 0
[  244.103837][  T332] EXT4-fs (loop3): Free/Dirty block details
[  244.110052][  T332] EXT4-fs (loop3): free_blocks=0
[  244.197832][  T332] EXT4-fs (loop3): dirty_blocks=16000
[  244.384174][  T332] EXT4-fs (loop3): Block reservation details
[  244.391923][  T332] EXT4-fs (loop3): i_reserved_data_blocks=16000
[  244.751271][   T45] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  244.764224][   T45] EXT4-fs (loop3): This should not happen!! Data will be lost
[  244.764224][   T45] 
[  244.856080][ T4287] loop5: detected capacity change from 0 to 1024
[  245.136588][ T4287] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:476: comm syz.5.1205: Invalid block bitmap block 0 in block_group 0
[  245.151611][ T4287] EXT4-fs error (device loop5): ext4_acquire_dquot:6200: comm syz.5.1205: Failed to acquire dquot type 0
[  245.164968][ T4287] EXT4-fs error (device loop5): ext4_free_blocks:6218: comm syz.5.1205: Freeing blocks not in datazone - block = 0, count = 4096
[  245.179823][ T4287] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.1205: Invalid inode bitmap blk 0 in block_group 0
[  245.194053][  T332] EXT4-fs error (device loop5): ext4_release_dquot:6236: comm kworker/u4:3: Failed to release dquot type 0
[  245.206062][ T4287] EXT4-fs error (device loop5) in ext4_free_inode:362: Corrupt filesystem
[  245.216306][ T4287] EXT4-fs (loop5): 1 orphan inode deleted
[  245.222114][ T4287] EXT4-fs (loop5): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  246.875543][ T4291] loop0: detected capacity change from 0 to 256
[  246.883671][   T30] kauditd_printk_skb: 53 callbacks suppressed
[  246.883687][   T30] audit: type=1326 audit(1760520686.449:2365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  246.983826][   T30] audit: type=1326 audit(1760520686.449:2366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.034219][ T4291] FAT-fs (loop0): Unrecognized mount option "" or missing value
[  247.082587][   T30] audit: type=1326 audit(1760520686.449:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.149711][   T30] audit: type=1326 audit(1760520686.449:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.176306][   T30] audit: type=1326 audit(1760520686.449:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.200063][   T30] audit: type=1326 audit(1760520686.449:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.224114][   T30] audit: type=1326 audit(1760520686.449:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.247840][   T30] audit: type=1326 audit(1760520686.449:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.281610][   T30] audit: type=1326 audit(1760520686.449:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.333117][   T30] audit: type=1326 audit(1760520686.449:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.4.1209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  247.621180][ T4325] SELinux: security_context_str_to_sid(@) failed for (dev ?, type ?) errno=-22
[  247.630435][ T4325] SELinux: security_context_str_to_sid(@) failed for (dev binder, type binder) errno=-22
[  248.902651][  T687] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  249.430111][ T4339] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  249.439867][  T687] usb 4-1: Using ep0 maxpacket: 16
[  249.622443][ T4341] loop2: detected capacity change from 0 to 256
[  249.702426][  T687] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  249.725830][  T687] usb 4-1: config 0 has no interface number 0
[  249.734828][ T4341] FAT-fs (loop2): Unrecognized mount option "errorspMo�Un�-ro" or missing value
[  249.752411][  T687] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  249.772682][  T687] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  249.782904][  T687] usb 4-1: config 0 interface 41 has no altsetting 0
[  249.839369][ T4341] loop2: detected capacity change from 0 to 256
[  249.944787][  T687] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  249.960231][  T687] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.976887][  T687] usb 4-1: Product: syz
[  249.982129][  T687] usb 4-1: Manufacturer: syz
[  249.987797][  T687] usb 4-1: SerialNumber: syz
[  250.006261][  T687] usb 4-1: config 0 descriptor??
[  250.022650][ T4333] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  250.040001][ T4333] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  250.088343][ T4354] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  250.285794][ T4333] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  250.294837][ T4333] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  250.824305][  T678] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  251.341696][  T678] usb 1-1: unable to get BOS descriptor or descriptor too short
[  251.401800][  T678] usb 1-1: not running at top speed; connect to a high speed hub
[  251.511893][  T678] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  251.559537][  T678] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  251.709994][  T678] usb 1-1: config 1 has no interface number 1
[  251.730377][  T678] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  251.770537][  T678] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  251.801231][  T687] Error reading MAC address
[  251.821657][  T687] sr9700: probe of 4-1:0.41 failed with error -71
[  251.851354][  T687] usb 4-1: USB disconnect, device number 18
[  252.011589][  T678] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  252.053307][ T4395] loop3: detected capacity change from 0 to 512
[  252.078697][  T678] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.104542][ T4395] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  252.221844][ T4395] EXT4-fs (loop3): 1 truncate cleaned up
[  252.227622][ T4395] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,jqfmt=vfsv0,,errors=continue. Quota mode: none.
[  252.279813][  T678] usb 1-1: Product: syz
[  252.311077][  T678] usb 1-1: Manufacturer: syz
[  252.316125][  T678] usb 1-1: SerialNumber: syz
[  254.430026][  T678] usb 1-1: 2:1 : no or invalid class specific endpoint descriptor
[  254.477183][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  254.477198][   T30] audit: type=1326 audit(1760520694.063:2385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  254.617379][  T678] usb 1-1: USB disconnect, device number 14
[  254.661055][   T30] audit: type=1326 audit(1760520694.103:2386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  254.729941][   T30] audit: type=1326 audit(1760520694.103:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  254.995460][   T30] audit: type=1326 audit(1760520694.103:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.046384][   T30] audit: type=1326 audit(1760520694.103:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.090448][   T30] audit: type=1326 audit(1760520694.103:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.139596][   T30] audit: type=1326 audit(1760520694.103:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.188532][  T678] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  255.208447][   T30] audit: type=1326 audit(1760520694.103:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.232274][   T30] audit: type=1326 audit(1760520694.103:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.256794][   T30] audit: type=1326 audit(1760520694.103:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4419 comm="syz.3.1244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  255.729360][  T678] usb 1-1: Using ep0 maxpacket: 16
[  255.859372][  T678] usb 1-1: config 1 has an invalid descriptor of length 221, skipping remainder of the config
[  255.943825][  T678] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  256.798778][  T678] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  256.833726][  T678] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.002197][ T4453] loop3: detected capacity change from 0 to 1024
[  257.737883][ T4453] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1254: Invalid block bitmap block 0 in block_group 0
[  257.752904][ T4453] EXT4-fs error (device loop3): ext4_acquire_dquot:6200: comm syz.3.1254: Failed to acquire dquot type 0
[  257.764857][ T4453] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.1254: Freeing blocks not in datazone - block = 0, count = 4096
[  257.780176][ T4453] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1254: Invalid inode bitmap blk 0 in block_group 0
[  257.793807][ T4453] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  257.804363][ T4453] EXT4-fs (loop3): 1 orphan inode deleted
[  257.810195][ T4453] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  257.842572][  T338] EXT4-fs error (device loop3): ext4_release_dquot:6236: comm kworker/u4:4: Failed to release dquot type 0
[  258.727787][  T678] usb 1-1: Product: syz
[  258.732002][  T678] usb 1-1: Manufacturer: syz
[  258.736612][  T678] usb 1-1: SerialNumber: syz
[  260.102778][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  260.102798][   T30] audit: type=1326 audit(1760520699.666:2452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4462 comm="syz.0.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  260.134041][   T30] audit: type=1326 audit(1760520699.666:2453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4462 comm="syz.0.1257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  260.148418][  T678] usb 1-1: can't set config #1, error -71
[  260.186802][  T678] usb 1-1: USB disconnect, device number 15
[  260.228967][   T30] audit: type=1326 audit(1760520699.826:2454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  260.265088][   T30] audit: type=1326 audit(1760520699.826:2455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  260.298751][   T30] audit: type=1326 audit(1760520699.826:2456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  260.399509][ T4481] SELinux: security_context_str_to_sid(@) failed for (dev ?, type ?) errno=-22
[  260.458058][   T30] audit: type=1326 audit(1760520699.826:2457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  260.727225][ T4481] SELinux: security_context_str_to_sid(@) failed for (dev binder, type binder) errno=-22
[  260.768218][   T30] audit: type=1326 audit(1760520699.826:2458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  260.997779][   T30] audit: type=1326 audit(1760520699.826:2459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  261.039205][   T30] audit: type=1326 audit(1760520699.826:2460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  261.215160][   T30] audit: type=1326 audit(1760520699.826:2461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4477 comm="syz.4.1263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f137e5f7ec9 code=0x7ffc0000
[  262.697895][ T4526] loop0: detected capacity change from 0 to 256
[  262.781916][ T4526] FAT-fs (loop0): Unrecognized mount option "" or missing value
[  264.784097][ T4559] loop0: detected capacity change from 0 to 1024
[  264.813453][ T4559] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  265.807948][ T4559] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,noinit_itable,,errors=continue. Quota mode: none.
[  265.823957][ T4569] loop2: detected capacity change from 0 to 256
[  265.947433][ T4569] FAT-fs (loop2): Unrecognized mount option "" or missing value
[  265.994188][   T30] kauditd_printk_skb: 94 callbacks suppressed
[  265.994226][   T30] audit: type=1326 audit(1760520705.469:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4555 comm="syz.5.1288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15b135bec9 code=0x7ffc0000
[  267.654461][   T30] audit: type=1326 audit(1760520705.469:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4555 comm="syz.5.1288" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15b135bec9 code=0x7ffc0000
[  268.242470][   T30] audit: type=1326 audit(1760520707.830:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.276613][   T30] audit: type=1326 audit(1760520707.870:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.301436][   T30] audit: type=1326 audit(1760520707.870:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.326192][   T30] audit: type=1326 audit(1760520707.870:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.350071][   T30] audit: type=1326 audit(1760520707.870:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.375714][   T30] audit: type=1326 audit(1760520707.870:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.402906][   T30] audit: type=1326 audit(1760520707.870:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  268.432892][   T30] audit: type=1326 audit(1760520707.870:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4594 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5a26423ec9 code=0x7ffc0000
[  269.727893][ T4614] loop5: detected capacity change from 0 to 256
[  269.792594][ T4614] FAT-fs (loop5): Unrecognized mount option "" or missing value
[  270.002068][  T403] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  270.239919][ T4635] loop3: detected capacity change from 0 to 1024
[  270.387842][ T4635] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:476: comm syz.3.1312: Invalid block bitmap block 0 in block_group 0
[  270.403395][ T4635] EXT4-fs error (device loop3): ext4_acquire_dquot:6200: comm syz.3.1312: Failed to acquire dquot type 0
[  270.415925][ T4635] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.1312: Freeing blocks not in datazone - block = 0, count = 4096
[  270.430687][ T4635] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1312: Invalid inode bitmap blk 0 in block_group 0
[  270.444287][  T332] EXT4-fs error (device loop3): ext4_release_dquot:6236: comm kworker/u4:3: Failed to release dquot type 0
[  270.457541][ T4635] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[  270.468342][ T4635] EXT4-fs (loop3): 1 orphan inode deleted
[  270.474403][ T4635] EXT4-fs (loop3): mounted filesystem without journal. Opts: ��; ,errors=continue. Quota mode: writeback.
[  270.922203][  T403] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  270.932799][  T403] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  271.432205][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  271.432222][   T30] audit: type=1326 audit(1760520711.002:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.490261][   T30] audit: type=1326 audit(1760520711.012:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.514505][   T30] audit: type=1326 audit(1760520711.032:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.538214][   T30] audit: type=1326 audit(1760520711.062:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.541625][  T403] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  271.561842][   T30] audit: type=1326 audit(1760520711.082:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.598660][   T30] audit: type=1326 audit(1760520711.102:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.602265][  T403] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.622650][   T30] audit: type=1326 audit(1760520711.132:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.655190][   T30] audit: type=1326 audit(1760520711.142:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.659570][  T403] usb 3-1: Product: syz
[  271.682892][  T403] usb 3-1: Manufacturer: syz
[  271.687539][  T403] usb 3-1: SerialNumber: syz
[  271.696312][  T403] usb 3-1: config 0 descriptor??
[  271.720535][   T30] audit: type=1326 audit(1760520711.312:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4644 comm="syz.0.1316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f795708bec9 code=0x7ffc0000
[  271.722088][ T4617] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  271.745922][   T30] audit: type=1326 audit(1760520711.322:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4616 comm="syz.2.1307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6d81c7facb code=0x7ffc0000
[  271.776563][ T4617] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  272.880806][  T403] dm9601: probe of 3-1:0.0 failed with error -71
[  272.911869][  T403] usb 3-1: USB disconnect, device number 9
[  273.566802][ T4665] loop2: detected capacity change from 0 to 256
[  273.605430][ T4665] FAT-fs (loop2): Unrecognized mount option "" or missing value
[  273.795558][ T4680] netlink: 'syz.3.1326': attribute type 2 has an invalid length.
[  273.803520][ T4680] netlink: 'syz.3.1326': attribute type 2 has an invalid length.
[  273.819935][ T4680] loop3: detected capacity change from 0 to 512
[  275.272035][ T4702] loop5: detected capacity change from 0 to 1024
[  276.156507][ T4702] EXT4-fs (loop5): Ignoring removed nobh option
[  276.171402][ T4702] EXT4-fs (loop5): Ignoring removed bh option
[  276.177596][ T4702] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  276.269442][ T4702] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,nombcache,barrier,dioread_lock,stripe=0x0000000000000008,resgid=0x0000000000000000,data_err=ignore,jqfmt=vfsv0,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: none.
[  276.552705][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  276.552729][   T30] audit: type=1400 audit(1760520716.144:2684): avc:  denied  { append } for  pid=4701 comm="syz.5.1332" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  276.651529][   T30] audit: type=1400 audit(1760520716.254:2685): avc:  denied  { read } for  pid=4727 comm="syz.0.1339" path="socket:[31171]" dev="sockfs" ino=31171 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  276.684975][  T332] ==================================================================
[  276.690458][   T30] audit: type=1400 audit(1760520716.274:2686): avc:  denied  { write } for  pid=4701 comm="syz.5.1332" name="bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  276.693111][  T332] BUG: KASAN: use-after-free in ext4_find_extent+0xbeb/0xe20
[  276.722119][  T332] Read of size 4 at addr ffff8881202bce98 by task kworker/u4:3/332
[  276.730041][  T332] 
[  276.732293][   T30] audit: type=1400 audit(1760520716.274:2687): avc:  denied  { add_name } for  pid=4701 comm="syz.5.1332" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  276.732379][  T332] CPU: 1 PID: 332 Comm: kworker/u4:3 Not tainted syzkaller #0
[  276.760117][  T332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  276.770197][  T332] Workqueue: writeback wb_workfn (flush-7:5)
[  276.776288][  T332] Call Trace:
[  276.779633][  T332]  <TASK>
[  276.782587][  T332]  __dump_stack+0x21/0x30
[  276.786947][  T332]  dump_stack_lvl+0xee/0x150
[  276.790757][   T30] audit: type=1400 audit(1760520716.274:2688): avc:  denied  { setattr } for  pid=4701 comm="syz.5.1332" name="work" dev="loop5" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  276.791653][  T332]  ? show_regs_print_info+0x20/0x20
[  276.818864][  T332]  ? load_image+0x3a0/0x3a0
[  276.823397][  T332]  print_address_description+0x7f/0x2c0
[  276.828979][  T332]  ? ext4_find_extent+0xbeb/0xe20
[  276.834028][  T332]  kasan_report+0xf1/0x140
[  276.838470][  T332]  ? __read_extent_tree_block+0x1e8/0x790
[  276.844216][  T332]  ? ext4_find_extent+0xbeb/0xe20
[  276.849272][  T332]  __asan_report_load4_noabort+0x14/0x20
[  276.855210][  T332]  ext4_find_extent+0xbeb/0xe20
[  276.859890][   T30] audit: type=1400 audit(1760520716.274:2689): avc:  denied  { remove_name } for  pid=4701 comm="syz.5.1332" name="#12" dev="loop5" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  276.860088][  T332]  ext4_ext_map_blocks+0x1de/0x6280
[  276.887721][  T332]  ? _raw_write_unlock+0x2b/0x60
[  276.892712][  T332]  ? ext4_ext_release+0x10/0x10
[  276.897591][  T332]  ? xas_load+0x2ea/0x300
[  276.901951][  T332]  ? ext4_es_lookup_extent+0x32d/0x8c0
[  276.907476][  T332]  ext4_map_blocks+0x97b/0x1b20
[  276.912362][  T332]  ? ext4_issue_zeroout+0x250/0x250
[  276.917591][  T332]  ? __kasan_check_read+0x11/0x20
[  276.922862][  T332]  ? ext4_inode_journal_mode+0x19a/0x480
[  276.928770][  T332]  ext4_writepages+0x11e7/0x2f90
[  276.928847][   T30] audit: type=1400 audit(1760520716.274:2690): avc:  denied  { rename } for  pid=4701 comm="syz.5.1332" name="#12" dev="loop5" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  276.933827][  T332]  ? ext4_readpage+0x220/0x220
[  276.933855][  T332]  ? copy_page_from_iter_atomic+0x784/0x1350
[  276.966550][  T332]  ? __kasan_check_write+0x14/0x20
[  276.971691][  T332]  ? __kasan_check_write+0x14/0x20
[  276.976832][  T332]  ? __switch_to+0x51d/0xe20
[  276.981453][  T332]  ? ext4_readpage+0x220/0x220
[  276.986332][  T332]  do_writepages+0x48a/0x6c0
[  276.987994][   T30] audit: type=1400 audit(1760520716.274:2691): avc:  denied  { unlink } for  pid=4701 comm="syz.5.1332" name="#12" dev="loop5" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  276.991031][  T332]  ? _raw_spin_unlock+0x4d/0x70
[  276.991055][  T332]  ? finish_task_switch+0x16b/0x780
[  276.991076][  T332]  ? __writepage+0x130/0x130
[  276.991096][  T332]  ? __switch_to_asm+0x3a/0x60
[  276.991116][  T332]  ? __schedule+0xb76/0x14c0
[  277.037644][  T332]  ? __kasan_check_write+0x14/0x20
[  277.042788][  T332]  ? _raw_spin_lock+0x8e/0xe0
[  277.047485][  T332]  __writeback_single_inode+0xd5/0x9c0
[  277.048652][   T30] audit: type=1400 audit(1760520716.284:2692): avc:  denied  { read } for  pid=4701 comm="syz.5.1332" name="file1" dev="overlay" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  277.052971][  T332]  ? wbc_attach_and_unlock_inode+0x194/0x5f0
[  277.052998][  T332]  writeback_sb_inodes+0x9c0/0x1590
[  277.086847][  T332]  ? inat_get_escape_attribute+0x111/0x1a0
[  277.092694][  T332]  ? queue_io+0x4c0/0x4c0
[  277.097088][  T332]  ? __kasan_check_read+0x11/0x20
[  277.102132][  T332]  ? queue_io+0x382/0x4c0
[  277.106493][  T332]  wb_writeback+0x3f1/0x980
[  277.111226][  T332]  ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[  277.117228][  T332]  ? set_worker_desc+0x155/0x1c0
[  277.122199][  T332]  ? __kasan_check_write+0x14/0x20
[  277.127343][  T332]  wb_workfn+0x38f/0xe20
[  277.131609][  T332]  ? inode_wait_for_writeback+0x200/0x200
[  277.137355][  T332]  ? compat_start_thread+0x20/0x20
[  277.142664][  T332]  ? _raw_spin_unlock+0x4d/0x70
[  277.147534][  T332]  ? finish_task_switch+0x16b/0x780
[  277.152756][  T332]  ? __switch_to_asm+0x3a/0x60
[  277.157539][  T332]  ? __schedule+0xb76/0x14c0
[  277.162150][  T332]  process_one_work+0x6be/0xba0
[  277.167032][  T332]  worker_thread+0xa59/0x1200
[  277.171783][  T332]  kthread+0x411/0x500
[  277.175867][  T332]  ? worker_clr_flags+0x190/0x190
[  277.180919][  T332]  ? kthread_blkcg+0xd0/0xd0
[  277.185549][  T332]  ret_from_fork+0x1f/0x30
[  277.189986][  T332]  </TASK>
[  277.193014][  T332] 
[  277.195349][  T332] The buggy address belongs to the page:
[  277.201006][  T332] page:ffffea000480af00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x1202bc
[  277.211262][  T332] flags: 0x4000000000000000(zone=1)
[  277.216507][  T332] raw: 4000000000000000 ffffea0004bb27c8 ffffea0006059bc8 0000000000000000
[  277.225117][  T332] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  277.233710][  T332] page dumped because: kasan: bad access detected
[  277.240162][  T332] page_owner tracks the page as freed
[  277.245538][  T332] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 4695, ts 275143160750, free_ts 276118920286
[  277.260309][  T332]  post_alloc_hook+0x192/0x1b0
[  277.265096][  T332]  prep_new_page+0x1c/0x110
[  277.269614][  T332]  get_page_from_freelist+0x2cc5/0x2d50
[  277.275177][  T332]  __alloc_pages+0x18f/0x440
[  277.279776][  T332]  shmem_alloc_and_acct_page+0x42b/0x870
[  277.285414][  T332]  shmem_getpage_gfp+0xfe5/0x2310
[  277.290490][  T332]  shmem_fault+0x19d/0x510
[  277.294908][  T332]  __do_fault+0x264/0x2f0
[  277.299235][  T332]  handle_pte_fault+0x1a57/0x2680
[  277.304264][  T332]  do_handle_mm_fault+0x1a6d/0x1d50
[  277.309466][  T332]  __get_user_pages+0x7ee/0x10a0
[  277.314416][  T332]  __mm_populate+0x319/0x460
[  277.319104][  T332]  vm_mmap_pgoff+0x247/0x410
[  277.323701][  T332]  ksys_mmap_pgoff+0xf6/0x1d0
[  277.328381][  T332]  __x64_sys_mmap+0xfa/0x110
[  277.332977][  T332]  x64_sys_call+0x83/0x9a0
[  277.337407][  T332] page last free stack trace:
[  277.342120][  T332]  free_unref_page_prepare+0x542/0x550
[  277.347584][  T332]  free_unref_page_list+0x134/0x9d0
[  277.352808][  T332]  release_pages+0xfda/0x1030
[  277.357489][  T332]  __pagevec_release+0x71/0xe0
[  277.362259][  T332]  shmem_undo_range+0x53f/0x13d0
[  277.367202][  T332]  shmem_evict_inode+0x1fd/0x9c0
[  277.372230][  T332]  evict+0x485/0x870
[  277.376128][  T332]  iput+0x635/0x7c0
[  277.379932][  T332]  dentry_unlink_inode+0x32f/0x3e0
[  277.385047][  T332]  __dentry_kill+0x44f/0x650
[  277.389640][  T332]  dentry_kill+0xc0/0x2a0
[  277.393977][  T332]  dput+0x47/0x90
[  277.397618][  T332]  __fput+0x580/0x8b0
[  277.401622][  T332]  ____fput+0x15/0x20
[  277.405672][  T332]  task_work_run+0x127/0x190
[  277.410270][  T332]  do_exit+0xa7e/0x27a0
[  277.414440][  T332] 
[  277.416772][  T332] Memory state around the buggy address:
[  277.422408][  T332]  ffff8881202bcd80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  277.430473][  T332]  ffff8881202bce00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  277.438546][  T332] >ffff8881202bce80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  277.446629][  T332]                             ^
[  277.451482][  T332]  ffff8881202bcf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  277.459540][  T332]  ffff8881202bcf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  277.467595][  T332] ==================================================================
[  277.475682][  T332] Disabling lock debugging due to kernel taint
[  277.484009][   T30] audit: type=1400 audit(1760520717.085:2693): avc:  denied  { mounton } for  pid=4701 comm="syz.5.1332" path="/91/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  277.507362][ T4725] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  277.537031][  T332] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 131158: comm kworker/u4:3: lblock 131158 mapped to illegal pblock 131158 (length 2)
[  277.561940][  T332] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 131158 with max blocks 2 with error 117
[  277.589500][  T332] EXT4-fs (loop5): This should not happen!! Data will be lost
[  277.589500][  T332]