last executing test programs:

13m21.03057768s ago: executing program 0 (id=546):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@errors_remount}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@nombcache}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x4c, 0x24, 0xe0b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1ff, 0x6, 0xfffffffd, 0x0, 0xa57, 0x32d}}}}]}, 0x4c}}, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000040)={@rand_addr=' \x01\x00', 0x44})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000eb000000000000000007653d40ce1b3d9b327c3e00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@newlink={0x38, 0x10, 0x437, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @broadcast}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4c050}, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000440)={0x3fffffffc00, 0x5, 0x5, 0x7f})

13m18.925726439s ago: executing program 0 (id=550):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x200, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

13m16.712763114s ago: executing program 0 (id=555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@local, @in6=@loopback, 0x4e21, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x800, 0x0, 0x6}}, {{@in=@multicast1, 0x4d5, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x18)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@ipv6_newrule={0x2c, 0x20, 0x2d2c6d60ea1da725, 0x70bd29, 0x25dfdbfd, {0xa, 0x0, 0x0, 0xcd, 0xff, 0x0, 0x0, 0x1, 0x10002}, [@FIB_RULE_POLICY=@FRA_PRIORITY={0x8}, @FIB_RULE_POLICY=@FRA_PROTOCOL={0x5, 0x15, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0x12)
keyctl$setperm(0x5, 0x0, 0x30925)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)
keyctl$get_security(0x11, 0x0, &(0x7f0000000000)=""/13, 0xd)

13m15.757743217s ago: executing program 0 (id=558):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0x2400)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r5}, 0xe)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0x7000000)

13m14.850391407s ago: executing program 0 (id=563):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x189)
write$binfmt_format(r1, &(0x7f0000000000)='1\x00', 0x2400)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r5}, 0xe)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0x7000000)

13m13.749242319s ago: executing program 0 (id=564):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000400)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@dax}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@user_xattr}, {@errors_remount}, {@user_xattr}]}, 0x2, 0xbc1, &(0x7f00000028c0)="$eJzs3M1rXFUbAPDn3kymSZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQmmTRtJ71t+vvByT3nnrnzPM9cMvcemJkAHlgD2Z80Yl9EnEwiSs39aUQU672eiFrjcYsLc6O/L8yNJrG09MovSSQRcWNhbrT1XElzu6c56ImIb59P4n9vrY87NTM7MVKtViab44PTZ84fnJqZfWr8zMjpyunK2aHDzwwfGj48eGS4Y7X+8cOxy7899uJPtT8//uvSr+9+mMSx6GslvaqOThmIgeXXZLVCRIx0OlhOupr1rK4zKdzkoHSbkwIAoK101T3cQ1GKrli5eSvFl9/lmhwAAADQEUtdEUsAAADADpdY/wMAAMAO1/ocwI2FudFWy/cTCXfX9eMR0d+of7HZGjOFqNW3PdEdEbtvJLH6a61J47A7NhARP1478lnWYs33qe+G2nxEPLzR+U/q9ffXv8W9vv40IgY7EH9gzfh+qv9YB+LnXT8AD6YrxxsXsvXXv3T5/icietceV9jg2nU78r7+te7/Ftfd/63U39Xm/u/lLca4+NH7F9rNZfU/e/mFT1sti59t76ioW3B9PuKRwkb1J8v1J23qP7nFGKW/L1TazeVd/9IHEftj4/pbks1/n+jg2Hi1Mtj4u2GM+W+GP2kXP+/6s/O/u039rd9/anf+z28xxmsnTny+bue1le7m9ac/F5NX671ic88bI9PTk0MRxeSl9fsPbZ5L6zGt58jqP/D45v//G9WfvSfUmq9DthaYb26z8ZtrYj536eIX7fJprf/yPP+n2pz/1fV/XVh//t/eYownvnrnQLu51evfrGXxW2thAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhJI6IvkrS83E/TcjliT0T8P3an1XNT00+OnXv97KlsLqI/utOx8WplMCJKjXGSjYfq/ZXxoTXjpyNib0S8V+qtj8uj56qn8i4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZXsioi+StBwRaUQsltK0XM47KwAAAKDj+vNOAAAAANh21v8AAACw81n/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsM32PnrlahIRtaO99ZYpNue6c80M2G5p3gkAuenKOwEgN4W8EwByc4trfLcLsAMlN5nvaTuzq+O5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDv2r/vytUkImpHe+stU2zOdeeaGbDd0rwTAHLTtdlkobn1JgE7UiHvBIDcWOMDyU3me1YeU/v3zK5tywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAe09fvSVpOSKKzX3lcsR/IqI/upOx8WplMCL+GxHfl7p3ZeOhnHMGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg86ZmZidGqtXKZNZJo9lZ3qOz0kkar1jtXslH5w47xbj1o5YibuOo+7GT9zsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJqZnRipViuTU3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtamZ2YqRarUxuYyfvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM8/AQAA///V5wfU")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x4a6b297042c2cf06, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x9, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xe75f0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f0000000380)={'geneve0\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f00000001c0)='./bus\x00', 0x1201060, &(0x7f0000000080), 0x67, 0x538, &(0x7f0000002380)="$eJzs3V9rLGcZAPBnNrvH5JycJlUvtGCttpJT9OwmjW2DF7WC6FVBrPc1JpsQssmG7KY9CcXk4AcQRFTwSm+8EfwAghS88VKEgl4rKoroqYJeaEdmdzYnTfZPzukmm5P8fjCZ9515Z57n3TCzMzvDTABX1lMR8XJEvJum6bMRMZVPL+RDHLSHrN07995cyoYk0vTVvyeR5NM660ry8Y18sfGI+OqXI76RnIzb2N1bX6zVqtt5vdLc2Ko0dvdur20srlZXq5vz83MvLLy48PzC7FD6eTMiXvrin7/37Z986aVffOaNP7z211vfzNKazOcf7ccDKvab2e56qfVZHF1g+yGDXUTFVg9zE91ajJ2YcveMcwIAoLvsGP+DEfHJiHg2pmKs/+EsAAAA8AhKPz8Z/00i0u6u9ZgOAAAAPEIKrXtgk0I5vxdgMgqFcrl9D++H43qhVm80P71S39lcbt8rOx2lwsparTqb3ys8HaUkq8+1yvfrzx2rz0fE4xHx3amJVr28VK8tj/rHDwAAALgibhw7///XVPv8v2N/lMkBAAAAwzM96gQAAACAM3fa8//rZ5wHAAAAcHZc/wcAAIBL7SuvvJINaef918uv7+6s11+/vVxtrJc3dpbKS/XtrfJqvb7aembfxqD11er1rc/G5s6dSrPaaFYau+OxUd/ZbL62FuP/PpceAQAAAMc9/vG3fpdExMHnJlpD5trpFj1lM+CiKh6WknzcZbP+/WPt8Z/OKSngXIyNOgFgZIqjTgAYmdKoEwBGLhkwf7zXjF/n408MNx8AAGD4Zj7a+/p/oe+SB/1nAxeejRiuLtf/4epqXf8/7Z28DhbgUikNOgLou83vDzkbYBTe9/X/gdL0gRICAACGbrI1JIVysVMvFMrliJut1wKUkpW1WnU2Ih6LiN9OlT6Q1edaLZOB5wwAAAAAAAAAAAAAAAAAAAAAAAAAQFuaJpECAAAAl1pE4S/JL9vP8p+Zemby+O8D15L/TEX+itA3fvjq9+8sNpvbc9n0fxxOb/4gn/7cKH7BAAAAgCthwAv836tznt45jwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAYXrn3ptLneE84/7tCxEx3S1+McZb4/EoRcT1fyZRPLJcEhFjQ4g/kf35SLf4SZbWYchu8SeGEP/gbt/4cZB/Ct3i3xhCfLjK3sr2Py932/4K8VRr3H37K0a8p/6weu//4nD/N3Y0frp/uOzNU8Z44u2fVXrGvxvxRPFE/P1sD9OJn/TY/zx9yvhf/9reXq956Y8iZrp+/ySdJtkeMirNja1KY3fv9trG4mp1tbo5Pz/3wsKLC88vzFZW1mrV/G/XGN/52M/f7df/6z3iTw/o/zMn1nbtxJRCRPzv7Tv3PtSulrrFv/V0l/i/+nHe4mT8Qv7d96m8nM2f6ZQP2uWjnvzpb57s1//lHv0f9P+/1Wul9+WLfOuPg5sCAOelsbu3vlirVbcvbSE7Sz9l4+zo7ELkrHA+hf2hrjBN0zTbpt7HepK4CB9LqzDqPRMAADBs9w/6R50JAAAAAAAAAAAAAAAAAAAAXF0P8mCw5CEfJ3Y85sFhKRnGI7QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbi/wEAAP//FIPawQ==")
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x3f00, 0x0, &(0x7f0000000080)="c0"})
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0)
readahead(r5, 0xfffffffffffffffd, 0x4)
r6 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x38)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
write$FUSE_GETXATTR(r6, &(0x7f0000000180)={0x18, 0xb3ab65e660794279, 0x0, {0x7ff}}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r8, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x0)

12m58.611382114s ago: executing program 32 (id=564):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000400)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@dax}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@user_xattr}, {@errors_remount}, {@user_xattr}]}, 0x2, 0xbc1, &(0x7f00000028c0)="$eJzs3M1rXFUbAPDn3kymSZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQmmTRtJ71t+vvByT3nnrnzPM9cMvcemJkAHlgD2Z80Yl9EnEwiSs39aUQU672eiFrjcYsLc6O/L8yNJrG09MovSSQRcWNhbrT1XElzu6c56ImIb59P4n9vrY87NTM7MVKtViab44PTZ84fnJqZfWr8zMjpyunK2aHDzwwfGj48eGS4Y7X+8cOxy7899uJPtT8//uvSr+9+mMSx6GslvaqOThmIgeXXZLVCRIx0OlhOupr1rK4zKdzkoHSbkwIAoK101T3cQ1GKrli5eSvFl9/lmhwAAADQEUtdEUsAAADADpdY/wMAAMAO1/ocwI2FudFWy/cTCXfX9eMR0d+of7HZGjOFqNW3PdEdEbtvJLH6a61J47A7NhARP1478lnWYs33qe+G2nxEPLzR+U/q9ffXv8W9vv40IgY7EH9gzfh+qv9YB+LnXT8AD6YrxxsXsvXXv3T5/icietceV9jg2nU78r7+te7/Ftfd/63U39Xm/u/lLca4+NH7F9rNZfU/e/mFT1sti59t76ioW3B9PuKRwkb1J8v1J23qP7nFGKW/L1TazeVd/9IHEftj4/pbks1/n+jg2Hi1Mtj4u2GM+W+GP2kXP+/6s/O/u039rd9/anf+z28xxmsnTny+bue1le7m9ac/F5NX671ic88bI9PTk0MRxeSl9fsPbZ5L6zGt58jqP/D45v//G9WfvSfUmq9DthaYb26z8ZtrYj536eIX7fJprf/yPP+n2pz/1fV/XVh//t/eYownvnrnQLu51evfrGXxW2thAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhJI6IvkrS83E/TcjliT0T8P3an1XNT00+OnXv97KlsLqI/utOx8WplMCJKjXGSjYfq/ZXxoTXjpyNib0S8V+qtj8uj56qn8i4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZXsioi+StBwRaUQsltK0XM47KwAAAKDj+vNOAAAAANh21v8AAACw81n/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsM32PnrlahIRtaO99ZYpNue6c80M2G5p3gkAuenKOwEgN4W8EwByc4trfLcLsAMlN5nvaTuzq+O5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDv2r/vytUkImpHe+stU2zOdeeaGbDd0rwTAHLTtdlkobn1JgE7UiHvBIDcWOMDyU3me1YeU/v3zK5tywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAe09fvSVpOSKKzX3lcsR/IqI/upOx8WplMCL+GxHfl7p3ZeOhnHMGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg86ZmZidGqtXKZNZJo9lZ3qOz0kkar1jtXslH5w47xbj1o5YibuOo+7GT9zsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJqZnRipViuTU3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtamZ2YqRarUxuYyfvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM8/AQAA///V5wfU")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x4a6b297042c2cf06, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x9, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x9031, 0xffffffffffffffff, 0xe75f0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f0000000380)={'geneve0\x00'})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f00000001c0)='./bus\x00', 0x1201060, &(0x7f0000000080), 0x67, 0x538, &(0x7f0000002380)="$eJzs3V9rLGcZAPBnNrvH5JycJlUvtGCttpJT9OwmjW2DF7WC6FVBrPc1JpsQssmG7KY9CcXk4AcQRFTwSm+8EfwAghS88VKEgl4rKoroqYJeaEdmdzYnTfZPzukmm5P8fjCZ9515Z57n3TCzMzvDTABX1lMR8XJEvJum6bMRMZVPL+RDHLSHrN07995cyoYk0vTVvyeR5NM660ry8Y18sfGI+OqXI76RnIzb2N1bX6zVqtt5vdLc2Ko0dvdur20srlZXq5vz83MvLLy48PzC7FD6eTMiXvrin7/37Z986aVffOaNP7z211vfzNKazOcf7ccDKvab2e56qfVZHF1g+yGDXUTFVg9zE91ajJ2YcveMcwIAoLvsGP+DEfHJiHg2pmKs/+EsAAAA8AhKPz8Z/00i0u6u9ZgOAAAAPEIKrXtgk0I5vxdgMgqFcrl9D++H43qhVm80P71S39lcbt8rOx2lwsparTqb3ys8HaUkq8+1yvfrzx2rz0fE4xHx3amJVr28VK8tj/rHDwAAALgibhw7///XVPv8v2N/lMkBAAAAwzM96gQAAACAM3fa8//rZ5wHAAAAcHZc/wcAAIBL7SuvvJINaef918uv7+6s11+/vVxtrJc3dpbKS/XtrfJqvb7aembfxqD11er1rc/G5s6dSrPaaFYau+OxUd/ZbL62FuP/PpceAQAAAMc9/vG3fpdExMHnJlpD5trpFj1lM+CiKh6WknzcZbP+/WPt8Z/OKSngXIyNOgFgZIqjTgAYmdKoEwBGLhkwf7zXjF/n408MNx8AAGD4Zj7a+/p/oe+SB/1nAxeejRiuLtf/4epqXf8/7Z28DhbgUikNOgLou83vDzkbYBTe9/X/gdL0gRICAACGbrI1JIVysVMvFMrliJut1wKUkpW1WnU2Ih6LiN9OlT6Q1edaLZOB5wwAAAAAAAAAAAAAAAAAAAAAAAAAQFuaJpECAAAAl1pE4S/JL9vP8p+Zemby+O8D15L/TEX+itA3fvjq9+8sNpvbc9n0fxxOb/4gn/7cKH7BAAAAgCthwAv836tznt45jwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAYXrn3ptLneE84/7tCxEx3S1+McZb4/EoRcT1fyZRPLJcEhFjQ4g/kf35SLf4SZbWYchu8SeGEP/gbt/4cZB/Ct3i3xhCfLjK3sr2Py932/4K8VRr3H37K0a8p/6weu//4nD/N3Y0frp/uOzNU8Z44u2fVXrGvxvxRPFE/P1sD9OJn/TY/zx9yvhf/9reXq956Y8iZrp+/ySdJtkeMirNja1KY3fv9trG4mp1tbo5Pz/3wsKLC88vzFZW1mrV/G/XGN/52M/f7df/6z3iTw/o/zMn1nbtxJRCRPzv7Tv3PtSulrrFv/V0l/i/+nHe4mT8Qv7d96m8nM2f6ZQP2uWjnvzpb57s1//lHv0f9P+/1Wul9+WLfOuPg5sCAOelsbu3vlirVbcvbSE7Sz9l4+zo7ELkrHA+hf2hrjBN0zTbpt7HepK4CB9LqzDqPRMAADBs9w/6R50JAAAAAAAAAAAAAAAAAAAAXF0P8mCw5CEfJ3Y85sFhKRnGI7QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbi/wEAAP//FIPawQ==")
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x3f00, 0x0, &(0x7f0000000080)="c0"})
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, 0x0, 0x0)
readahead(r5, 0xfffffffffffffffd, 0x4)
r6 = open(&(0x7f0000000340)='./file1\x00', 0x185102, 0x38)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
write$FUSE_GETXATTR(r6, &(0x7f0000000180)={0x18, 0xb3ab65e660794279, 0x0, {0x7ff}}, 0x18)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r8, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x0)

5.292598182s ago: executing program 5 (id=3032):
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x3, 0x0, 0x7, 0x0})
socket(0x7, 0x800, 0xfffffffd)
recvmmsg(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000300)=@nfc, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000000540)=""/199, 0xc7}, 0xad}], 0x1, 0x10002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x949840, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000700)=[@textreal={0x8, &(0x7f0000000640)="ba4100ecbaf80c66b862eaee8f66efbafc0ced0f01ee0fae886c5f0fc75de03e0f221966b8d008ba110f23c80f21f866350c0030000f23f80f20d86635080000000f22d866b98a08000066b80c00000066ba010000000f30baf80c66b88486d28066efbafc0cec", 0x19}], 0xaaaaaaaaaaaac57, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.644598775s ago: executing program 2 (id=3037):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000440)='io_uring_complete\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x12c6, &(0x7f00000003c0)={0x0, 0x3, 0x1, 0x1, 0x800220}, &(0x7f0000000700)=<r2=>0x0, &(0x7f00000002c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r1, 0xce3, 0xfffffffe, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.333254075s ago: executing program 5 (id=3038):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$getflags(r3, 0x401)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000100)='H', 0x0}, 0x20)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000ec0)={'syz0\x00', {}, 0x26, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc, 0xffffffff, 0x0, 0x0, 0xa], [0x0, 0x0, 0x2, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xe, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x8, 0x0, 0x0, 0x548], [0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0xfffffffc, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x17)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_open_dev$tty1(0xc, 0x4, 0x1)
move_mount(0xffffffffffffff9c, &(0x7f0000008080)='./file0\x00', r5, 0x0, 0x160)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBTYPE(r6, 0x4b48, &(0x7f0000000040))
setsockopt$MRT_PIM(r5, 0x0, 0xcf, &(0x7f0000000300)=0x1, 0x4)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000340)=0x4, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r7 = userfaultfd(0x1)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x1, @any, 0x0, 0x2}, 0xe)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x4000})
write$binfmt_misc(r1, &(0x7f0000000100), 0x6)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x288, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1b8, 0xffffffff, 0xffffffff, 0x1b8, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff, 0x4, 0x6}, {0xffffffffffffffff, 0x6, 0x2}}}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xffffff00], [0xff, 0x0, 0x0, 0xff], 'wg1\x00', 'wlan1\x00', {}, {}, 0x33, 0x5, 0x5, 0x49}, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x3, 0x8, 0x10000, 0xbc, 0x7fffffff, 0x9, 0x818f, 0x7]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x2e8)

3.520832989s ago: executing program 5 (id=3041):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0x10b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000540)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x29}, @ptr={0x70742a85, 0x5, 0x0, 0x0, 0x1, 0xca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})

3.447672893s ago: executing program 5 (id=3043):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001c00)={0x84, &(0x7f0000000580)={0x0, 0x18, 0x4, "0671ea33"}, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x20, 0x0, 0x4, {0x800, 0x20}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.240535647s ago: executing program 2 (id=3045):
syz_usb_connect(0x5, 0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="1201100335fe6510ca1a8eb232920102030109023200010d019002090432a70201039e08090508"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

3.067746608s ago: executing program 4 (id=3049):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000240)={0x8, {"7f9654d636ab18b7938a2804505c72e9994ca22404fc203334cc21ed3d6a776fd12d13f9602b2980f983c31a5d1e431db778099ce3af3fb20e1ee1f4fdb77cbb36154982a93c19825d6fd273ab1eb5bcd47adad50de8a6791486e482e29ecc94284921f33b941cfc1000c9781d9a828c5ec7a2c77b4e624a5aa0e9e39782bad733eda81ba47e1c6116e4170e6587dd6210a57abe91f1f80c4e31139d8b73fe35ac1f99ea82dd6aa9c9aa67de88ae3e141020e1a876bbc449d2d843aa7e6d90b948b7e28770e6ac71010c63f17e90fd20806a9f8d9f418ee3af74aac64b04a27c4f5e3626ca2da546c79d24acadd11e8d272a22fc54078fd5e64475993668980a9f95aff964ded28f79c862e674356af492b8377a759d8ccf1accb9a18ef7ad16f438dde69cd020d71552b0810688c882a26a22b23f4b35471b08b379193db1cd7934a4049ff1b00d9795cda6e73951641d5e2365c24facd5afd09ed1d096d758b4fef66fe1aa22395d67b7e1db623d4a60a7dc93893d6c4a91df79535a855868c5dc0033d5c428cd25b85c5deb6e81068553bc84cead4d1eba8aa57e2b354a6899e44acbd3834491219b3e231cd55d82f161774a689efe197cc193ac0124c67738a0a1d5f16a6768c2c2ba7386c8c95ca08c55117f344f5a2bca0d09e79ea3fc49491f2c7adc513c2779c1bf62b1a8643d23e9e8b2ae41d4a59f1b82b82e092b36eb851b8456da871b4057aec325a9d4cccafde61f2abc85e3cabeabb856f6ffbfe23d69219ec8fae6beb54abe7870dbae823d49806a967a1c7f252999804f106745f20490bb3347b59321dc69765567abcbd89de04d89622170005df5871ed0fb72345a11da074060d7d4ee2e437f71a45723fb6b02de56067e54f54c52d10f7874a13cbfb3bd65ce54f9d6719ea210e0cf79e4e2157736ec07ac5915682ab81bced665c1e72fab8d8cfe509de0f21fe374b957b379fd5918061e21c2e96985cc1354b2de859b0f1a463ab04683b1253eda671c2353b5c208aca652f5419ffc4949a7fa909b95653f42d97390c400b4a1c308b11e73e9a06d3b164d3361e75584d70e6bc61d570a7e0c7da330f643194c1893fcd6489fac605eead61b53dff18caf526ecccc9bbd9146bc3c3bb67677695e6fddaab081786e9084014e60f5c03ae5a9087726b05e17402cd2fbb80d773b8a41470b1f901a8c2b2d57450181f4fc5bc53c7cb3dc032b84567492607cb08832eca9f79da9210d197863e5db5a74a9823dc0cc8bd9f3a9b6ff5a7d15d4747a9b26e088f4fad96d81cd1214226b1c4585d418d593220fcbb9ad949266cc48163e3498b46ebcdf7b2b5ecfe67539a61ed9e39b02d5b35ac0d0e7fa830034ca2da8a7ddf04bcf2cee939994369feb77023e0e3de04b21db7a640a92c17748245005cd75a7deba4ff0e4c104a9db2d9a98ec8edb3562050a3bac5f322290e3d8b6fb21770ac436d4cb12b97fc8f76d7bb9eeed85663eb0626f1ad1719ee4b07f7de2c1d1a31c27c6879f4fa3dbdfb2bfc0898beabafbeca9f13050e6b2f6c432e423cd5cb6b8fa56fe32c3e50104e44462c0a5c69de6a7ac5ae3d9f07ceed64dbffa42e4663838bfcde92f0fcb895f3b93c59b0e48c09890dfc36436db56b708f6e7cbbd2a6305f573cee099dbcd263cb96d9fb69cbc3cb06d8f5e3789698a17e71d22b4665ff5447fcc17a31bb136c8bb4b984573bcaf1cb650198c1266e6ddfd42d44f9de02cb9d915c5334c550fac3fcee56790aeb09d81e7690a32d8b0cc477b23f15257820de227be1ffaec2f63f3266b8f5dd78947dcee355fe59bfb100e5244425532bb1d115acd211b8c16b0ec0aae00fca5d4511a05c3ff027a1cac56210a10d81c01b90e156cc7b33de0fac825dc516d398166096013e068db935483c93ba95da39b5ae4087d84479a4c4809f28f93790dc279637bd6f3dc441d315cf6bd7b0e3d92070a45baf4445ce063fd12690eb002f5ca068a256bc54100c99a02a346beca39072163c4b297d117f1ed9fef42e3dbc11d36a0a0db52e84461c6fbb4aad62cd6c8dc9ae6a3390a5e8773ac599e67436220c8d541a9039762bffaa7f490e31dddbc362fb4ff686cda905f3b02a1db76d4d570d970434921ca8a4765af6d5c8b881e1f4ffa7e2d9ef5f5511b94f88474674ec790bb5186c73446a227bf1ffd19b605733abd1bd41e421aeaf2ed4617088c7ceef85451225056435993e89e4bccd2c2e4b39af99feef11fea645eeb5cf9f77b1e19a72d3efb613100969b84302789714bca65bcbc96762b4012a5700c62aed706433b9f142b7302442b6a9958b0e28e8b1cfa9eeb4ac0d71f497b23babf9f0221dcb658d9f4db5d45bee30d2ad7c97d6a562e014a7701c15325ec5d42ab732b37714a77a95c03fb15bbfba6fade32bf50f985a1df362ca7216cc152907dd931acb58a63920f581e82b590c0d6a0033009f8e50c3263d3f58596b63d507cadbc809a6690561f74d0772bf92d04e06c47a350724b106f5e83f7e71c4b2a983bf5ad7d8684e7b8b5dc1273d0fa5879b8e61bde33d602bc8ff0913b6d32dcac366d568dc7cf82bbfc405cbe418a2644c26592b32ca1a632fc95123efb784cfb6953a94ebeccd24fba389a0e56b043df07d9a2dd38a1196e5e55576b25f85cb96f6560802a4a58b7a6857e8454faa2c880bf32d464562b2bdc5f0df22b663f2c01fc944f1cfd1908f617f8295a5440bb79ae178ea46a95baeea48322105146ac3ed2de7d3796ddddcc848a8ecf4a00dd055733b4f59211f5a40deea44e74b3bc57953b26ed61e6fd67889edfe8d0902385e37666aacec072735630ecc441c3cc6b09bb2f63aa4e332c6df728dc74078a83ce20454dfd616d116270666ddc09c5fea2e8442bc43455d0257fac92f3780061178f9420bf8e463f29896c12383dbb9a81bc5c87376e647c8a9786cb514fb9696d9c0a8d303c5c4b5b7c5f601c01fa19323e02f675c371bc44fbc1ac5704d41a89a2a4ccec6ac8440c532f07da25aa2dce6a5d2ebe694eb4017d178b221213bfe2a01d9cfe689bd190776bca6c032f446eb8862587a7826e35f3f691763212eee6af2e49bbeb0a27e07c5714b74e373798c7bebce265f7ebef3a1ea64078cf1e8a9d433af32c53090c972ffedbadafb50b9a6e540abd84f8e938583ea725954be3b236c5d8aca7d486d21902a2902f25a7c02dbe83c39bd0b81513f9ef198c49d560e930ae224ff47f92e4851e1f7ab5bb406abcf6596569261e6b0c67bb3b854e9c6de60bfb60fcf29241ff237151310ecd19f8b2cfe764c1df1a2de9d840eca47aa169ba9a415901204ec31ccdfd76e908029ae34fb12dc286758c64fd6d42bc82b14e07e421f4b42b180cd6ef40cac8062928b4a420a4577f24295f54de9048ac9d34307bf93e463cea4967cf4880166f68ed1eb965db2e4fb9f5f0b1c695d621e427ccb9a3188073ee6fde729c6698346efa1c0ba643c1efd20858965511da750060d551c44c435a5f1603fae7357e0bc78e92aad3d88790ec2aa1a42d6fe7e0ffc57f3599e406db63be7dd32692df32ce33dee0a2becdb02d6e435e09de3d356497543db23f53da25643f9c585e275297800d8beed47f0e622f86fc25d2e87036fdceebfe7257cb6de0c02412d1c0758acfcd0862e99ad17a118f46f635a87477e8b825423d94ada35bf0b5444aa7d3de4bb7eec7ae5129fcc2cba651cc972f5500fc5161149d29f452962afb102a01ae76825cb4477460be0b85d75058595c27e9b7fae3492ec3925c671bee5f4ca534d5a294f783d6cc073c992139b61d21fd98297b04c0578dafd5f7ebcaf8d4d9185aea3d76e813421f4573b38c25093c015a65e44fb297f0f6ac2d02c4237b37a3bfca2406c5c95ae5812816bacad59ba7c6f72d7c644ff25b592ed1e89b276e05866c01a4ced7fc6dd9f190c20d420d7c8a1fe908833a24c5e5bd7a95a2a6fbf147fc4b29a179718166dd0fbae2fc6b8c8aac6194fa6baf0d3edc36b2316c56c441ba53e3e7aaaf0a1405566ff584f73a637b74dde9bcb4d41da2be6c9df5d533fbac54f5fb52a8a793757cfe19aa90048c6d07e3474136ae1be2455b0d0d02eb4b5961ba883209355c0dd2af4aad98e7b971e358a7d9b55fe17cd6095f257355d9b99e5ea52848f17b35a80792d9ed0fef6fe3eef9a324902409969823be20bbe0e8dba9c747cd1a14d3642d877b86271f3f0c322a142c4ff635b37d542c3265b5fe8589a732bb1a55010b930dd0196cd43ac3634c01b4a44c517197d03a3d89c67f5c09aab409e84c0af466bfbd0c96d240101a2542c66b4b4b8ef65b41b0079995c52cc9720d2c1d7c128c6f17a65cc798c1986cfbd8888460c54438edc4f91f3580391c8b57d9aee209a59a116c1c44775437e9c30e6d87e82ce84e28532b19441e32ab9aea22177bac9daad25a6c88395e9348d6780de630cddb266c411011175bdb6255a36535180818447d43ffba3758d311539fe9f6811fa470bf3767b4c2d4cdf37854c7ee28730bb1d39d5c0dfffcdbf353cca3e13079f3ae66b839c7dd36914022a0e75bca5b622f521420b73249ef47f03c1fb03ecf7557882afcaa7cf454a68ad237d4ce860bd6b1531c1cafe2cfb76bc4188271ef6bdfb304ee0e6932463a1909f03d6e8a27b5f137d6b342841d613863dfdf37d5ec3a98d667810fb6f82d67620bdefed8b3ff98420a6c7ee577c3ba68b95a20403608a7ba6526ec9e8662c6e15ab09b1a9019d4958af04cb2e4890ee6b1077fcaa5cc0817f388461b230fe631e75f18ab392a5ca5de4a024ca16dd05fcfdf92114e43a5c4a169d462ff0dba57deeaf5eaafd892f8ccbd72ac56471162e1416bca39859b4184ba0d1b3f7ec05db4ef4cf0142867fa9be328a0be8aa74c716aad9411008607980861f4f72e9bfa60195e2f939d3f6a44a6cec07dd376d1bccaa126686f313d5f7918ecd1215026982c82ed1922ef70e36e8ed59b2d5ceab3b4aad7e53049062dd5ba0e87f7005c3f4d2b788245cdc2f35ef2572bea5ea92dfad406ade6d5ad18be8eeb4c652e5277b200fedea1c0c0f5a68d42e00d59b75941917b2cdf31fdf809f2078ca97fd5beba65b34e0621138ea0e94feb87166b2dac2232ebca575e5c0a4d565d9992f733bbfbe68a63d99ee93398604065d5517c33ed0e067bdb643e73102f16137afd7d4bf21e8065ea028c392a6dcefbe642dc3fb03a239d9c8b17023eacc8e19fea11c34a10644af1b786fc0f4504038c2ee59c1b353f3d7b9313df025b4b5874ca63ec164a3fe35bf390d266f53dcda6a8e190e63a56ffdf4f7c5c02aa22d376db06d4d2b96be5b331f897d1ecfd25c13a1c194c265dd95a5724a6435bc8138224d9db28b689b9cea5132cd19601dbc4a43e70c71e27e8fd0689d09484974e8a4605f8553735fffaf5654a087e323ca14e02b681b9bbe592bd6b719ae2e86bdf918b27c79d52dd334d1aa7ebc1bff76e97572faad092010a1022f7d33089049107a89c364ae7dd022d119e8f6ab795fd71d76a90e8202339401ff9e9918ea8c8e12f7b0ba10d9ebde5d1bc5988f2d07b34579d8c282628204f2978d8b0cf95dc41f3775a4053f833267c64b42336d7c850f2918ef0dd6d62e43fcc173254eb34748efd4754609ce25ade162ba3c91bb844aaf6fd648ee5a8fc5c64346603f8258592d67b9613e8f7ac0def0958f13436581d729e0b3e062738eb06b2116abe837529690a614fc5d3f53b4d4602e57060", 0x1000}}, 0xf47)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x400, 0xffff1000, 0x2, 0xffffffffffffffff, 0x2})

3.03652866s ago: executing program 4 (id=3050):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000480)='./file0\x00', 0x103680, 0x20)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0xa)

2.944138816s ago: executing program 1 (id=3052):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f80)=@newsa={0xf0, 0x1e, 0x1, 0x8000000, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2, 0x80, 0x0, 0x0, 0x0, 0x20, 0x0, 0x33}, {@in6=@mcast1, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x0, 0x0, 0x3fffffffffff, 0x0, 0x0, 0xffffffffffffffff}, {0x5680000000, 0x0, 0xff}, {0x10, 0x9, 0x2}, 0xfffffffe, 0x0, 0x2, 0x1}}, 0xf0}}, 0x0)

2.943953947s ago: executing program 4 (id=3053):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/mcfilter\x00')
pread64(r3, &(0x7f0000000340)=""/125, 0x7d, 0x66fe)

2.858967392s ago: executing program 1 (id=3054):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000380)={0x0, 0x3, 0x3, 0x7fff, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
read$FUSE(r2, &(0x7f0000004d80)={0x2020}, 0x2020)

2.664760915s ago: executing program 1 (id=3055):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00'})
r0 = socket$netlink(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
getresgid(&(0x7f0000000040), 0x0, &(0x7f0000000240))
sendmsg$nl_route_sched(r0, 0x0, 0x20040887)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2000000000002)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="2b637075205d280b3f3e7f79ce7f9aa179573a83a26d67955e68e0e84d7aea22721d6fc484f3a603c2aa1c5cf67e2345f786e0815422cc80d7bfe839420d07f6e6caa3f8415a2e513dc1cba69d6c1c32c1a8cda11845fa2851641e6869fc835c37b2b1c8f109a326c7d1092ef84bd14caa4d38bd7b6eda1b749531071c77ae4e3a1260c359d8e1c4af3ca1007e876a26d657f934d3cd908d84bd861f39c3974c5ffda78cfcd563c50b2891d393f651e584a362f44d7d762ce3b231a82b9796fa7a0afcbde55b"], 0x5)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r7, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0)

2.245518142s ago: executing program 3 (id=3057):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd70000000000001000000080002000300000008000100020000002c000480050003000200000004000300"], 0x50}, 0x1, 0x0, 0x0, 0x80080}, 0x24000000)

2.222147464s ago: executing program 3 (id=3058):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, 0x0, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r0, 0xc008aec1, &(0x7f0000000240)={0x1, 0x0, [{0x80000001, 0x0, 0x2, 0x42b, 0xffffffff, 0x81, 0xcb8}]})
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)

2.064429074s ago: executing program 4 (id=3059):
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$char_usb(r3, &(0x7f0000000240)="2acd4aecf91c42629a13fe53", 0xc)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r5 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r5, &(0x7f0000000280)={0xa, 0x4e24, 0x6c9, @remote, 0x200}, 0x1c)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e23, 0x8, @mcast2, 0x1000008}, 0x1c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x4040, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0xc0189436, &(0x7f0000000140))

1.677477209s ago: executing program 3 (id=3060):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

1.646832842s ago: executing program 3 (id=3061):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10)
sendmsg$can_bcm(r5, 0x0, 0x20008000)

890.281212ms ago: executing program 1 (id=3062):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000080)={0x1, 0x1, [@broadcast]})
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004)

729.529262ms ago: executing program 2 (id=3063):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$poke(0x13, r0, 0x0, 0xffffffffffffffd)

729.399502ms ago: executing program 2 (id=3064):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x65364000)
madvise(&(0x7f00006d3000/0x4000)=nil, 0x4000, 0x66)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

628.526618ms ago: executing program 2 (id=3065):
socket$inet6_tcp(0xa, 0x1, 0x0)
fstat(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

615.39638ms ago: executing program 2 (id=3066):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@ipv6_getaddrlabel={0x1c, 0x1e, 0x492dfc465ae32a8d}, 0x1c}, 0x1, 0x0, 0x0, 0x10008000}, 0x14048010)

521.468126ms ago: executing program 3 (id=3067):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004c40)=[{{&(0x7f00000008c0)={0xa, 0x4e20, 0x5, @empty, 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000f00)=ANY=[@ANYBLOB="580000000000000029000000390000008808000300000000ff020000000000000000000000000001fe8000000000000000000000000000bbfe8000000000000000000000000000bb2001000000000000000000000000000138"], 0x90}}], 0x1, 0x100)

432.557452ms ago: executing program 3 (id=3068):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c0d25f20fd0b0201f0bb000000010902120001000000000904"], 0x0)

368.904796ms ago: executing program 4 (id=3069):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000006c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x4, 0x10000000, 0x0, 0xfffe, 0x0, 0xe6d7, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, 0x0)

185.518058ms ago: executing program 5 (id=3070):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r1, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '@\x00', 0x14, 0x6, 0x1, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0xf}}}}}}}, 0x0)

47.145227ms ago: executing program 5 (id=3071):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0xf000, 0x11101000, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x3000, 0x0, r2})

47.034227ms ago: executing program 1 (id=3072):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x2, 0x2, @loopback, 0x8}, 0x1c)
sendto$inet6(r0, &(0x7f00000000c0)="b2", 0x1, 0x240040c4, &(0x7f0000000040)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c)
shutdown(r0, 0x1)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000300))

483.87µs ago: executing program 1 (id=3073):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x2, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x7fff}, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x6, 0x4, 0x9, '\x00', 0x1})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 4 (id=3074):
capset(&(0x7f0000000080)={0x20080522}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x481}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in=@remote, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc00000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

ng a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1011.193078][T10261] loop3: detected capacity change from 0 to 512
[ 1011.255917][T10240] F2FS-fs (loop4): invalid crc value
[ 1011.411990][T10240] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1011.419458][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1011.419474][   T30] audit: type=1326 audit(1759943686.108:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1011.536183][   T30] audit: type=1326 audit(1759943686.148:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1011.571616][T10240] F2FS-fs (loop4): Start checkpoint disabled!
[ 1011.578979][T10240] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1011.649406][   T30] audit: type=1326 audit(1759943686.158:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1011.791945][T10276] loop5: detected capacity change from 0 to 1024
[ 1011.829234][   T30] audit: type=1326 audit(1759943686.158:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1011.943406][   T30] audit: type=1326 audit(1759943686.158:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1012.197987][   T30] audit: type=1326 audit(1759943686.158:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1012.226875][T10276] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1012.245623][   T30] audit: type=1326 audit(1759943686.158:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1012.306859][T10276] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1012.429616][   T30] audit: type=1326 audit(1759943686.158:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1013.225168][   T30] audit: type=1326 audit(1759943686.158:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1013.272544][   T30] audit: type=1326 audit(1759943686.158:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10263 comm="syz.1.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1013.454181][  T518] attempt to access beyond end of device
[ 1013.454181][  T518] loop4: rw=2049, want=40968, limit=40427
[ 1014.479058][  T518] attempt to access beyond end of device
[ 1014.479058][  T518] loop4: rw=2049, want=41008, limit=40427
[ 1014.597929][T10299] loop3: detected capacity change from 0 to 512
[ 1014.682045][T10299] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2529: corrupted inode contents
[ 1014.740043][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.767175][T10299] EXT4-fs error (device loop3): ext4_dirty_inode:6071: inode #16: comm syz.3.2529: mark_inode_dirty error
[ 1014.797831][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.807391][T10299] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2529: corrupted inode contents
[ 1014.809791][T10297] loop2: detected capacity change from 0 to 40427
[ 1014.840632][T10297] F2FS-fs (loop2): invalid crc value
[ 1014.850297][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.857412][T10299] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.2529: mark_inode_dirty error
[ 1014.869485][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.876405][T10299] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2529: corrupted inode contents
[ 1014.889103][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.904655][T10297] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1014.916819][T10299] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1014.926492][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.933967][T10299] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2529: corrupted inode contents
[ 1014.946683][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1014.953588][T10299] EXT4-fs error (device loop3): ext4_truncate:4304: inode #16: comm syz.3.2529: mark_inode_dirty error
[ 1015.072993][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1015.103100][T10297] F2FS-fs (loop2): Start checkpoint disabled!
[ 1015.112345][T10299] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1015.159020][T10299] EXT4-fs (loop3): Remounting filesystem read-only
[ 1015.169062][T10299] EXT4-fs (loop3): 1 truncate cleaned up
[ 1015.176083][T10297] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1015.225399][T10299] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,data_err=ignore,. Quota mode: writeback.
[ 1015.238121][T10299] ext4 filesystem being mounted at /521/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1015.310585][T10313] loop5: detected capacity change from 0 to 1024
[ 1015.345264][T10313] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1015.365804][T10313] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1015.384456][T10313] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 3: comm syz.5.2535: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1015.403766][T10313] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1015.416587][T10313] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1015.416587][T10313] 
[ 1015.428178][T10313] EXT4-fs error (device loop5): ext4_ext_remove_space:2929: inode #15: comm syz.5.2535: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1015.446579][T10313] EXT4-fs error (device loop5) in ext4_setattr:5639: Corrupt filesystem
[ 1015.543780][T10321] loop5: detected capacity change from 0 to 1024
[ 1015.550656][ T6896] attempt to access beyond end of device
[ 1015.550656][ T6896] loop2: rw=2049, want=40968, limit=40427
[ 1015.563112][ T6896] attempt to access beyond end of device
[ 1015.563112][ T6896] loop2: rw=2049, want=41000, limit=40427
[ 1015.630225][T10321] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1015.718899][T10330] loop3: detected capacity change from 0 to 1024
[ 1015.736976][T10321] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1015.780461][T10330] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1015.970881][T10330] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1016.388995][T10342] loop4: detected capacity change from 0 to 4096
[ 1016.583067][T10342] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[ 1016.597051][T10342] EXT4-fs (loop4): dax option not supported
[ 1016.622861][T10346] loop2: detected capacity change from 0 to 4096
[ 1016.641187][T10346] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[ 1016.680285][T10346] EXT4-fs (loop2): dax option not supported
[ 1016.719340][T10350] loop5: detected capacity change from 0 to 1024
[ 1016.857591][T10350] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1016.875395][T10350] ext4 filesystem being mounted at /405/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1016.892340][T10350] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 3: comm syz.5.2547: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1016.908311][T10350] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1016.925343][T10350] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1016.925343][T10350] 
[ 1016.978566][T10358] loop2: detected capacity change from 0 to 512
[ 1017.018048][T10359] loop4: detected capacity change from 0 to 512
[ 1017.035353][T10350] EXT4-fs error (device loop5): ext4_ext_remove_space:2929: inode #15: comm syz.5.2547: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1017.546467][T10350] EXT4-fs error (device loop5) in ext4_setattr:5639: Corrupt filesystem
[ 1017.642972][T10361] loop3: detected capacity change from 0 to 512
[ 1017.743202][T10361] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2548: corrupted inode contents
[ 1017.774366][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1017.801267][T10361] EXT4-fs error (device loop3): ext4_dirty_inode:6071: inode #16: comm syz.3.2548: mark_inode_dirty error
[ 1017.890284][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1017.896895][T10361] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2548: corrupted inode contents
[ 1017.949812][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1017.963899][T10361] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.2548: mark_inode_dirty error
[ 1017.978028][ T8318] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0
[ 1017.992641][ T8318] hid-generic 0000:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1018.007514][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.007551][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1018.007563][   T30] audit: type=1326 audit(1759943692.698:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.5.2549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1018.014365][T10361] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2548: corrupted inode contents
[ 1018.062833][   T30] audit: type=1326 audit(1759943692.698:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.5.2549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1018.099589][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.116941][T10376] loop5: detected capacity change from 0 to 1024
[ 1018.122985][T10361] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1018.143389][T10381] fido_id[10381]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1018.169781][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.176747][T10361] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2548: corrupted inode contents
[ 1018.210611][  T497] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[ 1018.215370][T10376] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1018.230485][  T497] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1018.241689][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.253691][T10361] EXT4-fs error (device loop3): ext4_truncate:4304: inode #16: comm syz.3.2548: mark_inode_dirty error
[ 1018.282850][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.293967][T10376] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1018.297368][T10361] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1018.329806][T10361] EXT4-fs (loop3): Remounting filesystem read-only
[ 1018.342882][T10361] EXT4-fs (loop3): 1 truncate cleaned up
[ 1018.355190][T10361] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,data_err=ignore,. Quota mode: writeback.
[ 1018.373438][T10361] ext4 filesystem being mounted at /526/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1018.879015][T10395] loop5: detected capacity change from 0 to 256
[ 1018.894813][T10396] loop3: detected capacity change from 0 to 1024
[ 1018.910581][T10395] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1018.925560][T10395] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1018.936483][T10395] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1018.964082][T10396] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1018.983678][T10398] loop1: detected capacity change from 0 to 256
[ 1019.040359][T10396] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1019.080693][T10398] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1019.151078][T10398] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1019.171643][T10398] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1020.534334][T10417] loop2: detected capacity change from 0 to 512
[ 1020.612882][  T393] hid-generic 0000:0000:0000.001D: unknown main item tag 0x0
[ 1020.649668][   T30] audit: type=1326 audit(1759943695.328:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1020.841541][  T393] hid-generic 0000:0000:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1021.039000][   T30] audit: type=1326 audit(1759943695.398:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.263960][T10424] loop1: detected capacity change from 0 to 1024
[ 1021.287320][T10421] fido_id[10421]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1021.325319][T10427] loop5: detected capacity change from 0 to 512
[ 1021.338380][   T30] audit: type=1326 audit(1759943695.408:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.366337][   T30] audit: type=1326 audit(1759943695.418:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.392057][   T30] audit: type=1326 audit(1759943695.418:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.422013][   T30] audit: type=1326 audit(1759943695.428:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.448490][   T30] audit: type=1326 audit(1759943695.428:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.473015][T10432] loop2: detected capacity change from 0 to 1024
[ 1021.505298][   T30] audit: type=1326 audit(1759943695.438:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10418 comm="syz.5.2563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fdba1b71ec9 code=0x7ffc0000
[ 1021.532468][T10427] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #16: comm syz.5.2567: corrupted inode contents
[ 1021.545703][T10424] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1021.564185][T10424] ext4 filesystem being mounted at /528/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1021.570406][T10432] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1021.581575][T10424] EXT4-fs error (device loop1): ext4_map_blocks:740: inode #15: block 3: comm syz.1.2566: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1021.601767][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.608901][T10427] EXT4-fs error (device loop5): ext4_dirty_inode:6071: inode #16: comm syz.5.2567: mark_inode_dirty error
[ 1021.621605][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.628576][T10427] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #16: comm syz.5.2567: corrupted inode contents
[ 1021.638080][T10424] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1021.655175][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.662718][T10443] loop4: detected capacity change from 0 to 1024
[ 1021.663688][T10427] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #16: comm syz.5.2567: mark_inode_dirty error
[ 1021.682312][T10424] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1021.682312][T10424] 
[ 1021.692988][T10445] EXT4-fs error (device loop1): ext4_ext_remove_space:2929: inode #15: comm syz.1.2566: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1021.693541][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.713873][T10432] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1021.718357][T10427] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #16: comm syz.5.2567: corrupted inode contents
[ 1021.757008][T10445] EXT4-fs error (device loop1) in ext4_setattr:5639: Corrupt filesystem
[ 1021.801260][T10443] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1021.819171][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.834182][T10427] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[ 1021.843577][T10443] ext4 filesystem being mounted at /496/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1021.884535][T10452] loop1: detected capacity change from 0 to 4096
[ 1021.893984][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.910144][T10452] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1021.920071][T10427] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #16: comm syz.5.2567: corrupted inode contents
[ 1021.946568][T10443] EXT4-fs error (device loop4): ext4_map_blocks:740: inode #15: block 3: comm syz.4.2571: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1021.961104][T10452] EXT4-fs (loop1): dax option not supported
[ 1021.969895][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1021.994632][T10427] EXT4-fs error (device loop5): ext4_truncate:4304: inode #16: comm syz.5.2567: mark_inode_dirty error
[ 1022.007847][T10456] loop3: detected capacity change from 0 to 256
[ 1022.020165][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1022.031507][T10456] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1022.032550][T10427] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[ 1022.052526][T10456] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1022.071811][T10443] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1022.085323][T10456] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1022.098287][T10427] EXT4-fs (loop5): Remounting filesystem read-only
[ 1022.104916][T10443] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1022.104916][T10443] 
[ 1022.111307][T10427] EXT4-fs (loop5): 1 truncate cleaned up
[ 1022.151997][T10427] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,data_err=ignore,. Quota mode: writeback.
[ 1022.177755][T10427] ext4 filesystem being mounted at /412/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1022.219132][  T774] EXT4-fs error (device loop4): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[ 1022.252612][  T774] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[ 1022.266802][  T774] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1022.266802][  T774] 
[ 1022.718292][T10462] loop4: detected capacity change from 0 to 4096
[ 1022.750107][T10462] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[ 1022.761796][T10462] EXT4-fs (loop4): dax option not supported
[ 1022.776134][T10463] loop1: detected capacity change from 0 to 512
[ 1023.049487][T10470] loop2: detected capacity change from 0 to 1024
[ 1023.096413][T10470] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1023.135186][T10474] loop4: detected capacity change from 0 to 512
[ 1023.235370][T10481] loop3: detected capacity change from 0 to 1024
[ 1023.260184][T10470] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1023.422629][T10481] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1023.449888][T10481] ext4 filesystem being mounted at /532/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1023.643879][T10481] EXT4-fs error (device loop3): ext4_map_blocks:740: inode #15: block 3: comm syz.3.2581: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1023.737961][T10481] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1023.759996][T10472] loop5: detected capacity change from 0 to 40427
[ 1023.789629][T10481] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1023.789629][T10481] 
[ 1023.840015][T10487] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.2581: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1023.932266][T10487] EXT4-fs error (device loop3) in ext4_setattr:5639: Corrupt filesystem
[ 1023.944574][T10472] F2FS-fs (loop5): invalid crc value
[ 1023.961690][T10472] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1024.333358][T10494] loop3: detected capacity change from 0 to 1024
[ 1024.342288][T10472] F2FS-fs (loop5): Start checkpoint disabled!
[ 1024.353605][T10472] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1024.389092][T10494] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1024.406018][T10494] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1024.599196][ T5721] attempt to access beyond end of device
[ 1024.599196][ T5721] loop5: rw=2049, want=40968, limit=40427
[ 1024.786224][T10500] loop2: detected capacity change from 0 to 1024
[ 1024.843684][T10500] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1024.989741][T10500] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1025.116292][T10500] EXT4-fs error (device loop2): ext4_map_blocks:740: inode #15: block 3: comm syz.2.2586: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1025.186497][T10500] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1025.225539][T10500] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1025.225539][T10500] 
[ 1025.257454][T10509] loop5: detected capacity change from 0 to 1024
[ 1025.264791][ T5721] EXT4-fs error (device loop2): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:3: lblock 8 mapped to illegal pblock 8 (length 8)
[ 1025.299692][ T5721] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[ 1025.321461][T10509] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1025.329043][ T5721] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1025.329043][ T5721] 
[ 1025.460181][T10509] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1025.486801][   T30] kauditd_printk_skb: 15 callbacks suppressed
[ 1025.486818][   T30] audit: type=1326 audit(1759943700.178:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1025.883502][   T30] audit: type=1326 audit(1759943700.178:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1025.907993][   T30] audit: type=1326 audit(1759943700.478:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1025.949605][   T30] audit: type=1326 audit(1759943700.478:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1026.029615][   T30] audit: type=1326 audit(1759943700.478:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10517 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1026.036606][T10524] loop2: detected capacity change from 0 to 1024
[ 1026.089834][T10511] loop3: detected capacity change from 0 to 40427
[ 1026.122068][T10511] F2FS-fs (loop3): invalid crc value
[ 1026.131480][T10511] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1026.140845][T10524] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1026.253872][T10511] F2FS-fs (loop3): Start checkpoint disabled!
[ 1026.273202][T10524] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1026.303135][T10511] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1026.811779][  T774] attempt to access beyond end of device
[ 1026.811779][  T774] loop3: rw=2049, want=40968, limit=40427
[ 1026.826375][  T774] attempt to access beyond end of device
[ 1026.826375][  T774] loop3: rw=2049, want=41000, limit=40427
[ 1026.841541][T10544] loop2: detected capacity change from 0 to 256
[ 1026.864043][T10544] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1026.875908][T10544] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1026.891411][T10546] loop5: detected capacity change from 0 to 256
[ 1026.905754][T10544] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1026.993604][T10546] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1027.012431][T10546] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1027.023308][T10546] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1027.326721][T10552] loop1: detected capacity change from 0 to 1024
[ 1027.516037][T10552] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1027.534785][T10556] loop3: detected capacity change from 0 to 1024
[ 1027.545358][   T30] audit: type=1326 audit(1759943702.238:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.4.2601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6366df4ec9 code=0x7ffc0000
[ 1027.548008][T10552] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1027.601405][   T30] audit: type=1326 audit(1759943702.268:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.4.2601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6366df4ec9 code=0x7ffc0000
[ 1027.627062][   T30] audit: type=1326 audit(1759943702.268:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.4.2601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6366df4ec9 code=0x7ffc0000
[ 1027.651514][   T30] audit: type=1326 audit(1759943702.268:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.4.2601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6366df4ec9 code=0x7ffc0000
[ 1027.676648][   T30] audit: type=1326 audit(1759943702.268:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10560 comm="syz.4.2601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6366df4ec9 code=0x7ffc0000
[ 1027.774957][T10568] loop4: detected capacity change from 0 to 256
[ 1027.797210][T10556] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1027.817244][T10556] ext4 filesystem being mounted at /536/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1027.838877][T10570] loop5: detected capacity change from 0 to 1024
[ 1027.856702][T10556] syz.3.2600[10556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1027.856786][T10556] syz.3.2600[10556] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1027.870703][T10556] EXT4-fs error (device loop3): ext4_map_blocks:740: inode #15: block 3: comm syz.3.2600: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1027.911291][T10568] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1027.923297][T10568] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1027.932544][T10556] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1027.951151][T10556] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1027.951151][T10556] 
[ 1027.973704][  T774] EXT4-fs error (device loop3): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[ 1028.020878][T10570] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1028.075547][T10580] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2605'.
[ 1028.106934][T10568] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1028.244205][T10570] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1028.288577][  T774] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[ 1028.315528][T10570] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 3: comm syz.5.2604: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1028.337329][  T774] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1028.337329][  T774] 
[ 1028.349822][T10570] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1028.363411][T10570] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1028.363411][T10570] 
[ 1028.393927][  T774] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[ 1028.508585][T10583] loop3: detected capacity change from 0 to 1024
[ 1028.530432][  T774] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[ 1028.798921][  T774] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1028.798921][  T774] 
[ 1028.817484][T10583] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1028.890026][T10583] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1029.247457][T10590] loop5: detected capacity change from 0 to 40427
[ 1029.396185][T10590] F2FS-fs (loop5): invalid crc value
[ 1029.430883][T10590] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1029.445772][T10601] loop1: detected capacity change from 0 to 1024
[ 1029.466487][T10601] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1029.494881][T10603] loop3: detected capacity change from 0 to 1024
[ 1029.496777][T10590] F2FS-fs (loop5): Start checkpoint disabled!
[ 1029.509177][T10590] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1029.545593][T10603] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1029.548909][T10601] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1029.563286][T10603] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1029.620079][T10603] EXT4-fs error (device loop3): ext4_map_blocks:740: inode #15: block 3: comm syz.3.2612: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1029.635206][T10603] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1029.647945][T10603] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1029.647945][T10603] 
[ 1029.667951][T10603] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.2612: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1029.778715][  T774] attempt to access beyond end of device
[ 1029.778715][  T774] loop5: rw=2049, want=40968, limit=40427
[ 1029.797665][  T774] attempt to access beyond end of device
[ 1029.797665][  T774] loop5: rw=2049, want=40984, limit=40427
[ 1029.819881][T10603] EXT4-fs error (device loop3) in ext4_setattr:5639: Corrupt filesystem
[ 1030.307851][T10633] loop5: detected capacity change from 0 to 256
[ 1030.361673][T10633] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1030.373703][T10633] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1030.385536][T10633] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1030.932953][T10640] loop4: detected capacity change from 0 to 256
[ 1030.992286][T10640] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1031.012766][T10640] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1031.032106][T10640] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1032.334700][T10642] loop2: detected capacity change from 0 to 40427
[ 1032.385889][T10661] loop3: detected capacity change from 0 to 1024
[ 1032.402653][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1032.402670][   T30] audit: type=1326 audit(1759943707.098:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.404483][T10642] F2FS-fs (loop2): invalid crc value
[ 1032.411006][   T30] audit: type=1326 audit(1759943707.108:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.456546][T10665] loop4: detected capacity change from 0 to 256
[ 1032.464436][   T30] audit: type=1326 audit(1759943707.108:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.471872][T10642] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1032.500075][   T30] audit: type=1326 audit(1759943707.108:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.525600][   T30] audit: type=1326 audit(1759943707.108:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.537503][T10642] F2FS-fs (loop2): Start checkpoint disabled!
[ 1032.551062][   T30] audit: type=1326 audit(1759943707.108:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.558059][T10642] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1032.587691][   T30] audit: type=1326 audit(1759943707.108:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10662 comm="syz.1.2629" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab3f595ec9 code=0x7ffc0000
[ 1032.589760][T10665] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1032.659649][T10665] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1032.676152][T10665] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1032.689238][T10661] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1032.799769][T10661] ext4 filesystem being mounted at /543/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1032.852828][T10661] EXT4-fs error (device loop3): ext4_map_blocks:740: inode #15: block 3: comm syz.3.2628: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1032.877274][T10661] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1032.890768][T10661] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1032.890768][T10661] 
[ 1032.904701][T10661] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.2628: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1032.956186][T10661] EXT4-fs error (device loop3) in ext4_setattr:5639: Corrupt filesystem
[ 1033.015290][  T774] attempt to access beyond end of device
[ 1033.015290][  T774] loop2: rw=2049, want=40968, limit=40427
[ 1033.032550][  T774] attempt to access beyond end of device
[ 1033.032550][  T774] loop2: rw=2049, want=41000, limit=40427
[ 1033.916782][T10693] loop1: detected capacity change from 0 to 40427
[ 1033.932820][T10693] F2FS-fs (loop1): invalid crc value
[ 1033.947529][T10693] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1033.964265][T10698] loop5: detected capacity change from 0 to 40427
[ 1033.982994][T10698] F2FS-fs (loop5): invalid crc value
[ 1033.992584][T10698] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1033.995877][T10693] F2FS-fs (loop1): Start checkpoint disabled!
[ 1034.007544][T10693] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[ 1034.042851][T10698] F2FS-fs (loop5): Start checkpoint disabled!
[ 1034.050134][T10698] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1034.067381][  T518] attempt to access beyond end of device
[ 1034.067381][  T518] loop1: rw=2049, want=40968, limit=40427
[ 1034.079444][  T518] attempt to access beyond end of device
[ 1034.079444][  T518] loop1: rw=2049, want=40992, limit=40427
[ 1034.232879][  T518] attempt to access beyond end of device
[ 1034.232879][  T518] loop5: rw=2049, want=40968, limit=40427
[ 1034.244740][  T518] attempt to access beyond end of device
[ 1034.244740][  T518] loop5: rw=2049, want=41008, limit=40427
[ 1034.343338][T10710] loop3: detected capacity change from 0 to 512
[ 1034.369279][T10712] loop1: detected capacity change from 0 to 1024
[ 1034.410257][T10712] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1034.436106][T10710] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2643: corrupted inode contents
[ 1034.450827][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.450958][T10712] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1034.457518][T10710] EXT4-fs error (device loop3): ext4_dirty_inode:6071: inode #16: comm syz.3.2643: mark_inode_dirty error
[ 1034.498442][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.506120][T10710] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2643: corrupted inode contents
[ 1034.529086][T10722] loop4: detected capacity change from 0 to 1024
[ 1034.538879][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.546051][T10710] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.2643: mark_inode_dirty error
[ 1034.559280][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.566126][T10710] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2643: corrupted inode contents
[ 1034.579185][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.586285][T10710] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1034.616316][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.628674][T10710] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2643: corrupted inode contents
[ 1034.642433][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.649238][T10710] EXT4-fs error (device loop3): ext4_truncate:4304: inode #16: comm syz.3.2643: mark_inode_dirty error
[ 1034.650190][T10722] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1034.660741][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.680289][T10722] ext4 filesystem being mounted at /511/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1034.688666][T10727] loop2: detected capacity change from 0 to 1024
[ 1034.728511][T10710] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1034.863432][T10710] EXT4-fs (loop3): Remounting filesystem read-only
[ 1034.871080][T10710] EXT4-fs (loop3): 1 truncate cleaned up
[ 1034.877113][T10710] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,data_err=ignore,. Quota mode: writeback.
[ 1034.890482][T10710] ext4 filesystem being mounted at /545/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1034.907784][T10727] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1034.947741][T10722] EXT4-fs error (device loop4): ext4_map_blocks:740: inode #15: block 3: comm syz.4.2645: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1034.969947][T10727] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1034.997807][T10722] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1035.025279][T10722] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1035.025279][T10722] 
[ 1035.035649][T10731] EXT4-fs error (device loop4): ext4_ext_remove_space:2929: inode #15: comm syz.4.2645: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1035.057297][T10731] EXT4-fs error (device loop4) in ext4_setattr:5639: Corrupt filesystem
[ 1036.841371][T10756] loop3: detected capacity change from 0 to 1024
[ 1036.897940][T10756] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1036.918272][T10756] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1037.083131][T10758] loop1: detected capacity change from 0 to 40427
[ 1037.158643][T10758] F2FS-fs (loop1): invalid crc value
[ 1037.216750][T10758] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1037.394863][T10758] F2FS-fs (loop1): Start checkpoint disabled!
[ 1037.409680][T10758] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[ 1037.544514][  T518] attempt to access beyond end of device
[ 1037.544514][  T518] loop1: rw=2049, want=40968, limit=40427
[ 1037.556397][  T518] attempt to access beyond end of device
[ 1037.556397][  T518] loop1: rw=2049, want=40992, limit=40427
[ 1037.725393][T10771] loop2: detected capacity change from 0 to 1024
[ 1037.846017][T10773] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2658'.
[ 1038.073696][T10771] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1038.149747][T10771] ext4 filesystem being mounted at /491/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1038.184807][T10771] EXT4-fs error (device loop2): ext4_map_blocks:740: inode #15: block 3: comm syz.2.2659: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1038.219826][T10771] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1038.239610][T10771] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1038.239610][T10771] 
[ 1038.255498][T10783] EXT4-fs error (device loop2): ext4_ext_remove_space:2929: inode #15: comm syz.2.2659: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1038.296854][T10783] EXT4-fs error (device loop2) in ext4_setattr:5639: Corrupt filesystem
[ 1038.318768][T10779] loop1: detected capacity change from 0 to 40427
[ 1038.376385][T10779] F2FS-fs (loop1): invalid crc value
[ 1038.411217][T10779] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1038.438464][  T497] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[ 1038.480355][  T497] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1038.518770][T10788] loop2: detected capacity change from 0 to 1024
[ 1038.556549][T10793] loop5: detected capacity change from 0 to 1024
[ 1038.563816][T10779] F2FS-fs (loop1): Start checkpoint disabled!
[ 1038.583040][T10789] fido_id[10789]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1038.601422][T10779] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[ 1038.631377][T10793] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1038.648530][T10788] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1038.681620][T10788] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1038.686524][T10793] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,nombcache,errors=remount-ro,. Quota mode: writeback.
[ 1038.976997][  T339] attempt to access beyond end of device
[ 1038.976997][  T339] loop1: rw=2049, want=40968, limit=40427
[ 1038.985844][T10804] loop3: detected capacity change from 0 to 256
[ 1038.995506][  T339] attempt to access beyond end of device
[ 1038.995506][  T339] loop1: rw=2049, want=41008, limit=40427
[ 1039.046470][T10804] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1039.070329][T10804] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1039.083893][T10804] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1041.206244][  T472] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 1041.254351][  T472] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1041.270348][T10834] loop2: detected capacity change from 0 to 4096
[ 1041.296466][T10835] fido_id[10835]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1041.452473][T10834] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1041.775840][T10837] loop4: detected capacity change from 0 to 40427
[ 1041.802925][T10837] F2FS-fs (loop4): invalid crc value
[ 1041.813230][T10837] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1041.856443][T10837] F2FS-fs (loop4): Start checkpoint disabled!
[ 1041.876133][T10837] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1041.964002][T10847] loop2: detected capacity change from 0 to 40427
[ 1041.999621][T10847] F2FS-fs (loop2): invalid crc value
[ 1042.024584][T10852] loop1: detected capacity change from 0 to 1024
[ 1042.044435][  T774] attempt to access beyond end of device
[ 1042.044435][  T774] loop4: rw=2049, want=40968, limit=40427
[ 1042.080327][T10847] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1042.090959][T10855] loop3: detected capacity change from 0 to 256
[ 1042.125184][T10847] F2FS-fs (loop2): Start checkpoint disabled!
[ 1042.132686][T10847] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1042.145335][T10852] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1042.152094][T10855] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1042.176979][T10855] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1042.217575][T10852] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,i_version,noblock_validity,commit=0x0000000000000005,inlinecrypt,max_batch_time=0x0000000000000000,abort,auto_da_alloc,lazytime,noauto_da_alloc,block_validity,,errors=continue. Quota mode: writeback.
[ 1042.261652][T10862] loop4: detected capacity change from 0 to 1024
[ 1042.285263][T10855] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1042.317699][  T774] attempt to access beyond end of device
[ 1042.317699][  T774] loop2: rw=2049, want=40968, limit=40427
[ 1042.326573][T10862] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1042.337727][  T774] attempt to access beyond end of device
[ 1042.337727][  T774] loop2: rw=2049, want=40992, limit=40427
[ 1042.347084][T10862] ext4 filesystem being mounted at /520/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1042.390541][T10862] EXT4-fs error (device loop4): ext4_map_blocks:740: inode #15: block 3: comm syz.4.2685: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1042.405167][T10862] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1042.418497][T10862] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1042.418497][T10862] 
[ 1042.687302][T10862] EXT4-fs error (device loop4): ext4_ext_remove_space:2929: inode #15: comm syz.4.2685: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1042.710791][T10862] EXT4-fs error (device loop4) in ext4_setattr:5639: Corrupt filesystem
[ 1042.770716][   T26] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[ 1042.784005][   T26] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1042.879126][T10872] fido_id[10872]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1043.442223][T10885] loop3: detected capacity change from 0 to 512
[ 1043.695433][T10879] loop5: detected capacity change from 0 to 40427
[ 1043.743033][T10885] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2691: corrupted inode contents
[ 1043.806684][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1043.813498][T10885] EXT4-fs error (device loop3): ext4_dirty_inode:6071: inode #16: comm syz.3.2691: mark_inode_dirty error
[ 1043.829179][T10879] F2FS-fs (loop5): invalid crc value
[ 1043.852261][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1043.864992][T10894] loop4: detected capacity change from 0 to 256
[ 1043.871685][T10885] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2691: corrupted inode contents
[ 1043.885184][T10879] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1043.903473][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1043.917753][T10885] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.2691: mark_inode_dirty error
[ 1043.939950][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1043.946766][T10885] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2691: corrupted inode contents
[ 1043.962124][T10894] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1043.974813][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1043.983816][T10885] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1043.994223][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1044.000996][T10885] EXT4-fs error (device loop3): ext4_do_update_inode:5235: inode #16: comm syz.3.2691: corrupted inode contents
[ 1044.017410][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1044.024544][T10885] EXT4-fs error (device loop3): ext4_truncate:4304: inode #16: comm syz.3.2691: mark_inode_dirty error
[ 1044.036552][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1044.043437][T10885] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1044.045466][T10894] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1044.061253][T10879] F2FS-fs (loop5): Start checkpoint disabled!
[ 1044.061596][T10885] EXT4-fs (loop3): Remounting filesystem read-only
[ 1044.071848][T10894] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1044.074739][T10885] EXT4-fs (loop3): 1 truncate cleaned up
[ 1044.086644][T10879] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1044.134187][T10885] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,data_err=ignore,. Quota mode: writeback.
[ 1044.147252][T10885] ext4 filesystem being mounted at /553/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1044.918567][T10907] loop4: detected capacity change from 0 to 256
[ 1044.951165][T10907] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1044.979620][T10907] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1045.009663][T10907] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1045.056272][  T774] attempt to access beyond end of device
[ 1045.056272][  T774] loop5: rw=2049, want=40968, limit=40427
[ 1045.110234][T10901] loop1: detected capacity change from 0 to 40427
[ 1045.131954][  T774] attempt to access beyond end of device
[ 1045.131954][  T774] loop5: rw=2049, want=40992, limit=40427
[ 1045.183758][T10912] loop4: detected capacity change from 0 to 256
[ 1045.186103][   T26] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0
[ 1045.208221][   T26] hid-generic 0000:0000:0000.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1045.413818][T10912] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1045.449163][T10901] F2FS-fs (loop1): invalid crc value
[ 1045.539641][T10912] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1045.586572][T10916] fido_id[10916]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1045.601990][T10901] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1045.609021][T10912] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1045.692173][T10901] F2FS-fs (loop1): Start checkpoint disabled!
[ 1045.699790][T10901] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[ 1046.610221][  T339] attempt to access beyond end of device
[ 1046.610221][  T339] loop1: rw=2049, want=40968, limit=40427
[ 1046.629377][  T339] attempt to access beyond end of device
[ 1046.629377][  T339] loop1: rw=2049, want=40992, limit=40427
[ 1046.677897][T10936] loop3: detected capacity change from 0 to 256
[ 1046.683769][T10934] loop4: detected capacity change from 0 to 4096
[ 1046.694539][T10936] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1046.715672][T10936] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1046.729322][T10934] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[ 1046.751329][T10936] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1046.765742][T10934] EXT4-fs (loop4): dax option not supported
[ 1046.922367][   T30] audit: type=1400 audit(1759943721.618:1597): avc:  denied  { create } for  pid=10938 comm="syz.2.2707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1046.924075][T10941] loop1: detected capacity change from 0 to 256
[ 1047.311615][T10941] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1047.342305][T10941] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1047.352783][T10941] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1047.471588][   T30] audit: type=1400 audit(1759943722.168:1598): avc:  denied  { setopt } for  pid=10947 comm="syz.2.2710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1048.386599][T10956] loop4: detected capacity change from 0 to 512
[ 1048.598932][   T30] audit: type=1400 audit(1759943723.288:1599): avc:  denied  { create } for  pid=10965 comm="syz.3.2715" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1048.824273][T10968] overlayfs: missing 'lowerdir'
[ 1048.830049][T10968] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1048.841282][T10968] FAT-fs (loop7): unable to read boot sector
[ 1048.848080][   T30] audit: type=1400 audit(1759943723.518:1600): avc:  denied  { mounton } for  pid=10965 comm="syz.3.2715" path="/559/file0" dev="tmpfs" ino=3229 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1048.872255][    T6] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1049.119591][    T6] usb 2-1: Using ep0 maxpacket: 8
[ 1049.259782][    T6] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1049.268460][    T6] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1049.287154][    T6] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1049.297652][    T6] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1049.309184][    T6] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1049.332518][    T6] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1049.342724][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.368862][   T30] audit: type=1400 audit(1759943724.058:1601): avc:  denied  { read } for  pid=10983 comm="syz.4.2723" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1049.392149][   T30] audit: type=1400 audit(1759943724.058:1602): avc:  denied  { open } for  pid=10983 comm="syz.4.2723" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1049.429649][   T30] audit: type=1400 audit(1759943724.118:1603): avc:  denied  { bind } for  pid=10983 comm="syz.4.2723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1049.516740][   T30] audit: type=1400 audit(1759943724.208:1604): avc:  denied  { unlink } for  pid=281 comm="syz-executor" name="file0" dev="tmpfs" ino=3229 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1049.659598][  T928] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1049.899867][  T928] usb 3-1: Using ep0 maxpacket: 32
[ 1050.020348][  T928] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1050.027232][   T30] audit: type=1400 audit(1759943724.718:1605): avc:  denied  { create } for  pid=10999 comm="syz.4.2729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1050.199748][  T928] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1050.209932][  T928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.218312][  T928] usb 3-1: Product: syz
[ 1050.223425][  T928] usb 3-1: Manufacturer: syz
[ 1050.228682][  T928] usb 3-1: SerialNumber: syz
[ 1050.241481][  T928] usb 3-1: config 0 descriptor??
[ 1050.726267][   T30] audit: type=1400 audit(1759943725.418:1606): avc:  denied  { sys_module } for  pid=11015 comm="syz.4.2735" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1051.199628][  T928] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1051.559849][  T928] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1051.570750][  T928] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1051.611141][ T9537] usb 2-1: USB disconnect, device number 6
[ 1051.699692][  T928] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1051.713278][  T928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1051.749095][  T928] usb 4-1: SerialNumber: syz
[ 1051.825557][T11046] binder: 11045:11046 unknown command 0
[ 1051.832349][T11046] binder: 11045:11046 ioctl c0306201 200000000080 returned -22
[ 1052.013556][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1052.013606][   T30] audit: type=1400 audit(1759943726.708:1613): avc:  denied  { create } for  pid=11047 comm="syz.1.2747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1052.039984][   T30] audit: type=1400 audit(1759943726.708:1614): avc:  denied  { connect } for  pid=11047 comm="syz.1.2747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1052.076081][   T30] audit: type=1400 audit(1759943726.708:1615): avc:  denied  { write } for  pid=11047 comm="syz.1.2747" laddr=fe80::13 lport=1 faddr=fe80::aa fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1052.100379][   T30] audit: type=1400 audit(1759943726.708:1616): avc:  denied  { mount } for  pid=11035 comm="syz.4.2743" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 1052.123490][   T30] audit: type=1400 audit(1759943726.708:1617): avc:  denied  { remount } for  pid=11035 comm="syz.4.2743" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 1052.261826][  T928] usb 4-1: 0:2 : does not exist
[ 1052.266848][  T928] usb 4-1: unit 5: unexpected type 0x0a
[ 1052.285538][  T928] usb 4-1: USB disconnect, device number 5
[ 1052.372812][   T30] audit: type=1400 audit(1759943727.068:1618): avc:  denied  { bind } for  pid=11055 comm="syz.1.2749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1052.433063][ T9537] usb 3-1: USB disconnect, device number 2
[ 1052.497825][   T30] audit: type=1400 audit(1759943727.188:1619): avc:  denied  { listen } for  pid=11058 comm="syz.2.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1052.502529][ T3340] udevd[3340]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1052.550455][   T30] audit: type=1400 audit(1759943727.238:1620): avc:  denied  { accept } for  pid=11058 comm="syz.2.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1052.826079][   T30] audit: type=1400 audit(1759943727.518:1621): avc:  denied  { write } for  pid=11061 comm="syz.1.2752" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1053.103788][   T30] audit: type=1400 audit(1759943727.798:1622): avc:  denied  { unmount } for  pid=285 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 1053.218654][T11073] Hibernate inconsistent memory map detected!
[ 1053.224895][T11073] PM: hibernation: Image mismatch: architecture specific data
[ 1053.309586][ T9537] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1054.379306][ T9537] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1054.399651][ T9537] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1054.407816][ T9537] usb 2-1: Product: syz
[ 1054.413783][ T9537] usb 2-1: Manufacturer: syz
[ 1054.418580][ T9537] usb 2-1: SerialNumber: syz
[ 1054.431868][ T9537] usb 2-1: config 0 descriptor??
[ 1054.684874][ T9537] usb 2-1: USB disconnect, device number 7
[ 1054.693522][T11118] device batadv_slave_1 entered promiscuous mode
[ 1054.707058][T11117] device batadv_slave_1 left promiscuous mode
[ 1054.778676][T11123] loop2: detected capacity change from 0 to 7
[ 1054.880750][T11130] loop2: detected capacity change from 0 to 7
[ 1055.219597][    T6] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1055.579657][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1055.589708][    T6] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1055.600187][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1055.610013][    T6] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1055.619914][    T6] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1055.629276][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1055.639328][    T6] usb 5-1: config 0 descriptor??
[ 1055.779623][ T9537] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1055.881595][T11132] UDC core: couldn't find an available UDC or it's busy: -16
[ 1055.889221][T11132] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1055.969605][  T393] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1056.019597][ T9537] usb 2-1: Using ep0 maxpacket: 16
[ 1056.139666][ T9537] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[ 1056.309740][ T9537] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1056.318999][ T9537] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1056.327171][ T9537] usb 2-1: Product: syz
[ 1056.331459][  T393] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1056.342138][ T9537] usb 2-1: Manufacturer: syz
[ 1056.346931][ T9537] usb 2-1: SerialNumber: syz
[ 1056.351913][  T393] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7
[ 1056.363419][  T393] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1056.377217][ T9537] usb 2-1: config 0 descriptor??
[ 1056.619746][  T393] usb 3-1: string descriptor 0 read error: -22
[ 1056.626261][  T393] usb 3-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e
[ 1056.636168][  T393] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1056.645775][  T393] usb 3-1: config 0 descriptor??
[ 1056.900111][  T472] usb 3-1: USB disconnect, device number 3
[ 1057.219582][  T393] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1057.459606][  T393] usb 4-1: Using ep0 maxpacket: 16
[ 1057.579562][  T472] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1057.579667][  T393] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1057.598311][  T393] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1057.608877][  T393] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1057.616373][  T393] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1057.625871][  T393] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.637186][  T393] usb 4-1: config 0 descriptor??
[ 1057.939651][  T472] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1057.949894][  T472] usb 6-1: config 0 has no interfaces?
[ 1057.955560][  T472] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1057.965023][  T472] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.982692][ T9537] usb 5-1: USB disconnect, device number 7
[ 1057.983879][  T472] usb 6-1: config 0 descriptor??
[ 1058.120363][  T393] hid (null): nested delimiters
[ 1058.335079][  T472] usb 4-1: USB disconnect, device number 6
[ 1058.524091][  T928] usb 2-1: USB disconnect, device number 8
[ 1058.589339][T11180] UDC core: couldn't find an available UDC or it's busy: -16
[ 1058.596936][T11180] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1059.692200][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1059.692264][   T30] audit: type=1400 audit(1759943734.328:1631): avc:  denied  { mount } for  pid=11186 comm="syz.4.2798" name="/" dev="configfs" ino=14619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1059.726401][   T30] audit: type=1400 audit(1759943734.328:1632): avc:  denied  { search } for  pid=11186 comm="syz.4.2798" name="/" dev="configfs" ino=14619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1059.750432][T11195] netlink: 'syz.4.2798': attribute type 4 has an invalid length.
[ 1059.758334][T11195] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2798'.
[ 1059.921684][   T30] audit: type=1400 audit(1759943734.328:1633): avc:  denied  { setattr } for  pid=11186 comm="syz.4.2798" name="/" dev="configfs" ino=14619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1060.450819][  T393] usb 6-1: USB disconnect, device number 2
[ 1060.603534][ T8318] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1061.647644][   T30] audit: type=1400 audit(1759943735.628:1634): avc:  denied  { getopt } for  pid=11216 comm="syz.5.2808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1061.824542][   T30] audit: type=1400 audit(1759943736.518:1635): avc:  denied  { block_suspend } for  pid=11222 comm="syz.2.2809" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1061.859943][ T8318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1061.882356][ T8318] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1061.923860][ T8318] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1061.949653][ T8318] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.989905][  T928] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[ 1062.007505][ T8318] usb 2-1: config 0 descriptor??
[ 1062.227987][   T30] audit: type=1400 audit(1759943736.918:1636): avc:  denied  { shutdown } for  pid=11233 comm="syz.4.2812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1062.379636][  T928] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1062.388063][  T928] usb 6-1: config 0 has no interface number 0
[ 1062.394463][  T928] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[ 1062.405334][  T928] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1062.417869][  T928] usb 6-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[ 1062.441598][  T928] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1062.455154][  T928] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1062.455187][  T928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1062.466147][  T928] usb 6-1: config 0 descriptor??
[ 1062.489693][T11227] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1062.499232][T11227] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1062.511437][ T8318] hid-steam 0003:28DE:1142.0023: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0
[ 1062.538722][   T30] audit: type=1400 audit(1759943737.228:1637): avc:  denied  { ioctl } for  pid=11244 comm="syz.4.2817" path="socket:[46108]" dev="sockfs" ino=46108 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1062.565793][ T8318] hid-steam 0003:28DE:1142.0024: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0
[ 1062.578932][T11250] ------------[ cut here ]------------
[ 1062.581194][   T30] audit: type=1400 audit(1759943737.268:1638): avc:  denied  { load_policy } for  pid=11249 comm="syz.2.2819" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1062.606591][T11250] WARNING: CPU: 1 PID: 11250 at mm/page_alloc.c:5783 __alloc_pages+0x376/0x440
[ 1062.616176][T11250] Modules linked in:
[ 1062.620575][T11250] CPU: 1 PID: 11250 Comm: syz.2.2819 Not tainted syzkaller #0
[ 1062.628589][T11250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1062.638921][T11250] RIP: 0010:__alloc_pages+0x376/0x440
[ 1062.644707][T11250] Code: ff e8 0e f4 00 03 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c 75 fd ff ff 41 89 ff 4c 89 e7 e8 c2 c1 04 00 44 89 ff e9 62 fd ff ff <0f> 0b e9 1f ff ff ff 65 8b 05 34 95 5f 7e 89 44 24 08 c1 e8 06 48
[ 1062.665094][T11250] RSP: 0018:ffffc90000ff7680 EFLAGS: 00010246
[ 1062.671548][T11250] RAX: ffffc90000ff76e0 RBX: 000000000000000b RCX: 0000000000000000
[ 1062.680492][T11250] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc90000ff76f8
[ 1062.688933][T11250] RBP: ffffc90000ff7770 R08: dffffc0000000000 R09: ffffc90000ff76e0
[ 1062.697457][T11250] R10: fffff520001feedf R11: 1ffff920001feedc R12: ffffc90000ff76c0
[ 1062.705523][ T8318] hid-steam 0003:28DE:1142.0023: Steam wireless receiver connected
[ 1062.706484][T11250] R13: dffffc0000000000 R14: 1ffff920001feed4 R15: 0000000000000000
[ 1062.721971][T11250] FS:  00007f943dbd96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1062.736151][T11250] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1062.746560][ T8318] usb 2-1: USB disconnect, device number 9
[ 1062.752705][T11250] CR2: 0000001b2e820ff8 CR3: 0000000137d89000 CR4: 00000000003506a0
[ 1062.761698][T11250] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1062.770314][T11250] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1062.778609][T11250] Call Trace:
[ 1062.782607][T11250]  <TASK>
[ 1062.785680][T11250]  ? do_syscall_64+0x4c/0xa0
[ 1062.790978][T11250]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1062.797458][T11250]  ? prep_new_page+0x110/0x110
[ 1062.802756][T11250]  kmalloc_order+0x4c/0x160
[ 1062.807839][T11250]  kmalloc_order_trace+0x18/0xb0
[ 1062.813315][T11250]  __kmalloc+0x199/0x2c0
[ 1062.817973][T11250]  hashtab_init+0xcd/0x160
[ 1062.823263][T11250]  symtab_init+0x40/0x60
[ 1062.827719][T11250]  class_read+0x285/0xe50
[ 1062.833873][T11250]  ? common_read+0x630/0x630
[ 1062.838640][T11250]  policydb_read+0xb96/0x2d30
[ 1062.843727][T11250]  security_load_policy+0x154/0xf10
[ 1062.849078][T11250]  ? irqentry_exit+0x37/0x40
[ 1062.853934][T11250]  ? exc_page_fault+0x5e/0xb0
[ 1062.858759][T11250]  ? asm_exc_page_fault+0x27/0x30
[ 1062.864096][T11250]  ? selinux_policy_commit+0x540/0x540
[ 1062.872421][T11250]  ? copy_user_enhanced_fast_string+0xe/0x40
[ 1062.875326][ T8318] hid-steam 0003:28DE:1142.0023: Steam wireless receiver disconnected
[ 1062.878789][T11250]  ? _copy_from_user+0x95/0xd0
[ 1062.878821][T11250]  sel_write_load+0x36f/0x5e0
[ 1062.891476][T11252] fido_id[11252]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[ 1062.892629][T11250]  ? sel_make_dir+0x280/0x280
[ 1062.917624][T11250]  ? security_file_permission+0x83/0xa0
[ 1062.923674][T11250]  ? sel_make_dir+0x280/0x280
[ 1062.929494][T11250]  vfs_write+0x3ee/0xf70
[ 1062.933926][T11250]  ? file_end_write+0x1b0/0x1b0
[ 1062.939041][T11250]  ? __kasan_check_write+0x14/0x20
[ 1062.944551][T11250]  ? mutex_lock+0x95/0x1a0
[ 1062.949453][T11250]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1062.956774][T11250]  ? __fget_files+0x2c4/0x320
[ 1062.961860][T11250]  ? __fdget_pos+0x2d2/0x380
[ 1062.967013][T11250]  ? ksys_write+0x71/0x240
[ 1062.972003][T11250]  ksys_write+0x140/0x240
[ 1062.983894][T11250]  ? __ia32_sys_read+0x90/0x90
[ 1062.990090][T11250]  ? __kasan_check_write+0x14/0x20
[ 1062.995499][T11250]  ? switch_fpu_return+0x15d/0x2c0
[ 1063.001112][T11250]  __x64_sys_write+0x7b/0x90
[ 1063.005991][T11250]  x64_sys_call+0x8ef/0x9a0
[ 1063.010823][T11250]  do_syscall_64+0x4c/0xa0
[ 1063.015372][T11250]  ? clear_bhb_loop+0x50/0xa0
[ 1063.025017][T11250]  ? clear_bhb_loop+0x50/0xa0
[ 1063.030157][T11250]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1063.036179][T11250] RIP: 0033:0x7f943f170ec9
[ 1063.040881][T11250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1063.060930][T11250] RSP: 002b:00007f943dbd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1063.069870][T11250] RAX: ffffffffffffffda RBX: 00007f943f3c7fa0 RCX: 00007f943f170ec9
[ 1063.078079][T11250] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000008
[ 1063.086764][T11250] RBP: 00007f943f1f3f91 R08: 0000000000000000 R09: 0000000000000000
[ 1063.095569][T11250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1063.103829][T11250] R13: 00007f943f3c8038 R14: 00007f943f3c7fa0 R15: 00007ffc9ef834e8
[ 1063.112178][T11250]  </TASK>
[ 1063.115446][T11250] ---[ end trace 136cb468edf96e47 ]---
[ 1063.131797][T11250] SELinux: failed to load policy
[ 1063.217708][   T30] audit: type=1326 audit(1759943737.898:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11258 comm="syz.2.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1063.247934][   T30] audit: type=1326 audit(1759943737.898:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11258 comm="syz.2.2821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f943f170ec9 code=0x7ffc0000
[ 1063.321300][T11263] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[ 1064.258415][T11293] ------------[ cut here ]------------
[ 1064.267250][T11293] trace type BPF program uses run-time allocation
[ 1064.274503][T11293] WARNING: CPU: 0 PID: 11293 at kernel/bpf/verifier.c:11722 check_map_prog_compatibility+0x6cd/0x870
[ 1064.285522][T11293] Modules linked in:
[ 1064.289846][T11293] CPU: 0 PID: 11293 Comm: syz.1.2833 Tainted: G        W         syzkaller #0
[ 1064.299727][T11293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1064.310325][T11293] RIP: 0010:check_map_prog_compatibility+0x6cd/0x870
[ 1064.317398][T11293] Code: ee ff 48 c7 c6 80 ee 47 85 4c 8b 65 d0 e9 fd fc ff ff e8 e6 4c ee ff c6 05 54 98 6b 05 01 48 c7 c7 e0 ea 47 85 e8 f3 5a 25 03 <0f> 0b e9 88 fb ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c ac f9 ff
[ 1064.337787][T11293] RSP: 0018:ffffc90000ff7428 EFLAGS: 00010246
[ 1064.344186][T11293] RAX: 10ca4da2c5d1b800 RBX: 0000000000000001 RCX: 0000000000080000
[ 1064.358264][T11293] RDX: ffffc9000177c000 RSI: 0000000000002cea RDI: 0000000000002ceb
[ 1064.367604][T11293] RBP: ffffc90000ff7470 R08: dffffc0000000000 R09: fffff520001fedd1
[ 1064.378186][T11293] R10: fffff520001fedd1 R11: 1ffff920001fedd0 R12: ffff8881245d0000
[ 1064.386664][T11293] R13: 0000000000000011 R14: dffffc0000000000 R15: ffff8881108a7800
[ 1064.394893][T11293] FS:  00007fab3dffe6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1064.404875][T11293] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1064.411905][T11293] CR2: 00007f943f3c9dac CR3: 0000000137e0c000 CR4: 00000000003506a0
[ 1064.440498][T11293] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1064.448713][T11293] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1064.457073][T11293] Call Trace:
[ 1064.460757][T11293]  <TASK>
[ 1064.463985][T11293]  resolve_pseudo_ldimm64+0x685/0x11d0
[ 1064.470022][T11293]  ? check_attach_btf_id+0xde0/0xde0
[ 1064.475577][T11293]  ? __mark_reg_known+0x1b0/0x1b0
[ 1064.480824][T11293]  ? security_capable+0x87/0xb0
[ 1064.486112][T11293]  bpf_check+0x2c25/0xf280
[ 1064.490948][T11293]  ? 0xffffffffa0028000
[ 1064.496928][T11293]  ? is_bpf_text_address+0x177/0x190
[ 1064.502533][T11293]  ? bpf_get_btf_vmlinux+0x60/0x60
[ 1064.508007][T11293]  ? unwind_get_return_address+0x4d/0x90
[ 1064.535729][T11293]  ? stack_trace_save+0xe0/0xe0
[ 1064.541026][T11293]  ? arch_stack_walk+0xee/0x140
[ 1064.546037][T11293]  ? stack_trace_save+0x98/0xe0
[ 1064.553360][T11293]  ? __stack_depot_save+0x34/0x480
[ 1064.559488][T11293]  ? __kasan_slab_alloc+0x69/0xf0
[ 1064.569575][T11293]  ? _find_next_bit+0x1fa/0x200
[ 1064.574562][T11293]  ? __kasan_kmalloc+0xec/0x110
[ 1064.579450][T11293]  ? __kasan_kmalloc+0xda/0x110
[ 1064.587984][T11293]  ? kmem_cache_alloc_trace+0x119/0x270
[ 1064.598153][T11293]  ? selinux_bpf_prog_alloc+0x51/0x140
[ 1064.604719][T11293]  ? security_bpf_prog_alloc+0x62/0x90
[ 1064.619581][T11293]  ? bpf_prog_load+0x97c/0x1550
[ 1064.626187][T11293]  ? __sys_bpf+0x4c3/0x730
[ 1064.631472][T11293]  ? __x64_sys_bpf+0x7c/0x90
[ 1064.636490][T11293]  ? x64_sys_call+0x4b9/0x9a0
[ 1064.652688][T11293]  ? do_syscall_64+0x4c/0xa0
[ 1064.658328][T11293]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1064.704520][T11293]  ? check_stack_object+0x81/0x140
[ 1064.710809][T11293]  ? memset+0x35/0x40
[ 1064.715363][T11293]  ? bpf_obj_name_cpy+0x193/0x1e0
[ 1064.721086][T11293]  bpf_prog_load+0x1042/0x1550
[ 1064.726417][T11293]  ? __anon_inode_getfd+0x34b/0x3b0
[ 1064.732057][T11293]  ? map_freeze+0x360/0x360
[ 1064.736690][T11293]  ? selinux_bpf+0xc7/0xf0
[ 1064.741473][T11293]  ? security_bpf+0x82/0xa0
[ 1064.746113][T11293]  __sys_bpf+0x4c3/0x730
[ 1064.770228][T11293]  ? bpf_link_show_fdinfo+0x310/0x310
[ 1064.776117][T11293]  ? __kasan_check_write+0x14/0x20
[ 1064.899654][  T472] usb 6-1: USB disconnect, device number 3
[ 1064.899855][T11293]  ? switch_fpu_return+0x15d/0x2c0
[ 1064.953678][T11293]  __x64_sys_bpf+0x7c/0x90
[ 1064.989654][T11293]  x64_sys_call+0x4b9/0x9a0
[ 1064.994609][T11293]  do_syscall_64+0x4c/0xa0
[ 1065.012954][T11293]  ? clear_bhb_loop+0x50/0xa0
[ 1065.025424][T11293]  ? clear_bhb_loop+0x50/0xa0
[ 1065.039077][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1065.039094][   T30] audit: type=1400 audit(1759943739.728:1648): avc:  denied  { read write } for  pid=11329 comm="syz.3.2849" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1065.039348][T11293]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1065.048213][   T30] audit: type=1400 audit(1759943739.728:1649): avc:  denied  { open } for  pid=11329 comm="syz.3.2849" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1065.070265][ T8318] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1065.092375][T11293] RIP: 0033:0x7fab3f595ec9
[ 1065.130075][T11293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1065.152190][T11293] RSP: 002b:00007fab3dffe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1065.164580][T11293] RAX: ffffffffffffffda RBX: 00007fab3f7ecfa0 RCX: 00007fab3f595ec9
[ 1065.173194][T11293] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000005
[ 1065.188417][T11293] RBP: 00007fab3f618f91 R08: 0000000000000000 R09: 0000000000000000
[ 1065.196684][T11293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1065.204913][T11293] R13: 00007fab3f7ed038 R14: 00007fab3f7ecfa0 R15: 00007ffd318046b8
[ 1065.213070][T11293]  </TASK>
[ 1065.216131][T11293] ---[ end trace 136cb468edf96e48 ]---
[ 1065.318965][   T30] audit: type=1400 audit(1759943740.008:1650): avc:  denied  { ioctl } for  pid=11332 comm="syz.5.2850" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x3312 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1065.389570][ T8318] usb 3-1: Using ep0 maxpacket: 16
[ 1065.509817][ T8318] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1065.521128][  T928] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1065.542383][ T8318] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1065.576886][ T8318] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[ 1065.608151][ T8318] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1065.651277][ T8318] usb 3-1: config 0 descriptor??
[ 1065.769610][  T928] usb 2-1: Using ep0 maxpacket: 16
[ 1065.909844][  T928] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[ 1066.139655][  T928] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1066.156421][  T928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1066.165169][  T928] usb 2-1: Product: syz
[ 1066.169485][  T928] usb 2-1: Manufacturer: syz
[ 1066.174455][  T928] usb 2-1: SerialNumber: syz
[ 1066.185212][  T928] usb 2-1: config 0 descriptor??
[ 1066.521332][ T8318] apple 0003:05AC:024B.0025: unknown global tag 0xe
[ 1066.528081][ T8318] apple 0003:05AC:024B.0025: item 0 1 1 14 parsing failed
[ 1066.579288][ T8318] apple 0003:05AC:024B.0025: parse failed
[ 1066.582676][   T30] audit: type=1400 audit(1759943741.278:1651): avc:  denied  { compute_member } for  pid=11355 comm="syz.4.2856" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1066.585523][ T8318] apple: probe of 0003:05AC:024B.0025 failed with error -22
[ 1066.814757][ T8318] usb 3-1: USB disconnect, device number 4
[ 1066.876435][   T30] audit: type=1400 audit(1759943741.568:1652): avc:  denied  { ioctl } for  pid=11358 comm="syz.4.2857" path="socket:[46037]" dev="sockfs" ino=46037 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1067.356448][T11373] SELinux:  policydb magic number 0x40 does not match expected magic number 0xf97cff8c
[ 1067.366580][T11373] SELinux: failed to load policy
[ 1067.799843][   T30] audit: type=1400 audit(1759943742.488:1653): avc:  denied  { append } for  pid=11370 comm="syz.3.2860" name="usbmon5" dev="devtmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1068.325392][ T2196] usb 2-1: USB disconnect, device number 10
[ 1068.330468][ T8318] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1068.384494][T11390] input: syz0 as /devices/virtual/input/input11
[ 1068.404228][   T30] audit: type=1400 audit(1759943743.098:1654): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=4911 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.570182][ T8318] usb 6-1: Using ep0 maxpacket: 32
[ 1068.670983][   T30] audit: type=1400 audit(1759943743.118:1655): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=4911 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.695225][ T8318] usb 6-1: config 3 has an invalid interface number: 60 but max is 0
[ 1068.695256][ T8318] usb 6-1: config 3 has no interface number 0
[ 1068.695277][ T8318] usb 6-1: config 3 interface 60 has no altsetting 0
[ 1068.727666][   T30] audit: type=1400 audit(1759943743.128:1656): avc:  denied  { ioctl } for  pid=86 comm="acpid" path=2F6465762F696E7075742F6576656E7433202864656C6574656429 dev="devtmpfs" ino=4911 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1068.849679][ T8318] usb 6-1: New USB device found, idVendor=041e, idProduct=3f04, bcdDevice=2b.74
[ 1068.859041][ T8318] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.868122][ T8318] usb 6-1: Product: syz
[ 1068.892381][ T8318] usb 6-1: Manufacturer: syz
[ 1068.897749][ T8318] usb 6-1: SerialNumber: syz
[ 1069.082758][T11408] APIC base relocation is unsupported by KVM
[ 1069.099582][  T472] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1069.331097][ T8318] usb 6-1: unknown interface protocol 0xaa, assuming v1
[ 1069.340940][ T8318] usb 6-1: cannot find UAC_HEADER
[ 1069.348223][ T8318] snd-usb-audio: probe of 6-1:3.60 failed with error -22
[ 1069.373935][ T8318] usb 6-1: USB disconnect, device number 4
[ 1069.492222][  T472] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1070.249653][   T30] audit: type=1400 audit(1759943744.928:1657): avc:  denied  { create } for  pid=11417 comm="syz.3.2877" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1070.299626][   T30] audit: type=1400 audit(1759943744.928:1658): avc:  denied  { write } for  pid=11417 comm="syz.3.2877" path="socket:[46613]" dev="sockfs" ino=46613 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1070.329742][  T472] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1070.340138][  T472] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.348419][  T472] usb 2-1: Product: syz
[ 1070.352807][  T472] usb 2-1: Manufacturer: syz
[ 1070.363714][  T472] usb 2-1: SerialNumber: syz
[ 1070.592350][T11436] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1070.877382][    T6] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1070.899637][  T393] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1071.000676][T11440] netlink: 'syz.3.2885': attribute type 4 has an invalid length.
[ 1071.008893][T11440] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2885'.
[ 1071.139630][    T6] usb 5-1: Using ep0 maxpacket: 16
[ 1071.269881][    T6] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[ 1071.431643][  T393] usb 6-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[ 1071.441543][    T6] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1071.441659][  T393] usb 6-1: New USB device strings: Mfr=1, Product=6, SerialNumber=3
[ 1071.460513][    T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.461151][  T393] usb 6-1: Product: syz
[ 1071.473883][  T393] usb 6-1: Manufacturer: syz
[ 1071.478650][  T393] usb 6-1: SerialNumber: syz
[ 1071.478841][    T6] usb 5-1: Product: syz
[ 1071.487785][    T6] usb 5-1: Manufacturer: syz
[ 1071.493511][    T6] usb 5-1: SerialNumber: syz
[ 1071.505442][    T6] usb 5-1: config 0 descriptor??
[ 1071.507086][  T393] usb 6-1: config 0 descriptor??
[ 1071.614825][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.623042][  T472] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1071.630073][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.637941][  T472] cdc_ncm 2-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 1071.646011][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.653903][  T472] cdc_ncm 2-1:1.0: setting rx_max = 2048
[ 1071.671221][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.678938][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x2
[ 1071.686399][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.694204][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.701905][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.709748][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.717306][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.725141][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.732736][    T6] hid-generic 00A0:0006:0003.0026: unknown main item tag 0x0
[ 1071.750151][    T6] hid-generic 00A0:0006:0003.0026: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[ 1071.769773][    T6] usb 6-1: USB disconnect, device number 5
[ 1071.829724][  T472] cdc_ncm 2-1:1.0: setting tx_max = 184
[ 1071.838601][  T472] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM, 42:42:42:42:42:42
[ 1071.857094][   T30] audit: type=1400 audit(1759943746.548:1659): avc:  denied  { read } for  pid=140 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[ 1071.857205][  T472] usb 2-1: USB disconnect, device number 11
[ 1071.885515][   T30] audit: type=1400 audit(1759943746.568:1660): avc:  denied  { search } for  pid=140 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1071.888906][  T472] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM
[ 1071.908193][   T30] audit: type=1400 audit(1759943746.568:1661): avc:  denied  { read } for  pid=140 comm="dhcpcd" name="n15" dev="tmpfs" ino=34878 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1071.948414][   T30] audit: type=1400 audit(1759943746.568:1662): avc:  denied  { open } for  pid=140 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=34878 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1071.973311][   T30] audit: type=1400 audit(1759943746.568:1663): avc:  denied  { getattr } for  pid=140 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=34878 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1071.997397][   T30] audit: type=1400 audit(1759943746.638:1664): avc:  denied  { read } for  pid=11448 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=487 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1072.020712][   T30] audit: type=1400 audit(1759943746.638:1665): avc:  denied  { open } for  pid=11448 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=487 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1072.030665][ T8318] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[ 1072.057850][   T30] audit: type=1400 audit(1759943746.638:1666): avc:  denied  { getattr } for  pid=11448 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=487 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1072.149620][  T393] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1072.411532][T11489] netlink: 'syz.1.2895': attribute type 9 has an invalid length.
[ 1072.419756][T11489] netlink: 'syz.1.2895': attribute type 6 has an invalid length.
[ 1072.427800][T11489] netlink: 'syz.1.2895': attribute type 7 has an invalid length.
[ 1072.436395][ T8318] usb 3-1: config 0 has no interfaces?
[ 1072.436785][T11489] netlink: 'syz.1.2895': attribute type 8 has an invalid length.
[ 1072.441996][ T8318] usb 3-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[ 1072.459124][ T8318] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1072.500396][ T8318] usb 3-1: config 0 descriptor??
[ 1072.531107][  T393] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[ 1072.540588][  T393] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1072.550475][  T393] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1072.563110][  T393] usb 4-1: config 220 has no interface number 2
[ 1072.571088][  T393] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1072.585409][  T393] usb 4-1: config 220 interface 0 has no altsetting 0
[ 1072.593160][  T393] usb 4-1: config 220 interface 76 has no altsetting 0
[ 1072.601806][  T393] usb 4-1: config 220 interface 1 has no altsetting 0
[ 1072.770028][  T393] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1072.779666][  T393] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1072.793248][  T393] usb 4-1: Product: syz
[ 1072.797760][  T393] usb 4-1: Manufacturer: syz
[ 1072.809833][ T8318] usb 3-1: USB disconnect, device number 5
[ 1072.810286][  T393] usb 4-1: SerialNumber: syz
[ 1073.200102][  T393] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[ 1073.206803][  T393] usb 4-1: No valid video chain found.
[ 1073.212659][  T393] usb 4-1: selecting invalid altsetting 0
[ 1073.243366][  T472] usb 5-1: USB disconnect, device number 8
[ 1073.321019][  T393] usb 4-1: USB disconnect, device number 7
[ 1073.469693][ T8318] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1073.577826][T11533] binder: 11529:11533 ioctl c0306201 200000000180 returned -14
[ 1073.719649][ T8318] usb 6-1: Using ep0 maxpacket: 8
[ 1074.130423][ T8318] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1074.141960][ T8318] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.160631][ T8318] usb 6-1: Product: syz
[ 1074.168109][ T8318] usb 6-1: Manufacturer: syz
[ 1074.175304][ T8318] usb 6-1: SerialNumber: syz
[ 1074.249329][ T8318] usb 6-1: config 0 descriptor??
[ 1074.256823][  T393] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1074.536483][  T393] usb 2-1: Using ep0 maxpacket: 8
[ 1075.079752][  T393] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1076.475385][ T5465] usb 6-1: USB disconnect, device number 6
[ 1076.499882][  T393] usb 2-1: config 7 has an invalid interface number: 180 but max is 0
[ 1076.516812][  T393] usb 2-1: config 7 has no interface number 0
[ 1076.524848][  T393] usb 2-1: config 7 interface 180 has no altsetting 0
[ 1076.792457][T11571] input: syz1 as /devices/virtual/input/input12
[ 1076.829654][  T393] usb 2-1: New USB device found, idVendor=05e0, idProduct=2001, bcdDevice= 6.7d
[ 1076.839157][  T393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1076.847492][  T393] usb 2-1: Product: syz
[ 1076.852724][  T393] usb 2-1: Manufacturer: syz
[ 1076.857392][  T393] usb 2-1: SerialNumber: syz
[ 1077.253008][  T393] usb 2-1: USB disconnect, device number 12
[ 1077.319411][ T8318] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1077.371308][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1077.371323][   T30] audit: type=1400 audit(1759943752.068:1676): avc:  denied  { mount } for  pid=11586 comm="syz.3.2929" name="/" dev="ramfs" ino=47587 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1077.423708][  T472] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[ 1077.434943][  T472] hid-generic 0000:0000:0000.0027: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1077.589565][ T8318] usb 3-1: Using ep0 maxpacket: 8
[ 1077.660964][T11594] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=50 sclass=netlink_tcpdiag_socket pid=11594 comm=syz.5.2931
[ 1077.824755][   T26] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0
[ 1077.841637][   T26] hid-generic 0000:0000:0000.0028: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1077.869615][ T8318] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1077.899725][ T8318] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1077.907974][ T8318] usb 3-1: Product: syz
[ 1077.943971][ T8318] usb 3-1: Manufacturer: syz
[ 1077.948624][ T8318] usb 3-1: SerialNumber: syz
[ 1077.979040][ T8318] usb 3-1: config 0 descriptor??
[ 1078.139118][   T30] audit: type=1400 audit(1759943752.828:1677): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1078.291716][T11621] xt_hashlimit: overflow, try lower: 17592186044416/11
[ 1078.305270][T11610] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1078.322169][T11610] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1078.352611][T11610] device bridge_slave_0 entered promiscuous mode
[ 1078.379195][T11610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.396659][T11610] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1078.420161][T11610] device bridge_slave_1 entered promiscuous mode
[ 1078.911197][T11610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.918441][T11610] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1078.926047][T11610] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1078.933129][T11610] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1079.089589][  T393] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1079.101100][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1079.113183][  T774] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1079.199038][  T774] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1079.227059][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1079.237840][  T774] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1079.244961][  T774] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1079.257604][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1079.268988][  T774] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1079.276102][  T774] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1079.285223][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1079.296104][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1079.304986][   T30] audit: type=1400 audit(1759943753.998:1678): avc:  denied  { bind } for  pid=11653 comm="syz.5.2950" lport=32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1079.327471][   T30] audit: type=1400 audit(1759943753.998:1679): avc:  denied  { node_bind } for  pid=11653 comm="syz.5.2950" saddr=fe88::6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1079.378218][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1079.391986][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1079.404230][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1079.418525][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1079.435562][T11610] device veth0_vlan entered promiscuous mode
[ 1080.184831][  T393] usb 2-1: Using ep0 maxpacket: 16
[ 1080.225110][   T10] device bridge_slave_1 left promiscuous mode
[ 1080.233140][  T472] usb 3-1: USB disconnect, device number 6
[ 1080.245733][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1080.254555][   T10] device bridge_slave_0 left promiscuous mode
[ 1080.266362][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1080.283396][   T10] device veth1_macvtap left promiscuous mode
[ 1080.289873][   T10] device veth0_vlan left promiscuous mode
[ 1080.319693][  T393] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1080.331412][  T393] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1080.341681][  T393] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1080.355000][  T393] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1080.364436][  T393] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1080.380353][  T393] usb 2-1: config 0 descriptor??
[ 1080.492818][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1080.509942][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1080.595663][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1080.604382][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1080.614484][T11610] device veth1_macvtap entered promiscuous mode
[ 1080.637504][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1080.818799][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1080.833418][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1080.860670][  T393] microsoft 0003:045E:07DA.0029: item 0 4 0 8 parsing failed
[ 1080.881076][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1080.896363][  T393] microsoft 0003:045E:07DA.0029: parse failed
[ 1080.929686][   T30] audit: type=1400 audit(1759943755.588:1680): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/root/syzkaller.Y40eFg/syz-tmp" dev="sda1" ino=2049 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1080.956915][  T774] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1080.975880][   T30] audit: type=1400 audit(1759943755.588:1681): avc:  denied  { mount } for  pid=11610 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1081.003701][   T30] audit: type=1400 audit(1759943755.588:1682): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/root/syzkaller.Y40eFg/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1081.003737][   T30] audit: type=1400 audit(1759943755.598:1683): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/root/syzkaller.Y40eFg/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=47986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1081.003767][   T30] audit: type=1400 audit(1759943755.598:1684): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=556 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1081.003794][   T30] audit: type=1400 audit(1759943755.608:1685): avc:  denied  { mounton } for  pid=11610 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1081.007308][  T393] microsoft: probe of 0003:045E:07DA.0029 failed with error -22
[ 1081.095545][  T976] usb 2-1: USB disconnect, device number 13
[ 1082.398005][    T6] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1082.950404][    T6] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1082.981132][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.989403][    T6] usb 4-1: Product: syz
[ 1082.994840][    T6] usb 4-1: Manufacturer: syz
[ 1082.999681][  T393] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1083.000179][    T6] usb 4-1: SerialNumber: syz
[ 1083.479699][  T393] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1083.508305][  T393] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1083.769838][  T393] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1083.798141][  T393] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1083.818788][  T393] usb 2-1: Product: syz
[ 1083.828479][  T393] usb 2-1: Manufacturer: syz
[ 1083.833279][  T393] usb 2-1: SerialNumber: syz
[ 1083.894040][  T393] usb 2-1: config 0 descriptor??
[ 1083.989657][T11728] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1083.997130][T11728] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1084.023380][T11756] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1084.840658][T11728] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1084.847780][T11728] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1084.868807][  T472] usb 4-1: USB disconnect, device number 8
[ 1084.884383][T11756] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1084.918254][T11756] device bridge_slave_0 entered promiscuous mode
[ 1084.961636][T11756] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1084.974039][    T6] hid-generic 0000:0000:0000.002A: unknown main item tag 0x0
[ 1085.009616][T11756] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1085.020919][    T6] hid-generic 0000:0000:0000.002A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1085.042242][T11756] device bridge_slave_1 entered promiscuous mode
[ 1085.312408][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1085.323298][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1085.360175][  T339] device bridge_slave_1 left promiscuous mode
[ 1085.367744][  T339] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1085.384563][  T339] device bridge_slave_0 left promiscuous mode
[ 1085.396438][  T339] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1085.417212][  T339] device veth1_macvtap left promiscuous mode
[ 1085.423410][  T339] device veth0_vlan left promiscuous mode
[ 1085.509635][  T393] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[ 1085.575425][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1085.600795][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1085.633355][  T518] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1085.640574][  T518] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1085.692867][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1085.768431][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1085.777804][  T518] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1085.785028][  T518] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1085.793767][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1085.853618][  T518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1085.889542][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1085.916106][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1085.932019][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1085.943101][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1085.953677][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1085.963638][T11756] device veth0_vlan entered promiscuous mode
[ 1085.979094][T11756] device veth1_macvtap entered promiscuous mode
[ 1086.056869][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1086.066042][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1086.077962][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1086.439625][  T393] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[ 1086.451149][  T393] dm9601 2-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, 1a:5b:fa:02:1b:df
[ 1086.454525][ T8065] hid-generic 0000:0000:0000.002B: unknown main item tag 0x0
[ 1086.466598][  T393] usb 2-1: USB disconnect, device number 14
[ 1086.481284][  T393] dm9601 2-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet
[ 1086.777381][    T6] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1086.845983][ T8065] hid-generic 0000:0000:0000.002B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1086.885755][T11820] fido_id[11820]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1087.001504][  T905] hid-generic 0000:0000:0000.002C: unknown main item tag 0x0
[ 1087.021781][  T905] hid-generic 0000:0000:0000.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1087.369661][    T6] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1087.378379][    T6] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1087.401903][    T6] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1087.432620][    T6] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1087.445856][    T6] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1087.452988][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1087.453008][   T30] audit: type=1400 audit(1759943762.148:1690): avc:  denied  { read } for  pid=11837 comm="syz.4.3006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1087.589762][    T6] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1087.649547][    T6] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1087.710551][    T6] usb 6-1: Product: syz
[ 1087.715332][    T6] usb 6-1: Manufacturer: syz
[ 1087.795039][    T6] cdc_wdm 6-1:1.0: skipping garbage
[ 1087.804418][    T6] cdc_wdm 6-1:1.0: skipping garbage
[ 1087.850551][    T6] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1088.771273][T11872] tipc: Started in network mode
[ 1088.782042][T11872] tipc: Node identity ca21ffc30549, cluster identity 4711
[ 1088.798358][T11872] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1088.813668][T11872] device syzkaller0 entered promiscuous mode
[ 1088.844184][T11872] tipc: Resetting bearer <eth:syzkaller0>
[ 1088.858786][T11871] tipc: Resetting bearer <eth:syzkaller0>
[ 1088.865493][T11871] tipc: Disabling bearer <eth:syzkaller0>
[ 1088.869713][    T6] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[ 1088.928962][T11873] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1088.937901][T11873] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1088.945545][T11873] device bridge_slave_0 entered promiscuous mode
[ 1088.953156][T11873] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1088.960393][T11873] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1088.968141][T11873] device bridge_slave_1 entered promiscuous mode
[ 1089.060246][T11873] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1089.067368][T11873] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1089.074825][T11873] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1089.081903][T11873] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1089.160136][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1089.168112][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1089.175703][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1089.187389][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1089.195975][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1089.203051][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1089.383476][T11873] device veth0_vlan entered promiscuous mode
[ 1089.439226][T11873] device veth1_macvtap entered promiscuous mode
[ 1089.502453][ T8065] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1089.510020][    T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1089.513387][  T905] usb 6-1: USB disconnect, device number 7
[ 1089.520431][    T6] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1089.540000][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1089.546080][  T472] hid-generic 0000:0000:0000.002D: unknown main item tag 0x0
[ 1089.558240][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1089.566526][  T472] hid-generic 0000:0000:0000.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1089.567009][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1089.584483][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1089.592259][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1089.601601][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1089.614404][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1089.621640][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1089.630430][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1089.638977][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1089.657867][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1089.666556][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1089.709875][    T6] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1089.722849][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1089.738801][    T6] usb 3-1: Product: syz
[ 1089.749938][    T6] usb 3-1: Manufacturer: syz
[ 1089.756739][    T6] usb 3-1: SerialNumber: syz
[ 1089.770299][ T8065] usb 4-1: Using ep0 maxpacket: 8
[ 1089.844859][   T30] audit: type=1400 audit(1759943764.538:1691): avc:  denied  { append } for  pid=11896 comm="syz.5.3023" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1089.920215][ T8065] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1089.946530][  T339] device veth1_macvtap left promiscuous mode
[ 1089.961749][  T339] device veth0_vlan left promiscuous mode
[ 1090.101291][ T8065] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1090.120606][ T8065] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1090.131978][ T8065] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1090.146702][ T8065] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1090.156172][ T8065] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1090.346084][    T6] usb 3-1: 0:2 : does not exist
[ 1090.465979][T11917] fuse: Invalid rootmode
[ 1090.660289][T11923] binder: 11922:11923 ioctl c0306201 200000000180 returned -14
[ 1090.752422][  T976] usb 3-1: USB disconnect, device number 7
[ 1091.854260][T11945] input: syz0 as /devices/virtual/input/input13
[ 1092.364113][ T8065] usb 4-1: USB disconnect, device number 9
[ 1092.401430][T11948] 9pnet: Insufficient options for proto=fd
[ 1092.436570][T11950] binder: 11949:11950 unknown command 0
[ 1092.460986][T11950] binder: 11949:11950 ioctl c0306201 200000000080 returned -22
[ 1092.799570][   T30] audit: type=1400 audit(1759943767.478:1692): avc:  denied  { read } for  pid=11963 comm="syz.1.3048" name="ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1092.968279][T11975] netlink: 176 bytes leftover after parsing attributes in process `syz.1.3052'.
[ 1092.979602][  T905] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1093.059559][    T6] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1093.246013][  T905] usb 3-1: Using ep0 maxpacket: 16
[ 1093.289835][   T30] audit: type=1400 audit(1759943767.978:1693): avc:  denied  { create } for  pid=11984 comm="syz.1.3055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1093.409541][    T6] usb 6-1: Using ep0 maxpacket: 16
[ 1093.429645][  T905] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1093.519630][  T905] usb 3-1: config 13 has an invalid interface number: 50 but max is 0
[ 1093.529992][    T6] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[ 1093.530068][  T905] usb 3-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[ 1093.563624][  T905] usb 3-1: config 13 has no interface number 0
[ 1093.573993][  T905] usb 3-1: config 13 interface 50 altsetting 167 endpoint 0x8 has invalid wMaxPacketSize 0
[ 1093.596585][  T905] usb 3-1: config 13 interface 50 altsetting 167 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1093.618488][  T905] usb 3-1: config 13 interface 50 has no altsetting 0
[ 1093.719947][    T6] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1093.729666][    T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1093.738413][    T6] usb 6-1: Product: syz
[ 1093.743875][    T6] usb 6-1: Manufacturer: syz
[ 1093.759739][    T6] usb 6-1: SerialNumber: syz
[ 1093.765516][    T6] usb 6-1: config 0 descriptor??
[ 1093.789825][  T905] usb 3-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[ 1093.809017][  T905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1093.817717][  T905] usb 3-1: Product: syz
[ 1093.823746][  T905] usb 3-1: Manufacturer: syz
[ 1093.862053][  T905] usb 3-1: SerialNumber: syz
[ 1094.289840][  T905] usb 3-1: MIDIStreaming interface descriptor not found
[ 1094.321094][  T905] usb 3-1: USB disconnect, device number 8
[ 1095.523158][ T2196] usb 6-1: USB disconnect, device number 8
[ 1095.889123][   T30] audit: type=1400 audit(1759943770.578:1694): avc:  denied  { name_bind } for  pid=12034 comm="syz.1.3072" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1095.910858][  T905] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1095.950677][T12043] ==================================================================
[ 1095.952033][   T30] audit: type=1400 audit(1759943770.638:1695): avc:  denied  { setopt } for  pid=12041 comm="syz.4.3074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1095.958804][T12043] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1095.958839][T12043] Read of size 1 at addr ffff8881315943f8 by task syz.4.3074/12043
[ 1095.996013][T12043] 
[ 1095.998359][T12043] CPU: 1 PID: 12043 Comm: syz.4.3074 Tainted: G        W         syzkaller #0
[ 1096.007214][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1096.017303][T12043] Call Trace:
[ 1096.020626][T12043]  <TASK>
[ 1096.023600][T12043]  __dump_stack+0x21/0x30
[ 1096.027994][T12043]  dump_stack_lvl+0xee/0x150
[ 1096.032623][T12043]  ? show_regs_print_info+0x20/0x20
[ 1096.037848][T12043]  ? load_image+0x3a0/0x3a0
[ 1096.042371][T12043]  ? unwind_get_return_address+0x4d/0x90
[ 1096.048023][T12043]  print_address_description+0x7f/0x2c0
[ 1096.053822][T12043]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1096.060351][T12043]  kasan_report+0xf1/0x140
[ 1096.064867][T12043]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1096.071484][T12043]  __asan_report_load1_noabort+0x14/0x20
[ 1096.077135][T12043]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1096.083514][T12043]  xfrm_policy_inexact_insert_node+0x938/0xb50
[ 1096.089838][T12043]  ? xfrm_netlink_rcv+0x72/0x90
[ 1096.094714][T12043]  ? netlink_unicast+0x876/0xa40
[ 1096.099689][T12043]  ? ____sys_sendmsg+0x5a2/0x8c0
[ 1096.104663][T12043]  ? x64_sys_call+0x4b/0x9a0
[ 1096.109352][T12043]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1096.115539][T12043]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[ 1096.121846][T12043]  xfrm_policy_inexact_insert+0x70/0x1130
[ 1096.127689][T12043]  ? __get_hash_thresh+0x10c/0x420
[ 1096.132830][T12043]  ? policy_hash_bysel+0x110/0x4f0
[ 1096.137961][T12043]  xfrm_policy_insert+0x126/0x9a0
[ 1096.142996][T12043]  ? xfrm_policy_construct+0x54f/0x1f00
[ 1096.148734][T12043]  xfrm_add_policy+0x4d1/0x830
[ 1096.153707][T12043]  ? xfrm_dump_sa_done+0xc0/0xc0
[ 1096.158766][T12043]  xfrm_user_rcv_msg+0x45c/0x6e0
[ 1096.163924][T12043]  ? xfrm_netlink_rcv+0x90/0x90
[ 1096.168795][T12043]  ? avc_has_perm_noaudit+0x460/0x460
[ 1096.174204][T12043]  ? x64_sys_call+0x4b/0x9a0
[ 1096.178924][T12043]  ? selinux_nlmsg_lookup+0x237/0x4c0
[ 1096.184544][T12043]  netlink_rcv_skb+0x1e0/0x430
[ 1096.189408][T12043]  ? xfrm_netlink_rcv+0x90/0x90
[ 1096.194630][T12043]  ? netlink_ack+0xb60/0xb60
[ 1096.199449][T12043]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1096.206563][T12043]  ? __netlink_lookup+0x387/0x3b0
[ 1096.211606][T12043]  xfrm_netlink_rcv+0x72/0x90
[ 1096.216299][T12043]  netlink_unicast+0x876/0xa40
[ 1096.221274][T12043]  netlink_sendmsg+0x86a/0xb70
[ 1096.226059][T12043]  ? netlink_getsockopt+0x530/0x530
[ 1096.231272][T12043]  ? sock_alloc_file+0xba/0x260
[ 1096.236133][T12043]  ? security_socket_sendmsg+0x82/0xa0
[ 1096.241596][T12043]  ? netlink_getsockopt+0x530/0x530
[ 1096.246803][T12043]  ____sys_sendmsg+0x5a2/0x8c0
[ 1096.251667][T12043]  ? __sys_sendmsg_sock+0x40/0x40
[ 1096.256709][T12043]  ? import_iovec+0x7c/0xb0
[ 1096.261220][T12043]  ___sys_sendmsg+0x1f0/0x260
[ 1096.266010][T12043]  ? __sys_sendmsg+0x250/0x250
[ 1096.270800][T12043]  ? __fdget+0x1a1/0x230
[ 1096.275063][T12043]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1096.280015][T12043]  ? ___sys_sendmsg+0x260/0x260
[ 1096.284987][T12043]  ? __kasan_check_write+0x14/0x20
[ 1096.290117][T12043]  ? switch_fpu_return+0x15d/0x2c0
[ 1096.295253][T12043]  x64_sys_call+0x4b/0x9a0
[ 1096.299940][T12043]  do_syscall_64+0x4c/0xa0
[ 1096.304463][T12043]  ? clear_bhb_loop+0x50/0xa0
[ 1096.309176][T12043]  ? clear_bhb_loop+0x50/0xa0
[ 1096.313945][T12043]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1096.319956][T12043] RIP: 0033:0x7fb75b196ec9
[ 1096.324470][T12043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1096.344376][T12043] RSP: 002b:00007fb759bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1096.352986][T12043] RAX: ffffffffffffffda RBX: 00007fb75b3edfa0 RCX: 00007fb75b196ec9
[ 1096.360975][T12043] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[ 1096.368983][T12043] RBP: 00007fb75b219f91 R08: 0000000000000000 R09: 0000000000000000
[ 1096.377056][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1096.385120][T12043] R13: 00007fb75b3ee038 R14: 00007fb75b3edfa0 R15: 00007ffc8d084b68
[ 1096.393103][T12043]  </TASK>
[ 1096.396218][T12043] 
[ 1096.398560][T12043] Allocated by task 12043:
[ 1096.402972][T12043]  __kasan_kmalloc+0xda/0x110
[ 1096.407685][T12043]  __kmalloc+0x13d/0x2c0
[ 1096.412116][T12043]  sk_prot_alloc+0xed/0x320
[ 1096.416633][T12043]  sk_alloc+0x38/0x430
[ 1096.420731][T12043]  pfkey_create+0x12a/0x660
[ 1096.425247][T12043]  __sock_create+0x38d/0x7a0
[ 1096.429843][T12043]  __sys_socket+0xec/0x190
[ 1096.434353][T12043]  __x64_sys_socket+0x7a/0x90
[ 1096.439057][T12043]  x64_sys_call+0x8c5/0x9a0
[ 1096.443755][T12043]  do_syscall_64+0x4c/0xa0
[ 1096.448177][T12043]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1096.454090][T12043] 
[ 1096.456522][T12043] The buggy address belongs to the object at ffff888131594000
[ 1096.456522][T12043]  which belongs to the cache kmalloc-1k of size 1024
[ 1096.470759][T12043] The buggy address is located 1016 bytes inside of
[ 1096.470759][T12043]  1024-byte region [ffff888131594000, ffff888131594400)
[ 1096.484312][T12043] The buggy address belongs to the page:
[ 1096.490039][T12043] page:ffffea0004c56400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888131596800 pfn:0x131590
[ 1096.502327][T12043] head:ffffea0004c56400 order:3 compound_mapcount:0 compound_pincount:0
[ 1096.510856][T12043] flags: 0x4000000000010200(slab|head|zone=1)
[ 1096.517232][T12043] raw: 4000000000010200 ffffea00042c9c00 0000000300000002 ffff888100043080
[ 1096.525918][T12043] raw: ffff888131596800 000000008010000f 00000001ffffffff 0000000000000000
[ 1096.535557][T12043] page dumped because: kasan: bad access detected
[ 1096.542245][T12043] page_owner tracks the page as allocated
[ 1096.548508][T12043] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1f2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_MEMALLOC|__GFP_HARDWALL), pid 11544, ts 1073979256402, free_ts 1073798188456
[ 1096.570264][T12043]  post_alloc_hook+0x192/0x1b0
[ 1096.575049][T12043]  prep_new_page+0x1c/0x110
[ 1096.579572][T12043]  get_page_from_freelist+0x2cc5/0x2d50
[ 1096.585213][T12043]  __alloc_pages+0x18f/0x440
[ 1096.589811][T12043]  new_slab+0xa1/0x4d0
[ 1096.593886][T12043]  ___slab_alloc+0x381/0x810
[ 1096.598484][T12043]  __slab_alloc+0x49/0x90
[ 1096.602825][T12043]  __kmalloc_track_caller+0x169/0x2c0
[ 1096.608204][T12043]  __alloc_skb+0x21a/0x740
[ 1096.612738][T12043]  __napi_alloc_skb+0x162/0x2e0
[ 1096.617598][T12043]  page_to_skb+0x287/0xb60
[ 1096.622133][T12043]  receive_buf+0xc64/0x4ad0
[ 1096.627181][T12043]  virtnet_poll+0x545/0xef0
[ 1096.631802][T12043]  __napi_poll+0xbe/0x590
[ 1096.636175][T12043]  net_rx_action+0x371/0x8e0
[ 1096.640777][T12043]  handle_softirqs+0x250/0x560
[ 1096.645556][T12043] page last free stack trace:
[ 1096.650416][T12043]  free_unref_page_prepare+0x542/0x550
[ 1096.655881][T12043]  free_unref_page+0xa2/0x550
[ 1096.660565][T12043]  __free_pages+0x6c/0x100
[ 1096.664994][T12043]  __free_slab+0xe8/0x1e0
[ 1096.669508][T12043]  __unfreeze_partials+0x160/0x190
[ 1096.674630][T12043]  put_cpu_partial+0xc6/0x120
[ 1096.679315][T12043]  __slab_free+0x1d4/0x290
[ 1096.683738][T12043]  ___cache_free+0x104/0x120
[ 1096.688329][T12043]  qlink_free+0x4d/0x90
[ 1096.692573][T12043]  qlist_free_all+0x5f/0xb0
[ 1096.697196][T12043]  kasan_quarantine_reduce+0x14a/0x170
[ 1096.702833][T12043]  __kasan_slab_alloc+0x2f/0xf0
[ 1096.707689][T12043]  slab_post_alloc_hook+0x4f/0x2b0
[ 1096.712804][T12043]  kmem_cache_alloc+0xf7/0x260
[ 1096.717669][T12043]  __alloc_file+0x28/0x2a0
[ 1096.722440][T12043]  alloc_empty_file+0x97/0x180
[ 1096.727317][T12043] 
[ 1096.729811][T12043] Memory state around the buggy address:
[ 1096.735462][T12043]  ffff888131594280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1096.743705][T12043]  ffff888131594300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1096.751770][T12043] >ffff888131594380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 1096.759846][T12043]                                                                 ^
[ 1096.767824][T12043]  ffff888131594400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1096.775888][T12043]  ffff888131594480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1096.783957][T12043] ==================================================================
[ 1096.792302][T12043] Disabling lock debugging due to kernel taint
[ 1096.807991][   T30] audit: type=1400 audit(1759943771.498:1696): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1096.830166][   T30] audit: type=1400 audit(1759943771.498:1697): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1096.853962][   T30] audit: type=1400 audit(1759943771.498:1698): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1096.875988][   T30] audit: type=1400 audit(1759943771.498:1699): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1096.900990][   T30] audit: type=1400 audit(1759943771.498:1700): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1096.926088][   T30] audit: type=1400 audit(1759943771.498:1701): avc:  denied  { append open } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1096.949855][  T905] usb 4-1: Using ep0 maxpacket: 32
[ 1097.079639][  T905] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0102, bcdDevice=bb.f0
[ 1097.088933][  T905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.098170][  T905] usb 4-1: config 0 descriptor??
[ 1097.341607][  T905] usb 4-1: USB disconnect, device number 10