last executing test programs:

4m0.145695315s ago: executing program 32 (id=838):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r2 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r2, r1, 0x0, 0x108, &(0x7f0000000380)='\x02a%hi/g\xa4H\x1dCj\xa8\xbe%1\x04M\xe1\xdc\xe9\xa7a\x9a\xb4\x90}\x8c.\x1f\xf7Qk!Y4\xc9\xa1\xd3\x04A\x1c\x9a$\xab\xb5\x80+z\x06\xa0U\xb8\xe0\xa7\xfc\x9e\xc3n\xb8\xc7\xd7;\xe9\v\xfeO\xfd\x0f\xae@\xc2z\xb1\xfd\xc0\x857\xf2\x02\x910\x9b\xab\x87Q\xecC\x06=\xc0w\xedZm\xd3\xfa\x8d\x0e\xd6\xc0\xa4\x10F\xec\x86\v\xf8.\xdf\xcf\x02\xb9\x8a\xd4\xe9\xbf\xf1\v\xb6\xfcci\xaa\n\x1a\xff\xfb=\x99hI4\x15\x16\xf6\xbd\x88\x1azAt\xc5~\xdavp\x1a\xe2\xc5\xf3\xcb\xd7\xa9;-@\xa40\x173=\xb3\x19wd\x7f\xf5\xd2BG\v\xfe\xc19\xb4\xb28\xcd\x18\xc0n\xf5\xc1u\x96\x9b\x8c\xb3\xa6\t\xc8fs\x8c\xd8\x17\xe5+{\x877D\xd8\x02Uv\xae\x9e\xf1\xf9\xb2\x04\xde.\xc39\x0ej\x95!\xff\xae\x88\xcfaV\a\xee,J\xa0\x11\xcf\xb8\xdc\xb4\xcb\xf8\xdb\x12\xb2\x14\xcdL\xb8\xb0\xe0\x15R\xad\x80I\xa448vzo{po\xf9\x93'}, 0x30)

3m58.118767778s ago: executing program 33 (id=880):
syz_open_dev$tty1(0xc, 0x4, 0x3)
socket$inet6(0xa, 0x1, 0xffffffff)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_RESETEP(r0, 0x80045503, &(0x7f0000000000)={0x1, 0x1})

3m56.899912907s ago: executing program 34 (id=919):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, &(0x7f0000000340)={[{@noblock_validity}, {@dioread_nolock}, {@noinit_itable}, {@acl}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0xc5, 0x452, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=')

3m51.064186779s ago: executing program 35 (id=1128):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000000000000001000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="2000000076000d0b00000000f3441d5043d1db951f000000080005008fdfc7e9"], 0x20}}, 0x0)

3m35.463936816s ago: executing program 36 (id=1592):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000b40), 0x600, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r2 = dup3(r1, r0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, 0x0, 0x0)

3m30.063557802s ago: executing program 37 (id=1758):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x2, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{0x48, 0x0, 0x0, 0xffefffff}, {0x16}]}, 0x10)
sendto$inet6(r0, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a00080001c000000001", 0x1c, 0x0, 0x0, 0x0)

2m57.203136763s ago: executing program 38 (id=2746):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r1, 0x20, 0x0}, 0x10)

2m43.123258986s ago: executing program 39 (id=3241):
io_setup(0x2, &(0x7f0000001700)=<r0=>0x0)
io_getevents(r0, 0x4, 0x4, &(0x7f0000000100)=[{}, {}, {}, {}], 0x0)
io_destroy(r0)
io_setup(0x202, &(0x7f0000000480))

2m33.750387014s ago: executing program 40 (id=3592):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
io_setup(0x3, &(0x7f00000000c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000780)={0x0, 0x0, 0x0, 0x5, 0x1, r0, 0x0}])

2m32.246326408s ago: executing program 41 (id=3636):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
getegid()

2m11.134711433s ago: executing program 42 (id=4281):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x31, 0x0, 0x0, 0x0, 0x0, 0xc90a, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
read(r1, &(0x7f0000000a40)=""/144, 0x90)

2m8.187926829s ago: executing program 43 (id=4326):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x3f}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000290000000b0000002b0000000000000710"], 0x30}, 0x0)

2m7.221738365s ago: executing program 44 (id=4029):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x2, 0x8, 0xc, 0x7}, {0x1, 0x0, 0x9, 0x401, 0x0, 0x7fffffff}, 0x2000001, 0x2, 0xcf7}}, @TCA_TBF_RATE64={0xc, 0x4, 0x274bdcb7db3981e2}, @TCA_TBF_PRATE64={0xc, 0x5, 0xe1e31d5aa9748ab8}]}}, @TCA_STAB={0x4}]}, 0x74}, 0x1, 0x0, 0x0, 0x404}, 0x0)

1m42.26519935s ago: executing program 45 (id=4756):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

1m28.230854662s ago: executing program 46 (id=5762):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
io_setup(0x2, &(0x7f0000000080))

54.93231444s ago: executing program 6 (id=6847):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x46a, 0x23, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0xf, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xfffa, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc9}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@main=@item_012={0x0, 0x0, 0xb}, @main=@item_4={0x3, 0x0, 0xb, "b7975f80"}, @global=@item_012={0x0, 0x1, 0x4}]}}, 0x0}, 0x0)

53.270892646s ago: executing program 6 (id=6912):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001080)=@newtaction={0x48, 0x30, 0x1, 0x70bd25, 0x0, {}, [{0x34, 0x1, [@m_police={0x30, 0x401, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x3, 0x3}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4044840}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000)

53.163883738s ago: executing program 6 (id=6918):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0xc}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

53.100176949s ago: executing program 6 (id=6919):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f00000000c0), 0x4, 0x511, &(0x7f0000000540)="$eJzs3cFvVE8dAPDv23Zp6a/8CspBjQoiioawbRdoCBfhojGExEg8eYDaLk3TXbbpLpFWDuXonUQST/onePNgwsmDN29684IHE1SioSYe1ry327K023b9dduF7ueTvL43M8t+Z7rMzL6B3QlgYJ2PiPWIOBERDyJiopWftI641TzSx71983Ru483TuSQajXv/SLLyNC/a/kzqk9ZzjkbED78X8ZNkZ9za6trSbLlcWmmlJ+uV5cna6tqVxVwrpzgzPTN14+r1Ys/aeq7ym9ffXbzzo9/99iuv/rj+7Z+l1Rr/+amsrL0dvdRsej7G2/KGI+LOYQTrk+HW3x8+Pmlv+1xEXMj6/0QMZa8mAHCcNRoT0ZhoTwMAx116/z8eSa7QWgsYj1yuUGiu4Z2NsVy5Wqtfnqg+fjQf2RrW6cjnHi6WS1OttcLTkU/S9HR2/S5dfC/9vHQ1Is5ExPORk1l5Ya5anu/nGx8AGGCfbJv//z3SnP8BgGNutN8VAACOnPkfAAaP+R8ABs//Mf/7dCAAHBPu/wFg8Jj/AWDw7Dv/PzuaegAAR+IHd++mR2Oj+f3Xm9/UfWW+VFsqVB7PFeaqK8uFhWp1oVwqzDUa+z1fuVpdnr62laytrt2vVB8/qt9frMwulO6X8ofZGACgK2fOvfxzOumv3zyZHdG2l4O5Go63XL8rAPTNUL8rAPSNz/PA4OriHt8yABxzHbbofc+u/0Xohc1f4WN16YvW/2FQHWT939oBfNw+2/r/d3peD+DomcNhcDUaiT3/AWDAWOMHDvTv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgxrMjyRWyvcDX05+5QiHiVEScjnzycLFcmoqITyPiTyP5kTQ93e9KAwAHlPtb0tr/69LExfHtpSeS/4xk54j46S/v/eLJbL2+Mp3m/3Mrv/4izT9ZXyme6EcDAIB2t3ZmZfN3sXVuu5F/++bp3OZxlFV8fbu5uWgad6N1NEuGYzg7j0Y+Isb+lbTSTen7laEexF9/FhFf2Gz/aDxpizCerYE0dz7dHj+Nfarn8dt//9vj595rby4rS8/57Hfx+R7UBQbNy9vNcbLV99Iu3up/uTifnTv3/9FshDq4dPxL+/XGjvEvtzX+De2In2R9/vxWeu+avL72++/vyGxMNMueRXxpuFP8ZCt+0nn8zV/sso1/+fJXL+xW1vhVxKWO7d/ckbqSDbOT9cryZG117cpiZXahtFB6VCzOTM9M3bh6vTiZrVE3f/6hU4y/37z86W7x0/aP7RJ/dO/2xze6bP+v//vgx1/bI/63vt759T+7R/x0Tvxml/Fnx27tun13Gn9+l/bv8/rH5S7jv/rr2nyXDwUAjkBtdW1ptlwurexzkb7X3O8xLrq/SO/tP4BqZBexHtGrJ8wWJSKi42PSd9QfRpMP6yL5MKrRi4t+j0zAYXvX6ftdEwAAAAAAAAAAAAAAYDe11bWlkc6f1urZRb/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1vwAAAP//tBrD+w==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x68)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

52.961270741s ago: executing program 6 (id=6928):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
syz_read_part_table(0x5e5, &(0x7f0000000000)="$eJzs0z9o1GcYB/D3kpzX6uDi5KJ2cGi7KI49ipW7U1E4zmSRDhUUEW86QTjp0YAW9AbFG8QxSwjckj90yOWGTAkJZA4hQ0ogQ5aWhEIgUPIrl7wp15JCSkJJ4fOBl+fe5/1yz/sOv8D/Wk/4NUk+7fxKMgcnkr9uP+neDDRz+VsXi9dL/SGkdpNf/Nj/Uwjh693jVFxdVuKU4aHT7TebN9PN5Xtbl0/N1Hvi+WBcZ0ZaA519JiT7F/htpOvWnAyj2dmzL19VCm+r2SdLhdra68WFu2MbuVLrTr0xfjt942HMzcXaF+uzUA0vkqfhQSiHcngUKsc0/2Nz9crO+UJz8vFX2/n2u+mrMVc84jsPO//5pff3G7XU4MS5D9eqU/Ol9d69XPkfvi4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6W0ezs2ZevKoW31eyTpUJt7fXiwt2xjVypdafeGL+dvvEw5uZi7Yv1WaiGF+FpeBDKIRUehUqn+cPf//33JDnE/Atd+4/N1Ss75wvNyceZ7Xz73fTV2C/uBy4c5bUHz+9+//NL7+83at98OXHuw7Xq1HxpvXcvdyqE0Hu8owEAAAAAAAAAAAAAAAAAAOBPufyti8Xrpf4QUuHb0Bc+/+X7nk4/yeydp2Lus1hXYn946HT7zebNdHP53tbl72bqP8f+YFxnRloD//lj+Nf+CAAA//+tMpZ3")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)

52.727242575s ago: executing program 6 (id=6933):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000040000000080"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20)

52.727132555s ago: executing program 47 (id=6933):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000040000000080"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20)

24.67192055s ago: executing program 9 (id=8095):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000004500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)

24.522685462s ago: executing program 9 (id=8099):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

24.508702352s ago: executing program 9 (id=8100):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x800000, &(0x7f0000000180)={[], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}]})

24.484453532s ago: executing program 9 (id=8102):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x1be)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x84000, 0x0)

24.467024733s ago: executing program 9 (id=8103):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0xc1}, 0x19, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x40000003, 0xffffffff, 0x16, 0x9, 0xffffffff, 0x7, 0xa, 0x7, 0x0, 0x7f, 0xf, 0x7fff, 0x2, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0xff, 0x2, 0xa5f2b87a, 0x401, 0xfffffffe, 0xfc75, 0x4, 0x8, 0x4, 0x2, 0x5, 0x7d, 0xfffff765, 0x2, 0x3, 0x6, 0x6, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x8000, 0xfffffffd, 0x80, 0x8000008, 0x8, 0x9, 0x7, 0x101, 0x3, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x5, 0x4], [0x8, 0x3, 0x0, 0x8, 0x0, 0x8, 0x4, 0x0, 0x22, 0x10, 0x6, 0x7, 0x8, 0x3, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x3, 0x3, 0x1000, 0xfc000000, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x7fff, 0x8, 0x5a, 0xffff2503, 0x7fffffff, 0x6995, 0x1, 0x80200000, 0x8, 0xda7, 0x7, 0x2, 0x76c4, 0xfffffffd, 0x5, 0x4, 0x101, 0xd, 0x2, 0x9, 0x10, 0x4000e, 0x1, 0x7, 0xa, 0x9, 0x3, 0x8, 0x0, 0x2, 0x3a2, 0x2, 0xc0d, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0x3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x802, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x9, 0x200000c, 0x10000, 0x72, 0xcf, 0x633, 0xd, 0x7, 0x6, 0x80000003, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x4, 0x7, 0x7ff, 0xfffffff1, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9e, 0xfffffffd, 0x2, 0x100, 0x0, 0x9d, 0x7, 0x80, 0xffffffff, 0x86, 0x77, 0x8, 0x1ff, 0x7, 0x7, 0x2, 0x0, 0x2, 0x9, 0x2, 0x3, 0x5], [0x4, 0xfffffffe, 0x5, 0x8000, 0x4, 0x3, 0x35ff4447, 0x7, 0x5, 0x5, 0x5d3a, 0x5, 0x5, 0x3ff, 0xb890, 0x800, 0x9, 0xf7df, 0x2, 0x10, 0x8, 0x2, 0xff, 0x6, 0x7b63, 0x4, 0xfffffff7, 0x635, 0x1007, 0x5, 0x8, 0x40000000, 0x5ef, 0x8000, 0xc, 0x41, 0x400, 0x3, 0x5, 0xc00, 0x9a8, 0x99f, 0x4231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x102, 0x1ff, 0x8, 0x431, 0x5, 0x5, 0x4, 0x7b, 0x6fc, 0x9]}, 0x45c)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600064000000000060005"], 0xe4}}, 0x0)

24.371240654s ago: executing program 9 (id=8105):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000040)={@desc={0x1, 0x0, @desc3}})

24.356098564s ago: executing program 48 (id=8105):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000040)={@desc={0x1, 0x0, @desc3}})

17.534820473s ago: executing program 4 (id=8361):
r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0xa, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

17.516192592s ago: executing program 4 (id=8366):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
read(r2, &(0x7f0000000640)=""/4096, 0x1000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000000)={0x20002015})
close_range(r1, r2, 0x0)

17.275377626s ago: executing program 4 (id=8371):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)

17.257743777s ago: executing program 4 (id=8374):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0)
mount$bind(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2207084, 0x0)

17.240424507s ago: executing program 4 (id=8376):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='mm_page_alloc\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)

17.111806399s ago: executing program 4 (id=8382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180))

17.111670959s ago: executing program 49 (id=8382):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180))

15.79253944s ago: executing program 3 (id=8421):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)

15.739795421s ago: executing program 3 (id=8422):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
close_range(r0, r0, 0x2)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
pidfd_getfd(r2, r2, 0x0)

15.739673321s ago: executing program 3 (id=8423):
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setreuid(0xffffffffffffffff, 0xee01)
write$FUSE_DIRENTPLUS(r0, &(0x7f00000006c0)=ANY=[], 0x10)

15.739485941s ago: executing program 3 (id=8424):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000140)='./file0\x00', 0x81c00a, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c6e6f6e756d7461696c3d302c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303030332c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c636865636b3d7374726963742c757466383d302c756e695f786c6174653d312c756e695f786c6174653d302c666c7573682c757466383d302c726f6469722c747a3d5554432c00e696e27e745267d0e7f7d60cf64c4d116172285e0a94b37c3f04b4e454913b1615b6c103a4be033c3f79c81a7a0dc9f3282eb2b984b8df829f11f7b15ceaa2ddb341548691e92d41d923144fa5f6aa8b37c7698e74a04d87cb16f3c338160646d1719f9aa1097cb78032fa4c9c60c14840662537510c0ac9f95a646f5231c0c9eb096b898803099b3050797137354ed2fb2a3dd97ad790f0758b4561eb7180b4b366c9ac840ca3d57727827ab961af0bb24ac6b14796d3bedfa4addb1c2f59217a563ca0a3729d45669905a6f0f3dbf3fd22ab36dfe7cf80913ecb4656ca"], 0x6, 0x2cf, &(0x7f0000002080)="$eJzs3T9rJGUYAPBnNrN//AO7hZUIDmhhdVyutdlD7kBM5bGFWmjw7kCyi3AHAUUcrxI7v4CfQBD8DrY2dpaCH8DyhIORmZ3ZP8nsJpFsxMvv1+TJvO8z7zMzL8mkyLOfvDY7up/Fwydf/RGDQRKdcYzjaRKj6ETjm1gz/j4AgP+zp0URfxVzLcO/f7chL4mIwY5rAwB244zf/7V0Gf58JWUBADt074MP37t9cHDn/SwbxN3Zt8eT8i/78ut8/PbD+Cym8SBuxjCeRVQvCt2o3hbK8G5RFHmalUbx5iw/npSZs49/rc//y8t1sB/DGFXR4m2jyn/34M5+NreSn5d1vFivPy7XvxXDeGWRvJZ/qyU/Jr14642V+m/EMH77ND6Padyviljmf72fZe+UrzgfleWV+Ul+POlX85aKvWbx/AqfDwAAAAAAAAAAAAAAAAAAAAAAz6cbde+cflT9e8pDdf+dvWflN93IGqP1/jzz/KQ50Wp/oKIo8iJ+aPrr3MyyrKgnLvPTeDVdbSwIAAAAAAAAAAAAAAAAAAAA19fjL748OpxOHzy6lKDpBpBGxN/3Iv7tecYrR16P7ZP79ZqH02mnDtfnpKtHYq+Zk0RsLSPSRTODS7s/G4IXTtVcBz/+1JbVW39waazMGZy9aLd9rcsMmt11dJhE65z+oubBfJNUjSCWc3pxzrV6m4aKuMj267UODbdllXv99HleqoJ8w50vg0i2Ffb2n/M7Vx9JTl5Fr7qrrendOoi2wqq90f4sTgQxmKef/lmR6NYBAAAAAAAAAAAAAAAAAAA7tfzv35bBJ1tTO0V/Z2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJVafv7/BYK8Tj7H5F48evwfXyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADXwD8BAAD//2T0YAU=")
creat(&(0x7f0000000100)='./bus\x00', 0x44)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)

15.622081952s ago: executing program 3 (id=8428):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000002180)={0x28, 0x4, 0x0, {0x1, 0x7}}, 0x28)

15.547623174s ago: executing program 3 (id=8432):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00', <r1=>0x0})
unshare(0x62040200)
r2 = gettid()
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}}, 0x0)

15.547470804s ago: executing program 50 (id=8432):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00', <r1=>0x0})
unshare(0x62040200)
r2 = gettid()
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}}, 0x0)

13.616864964s ago: executing program 0 (id=8514):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x300, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

13.544141356s ago: executing program 0 (id=8519):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(0xffffffffffffffff, 0xc038943b, &(0x7f0000000200)={0xfffffffffffff24f, 0x8, '\x00', 0x0, &(0x7f0000000040)=[0x0]})
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000002700)=""/4096, 0x1a00}], 0x0, 0x11a}, 0x20)

13.501583716s ago: executing program 0 (id=8522):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x20000, 0x0)
mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0), 0x800000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x9901)

13.419111148s ago: executing program 0 (id=8523):
r0 = socket(0x10, 0x803, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000000)=0x526b, 0x4)
r1 = gettid()
pselect6(0x40, &(0x7f0000000040)={0xc}, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r1, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})

13.385753148s ago: executing program 0 (id=8524):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0))

13.335861529s ago: executing program 0 (id=8525):
chdir(&(0x7f0000000240)='./file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d72700900000000000000000000180012800800010070707000"], 0x4c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

8.166130941s ago: executing program 5 (id=8709):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r0}, 0x10)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

8.098200582s ago: executing program 5 (id=8711):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014f9ff00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

8.020237533s ago: executing program 5 (id=8714):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)={0x38, r2, 0x7, 0x70bd21, 0x2, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}]}, 0x38}}, 0x0)

7.999697144s ago: executing program 5 (id=8716):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800002, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x22}, 0x84, 0x464, &(0x7f0000000ac0)="$eJzs3EtvG0UcAPD/bpq+S0Ipjz6AQEFEPJImLdADFxBIvSAhwaEcQ5pWpWmDmiDRKqIpQuWI+gmAIxKfgBNcEHACcYU7QqpQLgQOaNHau6lx7GAncZ3g30/aeGZ31jt/7449O2MngJ41lP9JIvZGxM8RMRARffUFhqoPS4vzk38uzk8mkWWv/57ku8Ufi/OTZdGkeNxTZIbTiPTDJA43OO7slasXJqanpy4X+dG5i++Mzl65+sz5ixPnps5NXRo/efLE8bHnnxt/dkPi3JfX9dD7M0cOnnrz5quTp2++9d0XeX33Fttr46gaXPcxh2Jo+TWp9/i6n31z2VeTTrZ1sSK0JW/r+enqr7T/geiL2ydvIF75oKuVAzoqy7Jsx4q1yz2AhQz4H0ui2zUAuqP8oM/vf8vlDnY/uu7Wi9UboDzupWKpbtkWaVGmv+7+diMNRcTphb8+yZdoOA4BALCxvsr7P0836v+lcV9NubuKuaHBiLg7IvZHxD0RcSAi7o2olL0/Ih5o8/hDdfmV/Z8fd60psBbl/b8Xirmtf/f/yt5fDPYVuX2V+PuTs+enp44Vr8lw9O/I82OrHOPrl3/6uNm22v5fviz1x2TZFyzq8du2ugG6MxNzE+uJudat65UxwGsr40+WZwKSiDgYEYfW8Pw7I+L8k58fabZ9RfyL83Xxr2ID5pmyzyKeqJ7/haiLv5SsPj85ujOmp46NllfFSt//cOO1ZsdfV/wbID//uxte/8vxDya187Wz7R/jxi8fNb2n+e/4G1//25M3Kuntxbr3JubmLo9FbE8WVq4fv71vmS/L5/EPH23c/vdH/P1psd/hiMgv4gcj4qGIeLio+yMR8WhEHF0l/m9feuzttcffWXn8Z9o6/+0n+i5882Wz47d2/k9UUsPFmlbe/1qt4HpeOwAAANgq0sp34JN0ZDmdpiMj1e/wH4jd6fTM7NxTZ2fevXSm+l35wehPy5GugZrx0LFibLjMj9flj1fGjbMsy3ZV8iOTM9OdmlMHWrOnSfvP/drX7doBHdfWPFqzX7QBW5Lfa0Lv0v6hd2n/0Lu0f+hdjdr/tYilVXe63rHqAHeQz3/oXdo/9C7tH3qX9g89aT2/618tsf9Ua4XLf0DYoWpsgUTf5qhG24lIN0U11pZIN0c1qokdEdFq4Wt3rKV0+Y0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7YA6Ok=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, &(0x7f0000000140)='usrjquota=')

7.710376388s ago: executing program 5 (id=8728):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a1ab0000000000000e003200000008001701"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0)

7.463236742s ago: executing program 5 (id=8737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

7.438418672s ago: executing program 51 (id=8737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

3.260889819s ago: executing program 8 (id=8838):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

3.229869059s ago: executing program 8 (id=8839):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
rt_sigpending(0x0, 0x0)
open(0x0, 0x400141042, 0x0)

3.071437352s ago: executing program 8 (id=8840):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$sock_bt_hci(r0, 0x400448de, &(0x7f0000000040))

2.273667304s ago: executing program 2 (id=8856):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000000)=0x1a, 0x4)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000040)=0xcbc, 0x4)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r0, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x44040)

2.235596865s ago: executing program 2 (id=8858):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000200)='\f\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x9a\xd5>oJ\x02u\x9b\x94a\xac\xfe6A\xc4\a\x9e\xbd\xa2\xfb\rD\xefq\x1f!\x01\xc3\xa5U\x98\xee\xcd;A\xe8\x00~V\xbf\xd4\x00\xd2,7\xa0\xfd7\xe8\xf9M\x02\xec\f3\xd4\xb8\xc3\x85\xda\xeb\xce7y%S\x1e\xa9\xe9\x92!\x95\xf1Ek\x95\x9bQ\x1d\xa4\xc2\xbb\xfa\x96\x14\x7f\xb9\x90\x9cn\xb5\x10\xd2\x84\xe9\x9e1\x9a\x9e\xa7\x9e\xcd\x1a\x86\x14%\xbaS\x90\xb1j\xf9\x00\xd7@D\x04\xaa\xb55\xd8x?z\xff\x85j3\xbe\axo\x05)\xcc\xcd\x9b\xb3\xe7w\x0e\x9f\xd3\aU\xf0M\xc1\xad\x17t\xeb\x1b\x11m\xec\x00\x00\x00\x00R\xb6v\x88\a\x82\x9e\x00\x00\x00\x10\x00\x00\x00\xa6!\xb3\xa8\xe7[&\x165\x84\xce\xa5\xc4wT\xf2E\tj\x92G\x14\x04\x93\xa4\xba\xcb\xce\"Y\xd68\xeb\x01\xc9/\x19\x85\xc6\x8do\xcb\x17\xb5\xffW\xe6\x8a\xfb\a\xf6', 0x2)
write$binfmt_misc(r1, &(0x7f0000000280), 0xff9d)
sendfile(r0, r1, &(0x7f0000000100), 0x2)
fcntl$addseals(r1, 0x409, 0x8)

2.036589608s ago: executing program 2 (id=8866):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x50, &(0x7f00000001c0)={[{@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x4}}, {@dioread_nolock}, {@mblk_io_submit}, {@nogrpid}, {@usrjquota}]}, 0x1, 0x3ed, &(0x7f0000001240)="$eJzs3E9PHGUYAPBnhn9CC4uJB1M9kGgUo0IXRa0xsXr1z6X6AQjQ2khLUzCxlQMaT548GG8e+gU8+AGaxjQx8Sv4BUyTxlAOesPM7MyywLCC7LIt/f2Syb7vzOw+77MzTN532HkDeGxNRMT5iOiLiJmIqBXr02KJ9caS7fdgY21+c2NtPomtrQt/JZEU68rPSorXU0VlMo1Iv414Zn1v3JUbNz+fW1pavF7Up1evXJteuXHz1ctX5i4tXlq8Wn/zXL0+O/NW/fWO5frj8y+d63v//Jmf/qjdmR0cHM7ae7rY1ppHp0zERPM72W2208F6bLDXDQAA4EDSou/fn/f/a9GXlxpqMb3W08YBAAAAHbH1bvEKAAAAnGCJsT8AAACccOXvAB5srM2XSw9/jnDs7r8XEePbzzZvNvPvjyeKfQa6+HzrRERceyGpZUt06TlkAIBWd7L+z9mq/l8aT7fsNxSR94eGOxx/Yld9b/8nvdfhkDtk/b93ImJzT/8vLXcZ7ytqo3lXcSC5eHlp8WxEjEXEZAwMZfV6mxgf/P3zx/tty/K/m4yOlUsW/26Sf3Qhvdc/tPM9C3Orc0fJudX9ryPO9FflnzT7v0lEjBwhRt9Xt97eb1t1/qNjRwh3KFu3Il6sPP7bM/ck7ecnms7Ph+nyrNjrn29++Wi/+L3OPzv+I+3zH09a52taOXyM25/9/mxeqMiqdfxTnX/1+T+YfJKXy3HZl3Orq9frEYPJh3vXz2y/t6yX+2f5Tz5X/fdfXv+SYk6r08U14LC++/7XV9rv0cg/W7L45VjwOGT5Lxzq+LcrXBiu2vTG7d8+3S9+8/gnEeuV+WfHvzEH2GSx5iDXv/9q6f8/mwEAAODRk+b3NZJ0qllO06mpxv2Op2IkXVpeWX354vIXVxca9z/GYyAt73TVWu6H1hv/Rm/WZ3bVX4uIJyPih9pwXp+aX15a6HXyAAAA8Jg4tc/4P/Pnsf0KAQAAAOi68V43AAAAAOg6438AAAA40Q42r5/CzkL2zT0EzVBQ6Fqh11cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR9u/AQAA//8mJ7Np")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000000)={0x17c04, 0xffffffffffffffff, 0x0, 0x100000001, 0x0, 0x10000})

1.917840499s ago: executing program 2 (id=8874):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000980)='./file0\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
umount2(&(0x7f0000000680)='./file0\x00', 0x9)

1.820003981s ago: executing program 2 (id=8879):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x5efe)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x22, 0x22, {[@local=@item_4={0x3, 0x2, 0x2, '\x00\x00\b\x00'}, @global=@item_4={0x3, 0x1, 0x1, "661994f0"}, @main=@item_4={0x3, 0x0, 0xb, "3cbdfc60"}, @local=@item_012={0x0, 0x2, 0x2}, @global=@item_4={0x3, 0x1, 0x0, "0100be00"}, @main=@item_4={0x3, 0x0, 0x8, "f700"}, @local=@item_4={0x3, 0x2, 0x3, "09007a15"}, @global=@item_012={0x2, 0x1, 0x3, "a085"}]}}, 0x0}, 0x0)

978.669844ms ago: executing program 8 (id=8897):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b80000000001010400000000000000000a0000003c0001802c0001801400030000000000000000000000ffffac1414c714000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300ff02000000000000000000000000000114000400fe8000000000000000000000000000aa0c0002800500010000000000080007400000000008000480040003801c000f"], 0xb8}}, 0x0)

903.006625ms ago: executing program 8 (id=8900):
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

861.431716ms ago: executing program 8 (id=8902):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000012ea2a400a0900128724000000010902120001000000000904"], 0x0)

307.351365ms ago: executing program 7 (id=8920):
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000340), 0x2000011a)
splice(r1, 0x0, r0, 0x0, 0x4ff9c, 0x0)

275.908016ms ago: executing program 1 (id=8922):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000980)="63eced8e46f63f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

198.979947ms ago: executing program 1 (id=8923):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000240), &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

192.192817ms ago: executing program 7 (id=8924):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x1, 0x40, 0x40, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r1}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000b80)={r1, 0x0, &(0x7f0000000b40)=""/31}, 0x20)

125.990158ms ago: executing program 1 (id=8925):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)

123.072479ms ago: executing program 7 (id=8926):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

105.065869ms ago: executing program 7 (id=8927):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

90.463028ms ago: executing program 1 (id=8928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

56.394629ms ago: executing program 7 (id=8929):
openat(0xffffffffffffff9c, &(0x7f0000000c80)='./file0\x00', 0x840, 0xe1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime')

40.059049ms ago: executing program 1 (id=8930):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @local}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=@RTM_NEWMDB={0x98, 0x54, 0x1, 0x1, 0x25dfdbfd, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x0, 0x3, {@ip4=@dev={0xac, 0x14, 0x14, 0xc}, 0x105ba}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x1, 0x2, 0x4, {@in6_addr=@private0={0xfc, 0x0, '\x00', 0x1}, 0x843fefa99410e02b}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x0, 0x0, 0x0, {@in6_addr=@mcast2, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x2, 0x3, {@ip4=@broadcast}}}]}, 0x98}, 0x1, 0x0, 0x0, 0x804}, 0x0)

17.2598ms ago: executing program 2 (id=8931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
wait4(0x0, 0x0, 0x2, 0x0)

6.51178ms ago: executing program 7 (id=8932):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000004000000070000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 1 (id=8933):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r2, {0xffe0, 0xfff1}, {0x0, 0xffff}, {0xffe0, 0xffe0}}}, 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

oint
[  225.734821][T15752] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  225.787099][   T60] usb 7-1: Using ep0 maxpacket: 16
[  225.794535][   T60] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.07
[  225.813692][   T60] usb 7-1: New USB device strings: Mfr=6, Product=2, SerialNumber=3
[  225.831693][   T60] usb 7-1: Product: syz
[  225.840071][   T60] usb 7-1: Manufacturer: syz
[  225.845889][   T60] usb 7-1: SerialNumber: syz
[  225.869517][   T60] r8152-cfgselector 7-1: config 0 descriptor??
[  225.902411][T15774] loop3: detected capacity change from 0 to 40427
[  225.927368][T15774] F2FS-fs (loop3): invalid crc value
[  225.947629][T15774] F2FS-fs (loop3): Found nat_bits in checkpoint
[  226.037601][T15774] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  226.054046][T15788] f2fs_ckpt-7:3: attempt to access beyond end of device
[  226.054046][T15788] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  226.077104][   T60] r8152-cfgselector 7-1: Unknown version 0x0000
[  226.097423][T15796] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6566'.
[  226.099238][T15797] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  226.278498][   T60] r8152-cfgselector 7-1: Unknown version 0x0000
[  226.296051][   T60] r8152-cfgselector 7-1: USB disconnect, device number 13
[  226.630487][T15832] loop4: detected capacity change from 0 to 128
[  226.657915][T15832] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  226.668982][T15832] ext4 filesystem being mounted at /550/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  226.774259][T10620] EXT4-fs (loop4): unmounting filesystem.
[  227.042847][   T28] kauditd_printk_skb: 43 callbacks suppressed
[  227.042865][   T28] audit: type=1400 audit(2000000266.610:4052): avc:  denied  { create } for  pid=15865 comm="syz.4.6585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  227.078825][   T28] audit: type=1400 audit(2000000266.640:4053): avc:  denied  { connect } for  pid=15865 comm="syz.4.6585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  227.199827][T15864] loop6: detected capacity change from 0 to 40427
[  227.206698][T15864] F2FS-fs (loop6): Invalid SB checksum offset: 0
[  227.212917][T15864] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  227.221850][T15864] F2FS-fs (loop6): invalid crc value
[  227.228248][T15864] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  227.259110][T15864] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  227.266075][T15864] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  227.302926][T13987] syz-executor: attempt to access beyond end of device
[  227.302926][T13987] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  227.431151][T15880] loop3: detected capacity change from 0 to 256
[  227.437534][T15880] exfat: Deprecated parameter 'utf8'
[  227.445235][T15880] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d)
[  227.529177][   T28] audit: type=1400 audit(2000000267.100:4054): avc:  denied  { write } for  pid=15886 comm="syz.3.6592" name="001" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  227.552064][   T28] audit: type=1400 audit(2000000267.100:4055): avc:  denied  { map } for  pid=15886 comm="syz.3.6592" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  227.730798][T15906] loop3: detected capacity change from 0 to 256
[  227.756253][   T28] audit: type=1400 audit(2000000267.320:4056): avc:  denied  { remove_name } for  pid=15905 comm="syz.3.6600" name="file3" dev="loop3" ino=1049021 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  227.788184][   T28] audit: type=1400 audit(2000000267.320:4057): avc:  denied  { rename } for  pid=15905 comm="syz.3.6600" name="file3" dev="loop3" ino=1049021 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  227.812277][   T28] audit: type=1400 audit(2000000267.320:4058): avc:  denied  { reparent } for  pid=15905 comm="syz.3.6600" name="file3" dev="loop3" ino=1049021 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  227.887273][   T60] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  228.027843][T15933] __nla_validate_parse: 3 callbacks suppressed
[  228.027865][T15933] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6612'.
[  228.078204][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  228.101968][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  228.114717][   T60] usb 10-1: New USB device found, idVendor=056a, idProduct=0033, bcdDevice= 0.00
[  228.124010][   T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.147221][   T60] usb 10-1: config 0 descriptor??
[  228.158113][T15894] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  228.467424][ T2220] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  228.586630][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.599016][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.613306][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.627129][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.644101][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.654201][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.669618][ T2220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.671075][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.687166][ T2220] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  228.697145][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.706895][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.715247][ T2220] usb 5-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00
[  228.717000][   T60] wacom 0003:056A:0033.0040: unknown main item tag 0x0
[  228.733382][T15958] loop3: detected capacity change from 0 to 40427
[  228.740782][ T2220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.741105][   T60] wacom 0003:056A:0033.0040: hidraw0: USB HID v0.00 Device [HID 056a:0033] on usb-dummy_hcd.9-1/input0
[  228.749863][ T2220] usb 5-1: config 0 descriptor??
[  228.764653][T15958] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  228.772591][T15958] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  228.781640][T15958] F2FS-fs (loop3): invalid crc value
[  228.806862][  T939] usb 10-1: USB disconnect, device number 11
[  228.816962][T15958] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  228.848329][T15958] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  228.855270][T15958] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  228.893201][ T4538] syz-executor: attempt to access beyond end of device
[  228.893201][ T4538] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  228.930239][T15960] loop6: detected capacity change from 0 to 40427
[  228.937102][T15960] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  228.944784][T15960] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  228.955787][T15960] F2FS-fs (loop6): Found nat_bits in checkpoint
[  228.990213][T15973] device gretap1 entered promiscuous mode
[  229.004609][T15960] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  229.024170][T15960] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  229.031198][T15960] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  229.085726][   T28] audit: type=1400 audit(2000525068.651:4059): avc:  denied  { append } for  pid=15959 comm="syz.6.6624" name="file1" dev="loop6" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  229.174434][ T2220] wacom 0003:056A:0314.0041: Unknown device_type for 'HID 056a:0314'. Assuming pen.
[  229.190138][ T2220] wacom 0003:056A:0314.0041: hidraw0: USB HID v0.00 Device [HID 056a:0314] on usb-dummy_hcd.4-1/input0
[  229.203824][ T2220] input: Wacom Intuos Pro S Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:056A:0314.0041/input/input65
[  229.218141][   T28] audit: type=1400 audit(2000525068.781:4060): avc:  denied  { read } for  pid=88 comm="acpid" name="event3" dev="devtmpfs" ino=1217 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.240432][   T28] audit: type=1400 audit(2000525068.781:4061): avc:  denied  { open } for  pid=88 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1217 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.383189][   T60] usb 5-1: USB disconnect, device number 18
[  229.671285][T16029] loop6: detected capacity change from 0 to 1024
[  229.692716][T16029] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  229.730176][T16035] kvm [16034]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x6161616161616161
[  229.767578][T16029] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  229.775870][T16029] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.789904][T16029] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  229.805150][T16029] EXT4-fs (loop6): Remounting filesystem read-only
[  229.823168][T13987] EXT4-fs (loop6): unmounting filesystem.
[  229.908055][T16048] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  229.932971][T16048] FAT-fs (loop13): unable to read boot sector
[  230.043599][T16067] serio: Serial port ptm0
[  230.173629][T16076] loop3: detected capacity change from 0 to 2048
[  230.188598][T16076] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  230.211445][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  230.243300][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.251396][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.259759][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.267259][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.274693][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.281987][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.289128][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.296356][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.309557][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.316822][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.324175][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.331549][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.339929][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.347216][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.354396][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.361633][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.368862][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.376125][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.384902][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.392412][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.399811][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.407100][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.414222][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.421659][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.428881][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.436148][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.443295][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.450475][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.457685][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.464886][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.472089][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.479288][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.486478][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.493779][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.500923][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.508112][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.515301][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.522532][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.529712][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.536904][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.544269][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.551497][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.558714][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.565888][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.573124][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.580353][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.587544][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.594729][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.601921][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.609126][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.616311][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.623540][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.630900][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.638112][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.645286][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.652504][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.659721][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.666895][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.674118][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.681320][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.688525][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.695717][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.702942][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.710139][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.717362][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.724532][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.731774][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.738955][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.746149][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.753367][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.760573][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.767765][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.774953][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.782192][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.789382][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.796917][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.804138][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.811364][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.818589][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.825877][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.833089][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.840301][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.847505][  T331] hid-generic 0000:0000:0000.0042: unknown main item tag 0x0
[  230.855328][  T331] hid-generic 0000:0000:0000.0042: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  231.567138][ T2220] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  231.649623][T16171] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6710'.
[  231.743748][T16189] loop6: detected capacity change from 0 to 512
[  231.750187][T16189] EXT4-fs: Ignoring removed orlov option
[  231.756470][ T2220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.757898][T16189] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.6718: bg 0: block 411: padding at end of block bitmap is not set
[  231.767519][ T2220] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.781967][T16189] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.6718: inode #1: comm syz.6.6718: iget: illegal inode #
[  231.803558][ T2220] usb 5-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  231.803977][T16189] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.6718: error while reading EA inode 1 err=-117
[  231.812514][ T2220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.824790][T16189] EXT4-fs (loop6): 1 orphan inode deleted
[  231.838052][T16189] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  231.844001][ T2220] usb 5-1: config 0 descriptor??
[  231.855633][T16189] EXT4-fs (loop6): shut down requested (1)
[  231.875437][T13987] EXT4-fs (loop6): unmounting filesystem.
[  231.932219][T16206] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6726'.
[  232.001523][T16215] loop6: detected capacity change from 0 to 4096
[  232.010375][T16215] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  232.033996][T13987] EXT4-fs (loop6): unmounting filesystem.
[  232.073568][T16218] loop6: detected capacity change from 0 to 8192
[  232.123872][   T28] kauditd_printk_skb: 28 callbacks suppressed
[  232.123888][   T28] audit: type=1400 audit(2000787471.689:4090): avc:  denied  { read } for  pid=16224 comm="syz.6.6734" name="event2" dev="devtmpfs" ino=271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  232.263067][ T2220] cypress 0003:04B4:DE61.0043: item fetching failed at offset 5/7
[  232.270944][ T2220] cypress 0003:04B4:DE61.0043: parse failed
[  232.276687][ T2220] cypress: probe of 0003:04B4:DE61.0043 failed with error -22
[  232.447370][   T28] audit: type=1400 audit(2000787472.019:4091): avc:  denied  { setcurrent } for  pid=16236 comm="syz.6.6739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  232.485404][ T2220] usb 5-1: USB disconnect, device number 19
[  232.495824][   T28] audit: type=1401 audit(2000787472.029:4092): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  232.550840][T16243] loop6: detected capacity change from 0 to 2048
[  232.574744][T16243] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  232.598118][T16252] incfs: Options parsing error. -22
[  232.603197][T16252] incfs: mount failed -22
[  232.608326][T13987] EXT4-fs (loop6): unmounting filesystem.
[  232.836159][T16272] loop3: detected capacity change from 0 to 16
[  232.842872][T16272] erofs: (device loop3): mounted with root inode @ nid 36.
[  232.851769][T16272] syz.3.6754: attempt to access beyond end of device
[  232.851769][T16272] loop3: rw=524288, sector=16, nr_sectors = 16 limit=16
[  232.865424][T16272] syz.3.6754: attempt to access beyond end of device
[  232.865424][T16272] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16
[  232.892901][T16272] syz.3.6754: attempt to access beyond end of device
[  232.892901][T16272] loop3: rw=0, sector=8, nr_sectors = 16 limit=16
[  232.975969][T16280] 9pnet: p9_errstr2errno: server reported unknown error �@�0x0000000000000004
[  233.036843][ T2220] kernel write not supported for file [eventfd] (pid: 2220 comm: kworker/0:5)
[  233.043128][T16285] loop3: detected capacity change from 0 to 4096
[  233.061728][T16285] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  233.071512][T16290] loop4: detected capacity change from 0 to 128
[  233.098246][T16290] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  233.109715][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  233.111281][T16290] ext4 filesystem being mounted at /569/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  233.159133][   T28] audit: type=1400 audit(2000787472.729:4093): avc:  denied  { execute } for  pid=16289 comm="syz.4.6762" name="file1" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  233.207531][T10620] EXT4-fs (loop4): unmounting filesystem.
[  233.213351][T16295] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6764'.
[  233.227023][T16297] loop6: detected capacity change from 0 to 1024
[  233.233862][   T28] audit: type=1400 audit(2000787472.729:4094): avc:  denied  { execute_no_trans } for  pid=16289 comm="syz.4.6762" path="/569/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  233.279611][T16297] EXT4-fs: Ignoring removed nobh option
[  233.285166][T16297] EXT4-fs: Ignoring removed bh option
[  233.292943][T16297] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  233.325316][T16297] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  233.348377][   T28] audit: type=1400 audit(2000787472.919:4095): avc:  denied  { rename } for  pid=16296 comm="syz.6.6765" name="file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  233.388030][   T28] audit: type=1400 audit(2000787472.949:4096): avc:  denied  { setattr } for  pid=16296 comm="syz.6.6765" name="work" dev="loop6" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  233.420338][T13987] EXT4-fs (loop6): unmounting filesystem.
[  233.421748][   T28] audit: type=1400 audit(2000787472.949:4097): avc:  denied  { rename } for  pid=16296 comm="syz.6.6765" name="#2e" dev="loop6" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  233.481892][   T28] audit: type=1400 audit(2000787472.949:4098): avc:  denied  { unlink } for  pid=16296 comm="syz.6.6765" name="#2e" dev="loop6" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  233.515102][   T28] audit: type=1326 audit(2000787472.989:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16244 comm="syz.9.6743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91b298d169 code=0x7fc00000
[  233.994935][T16388] incfs: Options parsing error. -22
[  234.005060][T16388] incfs: mount failed -22
[  234.016679][T16391] loop6: detected capacity change from 0 to 512
[  234.031736][T16391] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  234.072662][T16391] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  234.085040][T16391] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.103675][T16402] loop4: detected capacity change from 0 to 1024
[  234.111115][T13987] EXT4-fs (loop6): unmounting filesystem.
[  234.114689][T16402] EXT4-fs: Ignoring removed nobh option
[  234.122183][T16402] EXT4-fs: Ignoring removed bh option
[  234.135889][T16402] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  234.158767][T16402] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  234.183011][ T2220] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0
[  234.191802][ T2220] hid-generic 0000:0000:0000.0044: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  234.224707][T10620] EXT4-fs (loop4): unmounting filesystem.
[  234.254951][T16420] incfs: Options parsing error. -22
[  234.269044][T16420] incfs: mount failed -22
[  234.286657][T16428] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6824'.
[  234.292105][T16430] xt_hashlimit: size too large, truncated to 1048576
[  234.572924][T16462] netlink: 'syz.6.6840': attribute type 12 has an invalid length.
[  234.694970][T16481] netem: change failed
[  234.932319][T16494] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6853'.
[  234.957289][ T2220] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  235.092906][T16511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6862'.
[  235.106094][T16511] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6862'.
[  235.141979][T16518] loop4: detected capacity change from 0 to 1024
[  235.158486][ T2220] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  235.172623][ T2220] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  235.185669][T16518] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  235.194498][ T2220] usb 7-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[  235.207137][ T2220] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.222045][ T2220] usb 7-1: config 0 descriptor??
[  235.227144][T16479] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  235.235051][T10620] EXT4-fs (loop4): unmounting filesystem.
[  235.285421][T16533] device lo entered promiscuous mode
[  235.300419][T16533] device tunl0 entered promiscuous mode
[  235.334496][T16533] device gre0 entered promiscuous mode
[  235.348190][T16533] device gretap0 entered promiscuous mode
[  235.365605][T16533] device erspan0 entered promiscuous mode
[  235.385666][T16533] device ip_vti0 entered promiscuous mode
[  235.527100][   T19] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  235.643687][ T2220] cherry 0003:046A:0023.0045: hidraw0: USB HID vff.fa Device [HID 046a:0023] on usb-dummy_hcd.6-1/input0
[  235.727119][   T19] usb 5-1: Using ep0 maxpacket: 16
[  235.729124][T16543] netlink: 'syz.1.6876': attribute type 12 has an invalid length.
[  235.733196][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.739809][T16543] netlink: 'syz.1.6876': attribute type 29 has an invalid length.
[  235.739826][T16543] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6876'.
[  235.767401][   T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  235.780027][   T19] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  235.788892][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.797763][   T19] usb 5-1: config 0 descriptor??
[  235.818450][T16551] overlayfs: failed to resolve './file0': -2
[  235.843352][  T331] usb 7-1: USB disconnect, device number 14
[  235.851373][T16557] futex_wake_op: syz.9.6883 tries to shift op by -1; fix this program
[  236.204824][   T19] ryos 0003:1E7D:3138.0046: unknown main item tag 0x0
[  236.213781][   T19] ryos 0003:1E7D:3138.0046: item fetching failed at offset 4/5
[  236.227882][   T19] ryos 0003:1E7D:3138.0046: parse failed
[  236.241192][   T19] ryos: probe of 0003:1E7D:3138.0046 failed with error -22
[  236.274474][T16600] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6903'.
[  236.406194][   T19] usb 5-1: USB disconnect, device number 20
[  236.413866][T16618] SELinux: ebitmap start bit (1819242496) is beyond the end of the bitmap (1472)
[  236.432918][T16626] netlink: 'syz.1.6916': attribute type 3 has an invalid length.
[  236.442236][T16618] SELinux: failed to load policy
[  236.533232][T16636] loop6: detected capacity change from 0 to 512
[  236.582969][T16636] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  236.603190][T16636] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.619638][T16636] EXT4-fs (loop6): shut down requested (1)
[  236.636132][T16636] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  236.654766][T16636] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=12
[  236.684318][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.699982][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.709345][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.727506][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.736722][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.745594][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.766733][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.784254][T13987] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop6 ino=11
[  236.859394][ T3850] tipc: Disabling bearer <udp:syz2>
[  236.859822][T13987] EXT4-fs (loop6): unmounting filesystem.
[  236.864587][ T3850] tipc: Left network mode
[  236.968896][T16668] device lo entered promiscuous mode
[  236.987720][T16668] device tunl0 entered promiscuous mode
[  237.001439][T16668] device gre0 entered promiscuous mode
[  237.007655][T16668] device erspan0 entered promiscuous mode
[  237.013571][T16668] device ip_vti0 entered promiscuous mode
[  237.046500][T16678] loop4: detected capacity change from 0 to 512
[  237.053054][T16678] EXT4-fs: Ignoring removed bh option
[  237.058594][T16678] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  237.070362][T16678] EXT4-fs (loop4): 1 truncate cleaned up
[  237.075899][T16678] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  237.091603][T16671] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.099245][T16671] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.106661][T16671] device bridge_slave_0 entered promiscuous mode
[  237.106731][T10620] EXT4-fs (loop4): unmounting filesystem.
[  237.128212][T16671] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.135237][T16671] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.142439][T16671] device bridge_slave_1 entered promiscuous mode
[  237.195965][T16671] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.202844][T16671] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.209940][T16671] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.216793][T16671] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.246545][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  237.255026][  T330] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.262316][  T330] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.280469][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  237.288609][  T330] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.295473][  T330] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.300277][T16694] fuse: Bad value for 'fd'
[  237.303028][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  237.315655][  T330] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.322520][  T330] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.342623][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  237.350524][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  237.365880][T16671] device veth0_vlan entered promiscuous mode
[  237.372407][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  237.382468][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  237.390511][  T331] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  237.398535][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  237.406390][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  237.418970][T16671] device veth1_macvtap entered promiscuous mode
[  237.427544][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  237.439170][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  237.449027][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  237.465303][   T28] kauditd_printk_skb: 171 callbacks suppressed
[  237.465318][   T28] audit: type=1400 audit(2000787477.029:4271): avc:  denied  { mounton } for  pid=16671 comm="syz-executor" path="/root/syzkaller.3KS86i/syz-tmp" dev="sda1" ino=1982 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  237.496231][   T28] audit: type=1400 audit(2000787477.029:4272): avc:  denied  { mount } for  pid=16671 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  237.518384][   T60] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  237.522911][   T28] audit: type=1400 audit(2000787477.029:4273): avc:  denied  { mount } for  pid=16671 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  237.547960][   T28] audit: type=1400 audit(2000787477.029:4274): avc:  denied  { mounton } for  pid=16671 comm="syz-executor" path="/root/syzkaller.3KS86i/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  237.575865][   T28] audit: type=1400 audit(2000787477.029:4275): avc:  denied  { mounton } for  pid=16671 comm="syz-executor" path="/root/syzkaller.3KS86i/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=89301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  237.604748][  T331] usb 5-1: Using ep0 maxpacket: 16
[  237.610008][   T28] audit: type=1400 audit(2000787477.069:4276): avc:  denied  { mounton } for  pid=16671 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=528 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  237.632904][   T28] audit: type=1400 audit(2000787477.069:4277): avc:  denied  { mount } for  pid=16671 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  237.636638][  T331] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  237.664674][   T28] audit: type=1400 audit(2000787477.069:4278): avc:  denied  { mounton } for  pid=16671 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  237.664945][ T3850] device bridge_slave_1 left promiscuous mode
[  237.688992][  T331] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.703485][   T28] audit: type=1400 audit(2000787477.209:4279): avc:  denied  { sqpoll } for  pid=16703 comm="syz.2.6949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  237.708003][ T3850] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.725229][   T28] audit: type=1400 audit(2000787477.209:4280): avc:  denied  { map } for  pid=16703 comm="syz.2.6949" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=90248 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  237.731103][  T331] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  237.763933][   T60] usb 10-1: Using ep0 maxpacket: 16
[  237.770223][ T3850] device bridge_slave_0 left promiscuous mode
[  237.776253][ T3850] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.777714][   T60] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  237.792041][   T60] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.802491][  T331] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  237.811460][ T3850] device veth1_macvtap left promiscuous mode
[  237.817307][   T60] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  237.826093][ T3850] device veth0_vlan left promiscuous mode
[  237.838866][  T331] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.847106][  T331] usb 5-1: Product: syz
[  237.851331][  T331] usb 5-1: Manufacturer: syz
[  237.856064][  T331] usb 5-1: SerialNumber: syz
[  237.861100][   T60] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  237.870747][   T60] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.878933][   T60] usb 10-1: Product: syz
[  237.883062][   T60] usb 10-1: Manufacturer: syz
[  237.888292][   T60] usb 10-1: SerialNumber: syz
[  238.106421][T16719] loop3: detected capacity change from 0 to 40427
[  238.113965][T16719] F2FS-fs (loop3): invalid crc value
[  238.120372][T16719] F2FS-fs (loop3): Found nat_bits in checkpoint
[  238.163034][T16719] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  238.196748][ T4538] syz-executor: attempt to access beyond end of device
[  238.196748][ T4538] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  238.289257][  T331] usb 5-1: 0:2 : does not exist
[  238.362189][T16738] loop3: detected capacity change from 0 to 4096
[  238.370750][T16738] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  238.443495][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  238.624161][T16777] syz.1.6980[16777] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  238.624242][T16777] syz.1.6980[16777] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  238.896122][  T331] usb 5-1: 1:0: failed to get current value for ch 0 (-22)
[  238.932578][   T60] usb 10-1: 0:2 : does not exist
[  238.937594][  T331] usb 5-1: USB disconnect, device number 21
[  239.159624][T16811] syz.2.6994[16811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  239.159699][T16811] syz.2.6994[16811] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  239.177709][T16811] SELinux:  Context � is not valid (left unmapped).
[  239.351071][   T60] usb 10-1: USB disconnect, device number 12
[  239.793755][ T3850] Bluetooth: hci0: Frame reassembly failed (-84)
[  239.882482][T16895] loop3: detected capacity change from 0 to 1024
[  239.895163][T16895] EXT4-fs: Ignoring removed oldalloc option
[  239.935922][T16895] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  239.974367][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  240.250385][  T331] kernel write not supported for file bpf-prog (pid: 331 comm: kworker/1:4)
[  240.267632][ T2220] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  240.447116][ T2220] usb 3-1: Using ep0 maxpacket: 16
[  240.453328][ T2220] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  240.461872][ T2220] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  240.471773][ T2220] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  240.481803][ T2220] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  240.490692][ T2220] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.498507][ T2220] usb 3-1: Product: syz
[  240.502452][ T2220] usb 3-1: Manufacturer: syz
[  240.506891][ T2220] usb 3-1: SerialNumber: syz
[  240.562373][T17004] syz.9.7085[17004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.562466][T17004] syz.9.7085[17004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  240.607682][T17009] SELinux:  Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped).
[  240.769520][T17040] netlink: '+}[@': attribute type 13 has an invalid length.
[  240.782749][T17040] gretap0: refused to change device tx_queue_len
[  240.789822][T17040] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  240.822078][T17046] af_packet: tpacket_rcv: packet too big, clamped from 14 to 4294967286. macoff=82
[  240.880049][T17056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7110'.
[  240.914227][ T2220] usb 3-1: 0:2 : does not exist
[  240.999351][T17071] netlink: 'syz.1.7118': attribute type 4 has an invalid length.
[  241.520201][ T2220] usb 3-1: USB disconnect, device number 10
[  241.827134][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  241.827153][ T2806] Bluetooth: hci0: command 0x1003 tx timeout
[  241.955193][ T3850] Bluetooth: hci0: Frame reassembly failed (-84)
[  241.977304][T17160] tmpfs: Unknown parameter 'nolazytimeun'
[  242.085770][T17178] loop3: detected capacity change from 0 to 512
[  242.112020][T17178] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  242.121073][T17178] ext4 filesystem being mounted at /1190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.124459][T17192] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7172'.
[  242.143239][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  242.203073][T17204] loop3: detected capacity change from 0 to 256
[  242.347154][   T60] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  242.358131][T17210] netlink: 96 bytes leftover after parsing attributes in process `syz.1.7180'.
[  242.509488][T17217] loop3: detected capacity change from 0 to 40427
[  242.516358][T17217] F2FS-fs (loop3): fault_injection options not supported
[  242.524265][T17217] F2FS-fs (loop3): invalid crc value
[  242.530743][T17217] F2FS-fs (loop3): Found nat_bits in checkpoint
[  242.547186][   T60] usb 3-1: Using ep0 maxpacket: 16
[  242.553505][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.564446][   T60] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  242.574134][T17217] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  242.577442][   T60] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  242.594326][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.607322][   T60] usb 3-1: config 0 descriptor??
[  242.615885][ T4538] syz-executor: attempt to access beyond end of device
[  242.615885][ T4538] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  242.723275][   T28] kauditd_printk_skb: 55 callbacks suppressed
[  242.723293][   T28] audit: type=1400 audit(2000787482.289:4336): avc:  denied  { getopt } for  pid=17225 comm="syz.3.7187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  242.775287][T17232] loop3: detected capacity change from 0 to 1024
[  242.790460][T17232] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  242.798924][T17232] ext4 filesystem being mounted at /1204/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.811516][   T28] audit: type=1400 audit(2000787482.389:4337): avc:  denied  { read write } for  pid=17231 comm="syz.3.7190" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  242.814872][T17232] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.7190: bg 0: block 393: padding at end of block bitmap is not set
[  242.834314][   T28] audit: type=1400 audit(2000787482.389:4338): avc:  denied  { open } for  pid=17231 comm="syz.3.7190" path="/1204/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  242.848740][T17232] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 117
[  242.883752][T17232] EXT4-fs (loop3): This should not happen!! Data will be lost
[  242.883752][T17232] 
[  242.914292][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  242.941757][   T28] audit: type=1400 audit(2000787482.509:4339): avc:  denied  { create } for  pid=17239 comm="syz.3.7192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  243.014950][   T60] ryos 0003:1E7D:3138.0047: unknown main item tag 0x0
[  243.018767][T17248] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7196'.
[  243.031838][   T60] ryos 0003:1E7D:3138.0047: item fetching failed at offset 4/5
[  243.049607][   T60] ryos 0003:1E7D:3138.0047: parse failed
[  243.055319][   T60] ryos: probe of 0003:1E7D:3138.0047 failed with error -22
[  243.077564][T17254] netlink: 'syz.4.7199': attribute type 5 has an invalid length.
[  243.100017][T17260] loop3: detected capacity change from 0 to 512
[  243.102205][T17261] loop4: detected capacity change from 0 to 1024
[  243.114580][T17260] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  243.115208][T17261] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  243.135938][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  243.140598][   T28] audit: type=1400 audit(2000787482.709:4340): avc:  denied  { remount } for  pid=17259 comm="syz.4.7202" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  243.161231][T17261] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  243.172661][   T28] audit: type=1400 audit(2000787482.739:4341): avc:  denied  { write } for  pid=17264 comm="syz.3.7203" name="001" dev="devtmpfs" ino=184 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  243.196060][T10620] EXT4-fs (loop4): unmounting filesystem.
[  243.210020][   T28] audit: type=1400 audit(2000787482.779:4342): avc:  denied  { validate_trans } for  pid=17266 comm="syz.3.7205" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  243.221981][  T331] usb 3-1: USB disconnect, device number 11
[  243.267983][T17275] incfs: Options parsing error. -22
[  243.273106][T17275] incfs: mount failed -22
[  243.329579][T17285] loop3: detected capacity change from 0 to 128
[  243.358349][   T28] audit: type=1400 audit(2000787482.929:4343): avc:  denied  { append } for  pid=17284 comm="syz.3.7213" name="loop8" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  243.413803][   T28] audit: type=1400 audit(2000787482.959:4344): avc:  denied  { watch } for  pid=17288 comm="syz.3.7215" path="/1220/file0" dev="tmpfs" ino=6370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  243.495022][T17303] loop3: detected capacity change from 0 to 128
[  243.506652][T17303] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  243.526968][T17303] ext4 filesystem being mounted at /1223/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.578275][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  243.785386][   T28] audit: type=1400 audit(2000787483.349:4345): avc:  denied  { bind } for  pid=17331 comm="syz.3.7235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  243.987167][ T2974] Bluetooth: hci0: command 0x1003 tx timeout
[  243.997243][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  244.115500][T17363] tmpfs: Unknown parameter 'nolazytimeun'
[  244.566443][T17410] input: syz0 as /devices/virtual/input/input69
[  244.592821][T17410] input: failed to attach handler leds to device input69, error: -6
[  245.287939][T17437] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7282'.
[  245.731254][T17476] loop3: detected capacity change from 0 to 2048
[  245.767579][T17476]  loop3: p1 < > p4
[  245.771997][T17476] loop3: p4 size 8388608 extends beyond EOD, truncated
[  245.832137][T17489] overlayfs: missing 'workdir'
[  245.899716][T17503] loop4: detected capacity change from 0 to 512
[  245.920282][T17503] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  245.928780][T17503] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  245.936760][T17503] System zones: 0-1, 15-15, 18-18, 34-34
[  245.943275][T17503] EXT4-fs (loop4): orphan cleanup on readonly fs
[  245.949935][T17503] EXT4-fs warning (device loop4): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  245.964369][T17503] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  245.971190][T17503] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.7312: bg 0: block 40: padding at end of block bitmap is not set
[  245.985387][T17503] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  245.994150][T17503] EXT4-fs (loop4): 1 truncate cleaned up
[  246.001696][T17503] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  246.013648][T17503] EXT4-fs (loop4): shut down requested (1)
[  246.026165][T17503] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  246.034882][ T2220] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  246.043469][T17503] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  246.052980][T17503] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop4 ino=16
[  246.069437][T10620] EXT4-fs (loop4): unmounting filesystem.
[  246.237109][ T2220] usb 10-1: Using ep0 maxpacket: 16
[  246.243266][ T2220] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.254080][ T2220] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  246.266758][ T2220] usb 10-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  246.275665][ T2220] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.286146][ T2220] usb 10-1: config 0 descriptor??
[  246.297131][  T331] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  246.488195][  T331] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.503998][  T331] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  246.515412][  T331] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.523340][  T331] usb 4-1: Product: syz
[  246.527278][  T331] usb 4-1: Manufacturer: syz
[  246.531657][  T331] usb 4-1: SerialNumber: syz
[  246.694106][ T2220] ryos 0003:1E7D:3138.0048: unknown main item tag 0x0
[  246.700894][ T2220] ryos 0003:1E7D:3138.0048: item fetching failed at offset 4/5
[  246.707173][ T2974] Bluetooth: hci0: command 0x1003 tx timeout
[  246.708228][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  246.720298][ T2220] ryos 0003:1E7D:3138.0048: parse failed
[  246.725775][ T2220] ryos: probe of 0003:1E7D:3138.0048 failed with error -22
[  246.807801][  T331] cdc_ncm 4-1:1.0: bind() failure
[  246.813814][  T331] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  246.831223][  T331] cdc_ncm 4-1:1.1: bind() failure
[  246.844997][  T331] usb 4-1: USB disconnect, device number 22
[  246.897293][ T2220] usb 10-1: USB disconnect, device number 13
[  246.920053][T17574] netlink: 'syz.1.7339': attribute type 11 has an invalid length.
[  247.504310][T17623] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7364'.
[  247.537186][T17625] netem: change failed
[  247.615778][T17635] netlink: 'syz.9.7370': attribute type 1 has an invalid length.
[  247.696743][T17651] netlink: 104 bytes leftover after parsing attributes in process `syz.9.7377'.
[  248.577671][T17695] netlink: 96 bytes leftover after parsing attributes in process `syz.9.7399'.
[  249.123832][T17757] netlink: 'syz.2.7428': attribute type 2 has an invalid length.
[  249.258969][T17782] syz.9.7440[17782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.259048][T17782] syz.9.7440[17782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  249.537820][T17800] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  249.570760][T17728] loop4: detected capacity change from 0 to 131072
[  249.577149][   T24] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  249.585432][T17728] F2FS-fs (loop4): Test dummy encryption mode enabled
[  249.608305][T17728] F2FS-fs (loop4): invalid crc value
[  249.631768][T17728] F2FS-fs (loop4): Found nat_bits in checkpoint
[  249.666260][T17728] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  249.746623][   T28] kauditd_printk_skb: 2462 callbacks suppressed
[  249.746641][   T28] audit: type=1400 audit(2000787489.309:6807): avc:  denied  { create } for  pid=17809 comm="syz.9.7452" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  249.773817][   T24] usb 4-1: Using ep0 maxpacket: 16
[  249.779424][   T28] audit: type=1400 audit(2000787489.309:6808): avc:  denied  { write } for  pid=17809 comm="syz.9.7452" name="file0" dev="tmpfs" ino=3315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  249.802075][   T28] audit: type=1400 audit(2000787489.309:6809): avc:  denied  { open } for  pid=17809 comm="syz.9.7452" path="/633/file0" dev="tmpfs" ino=3315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  249.825691][   T28] audit: type=1400 audit(2000787489.329:6810): avc:  denied  { unlink } for  pid=10505 comm="syz-executor" name="file0" dev="tmpfs" ino=3315 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  249.836551][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.863290][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  249.876038][   T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  249.885016][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.893792][   T24] usb 4-1: config 0 descriptor??
[  250.001482][   T28] audit: type=1400 audit(2000787489.569:6811): avc:  denied  { getopt } for  pid=17823 comm="syz.9.7457" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  250.059983][T17832] loop4: detected capacity change from 0 to 256
[  250.114882][   T28] audit: type=1400 audit(2000787489.679:6812): avc:  denied  { append } for  pid=17838 comm="syz.2.7464" name="001" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  250.189349][T17845] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  250.301358][   T24] ryos 0003:1E7D:3138.0049: unknown main item tag 0x0
[  250.310282][   T24] ryos 0003:1E7D:3138.0049: item fetching failed at offset 4/5
[  250.327793][   T24] ryos 0003:1E7D:3138.0049: parse failed
[  250.337318][   T60] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  250.344950][   T24] ryos: probe of 0003:1E7D:3138.0049 failed with error -22
[  250.396641][T17872] netlink: 'syz.2.7480': attribute type 4 has an invalid length.
[  250.424639][   T28] audit: type=1400 audit(2000787489.989:6813): avc:  denied  { unmount } for  pid=10505 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  250.510403][  T939] usb 4-1: USB disconnect, device number 23
[  250.538213][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.559515][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.570721][   T60] usb 5-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00
[  250.580321][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.590287][T17883] netlink: 'syz.2.7485': attribute type 4 has an invalid length.
[  250.590861][   T60] usb 5-1: config 0 descriptor??
[  250.836441][   T28] audit: type=1400 audit(2000787490.399:6814): avc:  denied  { relabelfrom } for  pid=17897 comm="syz.2.7492" name="NETLINK" dev="sockfs" ino=94613 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  250.869552][   T28] audit: type=1400 audit(2000787490.429:6815): avc:  denied  { relabelto } for  pid=17897 comm="syz.2.7492" name="NETLINK" dev="sockfs" ino=94613 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  251.012607][   T60] elecom 0003:056E:010C.004A: hidraw0: USB HID v0.06 Device [HID 056e:010c] on usb-dummy_hcd.4-1/input0
[  251.045496][T17909] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  251.100834][   T28] audit: type=1400 audit(2000787490.669:6816): avc:  denied  { getopt } for  pid=17912 comm="syz.2.7499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  251.218046][  T329] usb 5-1: USB disconnect, device number 22
[  251.810465][T17985] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7531'.
[  252.289447][T18035] syz.3.7553[18035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.289525][T18035] syz.3.7553[18035] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.349446][T18046] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  252.394867][T17991] loop4: detected capacity change from 0 to 131072
[  252.411073][T17991] F2FS-fs (loop4): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  252.435738][T17991] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  252.447437][T17991] F2FS-fs (loop4): invalid crc value
[  252.462058][T17991] F2FS-fs (loop4): Found nat_bits in checkpoint
[  252.516660][T17991] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  252.524750][T17991] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  252.542670][T18068] loop3: detected capacity change from 0 to 16
[  252.560843][T18068] erofs: (device loop3): mounted with root inode @ nid 36.
[  253.001079][T18116] futex_wake_op: syz.9.7588 tries to shift op by -1; fix this program
[  253.137150][ T2220] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  253.292528][T18138] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  253.301177][T18098] loop3: detected capacity change from 0 to 131072
[  253.308292][T18098] F2FS-fs (loop3): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  253.316671][T18098] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  253.325541][T18138] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  253.325792][T18098] F2FS-fs (loop3): invalid crc value
[  253.332759][ T2220] usb 5-1: Using ep0 maxpacket: 16
[  253.343997][ T2220] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.366203][ T2220] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.385111][T18098] F2FS-fs (loop3): Found nat_bits in checkpoint
[  253.397152][ T2220] usb 5-1: config 0 interface 0 has no altsetting 0
[  253.404181][ T2220] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  253.413149][ T2220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.429641][ T2220] usb 5-1: config 0 descriptor??
[  253.463836][T18098] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  253.475287][T18098] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  253.851121][ T2220] hid (null): unknown global tag 0x42
[  253.904596][T18159] loop3: detected capacity change from 0 to 40427
[  253.913885][T18159] F2FS-fs (loop3): Found nat_bits in checkpoint
[  253.957921][T18159] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  253.995277][ T4538] syz-executor: attempt to access beyond end of device
[  253.995277][ T4538] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  254.048787][ T2220] usb 5-1: USB disconnect, device number 23
[  254.104127][T18181] binder: 18180:18181 ioctl c00c6211 0 returned -14
[  254.151994][T18191] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7617'.
[  254.192108][T18198] loop3: detected capacity change from 0 to 512
[  254.198318][  T329] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.203416][T18198] EXT4-fs: Ignoring removed oldalloc option
[  254.224228][T18198] EXT4-fs (loop3): 1 truncate cleaned up
[  254.231887][T18198] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  254.252114][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  254.257856][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.307503][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.347157][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.447147][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.537174][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.607171][  T329] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.636779][T18274] overlayfs: failed to set xattr on upper
[  254.644430][T18274] overlayfs: ...falling back to index=off,metacopy=off.
[  254.651233][T18274] overlayfs: ...falling back to xino=off.
[  254.656754][T18274] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  254.707470][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.759874][T18297] loop4: detected capacity change from 0 to 256
[  254.767189][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.773257][T18297] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  254.807138][   T60] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  254.819659][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  254.819678][   T28] audit: type=1400 audit(2000787494.389:6840): avc:  denied  { create } for  pid=18309 comm="syz.1.7669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  254.891758][T18320] netlink: 16 bytes leftover after parsing attributes in process `syz.9.7673'.
[  254.939298][T18331] netlink: 96 bytes leftover after parsing attributes in process `syz.9.7687'.
[  254.976405][   T28] audit: type=1400 audit(2000787494.539:6841): avc:  denied  { nlmsg_write } for  pid=18336 comm="syz.9.7680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  255.025640][   T28] audit: type=1400 audit(2000787494.589:6842): avc:  denied  { connect } for  pid=18342 comm="syz.9.7683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  255.057817][   T28] audit: type=1400 audit(2000787494.589:6843): avc:  denied  { write } for  pid=18342 comm="syz.9.7683" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  255.752693][T18359] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7690'.
[  255.779116][   T28] audit: type=1400 audit(2000787495.349:6844): avc:  denied  { lock } for  pid=18362 comm="syz.4.7691" path="socket:[96327]" dev="sockfs" ino=96327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  255.804097][T18365] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7692'.
[  255.901254][T18379] device macsec1 entered promiscuous mode
[  255.934537][T18388] loop4: detected capacity change from 0 to 1024
[  255.935002][   T28] audit: type=1400 audit(2000787495.499:6845): avc:  denied  { read } for  pid=18384 comm="syz.2.7704" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  255.941494][T18388] EXT4-fs: Ignoring removed orlov option
[  255.964699][   T28] audit: type=1400 audit(2000787495.539:6846): avc:  denied  { open } for  pid=18384 comm="syz.2.7704" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  255.998851][T18388] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  256.048813][T10620] EXT4-fs (loop4): unmounting filesystem.
[  256.090221][T18405] loop3: detected capacity change from 0 to 256
[  256.096647][T18398] kvm: MWAIT instruction emulated as NOP!
[  256.143571][   T28] audit: type=1400 audit(2000787495.699:6847): avc:  denied  { read } for  pid=18408 comm="syz.2.7713" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  256.235897][T18407] loop4: detected capacity change from 0 to 40427
[  256.242961][T18407] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  256.250562][T18407] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  256.259446][T18407] F2FS-fs (loop4): invalid crc value
[  256.282042][T18407] F2FS-fs (loop4): Found nat_bits in checkpoint
[  256.327345][T18407] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  256.334214][T18407] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  256.349518][T18442] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  256.400680][ T3850] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  256.414286][ T3850] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  256.540320][T18462] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.547417][T18462] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.618923][   T28] audit: type=1400 audit(2000787496.189:6848): avc:  denied  { remount } for  pid=18468 comm="syz.4.7732" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  256.742663][   T28] audit: type=1400 audit(2000787496.309:6849): avc:  denied  { map } for  pid=18477 comm="syz.4.7744" path="socket:[95796]" dev="sockfs" ino=95796 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  256.830043][T18466] loop3: detected capacity change from 0 to 40427
[  256.836924][T18466] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  256.843824][T18466] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  256.852023][T18466] F2FS-fs (loop3): heap/no_heap options were deprecated
[  256.859855][T18466] F2FS-fs (loop3): invalid crc value
[  256.871007][T18466] F2FS-fs (loop3): Found nat_bits in checkpoint
[  256.901199][T18496] loop4: detected capacity change from 0 to 512
[  256.911069][T18496] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  256.920737][T18496] EXT4-fs (loop4): orphan cleanup on readonly fs
[  256.925642][T18466] F2FS-fs (loop3): Start checkpoint disabled!
[  256.927240][T18496] EXT4-fs warning (device loop4): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  256.947301][T18496] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  256.954192][T18496] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2925: inode #16: comm syz.4.7751: corrupted xattr block 31
[  256.966760][T18466] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  256.967734][T18496] EXT4-fs warning (device loop4): ext4_evict_inode:299: xattr delete (err -117)
[  256.977326][T18466] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  256.982662][T18496] EXT4-fs (loop4): 1 orphan inode deleted
[  256.996549][T18496] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  257.030945][T10620] EXT4-fs (loop4): unmounting filesystem.
[  257.038101][T18466] syz.3.7739: attempt to access beyond end of device
[  257.038101][T18466] loop3: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  257.058150][T18466] syz.3.7739: attempt to access beyond end of device
[  257.058150][T18466] loop3: rw=0, sector=77952, nr_sectors = 8 limit=40427
[  257.122363][ T2373] kworker/u4:6: attempt to access beyond end of device
[  257.122363][ T2373] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  257.170938][T18520] ./file0: Can't open blockdev
[  257.191572][T18522] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  257.202212][T18522] overlayfs: missing 'lowerdir'
[  257.220711][T18526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7763'.
[  257.232550][T18526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7763'.
[  257.295235][T18542] device gretap0 entered promiscuous mode
[  257.300989][T18542] device macsec1 entered promiscuous mode
[  257.307832][T18542] device gretap0 left promiscuous mode
[  258.114062][T18610] loop4: detected capacity change from 0 to 256
[  258.121353][T18610] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  258.261378][T18628] input: syz0 as /devices/virtual/input/input71
[  258.267577][T18628] input: failed to attach handler leds to device input71, error: -6
[  258.315032][T18636] SELinux:  Context system_u:object_r:agp_device_t:s0 is not valid (left unmapped).
[  258.458955][   T60] kernel write not supported for file bpf-prog (pid: 60 comm: kworker/1:2)
[  258.817848][T18704] netlink: 96 bytes leftover after parsing attributes in process `syz.4.7846'.
[  258.847950][T18717] loop4: detected capacity change from 0 to 2048
[  258.854430][T18717] EXT4-fs: Ignoring removed mblk_io_submit option
[  258.878871][T18717] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  258.911681][T10620] EXT4-fs (loop4): unmounting filesystem.
[  258.929152][T18722] loop4: detected capacity change from 0 to 256
[  259.020012][T18730] sch_tbf: burst 1399 is lower than device veth0_to_team mtu (1514) !
[  259.054611][T18738] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7861'.
[  259.065595][T18738] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7861'.
[  260.207211][   T60] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  260.254063][T18812] device batadv_slave_1 entered promiscuous mode
[  260.261091][T18811] device batadv_slave_1 left promiscuous mode
[  260.360415][T18830] netlink: 96 bytes leftover after parsing attributes in process `syz.9.7903'.
[  260.363999][T18832] netlink: 'syz.2.7904': attribute type 1 has an invalid length.
[  260.376832][T18832] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7904'.
[  260.387280][   T60] usb 5-1: Using ep0 maxpacket: 16
[  260.397910][   T60] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  260.406528][   T60] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  260.416862][   T60] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  260.437313][   T60] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  260.446288][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.458773][   T60] usb 5-1: Product: syz
[  260.462883][   T60] usb 5-1: Manufacturer: syz
[  260.467644][   T60] usb 5-1: SerialNumber: syz
[  260.473294][T18840] syz.9.7908[18840] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  260.473386][T18840] syz.9.7908[18840] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  260.622994][   T28] kauditd_printk_skb: 30 callbacks suppressed
[  260.623011][   T28] audit: type=1400 audit(2000787500.189:6880): avc:  denied  { remount } for  pid=18849 comm="syz.2.7913" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  260.624352][T18853] binfmt_misc: register: failed to install interpreter file ./file2
[  260.641301][T18860] xt_hashlimit: size too large, truncated to 1048576
[  260.888851][   T60] usb 5-1: 0:2 : does not exist
[  261.066463][   T28] audit: type=1400 audit(2000787500.629:6881): avc:  denied  { ioctl } for  pid=18896 comm="syz.1.7934" path="socket:[97519]" dev="sockfs" ino=97519 ioctlcmd=0xaea0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  261.277116][   T24] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  261.291191][   T60] usb 5-1: 1:0: cannot get min/max values for control 4 (id 1)
[  261.301347][   T60] usb 5-1: USB disconnect, device number 24
[  261.457089][   T24] usb 10-1: Using ep0 maxpacket: 8
[  261.463074][   T24] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[  261.471254][   T24] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[  261.479555][   T24] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[  261.488585][   T24] usb 10-1: config 250 has no interface number 0
[  261.494750][   T24] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  261.506222][   T24] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  261.516669][   T24] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid maxpacket 65535, setting to 1024
[  261.528307][   T24] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 1024
[  261.538647][   T24] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  261.552011][   T24] usb 10-1: config 250 interface 228 has no altsetting 0
[  261.559866][   T24] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  261.568806][   T24] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  261.576960][   T24] usb 10-1: Product: syz
[  261.581128][   T24] usb 10-1: SerialNumber: syz
[  261.586752][   T24] hub 10-1:250.228: bad descriptor, ignoring hub
[  261.592923][   T24] hub: probe of 10-1:250.228 failed with error -5
[  261.788312][   T24] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 14 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  261.819664][T18934] loop4: detected capacity change from 0 to 512
[  261.842911][T18934] EXT4-fs (loop4): Test dummy encryption mode enabled
[  261.855204][T18934] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  261.875654][T18934] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  261.888788][T18934] System zones: 1-12
[  261.906173][T18934] EXT4-fs (loop4): 1 truncate cleaned up
[  261.915615][T18934] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  261.987148][   T60] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  261.995828][T10620] EXT4-fs (loop4): unmounting filesystem.
[  262.010870][T18955] loop4: detected capacity change from 0 to 16
[  262.017542][T18955] erofs: (device loop4): mounted with root inode @ nid 36.
[  262.026785][T18955] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 36
[  262.050819][T18961] loop4: detected capacity change from 0 to 512
[  262.057478][   T28] audit: type=1400 audit(2000787501.629:6882): avc:  denied  { mounton } for  pid=18960 comm="syz.4.7962" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  262.060095][T18961] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  262.090170][T18961] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  262.099130][T18961] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.7962: corrupted in-inode xattr
[  262.111086][  T939] usb 10-1: USB disconnect, device number 14
[  262.117860][  T939] usblp0: removed
[  262.121919][T18961] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.7962: couldn't read orphan inode 15 (err -117)
[  262.134361][T18961] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  262.187094][   T60] usb 3-1: Using ep0 maxpacket: 32
[  262.194802][   T60] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  262.204927][   T60] usb 3-1: config 0 has no interface number 0
[  262.218177][   T60] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  262.227443][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.239140][   T60] usb 3-1: Product: syz
[  262.243138][   T60] usb 3-1: Manufacturer: syz
[  262.247629][   T60] usb 3-1: SerialNumber: syz
[  262.252614][   T60] usb 3-1: config 0 descriptor??
[  262.265860][   T60] smsc95xx v2.0.0
[  262.538490][   T28] audit: type=1400 audit(2000787502.109:6883): avc:  denied  { setopt } for  pid=19001 comm="syz.4.7980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  262.578560][   T28] audit: type=1400 audit(2000787502.139:6884): avc:  denied  { shutdown } for  pid=19001 comm="syz.4.7980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  262.643323][T19020] device ip6tnl2 entered promiscuous mode
[  262.887147][ T2220] usb 10-1: new full-speed USB device number 15 using dummy_hcd
[  263.068162][ T2220] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  263.083671][ T2220] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  263.096476][   T60] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  263.105328][ T2220] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  263.118517][ T2220] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.126480][ T2220] usb 10-1: Product: syz
[  263.130606][ T2220] usb 10-1: Manufacturer: syz
[  263.135171][ T2220] usb 10-1: SerialNumber: syz
[  263.143603][T19014] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  263.295501][   T60] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  263.318229][   T60] smsc95xx: probe of 3-1:0.67 failed with error -71
[  263.325473][   T60] usb 3-1: USB disconnect, device number 12
[  263.839001][T19084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8013'.
[  263.853906][T19084] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8013'.
[  264.067504][   T28] audit: type=1400 audit(2000787503.639:6885): avc:  denied  { lock } for  pid=19099 comm="syz.4.8025" path="socket:[97921]" dev="sockfs" ino=97921 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  264.129272][T19090] loop3: detected capacity change from 0 to 40427
[  264.141841][T19090] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  264.156142][T19090] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  264.182466][T19090] F2FS-fs (loop3): invalid crc value
[  264.212772][T19090] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  264.223756][ T2220] cdc_ncm 10-1:1.0: bind() failure
[  264.229572][ T2220] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found
[  264.236269][ T2220] cdc_ncm 10-1:1.1: bind() failure
[  264.243346][T19090] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  264.252874][ T2220] usb 10-1: USB disconnect, device number 15
[  264.293111][T19090] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  264.300163][T19090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  264.853879][T19236] netlink: 'syz.2.8085': attribute type 280 has an invalid length.
[  264.986432][   T28] audit: type=1326 audit(2000787504.549:6886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19255 comm="syz.9.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91b298d169 code=0x7ffc0000
[  265.010133][   T28] audit: type=1326 audit(2000787504.579:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19255 comm="syz.9.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91b298d169 code=0x7ffc0000
[  265.034134][   T28] audit: type=1326 audit(2000787504.599:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19255 comm="syz.9.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f91b298d169 code=0x7ffc0000
[  265.058443][   T28] audit: type=1326 audit(2000787504.599:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19255 comm="syz.9.8095" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91b298d169 code=0x7ffc0000
[  265.141073][T19266] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  265.424929][T19275] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.432022][T19275] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.439806][T19275] device bridge_slave_0 entered promiscuous mode
[  265.448517][T19275] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.455434][T19275] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.462855][T19275] device bridge_slave_1 entered promiscuous mode
[  265.552167][T19275] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.559081][T19275] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.566159][T19275] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.572936][T19275] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.657798][T19290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8120'.
[  265.676734][T19290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8120'.
[  265.716060][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  265.724857][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  265.737807][  T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  265.749792][ T3850] device bridge_slave_1 left promiscuous mode
[  265.757898][ T3850] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.775920][ T3850] device bridge_slave_0 left promiscuous mode
[  265.783818][ T3850] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.792591][ T3850] device veth1_macvtap left promiscuous mode
[  265.798807][ T3850] device veth0_vlan left promiscuous mode
[  265.817318][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  265.817355][   T28] audit: type=1400 audit(2000787505.379:6901): avc:  denied  { read write } for  pid=10620 comm="syz-executor" name="loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  265.849460][   T28] audit: type=1400 audit(2000787505.379:6902): avc:  denied  { open } for  pid=10620 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  265.874008][   T28] audit: type=1400 audit(2000787505.379:6903): avc:  denied  { ioctl } for  pid=10620 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=118 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  265.899934][   T28] audit: type=1400 audit(2000787505.419:6904): avc:  denied  { bpf } for  pid=19303 comm="syz.4.8118" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  265.921093][   T28] audit: type=1400 audit(2000787505.419:6905): avc:  denied  { prog_load } for  pid=19303 comm="syz.4.8118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  265.977739][   T28] audit: type=1400 audit(2000787505.419:6906): avc:  denied  { perfmon } for  pid=19303 comm="syz.4.8118" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  266.017582][   T28] audit: type=1400 audit(2000787505.419:6907): avc:  denied  { prog_run } for  pid=19303 comm="syz.4.8118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  266.036870][   T28] audit: type=1400 audit(2000787505.509:6908): avc:  denied  { map_create } for  pid=19306 comm="syz.4.8119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  266.068629][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  266.079435][   T28] audit: type=1400 audit(2000787505.509:6909): avc:  denied  { map_read map_write } for  pid=19306 comm="syz.4.8119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  266.101220][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  266.126022][   T28] audit: type=1400 audit(2000787505.539:6910): avc:  denied  { create } for  pid=19306 comm="syz.4.8119" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  266.127483][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  266.161274][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  266.176491][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  266.184744][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  266.194912][T19275] device veth0_vlan entered promiscuous mode
[  266.210053][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  266.225833][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  266.245344][T19275] device veth1_macvtap entered promiscuous mode
[  266.262198][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  266.272725][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  266.290819][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  266.312972][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  266.332081][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  266.410755][T19344] loop3: detected capacity change from 0 to 2048
[  266.417619][T19344] EXT4-fs: Ignoring removed bh option
[  266.422900][T19344] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.429404][T19344] EXT4-fs: Ignoring removed nobh option
[  266.436625][T19344] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  266.448220][T19344] EXT4-fs error (device loop3): ext4_read_inline_dir:1593: inode #12: block 5: comm syz.3.8136: path /1409/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0
[  266.476650][ T4538] EXT4-fs (loop3): unmounting filesystem.
[  266.588678][T19364] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8145'.
[  266.758998][T19380] device bridge0 entered promiscuous mode
[  266.770365][T19378] device bridge0 left promiscuous mode
[  266.998219][T19407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8165'.
[  267.370729][T19450] overlayfs: failed to clone upperpath
[  267.908834][T19546] 9p: Unknown uid 00000000004294967295
[  267.949277][T19551] netlink: 104 bytes leftover after parsing attributes in process `syz.1.8232'.
[  267.994508][T19564] xt_NFQUEUE: number of total queues is 0
[  268.093343][T19589] device veth1_macvtap left promiscuous mode
[  268.202674][T19598] netlink: 'syz.5.8253': attribute type 1 has an invalid length.
[  268.293624][T19625] Invalid ELF header magic: != ELF
[  268.299126][T19622] device sit0 entered promiscuous mode
[  268.312232][T19624] device batadv_slave_0 entered promiscuous mode
[  268.319943][T19620] device batadv_slave_0 left promiscuous mode
[  268.450851][T19656] netem: change failed
[  269.248426][T19709] device veth0_vlan left promiscuous mode
[  269.254411][T19709] device veth0_vlan entered promiscuous mode
[  269.639575][T19768] input: syz0 as /devices/virtual/input/input72
[  269.711791][T19780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8337'.
[  269.808278][T19800] overlayfs: failed to resolve '/J#͍�^-�t��&F���ӕm��B�y����eD��c��~�W�(': -2
[  269.880069][T19815] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8352'.
[  272.052454][   T28] kauditd_printk_skb: 184 callbacks suppressed
[  272.052472][   T28] audit: type=1400 audit(2000787511.619:7095): avc:  denied  { create } for  pid=19832 comm="syz.2.8360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  272.077965][   T28] audit: type=1400 audit(2000787511.629:7096): avc:  denied  { connect } for  pid=19832 comm="syz.2.8360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  272.135097][   T28] audit: type=1400 audit(2000787511.699:7097): avc:  denied  { create } for  pid=19841 comm="syz.1.8365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.162679][   T28] audit: type=1400 audit(2000787511.729:7098): avc:  denied  { setopt } for  pid=19841 comm="syz.1.8365" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.165455][T19843] loop5: detected capacity change from 0 to 16
[  272.184951][   T28] audit: type=1400 audit(2000787511.729:7099): avc:  denied  { connect } for  pid=19841 comm="syz.1.8365" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.210970][   T28] audit: type=1400 audit(2000787511.729:7100): avc:  denied  { write } for  pid=19841 comm="syz.1.8365" laddr=fe80::a8aa:aaff:feaa:aa16 lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.235554][T19843] erofs: (device loop5): mounted with root inode @ nid 36.
[  272.243483][   T28] audit: type=1400 audit(2000787511.819:7101): avc:  denied  { mount } for  pid=19837 comm="syz.5.8363" name="/" dev="loop5" ino=36 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  272.271570][   T28] audit: type=1400 audit(2000787511.839:7102): avc:  denied  { unmount } for  pid=19275 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  272.309137][   T28] audit: type=1400 audit(2000787511.879:7103): avc:  denied  { read write } for  pid=19845 comm="syz.3.8367" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  272.334084][   T28] audit: type=1400 audit(2000787511.899:7104): avc:  denied  { open } for  pid=19845 comm="syz.3.8367" path="/dev/raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  272.358311][T19852] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8369'.
[  272.414884][T13247] EXT4-fs (loop4): unmounting filesystem.
[  272.607137][ T2220] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  272.638661][T19883] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.645591][T19883] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.653142][T19883] device bridge_slave_0 entered promiscuous mode
[  272.660267][T19883] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.667217][T19883] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.674488][T19883] device bridge_slave_1 entered promiscuous mode
[  272.691362][ T3850] tipc: Disabling bearer <udp:syz2>
[  272.696549][ T3850] tipc: Left network mode
[  272.717144][  T939] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  272.740360][T19883] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.747217][T19883] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.754296][T19883] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.761114][T19883] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.785897][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  272.793312][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.798357][ T2220] usb 4-1: config 0 has an invalid interface number: 46 but max is 0
[  272.808221][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.808257][ T2220] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  272.825042][ T2220] usb 4-1: config 0 has no interface number 0
[  272.836777][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  272.844711][ T2220] usb 4-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01
[  272.844984][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.853636][ T2220] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.860470][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.868331][ T2220] usb 4-1: Product: syz
[  272.879380][ T2220] usb 4-1: Manufacturer: syz
[  272.883860][ T2220] usb 4-1: SerialNumber: syz
[  272.889263][ T2220] usb 4-1: config 0 descriptor??
[  272.889375][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  272.894902][ T2220] ums-karma 4-1:0.46: USB Mass Storage device detected
[  272.902284][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.908618][  T939] usb 3-1: Using ep0 maxpacket: 16
[  272.915393][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.922657][  T939] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.941341][  T939] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.941762][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  272.950962][  T939] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  272.958933][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  272.971159][  T939] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  272.987761][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  272.996175][  T939] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.010203][  T939] usb 3-1: config 0 descriptor??
[  273.010575][T19883] device veth0_vlan entered promiscuous mode
[  273.021391][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  273.029782][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  273.037321][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  273.050136][T19883] device veth1_macvtap entered promiscuous mode
[  273.058970][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  273.070314][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  273.081075][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  273.101208][   T24] usb 4-1: USB disconnect, device number 24
[  273.388367][ T3850] device vlan3 left promiscuous mode
[  273.393660][ T3850] bridge0: port 3(vlan3) entered disabled state
[  273.405159][ T3850] device bridge_slave_1 left promiscuous mode
[  273.413048][ T3850] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.418329][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.427265][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.434332][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.434533][ T3850] device bridge_slave_0 left promiscuous mode
[  273.441391][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.447391][ T3850] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.454319][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.468715][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.475778][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.475853][ T3850] device veth1_macvtap left promiscuous mode
[  273.482872][  T939] microsoft 0003:045E:07DA.004C: unknown main item tag 0x0
[  273.488865][ T3850] device veth0_vlan left promiscuous mode
[  273.500574][  T939] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.004C/input/input73
[  273.577844][  T939] microsoft 0003:045E:07DA.004C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  273.671131][ T2220] usb 3-1: USB disconnect, device number 13
[  273.780071][T19949] IPv6: NLM_F_REPLACE set, but no existing node found!
[  273.893701][T19971] loop3: detected capacity change from 0 to 256
[  274.013431][ T4538] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  274.021937][ T4538] FAT-fs (loop3): Filesystem has been set read-only
[  274.028877][ T4538] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  274.138064][T19995] netlink: 'syz.1.8437': attribute type 8 has an invalid length.
[  274.379787][T20010] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.402397][T20010] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.435795][T20010] device bridge_slave_0 entered promiscuous mode
[  274.464664][T20010] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.488358][T20010] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.512641][T20010] device bridge_slave_1 entered promiscuous mode
[  274.526674][T20056] TCP: tcp_parse_options: Illegal window scaling value 224 > 14 received
[  274.572923][ T3844] tipc: Left network mode
[  274.770453][T20010] device veth0_vlan entered promiscuous mode
[  274.776960][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  274.792719][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  274.800271][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  274.811379][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  274.821171][T20097] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.828057][T20097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  274.836166][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  274.845053][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  274.854396][T20097] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.861274][T20097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  274.868987][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  274.877176][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  274.886769][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  274.894891][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  274.906358][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  274.914738][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  274.925334][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  274.933750][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  274.943821][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  274.951593][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  274.961250][T20097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  274.988952][T20010] device veth1_macvtap entered promiscuous mode
[  275.022413][T20089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  275.032936][T20089] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  275.049091][T20089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  275.065171][T20131] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  275.073559][T20131] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  275.212582][ T3844] device gretap0 left promiscuous mode
[  275.419475][ T3844] device veth1_macvtap left promiscuous mode
[  275.432143][ T3844] device veth0_vlan left promiscuous mode
[  275.560039][T20197] loop2: detected capacity change from 0 to 256
[  275.566338][T20197] exfat: Deprecated parameter 'namecase'
[  275.615813][T20197] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  275.818792][T20245] loop2: detected capacity change from 0 to 256
[  275.825109][T20245] exfat: Deprecated parameter 'utf8'
[  275.838692][T20248] loop5: detected capacity change from 0 to 16
[  275.845039][T20245] exfat: Deprecated parameter 'namecase'
[  275.851061][T20248] erofs: (device loop5): mounted with root inode @ nid 36.
[  275.858316][T20245] exfat: Deprecated parameter 'namecase'
[  275.865215][T20245] exfat: Deprecated parameter 'utf8'
[  275.890493][T20245] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  276.057093][ T2220] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  276.164068][T20283] 9pnet_virtio: no channels available for device syz
[  276.268209][ T2220] usb 9-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  276.275654][T20282] loop2: detected capacity change from 0 to 40427
[  276.280370][ T2220] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.283869][T20282] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  276.298977][T20282] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  276.308301][T20282] F2FS-fs (loop2): invalid crc value
[  276.310393][ T2220] usb 9-1: config 0 descriptor??
[  276.320683][T20282] F2FS-fs (loop2): Found nat_bits in checkpoint
[  276.367866][T20282] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  276.374742][T20282] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  276.401270][ T3844] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  276.411228][ T3844] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  276.809263][T20301] loop2: detected capacity change from 0 to 40427
[  276.817734][T20301] F2FS-fs (loop2): heap/no_heap options were deprecated
[  276.836206][T20301] F2FS-fs (loop2): invalid crc value
[  276.846879][T20301] F2FS-fs (loop2): Found nat_bits in checkpoint
[  276.910207][T20301] F2FS-fs (loop2): Start checkpoint disabled!
[  276.916861][T20301] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  276.964446][ T3844] kworker/u4:12: attempt to access beyond end of device
[  276.964446][ T3844] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  277.125452][ T2220] usb 9-1: Cannot set autoneg
[  277.130064][ T2220] MOSCHIP usb-ethernet driver: probe of 9-1:0.0 failed with error -71
[  277.146395][ T2220] usb 9-1: USB disconnect, device number 14
[  277.231515][T20324] loop2: detected capacity change from 0 to 40427
[  277.238358][T20324] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  277.245948][T20324] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  277.256112][T20324] F2FS-fs (loop2): invalid crc value
[  277.263469][T20324] F2FS-fs (loop2): Found nat_bits in checkpoint
[  277.312896][T20324] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  277.319926][T20324] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  277.350908][   T28] kauditd_printk_skb: 70 callbacks suppressed
[  277.350924][   T28] audit: type=1400 audit(2000787517.924:7175): avc:  denied  { append open } for  pid=20323 comm="syz.2.8539" path="/269/bus/file0" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  277.390097][   T28] audit: type=1400 audit(2000787517.954:7176): avc:  denied  { ioctl } for  pid=20323 comm="syz.2.8539" path="/269/bus/file0" dev="loop2" ino=10 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  277.417464][   T28] audit: type=1400 audit(2000787517.954:7177): avc:  denied  { rename } for  pid=20323 comm="syz.2.8539" name="file0" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  277.663299][T20333] loop8: detected capacity change from 0 to 256
[  277.760064][   T28] audit: type=1400 audit(2000787518.334:7178): avc:  denied  { create } for  pid=20336 comm="syz.1.8543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  277.876297][   T28] audit: type=1400 audit(2000787518.444:7179): avc:  denied  { create } for  pid=20348 comm="syz.8.8549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  277.911856][   T28] audit: type=1400 audit(2000787518.474:7180): avc:  denied  { connect } for  pid=20348 comm="syz.8.8549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  277.977703][T20355] input: syz0 as /devices/virtual/input/input74
[  277.996269][   T28] audit: type=1400 audit(2000787518.474:7181): avc:  denied  { ioctl } for  pid=20348 comm="syz.8.8549" path="socket:[103344]" dev="sockfs" ino=103344 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  278.080149][   T28] audit: type=1400 audit(2000787518.544:7182): avc:  denied  { append } for  pid=20354 comm="syz.8.8552" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  278.177215][   T28] audit: type=1400 audit(2000787518.614:7183): avc:  denied  { write } for  pid=20358 comm="syz.8.8554" name="uinput" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  278.261984][T20374] incfs: Options parsing error. -22
[  278.267321][T20374] incfs: mount failed -22
[  278.267578][   T28] audit: type=1400 audit(2000787518.654:7184): avc:  denied  { write } for  pid=20362 comm="syz.8.8556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  278.619679][T20388] loop8: detected capacity change from 0 to 512
[  278.637616][T20388] EXT4-fs (loop8): Test dummy encryption mode enabled
[  278.647115][T20388] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  278.697468][T20388] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.8568: bad orphan inode 131083
[  278.717665][T20388] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  278.759768][T20010] EXT4-fs (loop8): unmounting filesystem.
[  278.976694][T20422] device veth1_macvtap entered promiscuous mode
[  278.983185][T20422] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8583'.
[  279.002756][T20422] device veth1_macvtap left promiscuous mode
[  279.198845][T20432] input: syz0 as /devices/virtual/input/input75
[  279.225928][T20436] loop2: detected capacity change from 0 to 1024
[  279.232793][T20436] EXT4-fs: Ignoring removed orlov option
[  279.238324][T20436] EXT4-fs: Ignoring removed nomblk_io_submit option
[  279.267611][T20436] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  279.285952][T20436] EXT4-fs (loop2): shut down requested (0)
[  279.323590][T16671] EXT4-fs (loop2): unmounting filesystem.
[  279.433038][T20448] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8593'.
[  279.586662][T20462] tipc: Enabling of bearer <ib:wg2> rejected, media not registered
[  279.651675][T20471] loop2: detected capacity change from 0 to 2048
[  279.669462][T20471] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  279.705146][T16671] EXT4-fs (loop2): unmounting filesystem.
[  279.791195][T20489] loop8: detected capacity change from 0 to 512
[  279.841617][T20489] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  279.852477][T20489] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.877155][T20010] EXT4-fs (loop8): unmounting filesystem.
[  280.191999][T20554] syz.5.8639[20554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.192068][T20554] syz.5.8639[20554] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  280.221116][T20559] netlink: 'syz.5.8643': attribute type 12 has an invalid length.
[  280.247301][T20559] netlink: 'syz.5.8643': attribute type 29 has an invalid length.
[  280.255353][T20559] netlink: 148 bytes leftover after parsing attributes in process `syz.5.8643'.
[  280.401367][T20581] Non-string source
[  280.445082][T20589] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=20589 comm=syz.1.8656
[  280.721336][T20618] tmpfs: Unknown parameter 'i�'
[  280.900434][T20650] SELinux: failed to load policy
[  281.027499][T20668] loop5: detected capacity change from 0 to 256
[  281.037990][T20668] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  281.048865][T20668] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  281.060508][T20668] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  281.331751][T20685] loop8: detected capacity change from 0 to 256
[  281.340627][T20685] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  281.443111][T20698] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8706'.
[  281.667549][T20719] loop5: detected capacity change from 0 to 512
[  281.688039][T20719] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  281.723107][T20719] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  281.759363][T20719] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.8716: invalid indirect mapped block 2683928664 (level 1)
[  281.791417][T20719] EXT4-fs (loop5): Remounting filesystem read-only
[  281.830342][T20719] EXT4-fs (loop5): 1 truncate cleaned up
[  281.835822][T20719] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  281.859144][T20735] binder: 20731:20735 ioctl c0306201 0 returned -14
[  281.887733][T20719] EXT4-fs (loop5): shut down requested (1)
[  281.903593][T20735] binder: 20731:20735 ioctl 5403 0 returned -22
[  281.922547][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  281.941854][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  281.960300][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  281.972448][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  281.982060][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  281.991547][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  282.038227][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  282.048602][T19275] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop5 ino=11
[  282.113905][T19275] EXT4-fs (loop5): unmounting filesystem.
[  282.375358][T20765] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.387807][T20765] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.397290][T20765] device bridge_slave_0 entered promiscuous mode
[  282.404355][T20765] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.411380][T20765] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.418919][T20765] device bridge_slave_1 entered promiscuous mode
[  282.494284][T20765] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.501182][T20765] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.508280][T20765] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.515042][T20765] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.548859][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  282.556543][T20076] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.571821][T20076] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.596218][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  282.604450][T20076] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.611313][T20076] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.619934][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  282.628120][T20076] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.634976][T20076] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.646410][ T3844] device bridge_slave_1 left promiscuous mode
[  282.652526][ T3844] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.660823][ T3844] device bridge_slave_0 left promiscuous mode
[  282.666862][ T3844] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.675351][ T3844] device veth1_macvtap left promiscuous mode
[  282.682130][ T3844] device veth0_vlan left promiscuous mode
[  282.697099][   T60] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  282.777749][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  282.785814][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  282.803198][T20765] device veth0_vlan entered promiscuous mode
[  282.811052][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  282.820061][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  282.828144][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  282.835479][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  282.850715][T20765] device veth1_macvtap entered promiscuous mode
[  282.858656][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  282.872635][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  282.887679][   T60] usb 3-1: Using ep0 maxpacket: 16
[  282.896268][T20076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  282.906317][   T60] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  282.926069][   T60] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  282.948219][   T60] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  282.964882][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.983702][   T60] usb 3-1: Product: syz
[  282.988225][   T60] usb 3-1: Manufacturer: syz
[  282.999298][   T60] usb 3-1: SerialNumber: syz
[  283.214371][   T60] usb 3-1: 0:2 : does not exist
[  283.225053][   T60] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  283.247764][   T60] usb 3-1: USB disconnect, device number 14
[  283.569998][T20825] loop8: detected capacity change from 0 to 16
[  283.586609][T20825] erofs: (device loop8): mounted with root inode @ nid 36.
[  283.768248][T20842] loop8: detected capacity change from 0 to 256
[  283.783768][T20842] FAT-fs (loop8): Directory bread(block 64) failed
[  283.797388][T20842] FAT-fs (loop8): Directory bread(block 65) failed
[  283.805299][T20842] FAT-fs (loop8): Directory bread(block 66) failed
[  283.812796][T20842] FAT-fs (loop8): Directory bread(block 67) failed
[  283.825791][T20842] FAT-fs (loop8): Directory bread(block 68) failed
[  283.845221][T20842] FAT-fs (loop8): Directory bread(block 69) failed
[  283.877286][T20842] FAT-fs (loop8): Directory bread(block 70) failed
[  283.903157][T20842] FAT-fs (loop8): Directory bread(block 71) failed
[  283.921428][T20842] FAT-fs (loop8): Directory bread(block 72) failed
[  283.931731][T20842] FAT-fs (loop8): Directory bread(block 73) failed
[  283.960375][   T28] kauditd_printk_skb: 35 callbacks suppressed
[  283.960394][   T28] audit: type=1400 audit(2000787524.534:7220): avc:  denied  { watch } for  pid=20841 comm="syz.8.8773" path="/101/bus" dev="loop8" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  284.028932][T20865] syz.8.8784[20865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  284.029007][T20865] syz.8.8784[20865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.099731][T20955] loop2: detected capacity change from 0 to 512
[  285.118749][T20953] netlink: 12 bytes leftover after parsing attributes in process `syz.8.8801'.
[  285.147926][T20955] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  285.161097][T20957] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  285.168908][T20957] SELinux: failed to load policy
[  285.196602][T20955] EXT4-fs (loop2): 1 truncate cleaned up
[  285.224332][T20955] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  285.297803][   T28] audit: type=1400 audit(2000787525.874:7221): avc:  denied  { rmdir } for  pid=20954 comm="syz.2.8802" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  285.297813][T20955] EXT4-fs error (device loop2): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.2.8802: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  285.447222][T20955] EXT4-fs error (device loop2) in ext4_delete_entry:2800: Corrupt filesystem
[  285.538549][   T28] audit: type=1400 audit(2000787526.114:7222): avc:  denied  { watch watch_reads } for  pid=20966 comm="syz.8.8806" path="/110/file0" dev="tmpfs" ino=587 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  285.541549][T20969] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8807'.
[  285.573837][T16671] EXT4-fs (loop2): unmounting filesystem.
[  285.626045][T20969] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8807'.
[  285.652133][T20975] loop2: detected capacity change from 0 to 128
[  285.661384][T20977] device veth0 entered promiscuous mode
[  285.666787][T20977] device macsec1 entered promiscuous mode
[  285.673571][T20977] device veth0 left promiscuous mode
[  285.702366][T20975] EXT4-fs (loop2): Test dummy encryption mode enabled
[  285.728998][T20975] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  285.809172][T20975] ext4 filesystem being mounted at /322/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  285.927396][   T28] audit: type=1400 audit(2000787526.504:7223): avc:  denied  { create } for  pid=20973 comm="syz.2.8808" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  285.960721][T20975] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  285.988083][T20975] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  286.028089][   T28] audit: type=1400 audit(2000787526.604:7224): avc:  denied  { create } for  pid=20973 comm="syz.2.8808" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[  286.083340][T16671] EXT4-fs (loop2): unmounting filesystem.
[  286.127810][T21013] loop7: detected capacity change from 0 to 512
[  286.184081][T21017] loop8: detected capacity change from 0 to 2048
[  286.228392][T21017] EXT4-fs: Ignoring removed mblk_io_submit option
[  286.259140][T21017] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  286.289488][   T28] audit: type=1400 audit(2000787526.864:7225): avc:  denied  { unlink } for  pid=20010 comm="syz-executor" name="file0" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  286.313809][T20010] EXT4-fs (loop8): unmounting filesystem.
[  286.352310][   T28] audit: type=1400 audit(2000787526.864:7226): avc:  denied  { unlink } for  pid=20010 comm="syz-executor" name="file1" dev="loop8" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  286.578435][T20921] Bluetooth: hci0: Frame reassembly failed (-84)
[  287.118447][T21037] overlayfs: statfs failed on './file0'
[  287.206761][T21055] loop2: detected capacity change from 0 to 512
[  287.230398][T21059] device vlan2 entered promiscuous mode
[  287.235878][T21059] device dummy0 entered promiscuous mode
[  287.369310][T21076] netlink: 32 bytes leftover after parsing attributes in process `syz.7.8854'.
[  287.379472][T21076] netlink: 32 bytes leftover after parsing attributes in process `syz.7.8854'.
[  287.438498][   T28] audit: type=1400 audit(2000787528.014:7227): avc:  denied  { mount } for  pid=21085 comm="syz.7.8859" name="/" dev="configfs" ino=12223 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  287.474215][   T28] audit: type=1400 audit(2000787528.034:7228): avc:  denied  { search } for  pid=21085 comm="syz.7.8859" name="/" dev="configfs" ino=12223 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  287.496618][   T28] audit: type=1400 audit(2000787528.034:7229): avc:  denied  { mounton } for  pid=21085 comm="syz.7.8859" path="/" dev="configfs" ino=12223 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  287.557854][T21090] SELinux:  Context system_u:object_r:iptables_unit_file_t:s0 is not valid (left unmapped).
[  287.617769][T21100] loop2: detected capacity change from 0 to 512
[  287.635746][T21100] EXT4-fs: Ignoring removed mblk_io_submit option
[  287.655365][T21100] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  287.724978][T16671] EXT4-fs (loop2): unmounting filesystem.
[  287.745863][T21116] loop7: detected capacity change from 0 to 512
[  287.762422][T21116] EXT4-fs: Ignoring removed oldalloc option
[  287.780185][T21116] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  287.789448][T21116] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.813725][T20765] EXT4-fs (loop7): unmounting filesystem.
[  287.837343][T21130] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  288.127207][   T60] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  288.327076][   T60] usb 3-1: Using ep0 maxpacket: 16
[  288.333234][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.353784][   T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.373258][   T60] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  288.400391][   T60] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  288.419048][   T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.439270][   T60] usb 3-1: config 0 descriptor??
[  288.444403][T21161] loop7: detected capacity change from 0 to 1024
[  288.462817][T21161] EXT4-fs: Ignoring removed orlov option
[  288.498919][T21161] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  288.542191][T20765] EXT4-fs (loop7): unmounting filesystem.
[  288.627504][ T2974] Bluetooth: hci0: command 0x1003 tx timeout
[  288.628934][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  288.640734][T21044] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  288.694686][T21171] netlink: 24 bytes leftover after parsing attributes in process `syz.8.8897'.
[  288.851138][   T60] microsoft 0003:045E:07DA.004D: ignoring exceeding usage max
[  288.876654][   T60] microsoft 0003:045E:07DA.004D: No inputs registered, leaving
[  288.895050][   T60] microsoft 0003:045E:07DA.004D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  288.916605][   T60] microsoft 0003:045E:07DA.004D: no inputs found
[  288.932307][   T60] microsoft 0003:045E:07DA.004D: could not initialize ff, continuing anyway
[  289.080280][ T2220] usb 3-1: USB disconnect, device number 15
[  289.104778][T21198] incfs: Options parsing error. -22
[  289.117929][   T60] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  289.118974][T21198] incfs: mount failed -22
[  289.136022][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  289.136038][   T28] audit: type=1400 audit(2000000000.040:7242): avc:  denied  { nlmsg_read } for  pid=21200 comm="syz.1.8911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  289.136054][T21201] netlink: 272 bytes leftover after parsing attributes in process `syz.1.8911'.
[  289.275540][   T28] audit: type=1400 audit(2000000000.180:7243): avc:  denied  { read } for  pid=21215 comm="syz.1.8917" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  289.350855][   T60] usb 9-1: New USB device found, idVendor=090a, idProduct=1200, bcdDevice=24.87
[  289.371431][   T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.384759][   T60] usb 9-1: config 0 descriptor??
[  289.402579][   T60] usb-storage 9-1:0.0: USB Mass Storage device detected
[  289.450021][T21231] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  289.460552][T21231] F2FS-fs (loop3): Unable to read 1th superblock
[  289.466773][T21231] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  289.493210][T21231] F2FS-fs (loop3): Unable to read 2th superblock
[  289.609121][ T2220] usb 9-1: USB disconnect, device number 15
[  289.657184][ T2220] ==================================================================
[  289.665089][ T2220] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480
[  289.671939][ T2220] Write of size 8 at addr ffff888114444a00 by task kworker/0:5/2220
[  289.679751][ T2220] 
[  289.681931][ T2220] CPU: 0 PID: 2220 Comm: kworker/0:5 Not tainted 6.1.129-syzkaller-00006-gefda22f3484c #0
[  289.691643][ T2220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  289.701542][ T2220] Workqueue: usb_hub_wq hub_event
[  289.706394][ T2220] Call Trace:
[  289.709527][ T2220]  <TASK>
[  289.712299][ T2220]  dump_stack_lvl+0x151/0x1b7
[  289.716810][ T2220]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  289.722107][ T2220]  ? _printk+0xd1/0x111
[  289.726103][ T2220]  ? __virt_addr_valid+0x242/0x2f0
[  289.731041][ T2220]  print_report+0x158/0x4e0
[  289.735381][ T2220]  ? __virt_addr_valid+0x242/0x2f0
[  289.740329][ T2220]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  289.746406][ T2220]  ? enqueue_timer+0xa6/0x480
[  289.751007][ T2220]  kasan_report+0x13c/0x170
[  289.755356][ T2220]  ? enqueue_timer+0xa6/0x480
[  289.759864][ T2220]  __asan_report_store8_noabort+0x17/0x20
[  289.765414][ T2220]  enqueue_timer+0xa6/0x480
[  289.769843][ T2220]  __mod_timer+0x8d3/0xcf0
[  289.774102][ T2220]  ? mod_timer_pending+0x30/0x30
[  289.778867][ T2220]  ? __tasklet_schedule+0x20/0x20
[  289.783727][ T2220]  ? _raw_spin_lock+0xa4/0x1b0
[  289.788328][ T2220]  ? _raw_spin_trylock_bh+0x190/0x190
[  289.793538][ T2220]  schedule_timeout+0x187/0x380
[  289.798225][ T2220]  ? console_conditional_schedule+0x10/0x10
[  289.803950][ T2220]  ? update_process_times+0x1b0/0x1b0
[  289.809159][ T2220]  ? usb_hcd_check_unlink_urb+0xd1/0x110
[  289.814628][ T2220]  wait_for_common+0x39a/0x640
[  289.819256][ T2220]  ? wait_for_completion+0x20/0x20
[  289.824176][ T2220]  ? usb_submit_urb+0x118c/0x1840
[  289.829042][ T2220]  wait_for_completion_timeout+0xe/0x10
[  289.834422][ T2220]  usb_start_wait_urb+0x177/0x350
[  289.839278][ T2220]  ? usb_api_blocking_completion+0xb0/0xb0
[  289.844922][ T2220]  ? __kasan_check_write+0x14/0x20
[  289.849864][ T2220]  usb_control_msg+0x2ad/0x4c0
[  289.854464][ T2220]  ? usb_anchor_empty+0x40/0x40
[  289.859152][ T2220]  ? debug_smp_processor_id+0x17/0x20
[  289.864363][ T2220]  ? console_conditional_schedule+0x10/0x10
[  289.870088][ T2220]  ? update_process_times+0x1b0/0x1b0
[  289.875295][ T2220]  hub_ext_port_status+0xfe/0x6b0
[  289.880169][ T2220]  hub_port_debounce+0x2e8/0x470
[  289.884933][ T2220]  ? hub_port_disable+0x690/0x690
[  289.889792][ T2220]  hub_event+0x1f6a/0x4830
[  289.894046][ T2220]  ? __this_cpu_preempt_check+0x13/0x20
[  289.899427][ T2220]  ? __kasan_check_write+0x14/0x20
[  289.904376][ T2220]  ? led_work+0x590/0x590
[  289.908537][ T2220]  ? _raw_spin_unlock+0x4c/0x70
[  289.913224][ T2220]  ? finish_task_switch+0x167/0x7b0
[  289.918262][ T2220]  ? __kasan_check_read+0x11/0x20
[  289.923118][ T2220]  ? read_word_at_a_time+0x12/0x20
[  289.928063][ T2220]  ? strscpy+0x9c/0x260
[  289.932062][ T2220]  process_one_work+0x73d/0xcb0
[  289.936750][ T2220]  worker_thread+0xa60/0x1260
[  289.941280][ T2220]  kthread+0x26d/0x300
[  289.945164][ T2220]  ? worker_clr_flags+0x1a0/0x1a0
[  289.950023][ T2220]  ? kthread_blkcg+0xd0/0xd0
[  289.954453][ T2220]  ret_from_fork+0x1f/0x30
[  289.958710][ T2220]  </TASK>
[  289.961567][ T2220] 
[  289.963741][ T2220] Allocated by task 21044:
[  289.967991][ T2220]  kasan_set_track+0x4b/0x70
[  289.972416][ T2220]  kasan_save_alloc_info+0x1f/0x30
[  289.977364][ T2220]  __kasan_kmalloc+0x9c/0xb0
[  289.981789][ T2220]  __kmalloc+0xb4/0x1e0
[  289.985786][ T2220]  hci_alloc_dev_priv+0x27/0x1c00
[  289.990646][ T2220]  hci_uart_tty_ioctl+0x401/0xa70
[  289.995505][ T2220]  tty_ioctl+0x903/0xc50
[  289.999583][ T2220]  __se_sys_ioctl+0x114/0x190
[  290.004101][ T2220]  __x64_sys_ioctl+0x7b/0x90
[  290.008524][ T2220]  x64_sys_call+0x98/0x9a0
[  290.012774][ T2220]  do_syscall_64+0x3b/0xb0
[  290.017030][ T2220]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.022759][ T2220] 
[  290.024927][ T2220] Freed by task 21044:
[  290.028833][ T2220]  kasan_set_track+0x4b/0x70
[  290.033262][ T2220]  kasan_save_free_info+0x2b/0x40
[  290.038127][ T2220]  ____kasan_slab_free+0x131/0x180
[  290.043067][ T2220]  __kasan_slab_free+0x11/0x20
[  290.047779][ T2220]  __kmem_cache_free+0x21d/0x410
[  290.052553][ T2220]  kfree+0x7a/0xf0
[  290.056112][ T2220]  hci_release_dev+0x14d3/0x1640
[  290.060884][ T2220]  bt_host_release+0x83/0xa0
[  290.065313][ T2220]  device_release+0x95/0x1c0
[  290.069741][ T2220]  kobject_put+0x178/0x260
[  290.073991][ T2220]  put_device+0x1f/0x30
[  290.077982][ T2220]  hci_dev_cmd+0x2be/0x9b0
[  290.082234][ T2220]  hci_sock_ioctl+0x415/0x7f0
[  290.086750][ T2220]  sock_do_ioctl+0x152/0x450
[  290.091176][ T2220]  sock_ioctl+0x455/0x740
[  290.095354][ T2220]  __se_sys_ioctl+0x114/0x190
[  290.099855][ T2220]  __x64_sys_ioctl+0x7b/0x90
[  290.104280][ T2220]  x64_sys_call+0x98/0x9a0
[  290.108644][ T2220]  do_syscall_64+0x3b/0xb0
[  290.112896][ T2220]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.118628][ T2220] 
[  290.120796][ T2220] Last potentially related work creation:
[  290.126351][ T2220]  kasan_save_stack+0x3b/0x60
[  290.130863][ T2220]  __kasan_record_aux_stack+0xb4/0xc0
[  290.136082][ T2220]  kasan_record_aux_stack_noalloc+0xb/0x10
[  290.141731][ T2220]  insert_work+0x56/0x310
[  290.145878][ T2220]  __queue_work+0x9b6/0xd70
[  290.150217][ T2220]  queue_work_on+0x105/0x170
[  290.154652][ T2220]  __hci_cmd_sync_sk+0xc2a/0xf70
[  290.159422][ T2220]  hci_cmd_sync_status+0x52/0x130
[  290.164278][ T2220]  hci_dev_cmd+0x771/0x9b0
[  290.168539][ T2220]  hci_sock_ioctl+0x415/0x7f0
[  290.173053][ T2220]  sock_do_ioctl+0x152/0x450
[  290.177469][ T2220]  sock_ioctl+0x455/0x740
[  290.181634][ T2220]  __se_sys_ioctl+0x114/0x190
[  290.186148][ T2220]  __x64_sys_ioctl+0x7b/0x90
[  290.190574][ T2220]  x64_sys_call+0x98/0x9a0
[  290.194826][ T2220]  do_syscall_64+0x3b/0xb0
[  290.199083][ T2220]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  290.204810][ T2220] 
[  290.206978][ T2220] Second to last potentially related work creation:
[  290.213401][ T2220]  kasan_save_stack+0x3b/0x60
[  290.217914][ T2220]  __kasan_record_aux_stack+0xb4/0xc0
[  290.223122][ T2220]  kasan_record_aux_stack_noalloc+0xb/0x10
[  290.228762][ T2220]  insert_work+0x56/0x310
[  290.232931][ T2220]  __queue_work+0x9b6/0xd70
[  290.237268][ T2220]  queue_work_on+0x105/0x170
[  290.241695][ T2220]  hci_cmd_timeout+0x199/0x200
[  290.246296][ T2220]  process_one_work+0x73d/0xcb0
[  290.250991][ T2220]  worker_thread+0xa60/0x1260
[  290.255496][ T2220]  kthread+0x26d/0x300
[  290.259413][ T2220]  ret_from_fork+0x1f/0x30
[  290.263656][ T2220] 
[  290.265827][ T2220] The buggy address belongs to the object at ffff888114444000
[  290.265827][ T2220]  which belongs to the cache kmalloc-8k of size 8192
[  290.279711][ T2220] The buggy address is located 2560 bytes inside of
[  290.279711][ T2220]  8192-byte region [ffff888114444000, ffff888114446000)
[  290.292994][ T2220] 
[  290.295165][ T2220] The buggy address belongs to the physical page:
[  290.301412][ T2220] page:ffffea0004511000 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888114440000 pfn:0x114440
[  290.312781][ T2220] head:ffffea0004511000 order:3 compound_mapcount:0 compound_pincount:0
[  290.320942][ T2220] flags: 0x4000000000010200(slab|head|zone=1)
[  290.326853][ T2220] raw: 4000000000010200 ffffea000439d600 dead000000000002 ffff888100043500
[  290.335270][ T2220] raw: ffff888114440000 0000000080020001 00000001ffffffff 0000000000000000
[  290.343681][ T2220] page dumped because: kasan: bad access detected
[  290.349940][ T2220] page_owner tracks the page as allocated
[  290.355484][ T2220] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 9339, tgid 9338 (syz.8.3781), ts 140970796199, free_ts 140948811025
[  290.375966][ T2220]  post_alloc_hook+0x213/0x220
[  290.380568][ T2220]  prep_new_page+0x1b/0x110
[  290.384908][ T2220]  get_page_from_freelist+0x3a98/0x3b10
[  290.390288][ T2220]  __alloc_pages+0x234/0x610
[  290.394728][ T2220]  alloc_slab_page+0x6c/0xf0
[  290.399139][ T2220]  new_slab+0x90/0x3e0
[  290.403077][ T2220]  ___slab_alloc+0x6f9/0xb80
[  290.407477][ T2220]  __slab_alloc+0x5d/0xa0
[  290.411644][ T2220]  __kmem_cache_alloc_node+0x207/0x2a0
[  290.416934][ T2220]  kmalloc_trace+0x2a/0xa0
[  290.421187][ T2220]  audit_log_d_path+0xb9/0x170
[  290.425789][ T2220]  common_lsm_audit+0x3bf/0x1940
[  290.430559][ T2220]  slow_avc_audit+0x26c/0x3c0
[  290.435072][ T2220]  avc_has_perm+0x1f5/0x260
[  290.439411][ T2220]  selinux_file_open+0x4da/0x6a0
[  290.444186][ T2220]  security_file_open+0x62/0xa0
[  290.448875][ T2220] page last free stack trace:
[  290.453387][ T2220]  free_unref_page_prepare+0x9f1/0xa00
[  290.458683][ T2220]  free_unref_page+0xb2/0x5c0
[  290.463194][ T2220]  free_compound_page+0x9d/0xd0
[  290.467880][ T2220]  destroy_large_folio+0x56/0x90
[  290.472666][ T2220]  __folio_put+0xcf/0xe0
[  290.476734][ T2220]  skb_release_data+0x3c1/0x840
[  290.481419][ T2220]  __kfree_skb+0x50/0x70
[  290.485501][ T2220]  tcp_rtx_queue_unlink_and_free+0x3d5/0x610
[  290.491313][ T2220]  tcp_ack+0x2437/0x6a30
[  290.495397][ T2220]  tcp_rcv_established+0xe31/0x1c60
[  290.500428][ T2220]  tcp_v4_do_rcv+0x430/0xa20
[  290.504853][ T2220]  tcp_v4_rcv+0x20d7/0x2a30
[  290.509198][ T2220]  ip_protocol_deliver_rcu+0x32f/0x720
[  290.514488][ T2220]  ip_local_deliver_finish+0x246/0x400
[  290.519787][ T2220]  ip_local_deliver+0x1b3/0x3b0
[  290.524471][ T2220]  ip_sublist_rcv+0x7e5/0x990
[  290.528988][ T2220] 
[  290.531154][ T2220] Memory state around the buggy address:
[  290.536625][ T2220]  ffff888114444900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.544526][ T2220]  ffff888114444980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.552426][ T2220] >ffff888114444a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.560317][ T2220]                    ^
[  290.564225][ T2220]  ffff888114444a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.572128][ T2220]  ffff888114444b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  290.580025][ T2220] ==================================================================
[  290.587923][ T2220] Disabling lock debugging due to kernel taint
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  290.595427][   T28] audit: type=1400 audit(2000000001.500:7244): avc:  denied  { write } for  pid=280 comm="syz-executor" path="pipe:[14599]" dev="pipefs" ino=14599 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  290.707097][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  290.718644][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  290.726897][    C0] CPU: 0 PID: 21249 Comm: syz.1.8933 Tainted: G    B              6.1.129-syzkaller-00006-gefda22f3484c #0
[  290.738084][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  290.747980][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  290.753097][    C0] Code: 39 03 0f 84 40 01 00 00 e8 4c 6e 2a 00 4c 89 e7 e8 e4 cf d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 1b 72 00 49 8b 3e e8 98 c8 d7
[  290.772539][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  290.778562][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888113321440
[  290.786371][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  290.794184][    C0] RBP: ffffc90000007d00 R08: ffffffff814b279b R09: 0000000000000007
[  290.801991][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881144449c8
[  290.809802][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881144449e0
[  290.817615][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  290.826381][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  290.832804][    C0] CR2: 000055690e44dd90 CR3: 000000000700f000 CR4: 00000000003506b0
[  290.840618][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  290.848433][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  290.856238][    C0] Call Trace:
[  290.859365][    C0]  <IRQ>
[  290.862059][    C0]  ? __die_body+0x62/0xb0
[  290.866232][    C0]  ? die_addr+0x9f/0xd0
[  290.870217][    C0]  ? exc_general_protection+0x317/0x4c0
[  290.875605][    C0]  ? asm_exc_general_protection+0x27/0x30
[  290.881153][    C0]  ? __queue_work+0x28b/0xd70
[  290.885661][    C0]  ? __queue_work+0x4f1/0xd70
[  290.890176][    C0]  ? __queue_work+0x29c/0xd70
[  290.894692][    C0]  delayed_work_timer_fn+0x61/0x80
[  290.899634][    C0]  ? queue_work_node+0x1d0/0x1d0
[  290.904410][    C0]  call_timer_fn+0x3b/0x2d0
[  290.908750][    C0]  ? queue_work_node+0x1d0/0x1d0
[  290.913521][    C0]  __run_timers+0x756/0xa10
[  290.917867][    C0]  ? calc_index+0x270/0x270
[  290.922202][    C0]  ? sched_clock+0x9/0x10
[  290.926365][    C0]  ? sched_clock_cpu+0x71/0x2b0
[  290.931057][    C0]  run_timer_softirq+0x69/0xf0
[  290.935654][    C0]  handle_softirqs+0x1db/0x650
[  290.940268][    C0]  __irq_exit_rcu+0x52/0xf0
[  290.944602][    C0]  irq_exit_rcu+0x9/0x10
[  290.948673][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  290.954143][    C0]  </IRQ>
[  290.956916][    C0]  <TASK>
[  290.959695][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  290.965510][    C0] RIP: 0010:stack_trace_consume_entry+0xc/0x290
[  290.971586][    C0] Code: 0f 8c 7b ff ff ff 48 89 df e8 e0 85 57 00 e9 6e ff ff ff e8 e6 d4 b6 03 66 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 <53> 48 83 ec 20 48 89 fb 48 ba 00 00 00 00 00 fc ff df 4c 8d 57 10
[  290.991053][    C0] RSP: 0018:ffffc900049ef1b0 EFLAGS: 00000282
[  290.996930][    C0] RAX: ffffffff8163d8f4 RBX: ffffc900049ef1e0 RCX: ffffffff879a8000
[  291.004742][    C0] RDX: ffffffff87a90001 RSI: ffffffff8163d8f4 RDI: ffffc900049ef2c0
[  291.012554][    C0] RBP: ffffc900049ef1d0 R08: ffffc900049ef2c8 R09: 000000000000000c
[  291.020363][    C0] R10: ffffc900049ef2d0 R11: dffffc0000000001 R12: ffff888113321440
[  291.028175][    C0] R13: ffffffff8165bf50 R14: ffffc900049ef2c0 R15: 0000000000000000
[  291.035994][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  291.040850][    C0]  ? exit_to_user_mode_loop+0x74/0xa0
[  291.046054][    C0]  ? __init_begin+0x3a000/0x3a000
[  291.050915][    C0]  ? no_hash_pointers_enable+0x21/0xd5
[  291.056213][    C0]  ? exit_to_user_mode_loop+0x74/0xa0
[  291.061419][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  291.066278][    C0]  arch_stack_walk+0x101/0x140
[  291.070881][    C0]  ? exit_to_user_mode_loop+0x74/0xa0
[  291.076090][    C0]  stack_trace_save+0x113/0x1c0
[  291.080775][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  291.085725][    C0]  ? __stack_depot_save+0x36/0x480
[  291.090672][    C0]  save_stack+0xf6/0x1e0
[  291.094748][    C0]  ? __reset_page_owner+0x190/0x190
[  291.099782][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  291.104825][    C0]  ? free_unref_page_prepare+0x9f1/0xa00
[  291.110286][    C0]  ? free_unref_page+0xb2/0x5c0
[  291.114971][    C0]  ? __free_pages+0x61/0xf0
[  291.119310][    C0]  ? __vunmap+0x9c6/0xb80
[  291.123476][    C0]  ? vfree+0x5c/0x80
[  291.127210][    C0]  ? kcov_close+0x2b/0x50
[  291.131375][    C0]  ? __fput+0x1e5/0x870
[  291.135368][    C0]  ? ____fput+0x15/0x20
[  291.139361][    C0]  ? task_work_run+0x24d/0x2e0
[  291.143960][    C0]  ? do_exit+0xbd0/0x2b80
[  291.148125][    C0]  ? do_group_exit+0x21a/0x2d0
[  291.152726][    C0]  ? get_signal+0x169d/0x1820
[  291.157238][    C0]  ? arch_do_signal_or_restart+0xb0/0x16f0
[  291.162884][    C0]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[  291.168527][    C0]  __reset_page_owner+0x54/0x190
[  291.173301][    C0]  free_unref_page_prepare+0x9f1/0xa00
[  291.178589][    C0]  ? __kasan_check_read+0x11/0x20
[  291.183449][    C0]  ? free_unref_page_commit+0x1f6/0x570
[  291.188836][    C0]  free_unref_page+0xb2/0x5c0
[  291.193348][    C0]  ? mark_free_pages+0x3b0/0x3b0
[  291.198120][    C0]  __free_pages+0x61/0xf0
[  291.202287][    C0]  __vunmap+0x9c6/0xb80
[  291.206279][    C0]  ? _raw_spin_lock+0x1b0/0x1b0
[  291.210967][    C0]  ? vunmap+0x60/0x60
[  291.214785][    C0]  ? rcu_force_quiescent_state+0x170/0x170
[  291.220426][    C0]  ? kcov_open+0x60/0x60
[  291.224505][    C0]  vfree+0x5c/0x80
[  291.228068][    C0]  kcov_close+0x2b/0x50
[  291.232055][    C0]  __fput+0x1e5/0x870
[  291.235875][    C0]  ____fput+0x15/0x20
[  291.239693][    C0]  task_work_run+0x24d/0x2e0
[  291.244121][    C0]  ? kmem_cache_free+0x291/0x560
[  291.248897][    C0]  ? task_work_cancel+0x2e0/0x2e0
[  291.253757][    C0]  ? free_nsproxy+0x20d/0x260
[  291.258271][    C0]  ? exit_task_namespaces+0xb4/0xd0
[  291.263304][    C0]  do_exit+0xbd0/0x2b80
[  291.267300][    C0]  ? __futex_queue+0x1c1/0x3c0
[  291.271896][    C0]  ? put_task_struct+0x80/0x80
[  291.276496][    C0]  ? futex_q_unlock+0x30/0x30
[  291.281009][    C0]  ? __kasan_check_write+0x14/0x20
[  291.285955][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  291.290906][    C0]  do_group_exit+0x21a/0x2d0
[  291.295328][    C0]  ? __kasan_check_write+0x14/0x20
[  291.300281][    C0]  get_signal+0x169d/0x1820
[  291.304619][    C0]  ? ptrace_notify+0x350/0x350
[  291.309219][    C0]  arch_do_signal_or_restart+0xb0/0x16f0
[  291.314686][    C0]  ? __bpf_ringbuf_reserve+0x478/0x520
[  291.319985][    C0]  ? do_futex+0x55a/0x9a0
[  291.324148][    C0]  ? __ia32_sys_get_robust_list+0x90/0x90
[  291.329701][    C0]  ? get_sigframe_size+0x10/0x10
[  291.334473][    C0]  ? __se_sys_futex+0x35e/0x3c0
[  291.339163][    C0]  exit_to_user_mode_loop+0x74/0xa0
[  291.344195][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[  291.349488][    C0]  syscall_exit_to_user_mode+0x26/0x130
[  291.354868][    C0]  do_syscall_64+0x47/0xb0
[  291.359122][    C0]  ? clear_bhb_loop+0x55/0xb0
[  291.363638][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  291.369364][    C0] RIP: 0033:0x7fa1ee98d169
[  291.373629][    C0] Code: Unable to access opcode bytes at 0x7fa1ee98d13f.
[  291.380473][    C0] RSP: 002b:00007fa1ef71a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  291.388720][    C0] RAX: 0000000000000000 RBX: 00007fa1eeba5fa8 RCX: 00007fa1ee98d169
[  291.396528][    C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa1eeba5fa8
[  291.404341][    C0] RBP: 00007fa1eeba5fa0 R08: 0000000000000000 R09: 0000000000000000
[  291.412156][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa1eeba5fac
[  291.419967][    C0] R13: 0000000000000000 R14: 00007ffe9ba2a9a0 R15: 00007ffe9ba2aa88
[  291.427782][    C0]  </TASK>
[  291.430643][    C0] Modules linked in:
[  291.434378][    C0] ---[ end trace 0000000000000000 ]---
[  291.439668][    C0] RIP: 0010:__queue_work+0x4f1/0xd70
[  291.444790][    C0] Code: 39 03 0f 84 40 01 00 00 e8 4c 6e 2a 00 4c 89 e7 e8 e4 cf d7 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 30 1b 72 00 49 8b 3e e8 98 c8 d7
[  291.464239][    C0] RSP: 0018:ffffc90000007c78 EFLAGS: 00010046
[  291.470134][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888113321440
[  291.477943][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  291.485755][    C0] RBP: ffffc90000007d00 R08: ffffffff814b279b R09: 0000000000000007
[  291.493568][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881144449c8
[  291.501376][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881144449e0
[  291.509190][    C0] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[  291.517958][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  291.524381][    C0] CR2: 000055690e44dd90 CR3: 000000000700f000 CR4: 00000000003506b0
[  291.532192][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  291.539999][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  291.547813][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  291.555166][    C0] Kernel Offset: disabled
[  291.559289][    C0] Rebooting in 86400 seconds..