last executing test programs:

2m4.190166446s ago: executing program 1 (id=1234):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2m4.135377971s ago: executing program 1 (id=1236):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x804810, &(0x7f0000000b80)={[{@init_itable}, {@usrjquota}, {@nobh}, {@resuid}]}, 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x86400, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x20, 0x0, 0x3f00, 0x0, 0x0})

2m4.093892554s ago: executing program 1 (id=1239):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf7, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m3.947010526s ago: executing program 32 (id=1239):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe")
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf7, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1m56.817212184s ago: executing program 33 (id=1437):
r0 = socket(0x1e, 0x5, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
recvmmsg(r0, &(0x7f0000001400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000740)=""/245, 0xf5}], 0x1, &(0x7f0000000380)=""/201, 0xc9}, 0x3}], 0x1, 0x20, 0x0)
sendmmsg$inet(r0, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000840)="0649", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000580)='w', 0x1}, {&(0x7f0000000940)="cc211a29bed90670de5d29d76020c13edaa072bce086f779af851fa7be1fd052427beeec375a9d20850212fa4ff070e870a6b1e81b0dca31d8f9a243d10f6d075a9c72700737e6d6c7d95cb1582ffbcc10241a8791a6fa45a7d39dc78faf9e2a673fc2a2b493dacdab59c6077ee3e32a1d23bf7f16cc9ba936db2aaf2b5f40082f62bea885c18701166769905225d200", 0x90}], 0x2, &(0x7f0000003a40)=ANY=[], 0x110}}], 0x2, 0x24044058)

1m43.008997334s ago: executing program 2 (id=1800):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

1m42.962829808s ago: executing program 2 (id=1802):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
socket$nl_netfilter(0x10, 0x3, 0xc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil)

1m27.982664903s ago: executing program 34 (id=1802):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
socket$nl_netfilter(0x10, 0x3, 0xc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil)

1m26.365637262s ago: executing program 35 (id=2169):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=ANY=[@ANYBLOB="0c0100001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000dc00128009000100766c616e00000000cc00028006000100000000001c0003800a00010000000000000000000c00010000000000000000000c00020000000000000000000c00020000000000000000001c0004800c00010000000000000000000c0001000000000000000000700004800c00010000000000000000000c000100000000000000f3ff0b0001"], 0x10c}, 0x1, 0xba01}, 0x0)

1m12.824400743s ago: executing program 36 (id=2579):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0x7000000)

46.658378673s ago: executing program 0 (id=3535):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100), 0x4000)

46.392575034s ago: executing program 0 (id=3544):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="06000000000000000601004069fd252432637f2bffffffff9e000040"])

46.283318933s ago: executing program 0 (id=3548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7000000000000007b5af8ff00000000bfa200000000000007020000d6ffffffb703000008000000b704000000000000850000001400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x2f000000, 0xe, 0x0, &(0x7f0000000740)="00eda9556e09000000000000000c", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

46.096938608s ago: executing program 0 (id=3553):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
readlink(&(0x7f0000000000)='./file2\x00', &(0x7f00000000c0)=""/53, 0x35)

45.581644669s ago: executing program 0 (id=3575):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
personality(0x500006)

44.934617581s ago: executing program 0 (id=3595):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000001900010000000000000000001d0109004d000f"], 0x64}}, 0x440c0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

44.910048753s ago: executing program 37 (id=3595):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000001900010000000000000000001d0109004d000f"], 0x64}}, 0x440c0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

43.19406988s ago: executing program 1 (id=3596):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
readlink(&(0x7f0000000000)='./file2\x00', &(0x7f00000000c0)=""/53, 0x35)

42.872893426s ago: executing program 1 (id=3642):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffaf)

42.142740414s ago: executing program 1 (id=3661):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0xc3b, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x2}]}}}]}, 0x40}}, 0x0)

42.126468596s ago: executing program 38 (id=3661):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0xc3b, 0xffffffff, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x2}]}}}]}, 0x40}}, 0x0)

40.750400465s ago: executing program 9 (id=3707):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
set_robust_list(&(0x7f0000000300)={0x0, 0x9}, 0x18)

40.750161246s ago: executing program 9 (id=3708):
syz_usb_connect$uac1(0x0, 0xa6, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x94, 0x3, 0x1, 0x10, 0x10, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x8001}, [@extension_unit={0x7, 0x24, 0x8, 0x4, 0x1, 0x5}, @processing_unit={0xc, 0x24, 0x7, 0x3, 0x0, 0x0, "d885700585"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x2, 0x3, 0x3, 0x1, 'b', 'Qq\t'}]}, {{0x9, 0x5, 0x1, 0x9, 0x10, 0x14, 0x4, 0xcd, {0x7, 0x25, 0x1, 0x1, 0x7f, 0xe6d1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x1, 0x1, 0x1002}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x6896, 0x2, 0x0, "78f4cd9535ca"}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x7, 0x4, 0x3, {0x7, 0x25, 0x1, 0x2, 0xf4}}}}}}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
socket(0x400000000010, 0x3, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

39.334295298s ago: executing program 9 (id=3749):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
syz_emit_ethernet(0x8e, &(0x7f0000000840)=ANY=[@ANYBLOB="aaaaaaa2aaaaaaaaaaaaaaaa86dd60f81fcb00583a"], 0x0)

39.30965772s ago: executing program 9 (id=3751):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="2a0000000600"], 0x2a)

39.220197577s ago: executing program 9 (id=3755):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000500), 0x1, 0x4f8, &(0x7f0000001900)="$eJzs3E1oXNUeAPD/nXz26zXvvb6+176+Z2oVg8WkTavNQpCKggsFsYK6DElaatNGmhRsqTIFqUspuBeXbl24VTdFXAlu61KQQpFu2griyJ25dzIzmUmaSTJjmt8Pbuace2fuOeeee+6ce07mBrBlDad/kkr4VkTsjohC4xuGKy/3716denD36lQUS6VTvyblj91L45lsN7Eji4wUIgofJYsbasxfvnJucnZ25mIWH1s4/97Y/OUrz5wdzNZMTCS9bRaqSXppue7t/3DuwL5X3rnx2lR1z3lqteVYL8Mx3CwrZU+ud2Jdtqsm3Ha90XHp+Z9WV1+5/e+Onliu8oodzBmw0UqlUmmg9eZiqdG1JWuATSsGu50DoDvyL/r0/jdfmnUE+jem+9F1d05WboDSct/PlojHyivzcZC+hvvb9TQcEW8Xf/ssXWKDxiEAAGp9czLvCTb0/4YqMyO/X7r5Qvr6t2wOZSgi/h4R/4iIf0bEnoj4V0TsjYh/R8R/GvbfExGlZdIfbohX069OQhVur1NRm0r7f89nc1vpsjj3VQ0N9WSxXRF5h3nmSHZMRqJv4PTZ2Zmjy6Tx7Us/ftJqW23/L13SPOR9wSwft3sbBuimJxcm2yvtUneuRezvXSx/pf+b9EYk1ZmAJCL2RcT+Vex3qCZ89ukvDlQjffXvW7n8ZaWm82jrMM9U+jziqUr9F6Na/qibREzq5ifPT56ZOTNzYXxi4vixoyeeG392bDBmZ46MpWfBkaZpfP/D9ddbpb9i+b/6ufEjL5/4+lTWstYurf/tNed/5PO3i+UfSiKS6nzt/OrTuP7Txy3vado9//uTN8vh/L70/cmFhYtHI/qTV5euH1/8bB5PX6NYKf/Iocbzv5xu+RqXH4n/RkR6Ev8vIv4flTvENO8HI+LxiDi0TPm/e/GJd9sv/8ZKyz8d9eWv1Hxd/S/O17cKJNncYN2m/kgDPecO3nrQ4uLxcPV/vBwaydY0v/4ldZeIVjnNv+3SNX+s+egBAADA5lCIiJ01Y0k7o1AYHa2MAe2J7YXZufmFw6fnLl2YTrdFDEVfIR/pqowH9yX5+OdQTXy8IX4sGzf+tGdbOT46NTc73dWSAzvKbT4pjEa81VPT/lO/rM8QM/BX5vdasHUt1/7TTvzeGx3MDNBRD//9f/ODDc0I0HE17b/VL/yLbfzfF7AJPPT3f9LyeTbAI2PlB/0YM4TNr6Qtw5a2qvZ/2EMA4VHSG29Uw4Wu5gToNP1/2JJW/F3/mgKlgeabBmPpm2Nw+R32RHvZ2NYkra4E0p5VV1Lf1s6n8omelu+Jwup2OBD1a/rbrNPTazwaxYvzZ/Yunvz5s0XWeJxL2f/Kr3cNftmRdtos0PFLEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIb4MwAA///GJdfC")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000000c0)={0xa0, 0x0, 0x0, {{0x5, 0x0, 0x1, 0xd221, 0x5, 0xffff, {0x0, 0xfff, 0x0, 0x9, 0x80000001, 0x1, 0x160, 0x2, 0x6, 0x1000, 0x8, 0x0, 0x0, 0xf0000000, 0x7}}, {0x0, 0x5}}}, 0xa0)

39.018735214s ago: executing program 9 (id=3757):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

23.730266274s ago: executing program 39 (id=3757):
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

23.049953969s ago: executing program 2 (id=3897):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000080)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4d1, &(0x7f0000000b80)="$eJzs3dFrW9cZAPDvynbiJM7sbHvIwpaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxraZ/61JdCn0uh5E9oC4H2vZTSEtokfWihrYrkqyZxZVsmlpVYvx8c33PuvfL3HQsd69x7uTeAjnUqIsYioisizkZEf7o+k5ZYWy/V/R7cvzVZLUlUKtc+TSJJ19V/V5Iuj6Qv642Iv/454h/J9+OWVlbnJgqF/FLazpXnF3OlldVzs/MTM/mZ/MLYyPDF0UujF0aHdq2vl//40f///eqfLr/1mxsfjH9y5p/VtPrSbY/3oxlrTe633vWe2t+irjsilnYS7BnWlfanp92JAADQlOp3/B9GxC8i4uFL7c4GAAAAaIXK7/viqySiAgAAAOxbmdo1sEkmm14L0BeZTDa7fg3vj+NwplAslX89XVxemFq/VnYgejLTs4X8UHqt8ED0JNX2cK3+qH1+Q3skIo5FxH/7D9Xa2cliYardBz8AAACgQxzZMP//vH99/g8AAADsMwPtTgAAAABoOfN/AAAA2P82nf8n3XubCAAAANAKf7lypVoq9edfT11fWZ4rXj83lS/NZeeXJ7OTxaXF7EyxOFO7Z9/8dr+vUCwu/jYWlm/myvlSOVdaWR2fLy4vlMdrz/Uez3tONAAAAOy9Yz+/834SEWu/O1QrVQfSbU3M1cdamx3QSpmd7Z60Kg9g73W1OwGgbba5wPedn+5VIsCecz4e2GZi/78N7R0eNgAAAJ4Fgz95qvP/zgfCc8xEHjqX8//QudzgCzqX8//Q4Q5uv0vvZhve3uVcAACAlumrlSSTTc8F9kUmk81GHK09FqAnmZ4t5Ici4gcR8V5/z8Fqe7jdSQMAAAAAAAAAAAAAAAAAAAAAAADAc6ZSSaICAAAA7GsRmY+T9EH+g/2n+zYeHziQfNFfW0bEjZevvXBzolxeGq6u/+y79eUX0/Xn23EEAwAAANioPk+vz+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDc9uH9rsl72Mu69P0TEQKP43dFbW/a+0R8Rhx8m0f3Y65KI6NqF+Gu3I+J4o/hJNa0YSLPYGD8TEYfaHP/ILsSHTnanOv6MNfr8ZeJUbdn489edlqd179Rm41+mPv7VxrlG49/RJmOcuPt6btP4tyNOdDcef+rxk6ccf//+t9XVzbZVXokYbPj/J3kiVq48v5grrayem52fmMnP5BdGRoYvjl4avTA6lJueLeTTnw1j/Odnb36zVf8PbxJ/YJv+n26y/1/fvXn/R1vEP/PLjfG/rL3/x7eIX/3b/yr9P1DdPlivr63XH3fytXdPbtX/qU36v937f6bJ/p+9+q8Pm9wVANgDpZXVuYlCIb+k8lxWeryDKltVrqYf9B2/vM0DEwAAsOsefelvdyYAAAAAAAAAAAAAAAAAAADQuVp+E7KDT95ZoLd9XQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NK3AQAA///VO9QU")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xee01, 0x0, 0x1000)

22.713766486s ago: executing program 2 (id=3912):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000740)=ANY=[@ANYBLOB='iocharset=macgreek,umask=00000000000000000000005,namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303031302c646973636172642c666d61736b3d30303030303030303030303030303030303030303030362c696f636861727365743d6575632d6a702c6572726f72733d636f6e74696e75652c616c6c6f775f7574696d653d30303030303030303030303030303030303134373037302c0092803b831534d131135366249e8a045ee656058ddf6f41400b01a0870e4c656ef6f11325a20c319fd81269acc3b77200feb4294a821f553876d64b4a41390c44492e6f79c4b09bbe8e5cb02585b919505651c34f3e21f9532204a0c936a1da6422edb1108cf73536e8fbe241e030f5b5e1d081994fbe8a093c44b63f3da6a8a46706b47fa3"], 0x1, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
open(&(0x7f0000000200)='./file0/file0\x00', 0x2000000, 0x0)

22.582494036s ago: executing program 2 (id=3914):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x80, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
getegid()

22.507385312s ago: executing program 2 (id=3915):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000940)=ANY=[@ANYBLOB='system_u:object_r:faillog_t:s0 /usr/sbin/ntpd 0'], 0x43)

22.507289072s ago: executing program 40 (id=3915):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_access(r1, &(0x7f0000000940)=ANY=[@ANYBLOB='system_u:object_r:faillog_t:s0 /usr/sbin/ntpd 0'], 0x43)

21.968455625s ago: executing program 3 (id=3916):
syz_open_procfs(0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000280), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x9)

21.953570646s ago: executing program 3 (id=3922):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x405, 0x70bd28, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)

21.887626102s ago: executing program 3 (id=3923):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, &(0x7f0000000100)='GPL\x00', 0x200, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x9, 0x7fa, 0x65c0, 0x6, 0x0, r0, 0xcb02}, 0x50)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0c000000040000000400"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f00000002c0), 0x5, r1}, 0x38)

21.862741404s ago: executing program 3 (id=3924):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='./file2\x00', 0x80cc88, &(0x7f0000000ec0)={[{@fmask={'fmask', 0x3d, 0x9}}, {@umask={'umask', 0x3d, 0x80000002}}, {@utf8}, {@keep_last_dots}, {@allow_utime={'allow_utime', 0x3d, 0x801}}, {@errors_continue}, {@discard}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@iocharset={'iocharset', 0x3d, 'utf8'}}]}, 0x3, 0x1510, &(0x7f0000003640)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x3, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)

21.754827813s ago: executing program 3 (id=3927):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f0000000040)="240000001a005f0214f9f507000909000a000000000000000000000004001e0000000000", 0x24)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'sit0\x00'})

21.630697612s ago: executing program 3 (id=3932):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x1, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "cbfc0b9af540340c"}}, 0x48}, 0x1, 0x0, 0x0, 0x48004}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="02"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x10)

21.588691366s ago: executing program 41 (id=3932):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x1, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "cbfc0b9af540340c"}}, 0x48}, 0x1, 0x0, 0x0, 0x48004}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="02"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x10)

7.654504509s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

6.542476717s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

5.614314692s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

4.077099734s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

2.50714368s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

1.316557505s ago: executing program 8 (id=4467):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001000)=@base={0xb, 0x5, 0x4, 0xa932, 0x9, 0xffffffffffffffff, 0x800008}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffff9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x1, 0x7fff0001}]})
flistxattr(r2, 0x0, 0x0)

1.280959838s ago: executing program 8 (id=4469):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000007c0)}, 0x20)

1.2543076s ago: executing program 8 (id=4472):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd604000000014060100000000000000000000000000000000e38000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB='P'], 0x0)

1.240975671s ago: executing program 8 (id=4474):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x3, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0)

1.228581942s ago: executing program 8 (id=4476):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x103a42, 0x18)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
copy_file_range(r0, 0x0, r0, 0x0, 0xfffffffffffffffe, 0x0)

1.215570273s ago: executing program 4 (id=4303):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r0}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x15}}]}}}]}, 0x4c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000010000104000000050000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800e00010069703665727370616e000000100002800400120005001600010000000a0001"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)

465.721363ms ago: executing program 8 (id=4480):
syz_usb_connect$lan78xx(0x0, 0x3f, &(0x7f0000001140)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000240)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0x4004550f, 0x0)

338.150113ms ago: executing program 7 (id=4486):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000080000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f28bd421850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r1}, 0x10)
io_setup(0x3, &(0x7f0000000340))

324.775084ms ago: executing program 5 (id=4487):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0xff)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0x14, 0xfffffffb, 0xe3, 0xb0ff, 0x9, "d74192f386e87fcb366000080800ffee00", 0x1, 0x5})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x8)

301.871426ms ago: executing program 6 (id=4488):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x1058, [{}, {0x0, 0x100000000000000}]}, 0x68)

283.533397ms ago: executing program 5 (id=4489):
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000200001002bbd700000ff00000a108000000000080400010014000200fc020000000000000000000000000000140001"], 0x44}, 0x1, 0x0, 0x0, 0x24000050}, 0x40000)
syz_emit_ethernet(0x6e, &(0x7f0000000280)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0xfe, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x4fe, {0x2, 0x6, "081331", 0x3f6f, 0xff, 0x0, @mcast1, @loopback, [@fragment={0x84, 0x0, 0xa, 0x0, 0x0, 0x7, 0x65}]}}}}}}}, 0x0)

251.75633ms ago: executing program 5 (id=4490):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000080)="330316148114140000007ef52f555f2a0c0900000000000000f786dd3baa4b1f0f858c4632f47042195e", 0xfdef, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x62, 0x6, @broadcast}, 0x14)

240.237611ms ago: executing program 6 (id=4491):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x1)
setrlimit(0x7, &(0x7f0000000400))
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)

228.910962ms ago: executing program 7 (id=4492):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
personality(0x2000000)

224.047132ms ago: executing program 5 (id=4493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000000c0000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000001100)=@req3={0x8000, 0x200, 0x80, 0x20000}, 0x1c)

215.707963ms ago: executing program 6 (id=4494):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071"], 0xfdef)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)

205.367374ms ago: executing program 7 (id=4495):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000140)="330312001200140000007ef52f555f2a0c09000000fd810000f786dd3baa4b1f0f852b4632f47042195e0b8ca9767e06b5043b41cd4ea5b3298d95b2c36a688b9c7fd650f51f7b2326fa1db2", 0x4c, 0x40008c1, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x62, 0x6, @broadcast}, 0x14)

99.999292ms ago: executing program 7 (id=4496):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000045c0)=ANY=[@ANYBLOB="40100000", @ANYRES16=r2, @ANYBLOB="010000000000000000000c0000001410038004100400fc654c187d6eb5f0ca15095cc8787b50b96435ad3147dd10e867248d37187c2a131a62d105462ce34d5cf8ded36159aea612a3460534d8c298556e91590238f40dd2c7148d365ab6cdd5f2a7f74bac8d59f731c655a46917f18b28ed05e58b70287d26677601258a5c0ab9f679e2e520228c3a1f1aede04c6ba82cc38cc2ab6b35a24fb20e032dedf6f6caf4bfea5435f746f746fd46ca192e3744eb6908b358c10833bf484237ba654641e6186a45957c6345e61ea620fdc74383ce1df4a24e7044bae596f018736424a5bfa438865044e7026fa37a3540fadd0e89d87aecd3bc127e0cb10274991d6127224a0f2a4ef19e2c4dedbe45f2471abcc38c584ead0e3df3f9211022b2421fb6b327361e8f58f2b73134fc5444b350ede95ecef5bbbf9950e75c9f772a3ff0180d2cfac287228709726a6abbab2971982de7f1a9149d71dcbfd212e89ff17cf284b7f8ad82a469cb1c1e3d9d1d3689271c8dad0ba89dda651d4242062ac0bc5877e397236fa9476ac5fac7c2c896babca09d74720004cd0e634327de4fd87ed72ae069c095d2c70caed52e3335478c1c3719925e24f2fd7755baebd5cde385727a0f0440dd3b662248c43ff5afc4f186ff0051ba8eaa07623b79c4bb6985f14c5ac15041a6ff7584f921982e5414481d4db4c76798d70a59b5aeccb6e7882aefe70993758b55b4dc4039c2b1c98452113aaf23ccdf68cb6eff6e048f9da6f39a2def3caaf80cdcbadb83b029b8738391f02fec90c8a8b6f036aae8ceaff5dca7d3e0098423fedc676c6774ab0e6a72bd246c0b3004d1988f802b846d62ca59e9a63ce12814176ec4380e1cf29d27e7b2f7e7eadcaae8f182498ad32e67323fe6ef9508fec40dd38897652053ef92e44a909060c237890c196f0c26ab10248f999001f6231813a81313971bea77a5470f312d9e5957899adc99e430e4010a3a341482c51fb71c23c3cdf92303c7580c73775f9a74685a61ce9849eaca52b97ee7ffe2e672dc1be5267c285a102711b1b5d81d6dbb76494f2892fd4f85244ade3cdd3809fd5fdfce5157fc1658f0bceb379489732583707c170fc6392aa4f5b94843aeb18da58e0156e029c2b722918b1b3dc7c151cb9c248ddd18423629b53cd4b0ab2693b0df29c88c04657f4eccdc41357de8186fdc0ec86f92950734975921a2fde57c3e7176b57c871d76ff8a8f36520b67e64930cf34bcde9ad92d057a359ca022b646df18e2b7202845bd8ac4be5e5ebae436dc4b93dfaaf2778a53e7e4be937e83dac7d1d481bdbd8081ab0ac08af067e62580bbdbf397cbc629db9b023734b6fad7824d1a8b3257c1c18d6ebc928140060f004ec484b183560f830a1eb0c527c8600bb2600d761e847454e677aa29486aa407a9e9a5e9dc9542de038e3e55fdfec13184cdb16716556f972eef5c56230c43d146c86a9147265c309a279db6d138647920410896c5397c5f83634fa5e92b5161f786482d84830864388b91c2c1e3e9f9f038d5fa66f7fe904e14df0a60d46066c6b1f37cec6e13c35832f512be21da21a5921b81cc452b0076c2ec10fd5481cd0e1ca917b40cb3aa839b120ce6eb9773e942b74ececac6bdcd22eb8dd6cd9f148e0ebe5ef3094f42adc39bc5ca2259e1eab5059ccf5e82bb57b97d4d13a90747299b2e6b64f962aabf222e4f287503181de3c3a68fb2b0068583f3b97e40ce06e9805a7121eccac0527b8f1b18a62762efe0a9ce4114b7d1ba942bc93533ee0b1bd7f0a607207b976dfa1fbe3ce0868e7f4e31b41a0aada0ac6b291aefe22ea5338f07e57b981b8e4e4a121f231d2f46989fd5dd09a7c1d198f5886b4f1a222eccdabff096a81fef3c9e497621128562880938fe05a1f1c4da81daba55bf326f1e3a1712d79f01fbef2ee230615d4e454be67f0ad4dc2bfffaecbb683742925738b45854ab713ae548b9709e9ea2e28224ef466bced79e3ec6c163d45db187bc01c75afa85f78003927dcd122086acc8dd1b1224de41d62b83e34083dd39fe68aa5a479ba403f5dbddf9b763ca521b7efca6234be16484f1e0112d963672a6d24cdac15e80bcb82b3b22231670c41fe7e8a0a083b6df768e7fb0d94a004f8372f5cf8b9b45cc679eb67828a94d0ffabfe09d95ad2789cb8657f7ea86a46260416a72e6fc7b44e549a2e39fe015c7647cc0bec15fa63d26894be1cc5326331e7e0b1c505934182accf049bab033b026d48fda51de740afc0666e6c891e0c5192f4b2df21493477ff45319d7d8b816f0b73ccfa12d6846362feb4b85063ca42e950eb577c630300dc52698a38ca19cbbb398404a1e8e27d0be49985e59caef03da096d1ccbeed73bd7c9588325b747ab77f4d7c1c1f18388ce1771882ee680ed737ad197ff92f1052e5e79f6ffa5b85ba3fac5db13e0d0046c9dca0ab4b74b20299ba6bdd758940e088df31e1382cee6901503299028467a864d27affae30fd9aef5a6ff948c052124511a75a46d5a316e28fb6c5bfac787be5833c63c535557235b0e09f9a78a338aa8864613fca77a7e252d1975af2c4a6bcc969d1e20e3cd4dfc1b2fe34b70fd7804dbfde4fa4d950e5fb4eb926dece9e4601b12efe322bb42ac808158fef0a26900000000726654987e7de20d1e41e82c607c33c6bae7bb234744b51dc683d5857afd6ba8246cebc734e393806ef102a6baaf04f3a7c3cb888d5830e1c6ae170c5c920e806b4f518be4416b216cdf9b1658a412d9e4eab6c9b20ce99960f27e77fdf9a2e98b35c63859f9db6bdcbef1001a19e12e41370f9358531987851ab64c250e68a8569ace4418e2118caff7d3d4caf1c87bc50a8ae75770fdae88a8490c041b39d08190d8b7c908caddd66331a508929d53dd6bc2dbc86f97115ff0a364b70f96918e6ed354c97e59ea5e2c7b149cd51d7c85a27ac658e78b99326857858df0ac0ee240cbb6ee9d9ee6c2c2ff7c29dd25fd337dc08bddeb50305ed48b9f5d89c55ffedde29ce0412ea8e2c976f961eb0c4966d2a8be0b657a5e51048a8a10005c488e1f637ce208a35b5aed0c2067465191dc42ebf6e4853cc89998bdf2ef755f38a3cd985b62df36a5ebc3b47df32423ee46857f9db9d756ff69ecd4ef2f307dcaefd4a1f399543952df972269c28200df8ebacad4eed1c00b9ce9841799bea583cafdeaa8d4a371a8ae55d8ffe4846833985975d8b234adff63eace9d2c4d1680c370827ebe1831ef311077607e8c4920506e03528861085dcfdb918f1efe91420c390fbca0a38377e1635c402ec1c34eddae986ffa8756b27f6c340907bae99f4a6b328fca8177b4dfaceea5ad3ceb901dbcefc15ded322bece4e750969e81935764ebe88749464af7e692e3d324c519b456013daae93bd63215540380a7fe08f0e050cdeb25db2a8b9b6f5720ad1e7d2c5b6d609712eccd321d6211fb642a4cdf72504aabd017a9b4827d1e0e0264435a5e1045dbe33834968d2db503972995559b1efe1b9ce475405118346b63f637b1abf8e8374e7100d6b41c9c672d2b244c7a82ffb882522efd9e903fc69db14c469685780005843856c6623591f305d383eae55a1a1d5619dfff0027413f26fa6a793a348ba8b192e1b088745a2175d55517a75d4b63cce41cc0dcaca9002cd37a1ccc6710ba2a099297b0824f976919e8abf3b1510b1305a95241fefbd036afa9d4538affc82f005d29b9f2c0e60d6c20f673b8ca28cb088e1e89efe334f25ffe1a3fb3581e5aa63b9a4a49f269b5538788aacbbc04d49902ae2af1f59d2484ab6ba7a9b477be0d92e221fc48cdbc00bef7125bfe36f9afb1cbd58fef21625ec99ffd2e35fb00767e3f22dba7d36163203cfaf1860a8b1afe0d878ea00fe08f68fd592a6395fb357acbdc2834c8ac85571527dbf1dbaaccede3d583e2b9bf076737716785f44aebc7ba917fb426d5541adff1e75836ab70fb0b43565ab5e24c5902879f31701cc006b4ee2f57be0916cf0b6cd489c4fa9129031a4af75a00048f20eb962f0c6f68cda0d7756a4e83f7d065c4a00b8263d95f6b979507b7ca01735e83a5e5ff0b76f077ef6e4c1150f9202b5311a231b76111d48a387e09075edb2448fb19d2869ae420ada8ee7577fe980ed7e057dc963c0a98db790bb5b7920220f8a55213b6530637b832abdf3c6fefdefb712a2c2c9eba8087ce39335ddabdadb86f493061e593981c6b2d70b4bac3b58885787c46f85c1022f5ff6cec16ba227aa5dac2e0be30522c08369f18d170b9cb454f3ebf86d1e923fdd65245d8e0c476bfedddcb772453f4d0e70d059e79b8811c379c9eff6e45d99f81186930b32b24cdcb906a41fe29c147ed834b37e77800a33c15e65d121ee85a924ef6bbc1c8f4a423fbc5d14645a08178227f4c7f111fa318823a6c075ddf9e131c9bca8d56dec4a68fbab9a0c1a128880d8b4dec59b89ec33c19eb76f09f31ad730cba735b60deba54c399119949e45af4de5c758281945fe6b6a25ac1cd57a81b48f11a6575e79b82e529d4ba1b2a1175cfa03ef6d149b165195fa64736b302e28ee6444368fb395a2d89c8747348b546a07ed0306682971539f0031d88ffa020d0b3d40369e0a3d2238293a75a155eb5c0749f64ed37a9af5be26d5a4322a55a23c33d176280bd0e4c5168f2e66bca925304d0f32074f5e68d7c43f9e2e3f14a6bcf3e77e6b71737131c3e90208072e37c8a6cad1cabd756aa694e85b86256ce13b43541a26438374b6029ee461d223ed34ed1e9a3e580cec7b2b41bc9823b3729e683f079a498636d022799dd94c5e870b6aa7f3d36fb51ffb6c5e317fcde6b5ae45073f8e90ee0fc1fa0641ff6f0b789dcc6df2fe9a3b5e6ed9d2be3403f5af96e7c6019b0a0ce4f8342323638a52c121956de068069fe5c44946b5023e1db7742fec29cb749bcdc09d795b683c553dbae1298540b2cf1bc3e5e52adf252bca47ba2182c80541daf1d11b1c67675171e69c1abe3c0bc3a0f2d1a6e2165ca1647c394970a404a6002621a258cef01e2ca12a138888dace9ad06d2f0c0209f286c11b289626aa557cc201560651054a6042e84c6fc5e345e2f702d61851fed5ffa36ade652f76db815dabb7b8eee016ea0836d0086f2a2f7bd1c4a4ceb1d706817b41347a891c34b45eb06a9ecb19041d5a39f050cb0413662dc4700385fac2e1823e1ce4d08c66692fde0862a057f2aa2425d511735fff53d0e3d88bfb245e7724ba4ba8452e469862d333dad5c63bfa778809c043132db3a57e122d0495441f7a07034a3ac1024b8fc063694d8316c29639cb6605ff362a853f976c763f6d10e4e0972760e60f08acdd8a73607e7311819fe24ad8b670bbf0adede086f91bd0839ce37927f43a263e3e8369932db9ab786ba66e1bba664bfa8aa50d98ed18fc90e560933c2e8da72757a4539756740a73c41180cf97fde47cf3e9e6005302459d831eea7a03157e0c3178776e4d4add3999b9a1efca7c99b8234ff9d33492431dd9bd0814301ee49260e30b8b6afc46ce8a733bc9d7850c789e5e98cdefbfb11131a85bc24e75453a16c6780ab4229b985d1fe7a255f71cfe18398e881d493ded88300b54f6c4a5567fd84a6e1f11835433448a00420ab1b3a49fcc0e9938da52b68f9409c94a0de61f0beb69532c4f7a11fae6a9ffd10db7de01e3272448b517ad795a06f3fef8148b7196cb81a80aed42e395c1ac346dd27f9bce87661e19f957a17d54d59b68e023c1516ae9ba4d75f18d4b8fc7e9fe6f74e38597b0e52000000000008000200fd7f00000400010018000180140002007665746830"], 0x1040}}, 0x0)

72.052424ms ago: executing program 5 (id=4497):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r1, @ANYBLOB="140001000040000000000000000000000000000014000200fe"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[], 0x50}}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

65.816635ms ago: executing program 6 (id=4498):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000850000009e00000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xad, &(0x7f00000003c0)=""/173}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000000)={r1, 0x0, &(0x7f0000001740)=""/4120}, 0x20)

60.200715ms ago: executing program 7 (id=4499):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

40.477227ms ago: executing program 6 (id=4500):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'dummy0\x00', <r2=>0x0})
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x930d, 0x4)
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)

30.776218ms ago: executing program 6 (id=4501):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000680)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r1, 0x4, 0x2000)
splice(r0, 0x0, r2, 0x0, 0x9aa7, 0x0)

28.602658ms ago: executing program 7 (id=4502):
socket(0x10, 0x80002, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
close(r1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

0s ago: executing program 5 (id=4503):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

kernel console output (not intermixed with test programs):

red forwarding state
[  172.254150][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  172.263763][  T340] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.270904][  T340] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.309721][   T43] device bridge_slave_1 left promiscuous mode
[  172.315924][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.324146][   T43] device bridge_slave_0 left promiscuous mode
[  172.331135][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.339723][   T43] device veth1_macvtap left promiscuous mode
[  172.345806][   T43] device veth0_vlan left promiscuous mode
[  172.393848][  T358] hid-rmi 0003:1532:011D.0024: hidraw0: USB HID v0.00 Device [HID 1532:011d] on usb-dummy_hcd.9-1/input0
[  172.434445][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  172.442653][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  172.453457][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  172.464765][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  172.472845][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  172.480384][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  172.490566][ T9174] device veth0_vlan entered promiscuous mode
[  172.501260][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  172.510885][ T9174] device veth1_macvtap entered promiscuous mode
[  172.521236][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  172.532567][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  172.558792][ T9210] loop7: detected capacity change from 0 to 1024
[  172.597616][  T358] usb 10-1: USB disconnect, device number 9
[  172.610767][ T9210] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  172.638429][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  172.700078][ T9219] loop7: detected capacity change from 0 to 512
[  172.702179][ T9221] binder: 9220:9221 ioctl c018620c 2000000000c0 returned -22
[  172.707174][ T9218] loop8: detected capacity change from 0 to 512
[  172.722638][ T9219] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.3675: inode #1: comm syz.7.3675: iget: illegal inode #
[  172.737010][ T9218] EXT4-fs (loop8): 1 truncate cleaned up
[  172.743231][ T9218] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  172.754517][ T9219] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.3675: error while reading EA inode 1 err=-117
[  172.767418][ T9219] EXT4-fs (loop7): 1 orphan inode deleted
[  172.774631][ T5702] EXT4-fs (loop8): unmounting filesystem.
[  172.780955][ T9219] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  172.803050][ T9219] EXT4-fs error (device loop7): __ext4_expand_extra_isize:5937: inode #15: comm syz.7.3675: bad extra_isize 6 (inode size 256)
[  172.826600][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  172.840634][ T9240] input: syz0 as /devices/virtual/input/input28
[  172.970900][ T9238] loop8: detected capacity change from 0 to 40427
[  172.978160][ T9238] F2FS-fs (loop8): Invalid SB checksum offset: 0
[  172.984606][ T9238] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  172.993881][ T9238] F2FS-fs (loop8): invalid crc value
[  173.000835][ T9238] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  173.023359][ T9238] F2FS-fs (loop8): Try to recover 2th superblock, ret: 0
[  173.030692][ T9238] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  173.053708][ T5702] syz-executor: attempt to access beyond end of device
[  173.053708][ T5702] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.124531][ T9254] binder: 9253:9254 ioctl c018620c 2000000000c0 returned -22
[  173.240476][ T9284] loop7: detected capacity change from 0 to 512
[  173.252869][ T9284] EXT4-fs: Ignoring removed orlov option
[  173.259299][ T9284] EXT4-fs (loop7): Test dummy encryption mode enabled
[  173.266731][ T9284] EXT4-fs (loop7): can't mount with data_err=abort, fs mounted w/o journal
[  173.348300][ T9275] loop8: detected capacity change from 0 to 40427
[  173.355351][ T9298] loop4: detected capacity change from 0 to 1024
[  173.355501][ T9275] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[  173.368888][ T9275] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  173.377420][ T9275] F2FS-fs (loop8): heap/no_heap options were deprecated
[  173.382457][ T9298] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  173.385196][ T9275] F2FS-fs (loop8): invalid crc value
[  173.399325][ T9275] F2FS-fs (loop8): Found nat_bits in checkpoint
[  173.406625][ T9174] EXT4-fs (loop4): unmounting filesystem.
[  173.445388][ T9275] F2FS-fs (loop8): Start checkpoint disabled!
[  173.452254][ T9275] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  173.459525][ T9275] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  173.511443][   T43] kworker/u4:2: attempt to access beyond end of device
[  173.511443][   T43] loop8: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  173.554844][  T358] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  173.570250][ T9308] loop4: detected capacity change from 0 to 40427
[  173.576983][  T348] Bluetooth: hci0: command 0x1003 tx timeout
[  173.580729][ T5273] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  173.585049][ T9308] F2FS-fs (loop4): invalid crc value
[  173.605424][ T9308] F2FS-fs (loop4): Found nat_bits in checkpoint
[  173.629647][ T9320] binder: 9319:9320 ioctl 4018620d 0 returned -22
[  173.644197][ T9323] loop8: detected capacity change from 0 to 512
[  173.654355][ T9323] EXT4-fs: Ignoring removed nobh option
[  173.661946][ T9308] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  173.671422][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #3: comm syz.8.3720: corrupted inode contents
[  173.684199][ T9323] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #3: comm syz.8.3720: mark_inode_dirty error
[  173.696162][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #3: comm syz.8.3720: corrupted inode contents
[  173.708539][ T9174] syz-executor: attempt to access beyond end of device
[  173.708539][ T9174] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  173.722739][ T9323] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #3: comm syz.8.3720: mark_inode_dirty error
[  173.737863][ T9323] __quota_error: 29 callbacks suppressed
[  173.737883][ T9323] Quota error (device loop8): write_blk: dquota write failed
[  173.751567][ T9323] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  173.760804][  T358] usb 10-1: unable to get BOS descriptor or descriptor too short
[  173.761883][ T9323] EXT4-fs error (device loop8): ext4_acquire_dquot:6801: comm syz.8.3720: Failed to acquire dquot type 0
[  173.776792][  T358] usb 10-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  173.790174][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #16: comm syz.8.3720: corrupted inode contents
[  173.802153][  T358] usb 10-1: config 1 has no interface number 1
[  173.808330][  T358] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  173.822054][ T9323] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #16: comm syz.8.3720: mark_inode_dirty error
[  173.833860][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #16: comm syz.8.3720: corrupted inode contents
[  173.846829][ T9323] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #16: comm syz.8.3720: mark_inode_dirty error
[  173.859897][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #16: comm syz.8.3720: corrupted inode contents
[  173.860273][   T28] audit: type=1400 audit(173.659:1237): avc:  denied  { read } for  pid=9331 comm="syz.6.3723" path="socket:[59290]" dev="sockfs" ino=59290 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  173.872723][  T358] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  173.894881][ T9323] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem
[  173.904258][  T358] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.904287][  T358] usb 10-1: Product: syz
[  173.904303][  T358] usb 10-1: Manufacturer: syz
[  173.904317][  T358] usb 10-1: SerialNumber: syz
[  173.937145][ T9323] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #16: comm syz.8.3720: corrupted inode contents
[  173.950203][ T9339] loop4: detected capacity change from 0 to 1024
[  173.955124][ T9323] EXT4-fs error (device loop8): ext4_truncate:4314: inode #16: comm syz.8.3720: mark_inode_dirty error
[  173.957540][ T9339] EXT4-fs: Ignoring removed i_version option
[  173.975791][   T28] audit: type=1400 audit(173.776:1238): avc:  denied  { ioctl } for  pid=9340 comm="syz.6.3726" path="socket:[59872]" dev="sockfs" ino=59872 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  173.975960][ T9323] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem
[  174.004443][ T9339] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.3725: Invalid block bitmap block 0 in block_group 0
[  174.009852][ T9323] EXT4-fs (loop8): 1 truncate cleaned up
[  174.028929][ T9339] Quota error (device loop4): write_blk: dquota write failed
[  174.036816][ T9339] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  174.046860][ T9323] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  174.055934][ T9339] EXT4-fs error (device loop4): ext4_acquire_dquot:6801: comm syz.4.3725: Failed to acquire dquot type 0
[  174.074211][ T9339] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.3725: Freeing blocks not in datazone - block = 0, count = 4096
[  174.089230][ T9339] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.3725: Invalid inode bitmap blk 0 in block_group 0
[  174.102365][ T9339] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[  174.111266][   T43] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8
[  174.113886][ T9339] EXT4-fs (loop4): 1 orphan inode deleted
[  174.120449][   T43] EXT4-fs error (device loop4): ext4_release_dquot:6837: comm kworker/u4:2: Failed to release dquot type 0
[  174.126294][ T9339] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  174.139133][ T5702] EXT4-fs (loop8): unmounting filesystem.
[  174.147945][  T358] usb 10-1: found format II with max.bitrate = 26774, frame size=2
[  174.161055][  T358] usb 10-1: found format II with max.bitrate = 26774, frame size=2
[  174.173826][  T358] usb 10-1: failed to enable PITCH for EP 0x82
[  174.174433][ T9339] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.3725: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  174.184910][  T358] usb 10-1: USB disconnect, device number 10
[  174.214968][ T9174] EXT4-fs (loop4): unmounting filesystem.
[  174.361430][   T39] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  174.392437][ T9377] loop8: detected capacity change from 0 to 1024
[  174.399414][ T9377] EXT4-fs: Ignoring removed i_version option
[  174.407973][ T9377] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:477: comm syz.8.3742: Invalid block bitmap block 0 in block_group 0
[  174.421802][ T9377] Quota error (device loop8): write_blk: dquota write failed
[  174.432350][ T9377] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  174.442412][ T9377] EXT4-fs error (device loop8): ext4_acquire_dquot:6801: comm syz.8.3742: Failed to acquire dquot type 0
[  174.453772][   T28] audit: type=1400 audit(174.237:1239): avc:  denied  { mount } for  pid=9379 comm="syz.4.3753" name="/" dev="pstore" ino=14094 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  174.484187][ T9377] EXT4-fs error (device loop8): ext4_free_blocks:6210: comm syz.8.3742: Freeing blocks not in datazone - block = 0, count = 4096
[  174.508157][ T9377] EXT4-fs error (device loop8): ext4_read_inode_bitmap:140: comm syz.8.3742: Invalid inode bitmap blk 0 in block_group 0
[  174.524724][  T339] EXT4-fs error (device loop8): ext4_release_dquot:6837: comm kworker/u4:3: Failed to release dquot type 0
[  174.532343][ T9377] EXT4-fs error (device loop8) in ext4_free_inode:362: Corrupt filesystem
[  174.556409][   T39] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.571526][ T9377] EXT4-fs (loop8): 1 orphan inode deleted
[  174.580147][   T39] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  174.603051][ T9377] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  174.608491][ T9388] loop7: detected capacity change from 0 to 1024
[  174.617622][   T39] usb 7-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  174.637899][   T39] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.658629][ T9377] EXT4-fs error (device loop8): ext4_search_dir:1549: inode #2: block 16: comm syz.8.3742: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  174.668333][ T9388] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  174.679946][   T39] usb 7-1: Product: syz
[  174.690397][   T39] usb 7-1: Manufacturer: syz
[  174.696463][   T39] usb 7-1: SerialNumber: syz
[  174.718389][   T39] usb 7-1: config 0 descriptor??
[  174.740323][ T5702] EXT4-fs (loop8): unmounting filesystem.
[  174.748130][   T39] usb 7-1: Found UVC 0.00 device syz (18ec:3288)
[  174.760356][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  174.768938][   T39] usb 7-1: No valid video chain found.
[  174.813993][ T9405] loop9: detected capacity change from 0 to 512
[  174.829141][ T9408] loop8: detected capacity change from 0 to 512
[  174.832943][ T9405] EXT4-fs error (device loop9): ext4_get_branch:178: inode #11: block 4294967295: comm syz.9.3755: invalid block
[  174.848389][ T9408] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  174.857340][ T9405] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.3755: invalid indirect mapped block 4294967295 (level 1)
[  174.877848][ T9405] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.3755: invalid indirect mapped block 4294967295 (level 1)
[  174.900161][ T9405] EXT4-fs (loop9): 2 truncates cleaned up
[  174.907275][ T9408] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  174.916495][ T9405] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  174.941129][ T9405] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.3755: bg 0: block 5: invalid block bitmap
[  174.955710][   T39] usb 7-1: USB disconnect, device number 13
[  174.977374][ T6667] EXT4-fs (loop9): unmounting filesystem.
[  175.062584][ T9408] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  175.077268][ T9408] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28
[  175.090002][ T9408] EXT4-fs (loop8): This should not happen!! Data will be lost
[  175.090002][ T9408] 
[  175.099934][ T9408] EXT4-fs (loop8): Total free blocks count 0
[  175.106299][ T9408] EXT4-fs (loop8): Free/Dirty block details
[  175.112401][ T9408] EXT4-fs (loop8): free_blocks=39626
[  175.118213][ T9408] EXT4-fs (loop8): dirty_blocks=4095
[  175.123619][ T9408] EXT4-fs (loop8): Block reservation details
[  175.129682][ T9408] EXT4-fs (loop8): i_reserved_data_blocks=4095
[  175.155025][  T339] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2046 with error 28
[  175.460495][ T9420] loop4: detected capacity change from 0 to 131072
[  175.468043][ T9420] F2FS-fs (loop4): Test dummy encryption mode enabled
[  175.475809][ T9420] F2FS-fs (loop4): invalid crc value
[  175.482502][ T9420] F2FS-fs (loop4): Found nat_bits in checkpoint
[  175.508607][ T9420] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  175.530082][ T9420] F2FS-fs (loop4): access invalid blkaddr:1281
[  175.536589][ T9420] CPU: 1 PID: 9420 Comm: syz.4.3760 Not tainted syzkaller #0
[  175.543972][ T9420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.554207][ T9420] Call Trace:
[  175.557594][ T9420]  <TASK>
[  175.560514][ T9420]  __dump_stack+0x21/0x24
[  175.564923][ T9420]  dump_stack_lvl+0xee/0x150
[  175.569769][ T9420]  ? __cfi_dump_stack_lvl+0x8/0x8
[  175.574819][ T9420]  ? __cfi_f2fs_get_dnode_of_data+0x10/0x10
[  175.580746][ T9420]  dump_stack+0x15/0x24
[  175.584917][ T9420]  __f2fs_is_valid_blkaddr+0xda6/0x1460
[  175.590486][ T9420]  f2fs_is_valid_blkaddr+0x23/0x30
[  175.595607][ T9420]  f2fs_get_read_data_page+0x4e2/0x840
[  175.601078][ T9420]  ? __cfi_f2fs_get_read_data_page+0x10/0x10
[  175.607078][ T9420]  ? kasan_save_alloc_info+0x25/0x30
[  175.612359][ T9420]  ? __kasan_slab_alloc+0x72/0x80
[  175.617373][ T9420]  ? slab_post_alloc_hook+0x4f/0x2d0
[  175.622653][ T9420]  ? kmem_cache_alloc_lru+0x104/0x280
[  175.628035][ T9420]  ? __d_alloc+0x34/0x6c0
[  175.632361][ T9420]  f2fs_find_data_page+0x198/0x3a0
[  175.637476][ T9420]  __f2fs_find_entry+0x720/0xdb0
[  175.642504][ T9420]  ? __cfi___f2fs_find_entry+0x10/0x10
[  175.648046][ T9420]  ? generic_set_encrypted_ci_d_ops+0xce/0x100
[  175.654246][ T9420]  f2fs_lookup+0x19b/0xab0
[  175.658664][ T9420]  ? __cfi_f2fs_lookup+0x10/0x10
[  175.663789][ T9420]  ? _raw_spin_lock+0x8e/0xe0
[  175.668463][ T9420]  ? __cfi__raw_spin_lock+0x10/0x10
[  175.673736][ T9420]  ? _raw_spin_unlock+0x4c/0x70
[  175.678566][ T9420]  ? d_alloc+0x199/0x1d0
[  175.682802][ T9420]  lookup_one_qstr_excl+0x125/0x270
[  175.688290][ T9420]  filename_create+0x219/0x450
[  175.693058][ T9420]  ? kasan_save_alloc_info+0x25/0x30
[  175.698349][ T9420]  ? kern_path_create+0x1b0/0x1b0
[  175.703370][ T9420]  do_mkdirat+0x5c/0x4c0
[  175.707636][ T9420]  ? getname_flags+0x206/0x500
[  175.712390][ T9420]  __x64_sys_mkdirat+0x89/0xa0
[  175.717139][ T9420]  x64_sys_call+0x73d/0x9a0
[  175.721727][ T9420]  do_syscall_64+0x4c/0xa0
[  175.726155][ T9420]  ? clear_bhb_loop+0x30/0x80
[  175.730939][ T9420]  ? clear_bhb_loop+0x30/0x80
[  175.735641][ T9420]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  175.741531][ T9420] RIP: 0033:0x7fc925f8d457
[  175.745967][ T9420] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.765914][ T9420] RSP: 002b:00007fc926eb3e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  175.774360][ T9420] RAX: ffffffffffffffda RBX: 00007fc926eb3ef0 RCX: 00007fc925f8d457
[  175.782336][ T9420] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  175.790300][ T9420] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  175.798350][ T9420] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  175.806314][ T9420] R13: 00007fc926eb3eb0 R14: 0000000000000000 R15: 0000000000000000
[  175.814282][ T9420]  </TASK>
[  176.340038][ T9433] loop7: detected capacity change from 0 to 512
[  176.357949][ T9433] EXT4-fs error (device loop7): ext4_get_branch:178: inode #11: block 4294967295: comm syz.7.3774: invalid block
[  176.374763][ T9433] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.3774: invalid indirect mapped block 4294967295 (level 1)
[  176.389285][ T9433] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #11: comm syz.7.3774: invalid indirect mapped block 4294967295 (level 1)
[  176.405456][ T9443] loop4: detected capacity change from 0 to 512
[  176.412282][ T9433] EXT4-fs (loop7): 2 truncates cleaned up
[  176.418222][ T9433] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  176.433875][ T9433] EXT4-fs error (device loop7): ext4_validate_block_bitmap:429: comm syz.7.3774: bg 0: block 5: invalid block bitmap
[  176.434158][ T9443] EXT4-fs (loop4): 1 truncate cleaned up
[  176.468559][ T9443] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  176.477855][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  176.550961][ T9174] EXT4-fs (loop4): unmounting filesystem.
[  176.992316][ T9479] loop7: detected capacity change from 0 to 512
[  177.033699][ T9441] loop8: detected capacity change from 0 to 131072
[  177.041028][ T9479] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  177.056675][ T9441] F2FS-fs (loop8): Invalid log sectorsize (67108873)
[  177.068478][ T9445] loop6: detected capacity change from 0 to 131072
[  177.075611][ T9441] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  177.085147][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  177.091067][ T9445] F2FS-fs (loop6): Test dummy encryption mode enabled
[  177.103603][ T9441] F2FS-fs (loop8): invalid crc value
[  177.109410][ T9445] F2FS-fs (loop6): invalid crc value
[  177.116914][ T9441] F2FS-fs (loop8): Found nat_bits in checkpoint
[  177.130017][ T9445] F2FS-fs (loop6): Found nat_bits in checkpoint
[  177.163173][ T9445] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  177.168545][ T9495] SELinux: failed to load policy
[  177.175736][ T9441] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  177.182843][ T9441] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  177.192786][ T9500] netlink: 'syz.4.3788': attribute type 11 has an invalid length.
[  177.200711][ T9500] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3788'.
[  177.261971][ T9506] loop4: detected capacity change from 0 to 512
[  177.295404][ T9506] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  177.336569][ T9174] EXT4-fs (loop4): unmounting filesystem.
[  177.375619][ T3543] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  177.443334][ T9514] loop8: detected capacity change from 0 to 512
[  177.450048][ T9514] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  177.500695][ T9514] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3790'.
[  177.569008][ T3543] usb 8-1: Using ep0 maxpacket: 32
[  177.575495][ T3543] usb 8-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.596925][ T3543] usb 8-1: config 0 interface 0 has no altsetting 0
[  177.610479][ T3543] usb 8-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00
[  177.620005][ T3543] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.628794][ T3543] usb 8-1: config 0 descriptor??
[  177.674444][ T9531] loop8: detected capacity change from 0 to 256
[  177.683950][ T9531] exFAT-fs (loop8): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  177.698660][ T9531] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[  177.709881][ T9531] exFAT-fs (loop8): error, failed to bmap (inode : ffff888137171150 iblock : 8, err : -5)
[  177.720404][ T9531] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[  177.729846][ T9531] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[  177.740090][ T9531] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[  177.749673][ T9531] exFAT-fs (loop8): error, failed to bmap (inode : ffff888137171150 iblock : 8, err : -5)
[  177.759991][ T9531] exFAT-fs (loop8): error, invalid access to FAT free cluster (entry 0x00000008)
[  177.771603][ T9512] loop6: detected capacity change from 0 to 131072
[  177.779941][ T9512] F2FS-fs (loop6): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  177.788733][ T9512] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  177.797646][ T9512] F2FS-fs (loop6): invalid crc value
[  177.805079][ T9512] F2FS-fs (loop6): Found nat_bits in checkpoint
[  177.831713][ T9512] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  177.838824][ T9512] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  178.048776][ T3543] wacom 0003:056A:00F4.0025: item fetching failed at offset 0/1
[  178.056671][ T3543] wacom 0003:056A:00F4.0025: parse failed
[  178.062393][ T3543] wacom: probe of 0003:056A:00F4.0025 failed with error -22
[  178.078726][ T9549] loop6: detected capacity change from 0 to 256
[  178.089215][ T9549] FAT-fs (loop6): Directory bread(block 64) failed
[  178.095772][ T9549] FAT-fs (loop6): Directory bread(block 65) failed
[  178.102467][ T9549] FAT-fs (loop6): Directory bread(block 66) failed
[  178.102492][ T9549] FAT-fs (loop6): Directory bread(block 67) failed
[  178.102521][ T9549] FAT-fs (loop6): Directory bread(block 68) failed
[  178.102538][ T9549] FAT-fs (loop6): Directory bread(block 69) failed
[  178.102568][ T9549] FAT-fs (loop6): Directory bread(block 70) failed
[  178.102585][ T9549] FAT-fs (loop6): Directory bread(block 71) failed
[  178.102614][ T9549] FAT-fs (loop6): Directory bread(block 72) failed
[  178.102630][ T9549] FAT-fs (loop6): Directory bread(block 73) failed
[  178.131121][ T9555] binder: 9554:9555 ioctl 4018620d 0 returned -22
[  178.257627][ T3543] usb 8-1: USB disconnect, device number 8
[  178.775934][ T9558] loop7: detected capacity change from 0 to 512
[  178.782896][ T9558] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  178.809660][ T9558] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  178.903488][ T9558] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  178.918106][ T9558] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28
[  178.930583][ T9558] EXT4-fs (loop7): This should not happen!! Data will be lost
[  178.930583][ T9558] 
[  178.940273][ T9558] EXT4-fs (loop7): Total free blocks count 0
[  178.946340][ T9558] EXT4-fs (loop7): Free/Dirty block details
[  178.952293][ T9558] EXT4-fs (loop7): free_blocks=39626
[  178.957589][ T9558] EXT4-fs (loop7): dirty_blocks=4095
[  178.962919][ T9558] EXT4-fs (loop7): Block reservation details
[  178.968972][ T9558] EXT4-fs (loop7): i_reserved_data_blocks=4095
[  179.034240][   T43] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2046 with error 28
[  179.264654][  T358] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  179.304072][ T9568] loop4: detected capacity change from 0 to 131072
[  179.312201][ T9568] F2FS-fs (loop4): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  179.321029][ T9568] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  179.329792][ T9568] F2FS-fs (loop4): invalid crc value
[  179.337013][ T9568] F2FS-fs (loop4): Found nat_bits in checkpoint
[  179.362248][ T9568] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  179.369411][ T9568] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  179.422783][ T9578] SELinux: failed to load policy
[  179.468608][  T358] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.478875][  T358] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  179.498314][  T358] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  179.507487][  T358] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  179.515803][  T358] usb 7-1: SerialNumber: syz
[  179.733900][  T358] usb 7-1: 0:2 : does not exist
[  179.742439][  T358] usb 7-1: USB disconnect, device number 14
[  180.045579][ T3529] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  180.229280][ T3529] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.240251][ T3529] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.249996][ T3529] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  180.262408][ T9609] loop6: detected capacity change from 0 to 512
[  180.262897][ T3529] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  180.278211][ T3529] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.278430][ T9609] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  180.287060][ T3529] usb 5-1: config 0 descriptor??
[  180.310636][ T9609] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  180.323516][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  180.323532][   T28] audit: type=1400 audit(180.011:1248): avc:  denied  { create } for  pid=9616 comm="syz.7.3837" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  180.349865][   T28] audit: type=1400 audit(180.011:1249): avc:  denied  { read write } for  pid=9616 comm="syz.7.3837" name="file1" dev="tmpfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  180.372359][   T28] audit: type=1400 audit(180.011:1250): avc:  denied  { open } for  pid=9616 comm="syz.7.3837" path="/395/file1" dev="tmpfs" ino=2061 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  180.467728][ T9609] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  180.482883][ T9609] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28
[  180.495606][ T9609] EXT4-fs (loop6): This should not happen!! Data will be lost
[  180.495606][ T9609] 
[  180.506700][ T9609] EXT4-fs (loop6): Total free blocks count 0
[  180.513238][ T9609] EXT4-fs (loop6): Free/Dirty block details
[  180.519318][ T9609] EXT4-fs (loop6): free_blocks=39626
[  180.524704][ T9609] EXT4-fs (loop6): dirty_blocks=4095
[  180.530262][ T9609] EXT4-fs (loop6): Block reservation details
[  180.536482][ T9609] EXT4-fs (loop6): i_reserved_data_blocks=4095
[  180.600034][ T9636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  180.600087][   T43] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2046 with error 28
[  180.607283][ T9636] IPv6: NLM_F_CREATE should be set when creating new route
[  180.716773][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.724325][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.731872][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.739420][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.750959][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.751067][   T28] audit: type=1400 audit(180.435:1251): avc:  denied  { write } for  pid=9647 comm="syz.7.3860" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  180.759402][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.788201][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.795811][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.803239][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.810721][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.818360][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.825769][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.833189][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.840770][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.848184][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.855653][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.863056][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.870451][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.877851][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.885240][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.892641][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.900058][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.907508][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.915491][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.922918][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.930352][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.937756][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.945131][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.952541][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.959959][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.967344][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.974853][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.982462][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.989914][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  180.997372][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  181.004844][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  181.012431][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  181.028547][ T3529] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  181.036309][ T3529] plantronics 0003:047F:FFFF.0026: No inputs registered, leaving
[  181.160776][ T3529] plantronics 0003:047F:FFFF.0026: hiddev96,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  181.182098][ T3529] usb 5-1: USB disconnect, device number 7
[  181.195367][   T28] audit: type=1400 audit(180.879:1252): avc:  denied  { unmount } for  pid=5702 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  181.225919][ T9665] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  181.233251][ T9665] IPv6: NLM_F_CREATE should be set when creating new route
[  181.337078][ T9677] loop8: detected capacity change from 0 to 8192
[  181.583355][ T9694] loop4: detected capacity change from 0 to 512
[  181.599695][ T9694] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  181.629027][ T9694] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  181.806631][ T9694] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  181.821245][ T9694] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28
[  181.833912][ T9694] EXT4-fs (loop4): This should not happen!! Data will be lost
[  181.833912][ T9694] 
[  181.843713][ T9694] EXT4-fs (loop4): Total free blocks count 0
[  181.849761][ T9694] EXT4-fs (loop4): Free/Dirty block details
[  181.855818][ T9694] EXT4-fs (loop4): free_blocks=39626
[  181.861389][ T9694] EXT4-fs (loop4): dirty_blocks=4095
[  181.866748][ T9694] EXT4-fs (loop4): Block reservation details
[  181.872962][ T9694] EXT4-fs (loop4): i_reserved_data_blocks=4095
[  181.917499][   T43] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2046 with error 28
[  182.010775][  T294] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  182.196390][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  182.204090][  T294] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.215548][  T294] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.225733][  T294] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  182.233533][ T3543] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  182.239219][  T294] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  182.255389][  T294] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.263825][  T294] usb 8-1: config 0 descriptor??
[  182.426883][ T3543] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.438145][ T3543] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.448114][ T3543] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  182.457547][ T3543] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.466961][ T3543] usb 7-1: config 0 descriptor??
[  182.677313][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.684804][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.692317][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.699835][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.707260][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.714709][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.722227][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.729810][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.737289][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.744811][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.752408][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.760119][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.767597][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.775154][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.782800][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.790820][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.798434][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.802097][   T28] audit: type=1400 audit(182.460:1253): avc:  denied  { setopt } for  pid=9744 comm="syz.8.3894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  182.806309][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.832500][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.840132][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.847998][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.855457][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.863217][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.869242][ T9749] Bluetooth: hci1: Frame reassembly failed (-84)
[  182.870994][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.877717][   T43] Bluetooth: hci1: Frame reassembly failed (-84)
[  182.885212][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.893038][ T3543] cp2112 0003:10C4:EA90.0028: unknown main item tag 0x0
[  182.898836][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.908689][ T3543] cp2112 0003:10C4:EA90.0028: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.6-1/input0
[  182.913577][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.932325][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.939889][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.947303][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.954732][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.962217][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.969782][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.977269][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.984677][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.992080][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  182.999691][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  183.007205][  T294] plantronics 0003:047F:FFFF.0027: unknown main item tag 0x0
[  183.014783][  T294] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[  183.023719][  T294] plantronics 0003:047F:FFFF.0027: hiddev96,hidraw1: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  183.038900][  T294] usb 8-1: USB disconnect, device number 9
[  183.108487][ T3543] cp2112 0003:10C4:EA90.0028: Part Number: 0x82 Device Version: 0xFE
[  183.311324][ T3543] cp2112 0003:10C4:EA90.0028: error requesting SMBus config
[  183.319240][ T3543] cp2112: probe of 0003:10C4:EA90.0028 failed with error -32
[  183.329110][ T3543] usb 7-1: USB disconnect, device number 15
[  184.296351][  T349] Bluetooth: hci0: command 0x1003 tx timeout
[  184.296358][ T5273] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  184.942784][ T5273] Bluetooth: hci1: command 0x1003 tx timeout
[  184.942795][  T348] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  190.527042][ T9760] loop7: detected capacity change from 0 to 40427
[  190.534409][ T9760] F2FS-fs (loop7): fault_injection options not supported
[  190.543337][ T9760] F2FS-fs (loop7): invalid crc value
[  190.548842][ T9765] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.549965][ T9760] F2FS-fs (loop7): Found nat_bits in checkpoint
[  190.556467][ T9765] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.570274][ T9765] device bridge_slave_0 entered promiscuous mode
[  190.577527][ T9765] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.584627][ T9765] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.587281][ T9760] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  190.592143][ T9765] device bridge_slave_1 entered promiscuous mode
[  190.646112][  T340] Bluetooth: hci0: Frame reassembly failed (-84)
[  190.653311][ T5537] syz-executor: attempt to access beyond end of device
[  190.653311][ T5537] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  190.716807][ T9765] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.723915][ T9765] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.731487][ T9765] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.738614][ T9765] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.764204][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  190.772434][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.779964][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.792629][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  190.801296][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.808634][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.821413][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  190.829823][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.836883][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.854925][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  190.863594][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  190.878069][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  190.889486][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  190.897678][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  190.905677][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  190.914564][ T9765] device veth0_vlan entered promiscuous mode
[  190.926958][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  190.931555][ T3529] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  190.943686][ T9765] device veth1_macvtap entered promiscuous mode
[  190.953348][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  190.964015][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  190.988544][ T9797] loop2: detected capacity change from 0 to 512
[  190.995984][ T9797] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  191.013043][  T339] device bridge_slave_1 left promiscuous mode
[  191.019172][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.026761][  T339] device bridge_slave_0 left promiscuous mode
[  191.028321][ T9797] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  191.033124][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.050158][  T339] device veth1_macvtap left promiscuous mode
[  191.056564][  T339] device veth0_vlan left promiscuous mode
[  191.143918][ T3529] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.163153][ T3529] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.171107][ T9797] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  191.173167][ T3529] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  191.188160][ T9797] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28
[  191.200567][ T3529] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  191.216705][ T9797] EXT4-fs (loop2): This should not happen!! Data will be lost
[  191.216705][ T9797] 
[  191.222113][ T3529] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.232015][ T9797] EXT4-fs (loop2): Total free blocks count 0
[  191.241103][ T3529] usb 5-1: config 0 descriptor??
[  191.246018][ T9797] EXT4-fs (loop2): Free/Dirty block details
[  191.256964][ T9797] EXT4-fs (loop2): free_blocks=39626
[  191.262389][ T9797] EXT4-fs (loop2): dirty_blocks=4095
[  191.267781][ T9797] EXT4-fs (loop2): Block reservation details
[  191.273991][ T9797] EXT4-fs (loop2): i_reserved_data_blocks=4095
[  191.322286][   T43] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2046 with error 28
[  191.375451][ T9803] loop2: detected capacity change from 0 to 256
[  191.382082][ T9803] exfat: Deprecated parameter 'namecase'
[  191.390321][ T9803] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  191.407199][   T28] audit: type=1400 audit(190.995:1254): avc:  denied  { mounton } for  pid=9802 comm="syz.2.3912" path="/1/file0/file0" dev="loop2" ino=1048813 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  191.616394][ T9807] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.623445][ T9807] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.630862][ T9807] device bridge_slave_0 entered promiscuous mode
[  191.640351][ T9807] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.647952][ T9807] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.655360][ T9807] device bridge_slave_1 entered promiscuous mode
[  191.656180][ T9779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.670408][ T9779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.688340][ T3529] usbhid 5-1:0.0: can't add hid device: -71
[  191.694432][ T3529] usbhid: probe of 5-1:0.0 failed with error -71
[  191.703560][ T3529] usb 5-1: USB disconnect, device number 8
[  191.739752][ T9807] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.746909][ T9807] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.754191][ T9807] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.761237][ T9807] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.782356][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.806302][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.814789][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.830597][ T9826] loop7: detected capacity change from 0 to 512
[  191.850281][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  191.860887][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.867969][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.875610][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  191.885356][ T9826] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  191.885455][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.901424][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.908988][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  191.937479][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.946630][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  191.953438][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  191.964881][ T9807] device veth0_vlan entered promiscuous mode
[  191.972340][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  191.980599][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  191.988473][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  192.005338][ T9807] device veth1_macvtap entered promiscuous mode
[  192.018037][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  192.033324][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  192.052411][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  192.100702][  T339] device bridge_slave_1 left promiscuous mode
[  192.108173][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.119542][ T9835] SELinux: failed to load policy
[  192.125314][  T339] device bridge_slave_0 left promiscuous mode
[  192.134907][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.145611][  T339] device veth1_macvtap left promiscuous mode
[  192.151740][  T339] device veth0_vlan left promiscuous mode
[  192.186507][ T9839] loop3: detected capacity change from 0 to 256
[  192.207531][ T9839] exfat: Deprecated parameter 'utf8'
[  192.235383][ T9839] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  192.473527][ T9858] loop7: detected capacity change from 0 to 512
[  192.497301][ T9858] EXT4-fs: Ignoring removed oldalloc option
[  192.505603][ T9858] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  192.527259][ T9858] EXT4-fs (loop7): 1 truncate cleaned up
[  192.533535][ T9858] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  192.547374][   T28] audit: type=1400 audit(192.128:1255): avc:  denied  { append } for  pid=9856 comm="syz.7.3933" name="file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  192.562417][ T9858] EXT4-fs (loop7): shut down requested (2)
[  192.632756][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  192.683113][  T348] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  192.683275][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  192.735606][   T28] audit: type=1400 audit(192.317:1256): avc:  denied  { relabelfrom } for  pid=9875 comm="syz.4.3941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  192.764693][ T9861] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.781950][ T9861] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.789180][   T28] audit: type=1400 audit(192.337:1257): avc:  denied  { relabelto } for  pid=9875 comm="syz.4.3941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  192.833653][ T9861] device bridge_slave_0 entered promiscuous mode
[  192.837324][ T9884] loop4: detected capacity change from 0 to 256
[  192.850291][ T9861] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.867240][ T9861] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.876741][ T9884] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  192.878469][ T9861] device bridge_slave_1 entered promiscuous mode
[  193.017160][   T39] hid-generic 0000:0004:0000.0029: unknown main item tag 0x0
[  193.029599][ T9917] serio: Serial port ptm0
[  193.035326][   T39] hid-generic 0000:0004:0000.0029: unknown main item tag 0x0
[  193.042939][   T39] hid-generic 0000:0004:0000.0029: unknown main item tag 0x0
[  193.051362][   T39] hid-generic 0000:0004:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  193.067135][ T9861] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.074228][ T9861] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.081572][ T9861] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.088642][ T9861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.130099][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  193.138535][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.148249][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.168348][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  193.180080][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.187262][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.212141][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  193.220250][   T28] audit: type=1400 audit(192.784:1258): avc:  denied  { getopt } for  pid=9946 comm="syz.4.3971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  193.234595][  T340] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.246601][  T340] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.276959][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  193.299777][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  193.320955][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  193.336646][ T9861] device veth0_vlan entered promiscuous mode
[  193.345341][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.361652][ T9861] device veth1_macvtap entered promiscuous mode
[  193.374397][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  193.385355][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.393313][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.411653][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  193.429666][  T339] device bridge_slave_1 left promiscuous mode
[  193.431146][ T9966] loop6: detected capacity change from 0 to 128
[  193.435887][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.450175][  T339] device bridge_slave_0 left promiscuous mode
[  193.456447][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.464874][   T28] audit: type=1400 audit(193.033:1259): avc:  denied  { watch } for  pid=9965 comm="syz.6.3980" path="/515/file0/file1" dev="loop6" ino=1048837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  193.489384][  T339] device veth1_macvtap left promiscuous mode
[  193.495523][  T339] device veth0_vlan left promiscuous mode
[  193.504291][ T9972] loop6: detected capacity change from 0 to 256
[  193.511166][ T9972] FAT-fs (loop6): Unrecognized mount option "iochars.het=cp950" or missing value
[  193.555091][ T9977] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3985'.
[  193.564224][ T3529] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  193.579827][ T9979] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3986'.
[  193.604319][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  193.613695][  T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  193.640220][ T9989] loop6: detected capacity change from 0 to 512
[  193.669812][ T9997] loop4: detected capacity change from 0 to 16
[  193.676756][ T9997] erofs: (device loop4): mounted with root inode @ nid 36.
[  193.684303][ T9989] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  193.711980][ T9989] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.3991: corrupted inode contents
[  193.724266][ T9989] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #2: comm syz.6.3991: mark_inode_dirty error
[  193.736487][ T9989] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.3991: corrupted inode contents
[  193.749598][ T3529] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.750461][ T9989] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #2: comm syz.6.3991: mark_inode_dirty error
[  193.771984][ T3529] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.786433][ T3529] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  193.799275][T10004] EXT4-fs error (device loop6): ext4_get_first_dir_block:3594: inode #18: comm syz.6.3991: directory missing '.'
[  193.801168][ T3529] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  193.820694][ T3529] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.829323][ T3529] usb 8-1: config 0 descriptor??
[  193.866694][ T3950] EXT4-fs (loop6): unmounting filesystem.
[  193.890574][   T28] audit: type=1400 audit(193.461:1260): avc:  denied  { map } for  pid=10013 comm="syz.6.3999" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=62457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  193.920862][   T28] audit: type=1400 audit(193.481:1261): avc:  denied  { read write } for  pid=10013 comm="syz.6.3999" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=62457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  194.078471][T10036] device bridge0 entered promiscuous mode
[  194.085979][T10036] bridge0: port 3(macsec2) entered blocking state
[  194.092472][T10036] bridge0: port 3(macsec2) entered disabled state
[  194.101545][T10036] device bridge0 left promiscuous mode
[  194.240229][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.248189][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.256024][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.263504][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.271154][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.279019][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.287595][T10054] netlink: 180 bytes leftover after parsing attributes in process `syz.5.4017'.
[  194.287607][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.287629][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.312352][ T3529] plantronics 0003:047F:FFFF.002A: unknown main item tag 0x0
[  194.320061][ T3529] plantronics 0003:047F:FFFF.002A: No inputs registered, leaving
[  194.328869][ T3529] plantronics 0003:047F:FFFF.002A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  194.349807][T10056] netlink: 'syz.5.4018': attribute type 5 has an invalid length.
[  194.374473][   T28] audit: type=1400 audit(193.948:1262): avc:  denied  { mount } for  pid=10059 comm="syz.5.4020" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  194.396317][  T358] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  194.410506][   T28] audit: type=1400 audit(193.978:1263): avc:  denied  { append } for  pid=10061 comm="syz.5.4021" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  194.543354][ T3538] usb 8-1: USB disconnect, device number 10
[  194.588366][T10082] loop5: detected capacity change from 0 to 128
[  194.596204][T10082] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  194.604732][  T358] usb 5-1: Using ep0 maxpacket: 16
[  194.611040][  T358] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  194.619613][  T358] usb 5-1: config 0 has no interface number 0
[  194.625926][  T358] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  194.637711][ T9861] EXT4-fs (loop5): unmounting filesystem.
[  194.639405][  T358] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  194.652842][  T358] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  194.661103][  T358] usb 5-1: Product: syz
[  194.665303][  T358] usb 5-1: SerialNumber: syz
[  194.670289][  T358] usb 5-1: config 0 descriptor??
[  194.744959][T10092] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4035'.
[  194.885943][  T358] usb 5-1: USB disconnect, device number 9
[  194.990928][T10102] loop5: detected capacity change from 0 to 40427
[  194.998306][T10102] F2FS-fs (loop5): invalid crc value
[  195.005355][T10102] F2FS-fs (loop5): Found nat_bits in checkpoint
[  195.036368][T10102] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  195.085933][ T9861] syz-executor: attempt to access beyond end of device
[  195.085933][ T9861] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  195.226900][T10124] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.477214][T10193] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4082'.
[  195.501366][T10197] device ip6_vti0 entered promiscuous mode
[  195.567680][ T3543] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  195.730437][T10228] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4098'.
[  195.759477][ T3543] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.772869][ T3543] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.783657][ T3543] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  195.799046][ T3543] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  195.813896][ T3543] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.825837][ T3543] usb 8-1: config 0 descriptor??
[  195.962287][T10256] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4110'.
[  195.978796][T10258] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4111'.
[  195.989742][T10258] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4111'.
[  195.998980][T10258] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4111'.
[  196.061154][T10270] loop8: detected capacity change from 0 to 256
[  196.067781][T10270] exfat: Deprecated parameter 'namecase'
[  196.073773][T10270] exfat: Deprecated parameter 'namecase'
[  196.081442][T10270] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xec4b13f1, utbl_chksum : 0xe619d30d)
[  196.240984][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.248546][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.256080][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.263645][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.271100][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.278493][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.286199][ T3543] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  196.293966][ T3543] plantronics 0003:047F:FFFF.002B: No inputs registered, leaving
[  196.302813][ T3543] plantronics 0003:047F:FFFF.002B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  196.331097][ T3538] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  196.511908][ T3538] usb 6-1: Using ep0 maxpacket: 8
[  196.517113][ T3529] usb 8-1: USB disconnect, device number 11
[  196.518200][ T3538] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  196.531314][ T3538] usb 6-1: config 179 has no interface number 0
[  196.537595][ T3538] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  196.548653][ T3538] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  196.559854][ T3538] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  196.571152][ T3538] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  196.582545][ T3538] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  196.595773][ T3538] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  196.604844][ T3538] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.613803][T10268] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  196.684191][T10299] loop4: detected capacity change from 0 to 128
[  196.690833][T10299] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  196.703190][T10299] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  196.810299][T10314] loop4: detected capacity change from 0 to 256
[  196.822650][T10314] FAT-fs (loop4): Directory bread(block 64) failed
[  196.829449][T10314] FAT-fs (loop4): Directory bread(block 65) failed
[  196.836598][T10314] FAT-fs (loop4): Directory bread(block 66) failed
[  196.843547][T10314] FAT-fs (loop4): Directory bread(block 67) failed
[  196.850274][T10314] FAT-fs (loop4): Directory bread(block 68) failed
[  196.854023][ T3543] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input32
[  196.857376][T10314] FAT-fs (loop4): Directory bread(block 69) failed
[  196.873938][T10314] FAT-fs (loop4): Directory bread(block 70) failed
[  196.880729][T10314] FAT-fs (loop4): Directory bread(block 71) failed
[  196.887346][T10314] FAT-fs (loop4): Directory bread(block 72) failed
[  196.894031][T10314] FAT-fs (loop4): Directory bread(block 73) failed
[  196.942338][T10314] syz.4.4137: attempt to access beyond end of device
[  196.942338][T10314] loop4: rw=2049, sector=1224, nr_sectors = 160 limit=256
[  196.957414][T10314] syz.4.4137: attempt to access beyond end of device
[  196.957414][T10314] loop4: rw=2049, sector=1416, nr_sectors = 352 limit=256
[  196.971445][T10314] syz.4.4137: attempt to access beyond end of device
[  196.971445][T10314] loop4: rw=2049, sector=1800, nr_sectors = 128 limit=256
[  196.986111][T10314] syz.4.4137: attempt to access beyond end of device
[  196.986111][T10314] loop4: rw=2049, sector=1960, nr_sectors = 1412 limit=256
[  197.061775][T10268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.070410][T10268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.178983][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  197.178999][   T28] audit: type=1400 audit(196.735:1269): avc:  denied  { mount } for  pid=10337 comm="syz.4.4148" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  197.238823][   T39] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0
[  197.249522][   T39] hid-generic 0000:0000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  197.287743][   T39] usb 6-1: USB disconnect, device number 13
[  197.287743][    C0] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  197.287774][    C0] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  197.310424][   T39] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  197.494436][T10355] loop4: detected capacity change from 0 to 40427
[  197.503472][T10355] F2FS-fs (loop4): Small segment_count (9 < 1 * 24)
[  197.510426][T10355] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  197.525119][T10372] loop8: detected capacity change from 0 to 2048
[  197.532744][T10355] F2FS-fs (loop4): Found nat_bits in checkpoint
[  197.547778][T10372] Alternate GPT is invalid, using primary GPT.
[  197.554052][T10372]  loop8: p1 p2 p3
[  197.563321][T10355] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  197.570516][T10355] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  197.596440][ T9174] syz-executor: attempt to access beyond end of device
[  197.596440][ T9174] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  197.692571][T10382] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  197.712470][T10382] device veth0_vlan left promiscuous mode
[  197.718949][T10382] device veth0_vlan entered promiscuous mode
[  197.725908][T10382] device veth1_macvtap left promiscuous mode
[  197.733311][T10382] device veth1_macvtap entered promiscuous mode
[  197.747806][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  197.757524][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  197.773063][T10386] loop8: detected capacity change from 0 to 8192
[  197.779875][ T3543] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  197.788049][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.797117][  T339] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.799822][T10388] loop4: detected capacity change from 0 to 8192
[  197.804213][  T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.804979][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  197.828885][   T28] audit: type=1400 audit(197.382:1270): avc:  denied  { mounton } for  pid=10385 comm="syz.8.4169" path="/411/bus/bus" dev="loop8" ino=1048844 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  197.831704][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.868344][  T339] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.875675][  T339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.950761][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.959584][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  197.968100][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.976587][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  197.986739][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.997189][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  198.005132][   T28] audit: type=1400 audit(197.552:1271): avc:  denied  { accept } for  pid=10393 comm="syz.8.4171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  198.019291][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  198.043025][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  198.058799][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  198.071211][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  198.081599][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  198.090627][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  198.099171][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  198.112138][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.120549][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  198.143743][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.159270][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  198.169184][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  198.177886][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  198.187653][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  198.195928][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  198.204042][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  198.211842][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  198.220234][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  198.228555][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  198.260761][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  198.301421][T10403] loop7: detected capacity change from 0 to 40427
[  198.316460][   T28] audit: type=1400 audit(197.860:1272): avc:  denied  { create } for  pid=10426 comm="syz.5.4187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  198.321956][T10403] F2FS-fs (loop7): fault_injection options not supported
[  198.361241][ T3538] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  198.373528][T10403] F2FS-fs (loop7): invalid crc value
[  198.392284][ T3538] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  198.401217][T10403] F2FS-fs (loop7): Found nat_bits in checkpoint
[  198.423435][T10448] loop5: detected capacity change from 0 to 512
[  198.466307][T10403] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  198.526554][   T28] audit: type=1400 audit(198.070:1273): avc:  denied  { create } for  pid=10401 comm="syz.7.4175" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1
[  198.574927][ T5537] syz-executor: attempt to access beyond end of device
[  198.574927][ T5537] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  198.638350][   T28] audit: type=1400 audit(198.189:1274): avc:  denied  { unmount } for  pid=9861 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  198.679724][T10482] syz.4.4213[10482] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  198.679809][T10482] syz.4.4213[10482] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  198.709187][   T28] audit: type=1400 audit(198.259:1275): avc:  denied  { setopt } for  pid=10481 comm="syz.4.4213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  198.913554][T10489] loop6: detected capacity change from 0 to 40427
[  198.920975][T10489] F2FS-fs (loop6): fault_injection options not supported
[  198.928901][T10489] F2FS-fs (loop6): invalid crc value
[  198.935721][T10489] F2FS-fs (loop6): Found nat_bits in checkpoint
[  198.967022][T10499] loop7: detected capacity change from 0 to 40427
[  198.968768][T10489] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  198.974442][T10499] F2FS-fs (loop7): fault_injection options not supported
[  198.988307][T10499] F2FS-fs (loop7): Image doesn't support compression
[  198.995172][T10499] F2FS-fs (loop7): Image doesn't support compression
[  199.002929][T10499] F2FS-fs (loop7): invalid crc value
[  199.009555][T10499] F2FS-fs (loop7): Found nat_bits in checkpoint
[  199.016225][ T3950] syz-executor: attempt to access beyond end of device
[  199.016225][ T3950] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  199.042196][   T39] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  199.046677][T10499] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  199.081262][   T28] audit: type=1400 audit(198.628:1276): avc:  denied  { map } for  pid=10498 comm="syz.7.4219" path="/462/bus/blkio.bfq.io_merged_recursive" dev="loop7" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  199.106364][T10498] syz.7.4219: attempt to access beyond end of device
[  199.106364][T10498] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  199.120784][T10499] syz.7.4219: attempt to access beyond end of device
[  199.120784][T10499] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  199.142397][ T5537] syz-executor: attempt to access beyond end of device
[  199.142397][ T5537] loop7: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  199.244390][   T39] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  199.254983][   T39] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  199.274820][   T28] audit: type=1326 audit(198.827:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.6.4226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22018ebe9 code=0x7ffc0000
[  199.298959][   T28] audit: type=1326 audit(198.827:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.6.4226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22018ebe9 code=0x7ffc0000
[  199.323514][   T39] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  199.332574][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  199.341189][   T39] usb 5-1: SerialNumber: syz
[  199.441447][T10520] loop7: detected capacity change from 0 to 40427
[  199.448635][T10520] F2FS-fs (loop7): Small segment_count (9 < 1 * 24)
[  199.449114][  T358] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  199.456039][T10520] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  199.463540][  T358] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  199.473897][T10520] F2FS-fs (loop7): Found nat_bits in checkpoint
[  199.509458][T10520] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  199.517257][T10520] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  199.549848][   T39] usb 5-1: 0:2 : does not exist
[  199.557235][   T39] usb 5-1: USB disconnect, device number 10
[  199.674888][  T358] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  199.701054][T10541] loop7: detected capacity change from 0 to 8192
[  199.758706][  T294] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[  199.766374][ T3529] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  199.782369][T10539] loop5: detected capacity change from 0 to 40427
[  199.785426][  T294] hid-generic 0000:0000:0000.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  199.789860][T10539] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  199.805326][T10539] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  199.816092][T10539] F2FS-fs (loop5): Found nat_bits in checkpoint
[  199.849596][T10539] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  199.857204][T10539] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  199.955503][ T3529] usb 7-1: Using ep0 maxpacket: 16
[  199.962139][ T3529] usb 7-1: config 1 has an invalid interface number: 105 but max is 0
[  199.971498][ T3529] usb 7-1: config 1 has no interface number 0
[  199.977728][ T3529] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  199.988130][ T3529] usb 7-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  199.995112][T10557] loop7: detected capacity change from 0 to 256
[  199.999105][ T3529] usb 7-1: config 1 interface 105 has no altsetting 0
[  200.013884][ T3529] usb 7-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  200.023025][ T3529] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.031080][ T3529] usb 7-1: Product: syz
[  200.035228][ T3529] usb 7-1: Manufacturer: syz
[  200.039837][ T3529] usb 7-1: SerialNumber: syz
[  200.045309][T10534] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  200.052620][T10534] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  200.093519][T10560] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  200.101801][T10562] __nla_validate_parse: 2 callbacks suppressed
[  200.101821][T10562] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4243'.
[  200.108313][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  200.125535][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  200.134132][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  200.142930][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  200.151571][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  200.160219][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  200.168556][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  200.177199][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  200.348821][T10588] loop4: detected capacity change from 0 to 256
[  200.408995][T10597] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  200.423229][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  200.431631][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  200.447665][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  200.456040][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  200.464587][T10534] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  200.470553][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  200.472160][T10534] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  200.481266][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  200.496692][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  200.505193][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  200.620893][T10606] loop4: detected capacity change from 0 to 512
[  200.630998][T10606] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.4263: iget: bad extended attribute block 1
[  200.644224][T10606] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.4263: couldn't read orphan inode 15 (err -117)
[  200.656811][T10606] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  200.670507][T10606] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  200.700466][ T9174] EXT4-fs (loop4): unmounting filesystem.
[  200.766936][T10624] loop4: detected capacity change from 0 to 2048
[  200.769103][T10622] SELinux: failed to load policy
[  200.820012][T10624] Alternate GPT is invalid, using primary GPT.
[  200.826367][T10624]  loop4: p1 p2 p3
[  201.108986][ T3529] aqc111 7-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  201.120299][ T3529] aqc111 7-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  201.152440][ T3529] aqc111 7-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.6-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 2e:76:9c:b5:74:67
[  201.163791][T10627] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  201.180907][T10627] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.188120][T10627] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.196079][ T3529] usb 7-1: USB disconnect, device number 16
[  201.197954][T10627] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  201.209486][ T3529] aqc111 7-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.6-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  201.235501][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  201.245474][  T350] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.252578][  T350] bridge0: port 2(bridge_slave_1) entered forwarding state
[  201.262277][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  201.270584][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  201.279217][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  201.288456][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  201.297989][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  201.306605][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  201.318706][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  201.318719][T10642] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4277'.
[  201.336347][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  201.390779][ T3529] aqc111 7-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  201.400703][ T3529] aqc111 7-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  201.410573][ T3529] aqc111 7-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  201.651766][  T350] Bluetooth: hci0: Frame reassembly failed (-84)
[  203.365938][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  203.472638][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  203.482833][   T28] kauditd_printk_skb: 151 callbacks suppressed
[  203.482854][   T28] audit: type=1400 audit(203.014:1430): avc:  denied  { map } for  pid=10661 comm="syz.7.4289" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  204.459579][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  204.465769][  T348] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  204.472902][T10654] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  204.492316][   T28] audit: type=1400 audit(204.011:1431): avc:  denied  { remount } for  pid=10665 comm="syz.7.4290" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  204.592085][T10684] loop8: detected capacity change from 0 to 512
[  204.599688][T10684] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  204.600384][   T28] audit: type=1400 audit(204.131:1432): avc:  denied  { append } for  pid=10687 comm="syz.7.4301" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  204.631079][T10684] EXT4-fs (loop8): invalid journal inode
[  204.636815][T10684] EXT4-fs (loop8): can't get journal size
[  204.644202][T10684] EXT4-fs (loop8): 1 truncate cleaned up
[  204.651163][T10684] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  204.702886][T10684] EXT4-fs warning (device loop8): verify_group_input:151: Cannot add at group 604788741 (only 1 groups)
[  204.756948][T10700] loop6: detected capacity change from 0 to 2048
[  204.782347][T10704] syz.7.4308[10704] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  204.782428][T10704] syz.7.4308[10704] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  204.817165][T10700] Alternate GPT is invalid, using primary GPT.
[  204.855646][T10700]  loop6: p2 p3 p7
[  204.910190][T10711] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.917546][T10711] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.933861][T10711] device bridge_slave_0 entered promiscuous mode
[  204.948703][T10711] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.949108][T10730] loop7: detected capacity change from 0 to 512
[  204.955935][T10711] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.969811][T10711] device bridge_slave_1 entered promiscuous mode
[  204.980273][T10730] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  205.035141][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  205.113281][T10740] device syz_tun entered promiscuous mode
[  205.159015][T10739] device syz_tun left promiscuous mode
[  205.168408][T10711] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.175501][T10711] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.182908][T10711] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.189979][T10711] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.251842][ T5702] EXT4-fs (loop8): unmounting filesystem.
[  205.298229][T10746] loop5: detected capacity change from 0 to 40427
[  205.307356][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  205.315665][T10746] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  205.324059][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  205.332175][T10746] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  205.340913][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  205.352724][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  205.378918][T10746] F2FS-fs (loop5): Found nat_bits in checkpoint
[  205.381899][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  205.413799][T10746] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  205.428796][T10746] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  205.436449][T10746] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  205.469826][T10746] bio_check_eod: 3 callbacks suppressed
[  205.469844][T10746] syz.5.4326: attempt to access beyond end of device
[  205.469844][T10746] loop5: rw=2049, sector=53248, nr_sectors = 520 limit=40427
[  205.539138][T10750] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.561647][T10750] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.569236][T10750] device bridge_slave_0 entered promiscuous mode
[  205.617130][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  205.631016][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  205.646823][T10750] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.653922][T10750] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.661534][T10750] device bridge_slave_1 entered promiscuous mode
[  205.668335][T10785] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4340'.
[  205.684065][T10787] device batadv_slave_0 entered promiscuous mode
[  205.697457][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  205.706605][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  205.720053][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  205.732045][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  205.744846][T10711] device veth0_vlan entered promiscuous mode
[  205.763407][  T339] device bridge_slave_1 left promiscuous mode
[  205.771848][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.777849][T10799] loop5: detected capacity change from 0 to 512
[  205.786531][T10799] EXT4-fs: Ignoring removed mblk_io_submit option
[  205.787728][  T339] device bridge_slave_0 left promiscuous mode
[  205.796352][T10799] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  205.808202][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.816215][T10799] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002]
[  205.824762][T10799] System zones: 1-12
[  205.829750][  T339] device veth1_macvtap left promiscuous mode
[  205.835956][  T339] device veth0_vlan left promiscuous mode
[  205.837078][T10799] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.4345: corrupted in-inode xattr
[  205.855476][T10799] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.4345: couldn't read orphan inode 15 (err -117)
[  205.867925][T10799] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  205.907985][   T28] audit: type=1400 audit(205.438:1433): avc:  denied  { create } for  pid=10798 comm="syz.5.4345" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  205.980725][ T9861] EXT4-fs (loop5): unmounting filesystem.
[  206.006070][T10804] loop5: detected capacity change from 0 to 512
[  206.012743][T10804] EXT4-fs: Ignoring removed i_version option
[  206.019425][T10804] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  206.031181][T10804] EXT4-fs (loop5): 1 truncate cleaned up
[  206.038502][T10804] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  206.057886][T10786] device batadv_slave_0 left promiscuous mode
[  206.064614][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  206.072977][T10804] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.4347: corrupted in-inode xattr
[  206.073668][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  206.098280][T10804] EXT4-fs warning (device loop5): ext4_xattr_set_entry:1732: inode #15: comm syz.5.4347: unable to update i_inline_off
[  206.112749][T10711] device veth1_macvtap entered promiscuous mode
[  206.120757][T10804] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.4347: corrupted in-inode xattr
[  206.124617][   T28] audit: type=1326 audit(205.657:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.8.4349" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe40158ebe9 code=0x0
[  206.159925][T10812] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.4347: corrupted in-inode xattr
[  206.163089][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  206.180671][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  206.189576][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  206.190593][ T9861] EXT4-fs (loop5): unmounting filesystem.
[  206.198233][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  206.212004][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  206.278281][   T28] audit: type=1400 audit(205.807:1435): avc:  denied  { lock } for  pid=10822 comm="syz.7.4354" path="socket:[66189]" dev="sockfs" ino=66189 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  206.385197][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  206.402962][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  206.417303][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  206.426907][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  206.435504][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.442583][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.465583][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  206.474111][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  206.482758][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  206.494602][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.501878][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.509803][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  206.518089][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  206.554911][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  206.566658][T10750] device veth0_vlan entered promiscuous mode
[  206.584651][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  206.600904][T10750] device veth1_macvtap entered promiscuous mode
[  206.619795][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  206.640243][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  206.656005][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  206.666078][T10864] loop7: detected capacity change from 0 to 1024
[  206.673394][T10864] EXT4-fs: Ignoring removed nomblk_io_submit option
[  206.682101][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  206.690726][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  206.691726][T10864] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  206.699653][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  206.715921][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  206.733005][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  206.791136][T10860] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.798622][T10860] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.806488][T10860] device bridge_slave_0 entered promiscuous mode
[  206.816627][T10860] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.823991][T10860] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.831492][T10860] device bridge_slave_1 entered promiscuous mode
[  206.898962][T10860] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.906056][T10860] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.913476][T10860] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.920814][T10860] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.934213][ T3538] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  206.961904][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  206.971572][  T350] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.983092][  T350] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.996720][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  207.006749][  T350] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.013808][  T350] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.017124][   T28] audit: type=1400 audit(206.545:1436): avc:  denied  { setopt } for  pid=10901 comm="syz.8.4381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  207.055734][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  207.064199][  T350] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.071354][  T350] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.083301][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  207.091741][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  207.114983][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  207.144259][T10860] device veth0_vlan entered promiscuous mode
[  207.160942][ T3538] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  207.172405][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  207.185356][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  207.192928][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  207.200240][ T3538] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.224800][ T3538] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.234607][ T3538] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  207.241873][T10860] device veth1_macvtap entered promiscuous mode
[  207.258989][ T3538] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  207.272162][T10904] loop6: detected capacity change from 0 to 40427
[  207.278929][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  207.284798][ T3538] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  207.288250][T10904] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  207.296537][ T3538] usb 6-1: Manufacturer: syz
[  207.305050][   T28] audit: type=1400 audit(206.825:1437): avc:  denied  { write } for  pid=10915 comm="syz.8.4387" name="ptp0" dev="devtmpfs" ino=264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  207.308701][ T3538] usb 6-1: config 0 descriptor??
[  207.336192][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  207.341938][T10904] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  207.345549][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  207.353707][T10904] F2FS-fs (loop6): invalid crc value
[  207.368806][T10904] F2FS-fs (loop6): Found nat_bits in checkpoint
[  207.402009][T10904] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  207.409342][T10904] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  207.434760][T10750] syz-executor: attempt to access beyond end of device
[  207.434760][T10750] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  207.516170][  T339] device bridge_slave_1 left promiscuous mode
[  207.522614][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.540198][  T339] device bridge_slave_0 left promiscuous mode
[  207.547337][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.564039][  T339] device bridge_slave_1 left promiscuous mode
[  207.576912][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.590762][  T339] device bridge_slave_0 left promiscuous mode
[  207.603324][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.611894][  T339] device veth1_macvtap left promiscuous mode
[  207.619233][  T339] device veth0_vlan left promiscuous mode
[  207.625340][  T339] device veth1_macvtap left promiscuous mode
[  207.631565][  T339] device veth0_vlan left promiscuous mode
[  207.765215][ T3538] appleir 0003:05AC:8243.002E: unknown main item tag 0x0
[  207.773015][ T3538] appleir 0003:05AC:8243.002E: No inputs registered, leaving
[  207.783547][ T3538] appleir 0003:05AC:8243.002E: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[  207.836300][T10931] incfs: Options parsing error. -22
[  207.836498][T10924] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.841688][T10931] incfs: mount failed -22
[  207.849151][T10924] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.861242][T10924] device bridge_slave_0 entered promiscuous mode
[  207.868641][T10924] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.875959][T10924] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.883761][T10924] device bridge_slave_1 entered promiscuous mode
[  208.012900][   T28] audit: type=1400 audit(207.533:1438): avc:  denied  { append } for  pid=10861 comm="syz.5.4368" name="hiddev0" dev="devtmpfs" ino=1482 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  208.041370][T10924] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.048569][T10924] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.054255][   T28] audit: type=1400 audit(207.573:1439): avc:  denied  { wake_alarm } for  pid=10949 comm="syz.6.4396" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  208.055944][T10924] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.083630][T10924] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.092414][   T39] usb 6-1: USB disconnect, device number 14
[  208.106996][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  208.114912][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.123232][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.145690][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  208.150314][T10955] netlink: 104 bytes leftover after parsing attributes in process `syz.8.4398'.
[  208.155746][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.170010][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.177884][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  208.186236][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.193412][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.211247][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  208.219325][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  208.229589][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  208.237944][ T3538] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  208.249099][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  208.257962][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  208.265787][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  208.274734][T10924] device veth0_vlan entered promiscuous mode
[  208.287520][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  208.297160][T10924] device veth1_macvtap entered promiscuous mode
[  208.306505][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  208.316643][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  208.427085][ T3538] usb 8-1: Using ep0 maxpacket: 16
[  208.433367][ T3538] usb 8-1: config 0 has an invalid interface number: 8 but max is 0
[  208.441458][  T358] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  208.457199][ T3538] usb 8-1: config 0 has no interface number 0
[  208.473515][ T3538] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  208.500985][ T3538] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  208.510215][ T3538] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  208.518449][ T3538] usb 8-1: Product: syz
[  208.522617][ T3538] usb 8-1: SerialNumber: syz
[  208.527959][ T3538] usb 8-1: config 0 descriptor??
[  208.648760][  T358] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.659898][  T358] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.669872][  T358] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  208.682884][  T358] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  208.692242][  T358] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.700674][  T358] usb 7-1: config 0 descriptor??
[  208.741977][ T3538] usb 8-1: USB disconnect, device number 12
[  208.878538][  T339] device bridge_slave_1 left promiscuous mode
[  208.884864][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.892887][  T339] device bridge_slave_0 left promiscuous mode
[  208.904222][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.916453][T10970] loop5: detected capacity change from 0 to 512
[  208.923970][  T339] device veth1_macvtap left promiscuous mode
[  208.930691][  T339] device veth0_vlan left promiscuous mode
[  208.962198][T10970] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  209.000127][ T9861] EXT4-fs (loop5): unmounting filesystem.
[  209.027419][ T3529] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0
[  209.042802][T10975] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  209.052084][ T3529] hid-generic 0000:0000:0000.002F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  209.062336][T10975] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  209.079095][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  209.087868][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  209.109234][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  209.117834][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  209.118486][  T358] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  209.132143][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  209.142887][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  209.151888][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  209.152141][  T358] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  209.160583][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  209.167342][  T358] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  209.185861][  T358] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  209.193374][  T358] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0
[  209.208657][  T358] plantronics 0003:047F:FFFF.0030: No inputs registered, leaving
[  209.227763][  T358] plantronics 0003:047F:FFFF.0030: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  209.280623][T10976] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.295747][T10976] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.310764][T10976] device bridge_slave_0 entered promiscuous mode
[  209.319127][T10976] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.326848][T10976] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.339349][T10976] device bridge_slave_1 entered promiscuous mode
[  209.417371][T11010] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  209.424880][T11010] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  209.439991][  T358] usb 7-1: USB disconnect, device number 17
[  209.441394][T10976] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.453078][T10976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.460404][T10976] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.467444][T10976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.500572][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  209.508364][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.515988][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.545468][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  209.554048][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.561170][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.562513][T11027] loop8: detected capacity change from 0 to 512
[  209.576486][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  209.585771][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.592869][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.601666][T11027] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  209.614496][T11027] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.4423: corrupted inode contents
[  209.615589][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  209.634637][T11027] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #2: comm syz.8.4423: mark_inode_dirty error
[  209.635322][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  209.646714][T11027] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.4423: corrupted inode contents
[  209.673912][T11027] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.4423: mark_inode_dirty error
[  209.687475][T11033] EXT4-fs error (device loop8): ext4_get_first_dir_block:3594: inode #18: comm syz.8.4423: directory missing '.'
[  209.699910][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  209.724648][T10976] device veth0_vlan entered promiscuous mode
[  209.733535][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  209.742158][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  209.750712][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  209.751798][ T5702] EXT4-fs (loop8): unmounting filesystem.
[  209.771478][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  209.780971][T10976] device veth1_macvtap entered promiscuous mode
[  209.791976][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  209.809682][ T3529] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  209.825305][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  209.836458][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  209.847198][ T3536] kernel write not supported for file /1116/net/fib_triestat (pid: 3536 comm: kworker/1:9)
[  209.891713][T11052] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  209.899074][T11052] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  210.009885][ T3529] usb 6-1: Using ep0 maxpacket: 16
[  210.016323][ T3529] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  210.026627][ T3529] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  210.037240][ T3529] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  210.046548][ T3529] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.054712][ T3529] usb 6-1: Product: syz
[  210.058898][ T3529] usb 6-1: Manufacturer: syz
[  210.063566][ T3529] usb 6-1: SerialNumber: syz
[  210.102494][  T339] device bridge_slave_1 left promiscuous mode
[  210.108683][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.116300][  T339] device bridge_slave_0 left promiscuous mode
[  210.122690][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.131117][  T339] device veth1_macvtap left promiscuous mode
[  210.137299][  T339] device veth0_vlan left promiscuous mode
[  210.271798][ T3529] usb 6-1: 0:2 : does not exist
[  210.279440][ T3529] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  210.290081][ T3529] usb 6-1: USB disconnect, device number 15
[  210.527641][T11061] Non-string source
[  210.586391][T11065] loop7: detected capacity change from 0 to 512
[  210.594748][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  210.612499][T11065] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  210.625391][T11065] EXT4-fs error (device loop7): ext4_do_update_inode:5256: inode #2: comm syz.7.4438: corrupted inode contents
[  210.637680][T11065] EXT4-fs error (device loop7): ext4_dirty_inode:6121: inode #2: comm syz.7.4438: mark_inode_dirty error
[  210.649654][T11065] EXT4-fs error (device loop7): ext4_do_update_inode:5256: inode #2: comm syz.7.4438: corrupted inode contents
[  210.662174][T11065] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #2: comm syz.7.4438: mark_inode_dirty error
[  210.675332][T11063] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.679806][T11065] EXT4-fs error (device loop7): ext4_get_first_dir_block:3594: inode #18: comm syz.7.4438: directory missing '.'
[  210.682490][T11063] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.702275][T11063] device bridge_slave_0 entered promiscuous mode
[  210.709699][ T5537] EXT4-fs (loop7): unmounting filesystem.
[  210.709874][T11063] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.723123][T11063] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.731048][T11063] device bridge_slave_1 entered promiscuous mode
[  210.766871][T11077] tipc: Started in network mode
[  210.770929][ T3529] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  210.771932][T11077] tipc: Node identity ac1414aa, cluster identity 4711
[  210.786589][T11077] tipc: Enabled bearer <udp:syz2>, priority 10
[  210.817408][   T28] audit: type=1400 audit(210.339:1440): avc:  denied  { shutdown } for  pid=11080 comm="syz.5.4444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  210.880538][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  210.888459][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  210.900712][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  210.909373][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  210.917649][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.924844][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.930205][   T28] audit: type=1400 audit(210.449:1441): avc:  denied  { read } for  pid=11093 comm="syz.5.4447" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  210.953250][T11063] device veth0_vlan entered promiscuous mode
[  210.970014][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  210.972063][ T3529] usb 7-1: Using ep0 maxpacket: 8
[  210.978111][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  210.992008][ T3529] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  210.992280][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.007980][ T3529] usb 7-1: config 179 has no interface number 0
[  211.009409][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.021755][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.022382][ T3529] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  211.029756][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  211.048568][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  211.056859][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  211.057474][ T3529] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  211.066006][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  211.085040][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  211.093967][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  211.095574][ T3529] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  211.102596][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  211.113695][ T3529] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  211.133405][ T3529] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  211.137054][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  211.147137][ T3529] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  211.164164][ T3529] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.173688][T11057] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  211.196245][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  211.204673][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  211.213630][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  211.227078][T11063] device veth1_macvtap entered promiscuous mode
[  211.240543][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  211.250874][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  211.280676][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  211.289587][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  211.303988][  T339] device bridge_slave_1 left promiscuous mode
[  211.313218][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.324288][  T339] device bridge_slave_0 left promiscuous mode
[  211.330567][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.338783][  T339] device veth1_macvtap left promiscuous mode
[  211.345005][  T339] device veth0_vlan left promiscuous mode
[  211.427903][   T39] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input34
[  211.516702][   T43] Bluetooth: hci1: Frame reassembly failed (-84)
[  211.632331][T11057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.640961][T11057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.783060][  T358] tipc: Node number set to 2886997162
[  211.856712][  T358] usb 7-1: USB disconnect, device number 18
[  211.856753][    C1] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  211.871705][  T358] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  211.871884][    C1] dummy_hcd dummy_hcd.6: timer fired with no URBs pending?
[  212.223737][  T339] device bridge_slave_1 left promiscuous mode
[  212.230096][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.237808][  T339] device bridge_slave_0 left promiscuous mode
[  212.244348][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.252546][  T339] device veth1_macvtap left promiscuous mode
[  212.258691][  T339] device veth0_vlan left promiscuous mode
[  212.345436][T11121] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.352498][T11121] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.360109][T11121] device bridge_slave_0 entered promiscuous mode
[  212.367478][T11121] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.374711][T11121] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.383643][T11121] device bridge_slave_1 entered promiscuous mode
[  212.396399][T11126] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4459'.
[  212.459995][T11121] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.460492][  T358] hid-generic 0000:0000:0000.0031: unknown main item tag 0x0
[  212.467162][T11121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.467283][T11121] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.489042][T11121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.493440][  T358] hid-generic 0000:0000:0000.0031: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  212.515354][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  212.523618][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.531557][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.550218][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  212.558742][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.565887][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.574000][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  212.582567][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.590079][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.615325][T11121] device veth0_vlan entered promiscuous mode
[  212.622441][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  212.631201][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  212.639673][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  212.649032][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  212.656795][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  212.663637][ T5273] Bluetooth: hci0: command 0x1003 tx timeout
[  212.665274][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  212.670875][  T348] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  212.687066][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  212.690494][T11066] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  212.699764][T11121] device veth1_macvtap entered promiscuous mode
[  212.718884][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  212.736965][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  213.234762][   T10] device bridge_slave_1 left promiscuous mode
[  213.241021][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.248536][   T10] device bridge_slave_0 left promiscuous mode
[  213.254951][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.262585][   T10] device veth1_macvtap left promiscuous mode
[  213.268657][   T10] device veth0_vlan left promiscuous mode
[  213.544642][  T348] Bluetooth: hci1: command 0x1003 tx timeout
[  213.544678][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  213.583159][T11174] loop6: detected capacity change from 0 to 1024
[  213.628036][T11174] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  213.648370][T11174] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  213.666894][T11174] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  213.682972][T11174] EXT4-fs (loop6): This should not happen!! Data will be lost
[  213.682972][T11174] 
[  213.693069][T11174] EXT4-fs (loop6): Total free blocks count 0
[  213.699808][T11174] EXT4-fs (loop6): Free/Dirty block details
[  213.710117][T11174] EXT4-fs (loop6): free_blocks=4293918720
[  213.715934][T11174] EXT4-fs (loop6): dirty_blocks=64
[  213.715955][T11174] EXT4-fs (loop6): Block reservation details
[  213.715967][T11174] EXT4-fs (loop6): i_reserved_data_blocks=4
[  213.735820][T10750] EXT4-fs (loop6): unmounting filesystem.
[  213.751498][T11188] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.758724][T11188] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.766739][T11188] device bridge_slave_0 entered promiscuous mode
[  213.772052][T11199] x_tables: duplicate underflow at hook 4
[  213.783511][T11188] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.793990][T11188] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.808276][T11188] device bridge_slave_1 entered promiscuous mode
[  213.981183][T11219] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4497'.
[  214.004722][T11219] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4497'.
[  214.037530][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  214.051583][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  214.059113][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  214.068170][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  214.076511][  T358] ==================================================================
[  214.077261][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  214.084577][  T358] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480
[  214.093659][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.100083][  T358] Write of size 8 at addr ffff888130078a00 by task kworker/0:3/358
[  214.100106][  T358] 
[  214.100113][  T358] CPU: 0 PID: 358 Comm: kworker/0:3 Not tainted syzkaller #0
[  214.100130][  T358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  214.107183][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.115155][  T358] Workqueue: mld mld_ifc_work
[  214.146985][  T358] Call Trace:
[  214.150248][  T358]  <TASK>
[  214.153161][  T358]  __dump_stack+0x21/0x24
[  214.157485][  T358]  dump_stack_lvl+0xee/0x150
[  214.162094][  T358]  ? __cfi_dump_stack_lvl+0x8/0x8
[  214.167111][  T358]  ? ip6_output+0x1d1/0x3b0
[  214.171698][  T358]  ? enqueue_timer+0xae/0x480
[  214.176366][  T358]  print_address_description+0x71/0x210
[  214.181893][  T358]  print_report+0x4a/0x60
[  214.186201][  T358]  kasan_report+0x122/0x150
[  214.190722][  T358]  ? enqueue_timer+0xae/0x480
[  214.195397][  T358]  __asan_report_store8_noabort+0x17/0x20
[  214.201107][  T358]  enqueue_timer+0xae/0x480
[  214.205614][  T358]  __mod_timer+0x79f/0xb30
[  214.210107][  T358]  add_timer+0x68/0x80
[  214.214207][  T358]  __queue_delayed_work+0x173/0x200
[  214.219578][  T358]  mod_delayed_work_on+0x74/0xe0
[  214.224502][  T358]  mld_ifc_work+0xa26/0xbe0
[  214.229068][  T358]  process_one_work+0x71f/0xc40
[  214.233930][  T358]  worker_thread+0xa29/0x11f0
[  214.238780][  T358]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  214.244263][  T358]  kthread+0x281/0x320
[  214.248317][  T358]  ? __cfi_worker_thread+0x10/0x10
[  214.253627][  T358]  ? __cfi_kthread+0x10/0x10
[  214.258199][  T358]  ret_from_fork+0x1f/0x30
[  214.262697][  T358]  </TASK>
[  214.265719][  T358] 
[  214.268018][  T358] Allocated by task 11066:
[  214.272432][  T358]  kasan_set_track+0x4b/0x70
[  214.277011][  T358]  kasan_save_alloc_info+0x25/0x30
[  214.282120][  T358]  __kasan_kmalloc+0x95/0xb0
[  214.286788][  T358]  __kmalloc+0xb1/0x1e0
[  214.290972][  T358]  hci_alloc_dev_priv+0x27/0x1bd0
[  214.296085][  T358]  hci_uart_tty_ioctl+0x3d6/0xa20
[  214.301140][  T358]  tty_ioctl+0x8ef/0xc60
[  214.305364][  T358]  __se_sys_ioctl+0x12f/0x1b0
[  214.310028][  T358]  __x64_sys_ioctl+0x7b/0x90
[  214.314697][  T358]  x64_sys_call+0x58b/0x9a0
[  214.319287][  T358]  do_syscall_64+0x4c/0xa0
[  214.323702][  T358]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.329587][  T358] 
[  214.331916][  T358] Freed by task 11066:
[  214.335967][  T358]  kasan_set_track+0x4b/0x70
[  214.340634][  T358]  kasan_save_free_info+0x31/0x50
[  214.345646][  T358]  ____kasan_slab_free+0x132/0x180
[  214.350756][  T358]  __kasan_slab_free+0x11/0x20
[  214.355520][  T358]  slab_free_freelist_hook+0xc2/0x190
[  214.360955][  T358]  __kmem_cache_free+0xb7/0x1b0
[  214.365795][  T358]  kfree+0x6f/0xf0
[  214.369513][  T358]  hci_release_dev+0x12a3/0x13b0
[  214.374424][  T358]  bt_host_release+0x82/0x90
[  214.378993][  T358]  device_release+0xa4/0x1d0
[  214.383649][  T358]  kobject_put+0x19d/0x280
[  214.388050][  T358]  put_device+0x1f/0x30
[  214.392185][  T358]  hci_dev_cmd+0x265/0x720
[  214.396858][  T358]  hci_sock_ioctl+0x41e/0x7f0
[  214.401509][  T358]  sock_do_ioctl+0x101/0x310
[  214.406078][  T358]  sock_ioctl+0x4d8/0x6e0
[  214.410491][  T358]  __se_sys_ioctl+0x12f/0x1b0
[  214.415149][  T358]  __x64_sys_ioctl+0x7b/0x90
[  214.419716][  T358]  x64_sys_call+0x58b/0x9a0
[  214.424211][  T358]  do_syscall_64+0x4c/0xa0
[  214.428629][  T358]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.434532][  T358] 
[  214.436861][  T358] Last potentially related work creation:
[  214.442578][  T358]  kasan_save_stack+0x3a/0x60
[  214.447241][  T358]  __kasan_record_aux_stack+0xb6/0xc0
[  214.452593][  T358]  kasan_record_aux_stack_noalloc+0xb/0x10
[  214.458392][  T358]  insert_work+0x51/0x300
[  214.462752][  T358]  __queue_work+0x9b1/0xd30
[  214.467417][  T358]  queue_work_on+0xd2/0x140
[  214.472017][  T358]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  214.476959][  T358]  hci_cmd_sync_status+0x53/0x120
[  214.481977][  T358]  hci_dev_cmd+0x33b/0x720
[  214.486374][  T358]  hci_sock_ioctl+0x41e/0x7f0
[  214.491043][  T358]  sock_do_ioctl+0x101/0x310
[  214.495610][  T358]  sock_ioctl+0x4d8/0x6e0
[  214.499940][  T358]  __se_sys_ioctl+0x12f/0x1b0
[  214.504616][  T358]  __x64_sys_ioctl+0x7b/0x90
[  214.509217][  T358]  x64_sys_call+0x58b/0x9a0
[  214.513716][  T358]  do_syscall_64+0x4c/0xa0
[  214.518221][  T358]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  214.524113][  T358] 
[  214.526430][  T358] Second to last potentially related work creation:
[  214.532989][  T358]  kasan_save_stack+0x3a/0x60
[  214.537724][  T358]  __kasan_record_aux_stack+0xb6/0xc0
[  214.543104][  T358]  kasan_record_aux_stack_noalloc+0xb/0x10
[  214.548937][  T358]  insert_work+0x51/0x300
[  214.553314][  T358]  __queue_work+0x9b1/0xd30
[  214.557985][  T358]  queue_work_on+0xd2/0x140
[  214.562472][  T358]  hci_cmd_timeout+0x191/0x200
[  214.567211][  T358]  process_one_work+0x71f/0xc40
[  214.572310][  T358]  worker_thread+0xa29/0x11f0
[  214.577048][  T358]  kthread+0x281/0x320
[  214.581102][  T358]  ret_from_fork+0x1f/0x30
[  214.585582][  T358] 
[  214.587915][  T358] The buggy address belongs to the object at ffff888130078000
[  214.587915][  T358]  which belongs to the cache kmalloc-8k of size 8192
[  214.602080][  T358] The buggy address is located 2560 bytes inside of
[  214.602080][  T358]  8192-byte region [ffff888130078000, ffff88813007a000)
[  214.615592][  T358] 
[  214.617909][  T358] The buggy address belongs to the physical page:
[  214.624309][  T358] page:ffffea0004c01e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x130078
[  214.634626][  T358] head:ffffea0004c01e00 order:3 compound_mapcount:0 compound_pincount:0
[  214.643029][  T358] flags: 0x4000000000010200(slab|head|zone=1)
[  214.649122][  T358] raw: 4000000000010200 ffffea00043c8000 dead000000000006 ffff888100043500
[  214.657853][  T358] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  214.666421][  T358] page dumped because: kasan: bad access detected
[  214.672818][  T358] page_owner tracks the page as allocated
[  214.678522][  T358] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 285, tgid 285 (syz-executor), ts 39637175352, free_ts 0
[  214.698923][  T358]  post_alloc_hook+0x1f5/0x210
[  214.703692][  T358]  prep_new_page+0x1c/0x110
[  214.708176][  T358]  get_page_from_freelist+0x2c7b/0x2cf0
[  214.713810][  T358]  __alloc_pages+0x1c3/0x450
[  214.718382][  T358]  alloc_slab_page+0x6e/0xf0
[  214.723053][  T358]  new_slab+0x98/0x3d0
[  214.727098][  T358]  ___slab_alloc+0x6f6/0xb50
[  214.731671][  T358]  __slab_alloc+0x5e/0xa0
[  214.736093][  T358]  __kmem_cache_alloc_node+0x203/0x2c0
[  214.741551][  T358]  __kmalloc_node+0xa1/0x1e0
[  214.746139][  T358]  kvmalloc_node+0x294/0x480
[  214.750905][  T358]  wg_packet_queue_init+0x95/0x320
[  214.756005][  T358]  wg_newlink+0x40b/0x7a0
[  214.760402][  T358]  rtnl_newlink+0x14b9/0x2030
[  214.765163][  T358]  rtnetlink_rcv_msg+0x9f4/0xcf0
[  214.770099][  T358]  netlink_rcv_skb+0x1f2/0x440
[  214.774846][  T358] page_owner free stack trace missing
[  214.780344][  T358] 
[  214.782666][  T358] Memory state around the buggy address:
[  214.788284][  T358]  ffff888130078900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  214.796334][  T358]  ffff888130078980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  214.804392][  T358] >ffff888130078a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  214.812509][  T358]                    ^
[  214.816659][  T358]  ffff888130078a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  214.824704][  T358]  ffff888130078b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  214.832937][  T358] ==================================================================
[  214.841286][  T358] Disabling lock debugging due to kernel taint
[  214.847721][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  214.859615][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  214.868202][    C0] CPU: 0 PID: 358 Comm: kworker/0:3 Tainted: G    B              syzkaller #0
[  214.877049][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  214.887098][    C0] Workqueue: mld mld_ifc_work
[  214.891788][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  214.897064][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 38 dc 28 00 4c 89 ff e8 80 30 ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 6c 37 6d 00 49 8b 7d 00 e8 63 2c
[  214.917114][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  214.923190][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888111be3cc0
[  214.931242][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  214.939205][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  214.947561][    C0] R10: ffffed102600f139 R11: 1ffff1102600f139 R12: dffffc0000000000
[  214.955633][    C0] R13: 0000000000000000 R14: ffff8881300789c8 R15: 0000000000000008
[  214.963621][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  214.972724][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  214.979395][    C0] CR2: 0000001b3501cff8 CR3: 000000012a0ee000 CR4: 00000000003526b0
[  214.987444][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  214.995605][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  215.003769][    C0] Call Trace:
[  215.007051][    C0]  <IRQ>
[  215.009923][    C0]  delayed_work_timer_fn+0x61/0x80
[  215.015049][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  215.020958][    C0]  call_timer_fn+0x46/0x2a0
[  215.025455][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  215.031269][    C0]  __run_timers+0x667/0x9a0
[  215.035797][    C0]  ? calc_index+0x200/0x200
[  215.040290][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  215.045502][    C0]  run_timer_softirq+0x6a/0xf0
[  215.050251][    C0]  handle_softirqs+0x1d7/0x600
[  215.055085][    C0]  ? irqtime_account_irq+0xc4/0x240
[  215.060385][    C0]  __irq_exit_rcu+0x52/0xf0
[  215.064897][    C0]  irq_exit_rcu+0x9/0x10
[  215.069148][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  215.074785][    C0]  </IRQ>
[  215.077706][    C0]  <TASK>
[  215.080642][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  215.086608][    C0] RIP: 0010:preempt_schedule_irq+0x96/0x110
[  215.092636][    C0] Code: 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 74 0b 0f 0b 48 f7 03 08 00 00 00 74 4d bf 01 00 00 00 e8 f0 9e 59 fc fb bf 01 00 00 00 <e8> 55 e5 ff ff fa bf 01 00 00 00 e8 9a a0 59 fc 65 48 8b 1d c2 70
[  215.112848][    C0] RSP: 0018:ffffc9000de8fac0 EFLAGS: 00000246
[  215.118942][    C0] RAX: 1ffff1102237c8f1 RBX: ffffc9000de8fb98 RCX: ffffffff87970000
[  215.126916][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  215.134878][    C0] RBP: ffffc9000de8fb48 R08: dffffc0000000000 R09: ffffed102237c799
[  215.142944][    C0] R10: ffffed102237c799 R11: 1ffff1102237c798 R12: 0000000000000000
[  215.150913][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92001bd1f58
[  215.158910][    C0]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  215.164653][    C0]  ? .slowpath+0x9/0x15
[  215.168789][    C0]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[  215.174606][    C0]  raw_irqentry_exit_cond_resched+0x29/0x30
[  215.180485][    C0]  irqentry_exit+0x37/0x40
[  215.184889][    C0]  sysvec_reschedule_ipi+0x78/0x80
[  215.189981][    C0]  asm_sysvec_reschedule_ipi+0x1b/0x20
[  215.195429][    C0] RIP: 0010:mod_delayed_work_on+0xa1/0xe0
[  215.201145][    C0] Code: c8 4c 89 f6 48 81 e6 00 02 00 00 31 ff e8 d7 d2 28 00 49 81 e6 00 02 00 00 75 07 e8 09 ce 28 00 eb 06 e8 02 ce 28 00 fb 31 ff <89> de e8 18 d2 28 00 85 db 0f 95 c0 65 48 8b 0c 25 28 00 00 00 48
[  215.221042][    C0] RSP: 0018:ffffc9000de8fc48 EFLAGS: 00000246
[  215.227103][    C0] RAX: ffffffff8147395e RBX: 0000000000000000 RCX: ffff888111be3cc0
[  215.235067][    C0] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
[  215.243024][    C0] RBP: ffffc9000de8fc88 R08: dffffc0000000000 R09: ffffed103ee04f8f
[  215.250982][    C0] R10: ffffed103ee04f8f R11: 1ffff1103ee04f8e R12: ffff8881094f0800
[  215.258936][    C0] R13: 0000000000000008 R14: 0000000000000200 R15: ffff88810c5360e0
[  215.267005][    C0]  ? mod_delayed_work_on+0x9e/0xe0
[  215.272315][    C0]  ? mod_delayed_work_on+0x9e/0xe0
[  215.277436][    C0]  mld_ifc_work+0xa26/0xbe0
[  215.281957][    C0]  process_one_work+0x71f/0xc40
[  215.286799][    C0]  worker_thread+0xa29/0x11f0
[  215.291460][    C0]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  215.296924][    C0]  kthread+0x281/0x320
[  215.301075][    C0]  ? __cfi_worker_thread+0x10/0x10
[  215.306261][    C0]  ? __cfi_kthread+0x10/0x10
[  215.311041][    C0]  ret_from_fork+0x1f/0x30
[  215.315466][    C0]  </TASK>
[  215.318491][    C0] Modules linked in:
[  215.322393][    C0] ---[ end trace 0000000000000000 ]---
[  215.327840][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  215.333405][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 38 dc 28 00 4c 89 ff e8 80 30 ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 6c 37 6d 00 49 8b 7d 00 e8 63 2c
[  215.353177][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  215.359245][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888111be3cc0
[  215.367205][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  215.375247][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  215.383214][    C0] R10: ffffed102600f139 R11: 1ffff1102600f139 R12: dffffc0000000000
[  215.391268][    C0] R13: 0000000000000000 R14: ffff8881300789c8 R15: 0000000000000008
[  215.399334][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  215.408386][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  215.415133][    C0] CR2: 0000001b3501cff8 CR3: 000000012a0ee000 CR4: 00000000003526b0
[  215.423096][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  215.431143][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  215.439135][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  215.446562][    C0] Kernel Offset: disabled
[  215.450876][    C0] Rebooting in 86400 seconds..