last executing test programs:

7m57.320099344s ago: executing program 4 (id=2021):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

7m57.195960254s ago: executing program 4 (id=2024):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1d9)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x80000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c00000026000506"], 0x2c}}, 0x0)
recvmmsg(r5, &(0x7f0000007700), 0x318, 0xfc0, 0x0)

7m55.738412152s ago: executing program 4 (id=2025):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000080004004300000008001b00000000"], 0x30}}, 0x0)

7m54.76761425s ago: executing program 4 (id=2029):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38"], 0x3, 0x21f, &(0x7f0000000940)="$eJzs2j+LXFUcBuDfXRMSN2xmxH8kIB60UJtLZmqLLJKAOKBoRoiC5Ma9o8NcZ5a5w8KImK209SNYi6WdIClttvETWNhts2UK8Uoya5INY7GIO2Kep5kXzrzccziXwynu/uvffDYa1PmgmMValsXa5diNO1m0Yy3+shuvvXL95xfeu/7BW5u93pV3U7q6ea3TTSmdf/GnD7/4/qXbs3Pv/3D+xzOx1/5o/6D7295zexf2/7j26bBOwzqNJ7NUpJuTyay4WZVpa1iP8pTeqcqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxTDccrzPG2sB/9E/7s7TRMHzekb0TTNk9/Gudux8Wu0InsqZU9fzp69kT2/m104aJrWqqfKv8L+P94eOtTPRlRf7/R3+ovfxfjmIIZRRRmXohW/x93X5NAiX32zd+VSuqcdX1W3Dvu3dvpPHO13ohXt5f3Oop+O9s/EesTpiMN+N1rxzPJ+d2n/bLz68kPPz6MVv3wck6hiK+52H/S/7KT0xtu9R/oX7/0PAOD/Jk/3Lb2/5fnfjS/6x7gfPnK/OhUXT6127UTU889HRVWVU0EQhPth1ScTJ+HBpq96JgAAAAAAAAAAABzHSXxOuOo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/21/BgAA//9DWtUg")
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7\x00', 0x2)

7m54.681956568s ago: executing program 4 (id=2031):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x9}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000280)={0xa0, 0x0, 0x0, {{0x20, 0x1, 0x5, 0x6, 0x1000, 0x6, {0x1, 0x0, 0x65cd, 0x0, 0xffffffffffff15ef, 0x9, 0x1, 0x7fff, 0x7, 0x4000, 0xe, 0x0, 0x0, 0x4, 0x10000}}, {0x0, 0x1}}}, 0xa0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x401, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r2])
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180))

7m53.403677091s ago: executing program 4 (id=2037):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

7m53.279413461s ago: executing program 32 (id=2037):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))

3m17.343592853s ago: executing program 3 (id=3670):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1000401, &(0x7f0000000100)={[{@user_xattr}, {@data_err_ignore}, {@noblock_validity}]}, 0x84, 0x49e, &(0x7f0000000bc0)="$eJzs3Mtv3MQfAPCvvXn0nfz6K48+oIGCiCgkTVqgByQEAqkXJCQ4wDGkoSpNW9QEiVYVbREqR8RfAByR+As4wQUBJxBXuCOkCvXSwgEtstdOnGwatptuNnQ/H8mbGXtsz3g88diz3gB61kj2kURsi4hfImKoEa0kGMwTZeluXr84/ef1i9NJ1Ouv/jGYp7tx/eJ0mbRcb2sRGU0j0g+T2LvCfufOXzg1NTs7c66Ij8+ffmd87vyFJ0+enjoxc2LmzOTRo0cOTzzz9ORTd6ScWblu7Hn/7L7dx9745OXperz5/ZdZfrcVy6vlaBhe8z5HYiTq9Xo9XTJ3IP98dM1b31i2R8SVIpz0dTkztKwWEVl19eftfyhqsVh5Q/HSB13NHNBR2fVpsGlurfFnIJJs+aZKWuBukmjX0KPKK352/1tO69b52ACuPZ99zuTlv1lMjSV9kd23J8ONO/Zah/a/LSJev/zXp9kUKz6HAAC4s77O+j9PrNT/S+PeSrodxRjKcEQcjIidEfH/iNgVEfdE5Gnvi4j7b3P/+fjTlcV4c//np81tF64FWf/v2WJsa2n/b2HUZrhWxLbn5e9P3jo5O3OoOCaj0T+YxSdW2cc3L/788a2WjVT6f9mU7b/sCxb5+L1v2QO641PzU2spc9W1KxF7+lYqf7IwEpBExO6I2NPG9rNjdvLxL/Zl4R1bm5f/e/lXc7mNHC1V/zzisUb9X45l5S8ljSGSW41Pjm+K2ZlD4+VZ0eyHH6++Uo33V8JrK//aZfW/ZcXzvyh/2QzK8dq5Fjc8sBi8+utHxTabm3K75/9A8tqS3bw3NT9/biJiYCia508urlvGy/RZ+UcPRFwtBoKr7X9nxN+fFevtjYjsJH4gIh6MiP1F3h+KiIcj4sAqh+K7Fx55e/WD1d36P75a/UcMJ9Xx+jYCtVPfflVubKEqi38urdX/kTw0Wsxp5f9fqxm8E8cQAAAANro0H4NO0rGFcJqOjTW+w78rtqSzZ+fmD47Eu2eON8aqh6M/LZ90DVWeh04Uz4bL+OSy+OGI+F/+TaPNeXxs+uzs9m4XHnrc1lu0/80R8VunvvQCbBy39b5W0rl8AOsqf7fH+5rQu1pu//2dzQew/lz/oXdp/9C7Vmr/lyJudiErwDq7rev/c53LB7D+Vmv/HvnB3c39P/Qu7R96UvMr8eVvNLTzpv9iYOexNa3eQ4Fah7Yc1R/t6EAg0q4fuvYD6UbIxv4iMBgRra51qaN1uvz8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+O/7JwAA///M09j9")
pivot_root(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, 0x0, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f00000002c0)=""/17, &(0x7f0000000280)=0x11)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3m16.435664448s ago: executing program 3 (id=3684):
syz_emit_ethernet(0x33, &(0x7f0000000000)=ANY=[@ANYBLOB="e90c610faca20180c20000000800450000250000e0"], 0x0)
r0 = socket(0x200000000000011, 0x2, 0x1)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x2056, &(0x7f0000000000)=ANY=[], 0x0)

3m16.407833799s ago: executing program 3 (id=3685):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e1f, 0xc, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4002}, 0x1c)
listen(r0, 0x0)

3m16.173865549s ago: executing program 3 (id=3686):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000), 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4002, &(0x7f0000000000)={[{@noquota}, {@dioread_nolock}]}, 0x1, 0xbe4, &(0x7f0000003c00)="$eJzs3N9rXFkdAPDvvTOZJm10UhGxvhgRaUGcJpUUWwRbqfjig6CvQkM6KSHTHySRmjTgRP8BUZ8FXwS1KD7Y574ou6/7stu+7rIPC2XJNruwLLtZ7vxI0s5MkrYzudnm84Ez95x7ZuZ8v/cyc8+BuRPAkTWePaQRpyLiahJRbu1PI6LUqA1H1JvP21hfnflofXUmic3NX7yfRBIRT9ZXZ9rvlbS2J1qN4Yh448dJfOX3neMuLq/MT9dq1YVW++zSjdtnF5dXvjd3Y/p69Xr15uT5H0ydmzo/cWGqb7l+/Pal+x9+66fv1j/5x6f3PvjT35K4FKOtvp159Mt4jG8dk52KETHd78FyUmjlszPPpLjHi9LWdmiAgQEA0FW6Yw73tShHIbYnb+X435u5BgcAAAD0xWYhYhMAAAB4xSXW/wAAAPCKa/8O4Mn66ky75PuLhIP1+HJEjDXz32iVZk8x6o3tcOM21eNPkth5W2vSfNlLG4+Idx5d+HdWYkD3Ie+mvhYRX+92/pNG/mONu7g7808jYqIP448/094j/0IfhnzKy+R/qQ/jP2f+MYhjAMDR8+By80LWef1Lt+Y/0eX6V+xy7XoRXa5/B3p9a8//Njrmf9v5F3rM/36+zzHu/v0vd3r1Zfn/8P5P/tUu2fjZ9qWSeg6P1yK+UeyWf7KVf9Ij/6v7HKP82Z1qr76889/8a8Tp6J5/W7L7/xOdnZ2rVSeaj13HWHt96p+9xt9P/iP9S7dDdv6P98i//f9Pvc7/7X2O8asrV/7TsfPRdnX3/NP3SskvG7VSa89vppeWFiYjSsnPOvef2z2W9nPa75Hlf+bbu3/+u+WffSfUW8chWwustbZZ+3fPjPmje3f/2yue9vovz8//tR7nf2f+rxU7z/8f9jnGd/7/xzO9+nauf7OSjd9eCwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAWxoRo5Gkla16mlYqESci4qtxPK3dWlz67uytX9+8lvVFjMVQOjtXq05ERLnZTrL2ZKO+3T73TPv7EXEyIv5cHmm0KzO3atfyTh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtJyJiNJK0EhFpRGyU07RSyTsqAAAAoO/GXvSFQ/2NAwAAABicF17/AwAAAF8Y1v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM2MlvPniYRET94kijZEqtvqFcIwMGLc07ACA3heZmM8k7EODAFfMOAMjNc67xC4OKA8jPXvP/4Z49x/oeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH1+lTDx4mEVG/ONIomVKrbyjXyIBBS/MOAMhNYbfO4sHFARw8H3E4uqzxgWSP/uHt59Sf7jk2sJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHxGGyVJKxFRau2rVCK+FBFjMZTMztWqExHx5Yh4qzx0LGtP5hwzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/be4vDI/XatVF7JKGq3K1p4jWNn8bY+upHnE6rlHqNKfSikORRiHtJL3NxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHlYXF6Zn67VqguLeUcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G1xeWV+ularLgywkneOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADk5/MAAAD//w92C94=")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

3m15.274641272s ago: executing program 3 (id=3692):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x4, 0x28}, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
ioctl$TUNGETVNETLE(r1, 0x40047451, &(0x7f0000000180))

3m15.17876839s ago: executing program 3 (id=3699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
write$UHID_DESTROY(r2, &(0x7f0000000340), 0x4)

3m15.115116455s ago: executing program 33 (id=3699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdbb73887feb3f14db126c935954a335f6469a793"], 0x138)
write$UHID_DESTROY(r2, &(0x7f0000000340), 0x4)

6.454920603s ago: executing program 5 (id=5296):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000380), 0x10)
readv(r6, &(0x7f00000000c0)=[{&(0x7f00000003c0)=""/115, 0x73}], 0x1)
sendmsg$can_bcm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x80}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r7 = openat(0xffffffffffffffff, 0x0, 0x288880, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000d0001007564703a73060000000000"], 0x54}}, 0x0)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f00000007c0)={0x168, r9, 0x200, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7b}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x205}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}]}, @TIPC_NLA_NET={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x55}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7e6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2db}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x800}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x80}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xcf6}]}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x241b}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x40}, 0x4c801)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB, @ANYRES16=r2], 0x14}}, 0x0)
signalfd(r1, &(0x7f0000000000), 0x8)

5.990105331s ago: executing program 5 (id=5301):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

4.876232592s ago: executing program 5 (id=5307):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000500), 0x42403, 0x0)
ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302)

3.439300489s ago: executing program 6 (id=5311):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r1}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000040), 0xf, 0xc340)

3.388352514s ago: executing program 6 (id=5312):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008680)=[{{&(0x7f0000001b00)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}, 0x1c, 0x0, 0x0, &(0x7f0000003d40)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}], 0x28}}], 0x1, 0x24008000)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r1], 0x20}}, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

3.337952338s ago: executing program 6 (id=5316):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r1, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e67}, {&(0x7f00000000c0)=""/250, 0x4}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0)

3.283797092s ago: executing program 5 (id=5317):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0xffff, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0)

3.259425564s ago: executing program 2 (id=5318):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r1}, &(0x7f00000001c0), &(0x7f0000000180)='%pK    \x00'}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r8=>0x0)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r7, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])
fsetxattr$system_posix_acl(r6, 0x0, &(0x7f00000003c0)=ANY=[], 0xfe44, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001400090a0000000000000000021f4800", @ANYRES32, @ANYBLOB="08000200e4d4c21e080008004c06"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

3.252155004s ago: executing program 5 (id=5319):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x10)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x0, 0xc, &(0x7f0000001800)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r5, 0x0, 0x0)

3.207441518s ago: executing program 1 (id=5320):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffed7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000680), &(0x7f00000006c0), 0x9, r1}, 0x38)
socket$packet(0x11, 0x3, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$inet(0xa, 0x1, 0x0)
syz_clone3(&(0x7f0000000480)={0x42200280, 0x0, 0x0, 0x0, {0x17}, 0x0, 0x0, 0x0, 0x0}, 0x58)
close(0xffffffffffffffff)
syz_pidfd_open(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="796104000000000001007e190000"], 0x14}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
pipe(&(0x7f0000000100)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
write$cgroup_subtree(r8, &(0x7f0000000240)=ANY=[], 0xa)
ioctl$int_in(r9, 0x5452, &(0x7f0000000040)=0x9)
splice(r7, 0x0, r10, 0x0, 0x4, 0x9)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000000)={0x7f, 0xe1, 0x5, 0xfffffff2}, 0x10)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000100)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000600)=ANY=[@ANYBLOB="ffffffffffff44214c8dd5aaaaaaaaaabb08004500003000010020fc0290780000001ce00003000306907800fa000945f4fff60065000501040003e0000001ac1414aa6da9078c76f55f6eb6e074d588179cffbfaab94175d256b5f590ca4ee0c4a7b3e0d3afc0bfdc52056a277436c0aa8aaf71b49e79583bb5f58a00cbb335cc5443275a5fe6aea8fc1361747096f7f3e272c4b2989bc3c7f445f93c261761ed088121ea55403c38e415679f36eb25d8b88326ca32b2000000"], 0x0)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x7, 0x0, r9, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x2, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r11}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x98}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x240}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x9, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.147996933s ago: executing program 6 (id=5321):
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r0, 0x0, r0, 0x0, 0x101, 0x0)

3.122317666s ago: executing program 6 (id=5322):
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, 0x0)
ioctl$KVM_GET_TSC_KHZ_vm(0xffffffffffffffff, 0xaea3)
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x401070cd, 0x3)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000280), 0x8, 0x10c400)
syz_usb_disconnect(0xffffffffffffffff)
mkdir(&(0x7f0000001180)='./file0\x00', 0x64)
mount$incfs(&(0x7f0000000200)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f00000003c0), 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200)

3.121738816s ago: executing program 1 (id=5323):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r0}, &(0x7f00000001c0), &(0x7f0000000180)='%pK    \x00'}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r7=>0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x0, 0x0}, 0x10)
io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

503.922879ms ago: executing program 0 (id=5324):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ppoll(&(0x7f0000000100)=[{r0, 0x1}], 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x41, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000040)="d529", 0x2, 0x20044821, 0x0, 0x0)

503.166789ms ago: executing program 5 (id=5325):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202, 0x0, 0x0, 0x2}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)

502.975949ms ago: executing program 0 (id=5326):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2d}}})
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000001040)={'lo\x00', {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}})

502.806919ms ago: executing program 0 (id=5327):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008680)=[{{&(0x7f0000001b00)={0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x8001}, 0x1c, 0x0, 0x0, &(0x7f0000003d40)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}], 0x28}}], 0x1, 0x24008000)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r1], 0x20}}, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

502.384919ms ago: executing program 0 (id=5328):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x75, 0x0, &(0x7f0000000400)="8b0b4c404981a6ef39f577efb9c2c64f47b576cec3dab5adbd25d802c31aa20f47283d909cfc1520a8ebb223d441539406505ea001848d180490b7a70bc561639b136ecae6c156d04957009916c1b24ba79c86ea06832ee972c31e6a0359b8b206c9498c06983956a604106001a616cb4d1c1bb6ac"})
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYRES16, @ANYBLOB="0100000000000000000003000000580001804400040020000100"], 0x6c}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="a400000054000100000000000000800007"], 0xa4}], 0x1, 0x0, 0x0, 0x4000001}, 0x0)

457.566243ms ago: executing program 0 (id=5329):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000100)="d7bad00466ed0f23f80f79970000f30f925a0b6166660fddbd6f7f0f20e06635002000000f22e00fc7ab51000f01d1", 0x2f}], 0x1, 0x7a, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

453.735153ms ago: executing program 2 (id=5330):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000600)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@index_on}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000280)='./file0\x00')

379.702769ms ago: executing program 0 (id=5331):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xec, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00220c000000b3202d6293dc20280a02e89636"], 0x0}, &(0x7f0000000080)={0x2c, 0x0, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0x5}, &(0x7f00000004c0)={0x20, 0x1, 0x4d, "b6854dc8875e7227681c1a2f5321a22f46055e4feb8888fa7339108efb5be7df2e2149c291596e61b1bdba9bf8a62cbf46072009e7c5b2cbb24e949ce93eeb400972d39df00f575c064de9f3c2"}, 0x0})

379.258189ms ago: executing program 2 (id=5332):
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
copy_file_range(r0, 0x0, r0, 0x0, 0x101, 0x0)

379.053689ms ago: executing program 2 (id=5333):
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x4, 0x0, &(0x7f0000000200)=[@enter_looper], 0x0, 0x0, 0x0})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000400)={0x1, 0x0, [{0x40000096, 0x0, 0x1428}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)=ANY=[@ANYBLOB="820000"])

376.68153ms ago: executing program 1 (id=5334):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x4c001, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendto$inet6(r2, &(0x7f0000000400)="25eed0aee8c79f49b53c108367401019c41e56367aa3f23916ddf42df6a5ca47adc0f14939ee362a401f6425b5933ed45ac2e4089f33e87ea4fa53cb6f37fa25746f5805cefb6f78a3d525962f72cff39e3fd9074e3260c84fdfced1c00ba3c8cfcd6220a22b568b9ea6d0e366394ae3490b19d046c22e484b0aa11954836b45d4047ab5007b7b758a16f51f05661f02e1cc365db0bf3b54c3c468a8b5462008bc5ffb9db10bed599639774620b78184ada2301d9d494c2c7622d859213c2d7cc96412661b8f8afb818669f98776b43d6f8c598c00e43ade1e0808a35608882523edf4820dc6b1de1a71cb3dcec7265acaaeab264a1082660423eaf763e3d5e6756b9d2e4115906f4284e5e11388dae00c59c49d5bdc02592fbd96f69a586c8e6f36af50d6de76993809225f4a7dfbd1e7feee4438420c40ee1587ef9279cba9847f32d185f2405d680fd8776df5edc7c149279dc808c693dab77ec90071fff6b0b63f5eaadf5e2118dbeebbeb235b90b8b1b871af2ebc579d404578310950526b7be662a9d89be66d6a02522e7352357c02c3a56f8ff816331bd070041ba511613602956381e6d78b645d02dbc77a188168b6312a0998fe17cfd2940c8e5d39e5a95c50f8b0cee4a9c145b23997f830c08fe2e8af162363f4e14d78fd1275af0192483de50d521d85ed5dd21e51e9fba69d7c208ae998c914f5a2393f0594abb1228eb6df78d022707d2e705854e20338e898482ced2d8b853d8cd972bf7d2df97c7fbc2fffb60e9ec9335bf4e98c6d53244dabe2d1d038c75476b620b9263bda96ec2c61f3306dfcfb9f023c3c9678e0ef245b8c3de356f4c4dfe2d791e213b592f8106467517bd0eb3be609108ac41507edb9029c1975fe0c08e461b66b0850a9faf160e658fd770266fa0c70deab155084869592563fe0c136728a2999c6a5d40891a0de089cec58b1ffe2d40e44513b3d51c8c34935b75a351d0d7f9049e6e488585c819437a4e7b338cd5772a744fe79a21327f919ef4bdb9936a5dccd353a45e2642b8cad7aea0152de1d15577c37eff9fc206115e1ed9612183f5aa55ba23b2e2b77432f038b3cc3f0c189414de1402b002ba4464448d74fac86d1ab674a4eb3d8b6e8af11ee37145026fdedb952097fa069ddd516a76c8a647c0faf5a47a75a7294b0eba99291457e4614f0e985bd363de3593590e6f303e511220ce37e1e66711dac26dadaa5f26ab172ef6c7a2f53ed66c0813867e1d53e769efafac557c3977836517f216c53625d8752073fed32346d274613fef1f874d71a632a48220978d6efbf4fb938a46777f05b10cc71d1996772e2536a22b171e2cabffb9099e73026e56210a6162140681048fa9e55388619d83278ea60e5421eaade222b61237aae0d6684f19e090d88da58d0f8e0b4725c41bfc94a5a066d842f768d7ecc527ae2f8ed793ef072da9258db0d11d36637c4765afed52049524efb6feaaa3239dcce104e0889fb10e6a4b7923b4932fecafb1add915f673426c5d6fe7f0290ee8df38763c3737a8bdb4e78b64dd66831440a5dc4e14ccbd14a13f1c513773b9daf0e06cab2bf564b57c8145af47cc64a539fa8326467b318b2e8df6b6cec365f53a3745f4a6cc3d5bfcbe3f11f48713a9568b0fda6f5d88c0d889862e9f36c4f2664da2341b2002d340a4ffb524fa4ae475c2de3842e9c10354a8aa5ee08dcd538ebe243cd8f502cc2fca6dfc7e84a9c844a9be36e198b78d7ab7161f2f590b61fdf175035dee46c5620c9c02ea6b2f7b5d1edee27ba642832a64f7f2dd88a80937bf92d187a4a3dda7cc981b1cbd09416c418af48af5cfef16adb3ebf966a2fe7cbfb1a42b20eeea1c5f5406e644c4561d6e7009ae32331b5c372eccd802c962a56a994c793b145523b1c52356ffc8d0eef096851598692ca35f3d458890493a9883a61501d0fbc92d4543fa753a33bc954544a128a0e02d229737ca4432f9e013b4eba209b7b043eafd698bd756bd6c931798b07b7f62852ce7b3e38c6a3e3ce45535a8f383b57d3217881e7a62aa933809a6b0934b5e63f5617337971b515ccf38208be292107c1a83af71f1d5cc93cf96c1baaae648fa360f7a1a51eace114ba9b1a05db6dedd55ffe78a0e028c42346252a4e27d659447083f30850b02acda5903ca7605fcc9f22015f4c9ea924e7055d4d983a2cbb20a53cc4124bb300bbfb2628565fd09c6702b2d6dd15cff149c0fe7404a297500c4ca3186ccf88c7f46e3d6bf138ec31ba901c42e5ad349ff36c1572df219a1fca81b2aad102c2767006dd82a741cb6024231101e52bef3c581fe339377167620a8e443fead98c800ad9a25dd40e9af5a789bbafc6d742fa9a1b18e01a87cfa2c914ae559b4e63f9ca50943cfe8143d276ca84c814a0f8e8ee2c0a34a65b09856ac5e78bf92344d9b8394a4c2a60800dae54b10caf40bb09b47526e6707141d4f0a013a6e3567daf6db158b7886d84245b865216e916584149c5b84110dd677a756dc1e76c0d2f4e29fe6a67dd4f550b64936cd642adfff786fb89146b447195162ac8ef682874e20fca482bdce967eeb8c68503ad5ce7374b57df9541e1d7a848d863a5cc6dcbeed060103352e90eed71d60cd2be1ec63d98e25d652656601fd70910491b6f2ec81bec992eed2a5e749c93026375a197d93b88b626320340bdca0061d097505bd608543a25eb455f082700ceb2a4361eed56f1d93c40f84050b91a768830f36e6c5044b0df74cccd22dee667e4c597db72e9d3b9e59684130e07699edc511934a270288d5b52b6179c5abf048ede9d5e0d2d0d845dd63962523622d0564fdfdebd4503304681ec758083c639d11b4e2d47e0e63c5f6e7e96d6f2d6c58bdd8df926879c2047794b343b9ceeefa88e96b762cfc469739c933594627bc7e547f8c3cbeb0903473e8d4b323d5021e80dc4f2b0db7ce6f3da41790a4faf682a21593dfcf2e672e471aeceac0746510485f432ef35f68b5e5b2942525ef5c915236f4893e2281f05c586220041d9685ce8c59315cd783932691ae67e1ad85814af28a253d562b00c8503a0a7bf7dd73ee66641a59606c83fc783966c54cb183a812cfd135c945dcb752c29fae0d55c5b35659361d866b790010eeb98a4909038e6870e4b79c756612761e53831186b840840558dc25361c5ccb919222a9effef676b1e68e7d06a596b712e0adcf2d1972d92d979d95ee44ace518e3f95311cd51f7e48f79775233ae1b2500ca1779ed92cd575e85391d1c7a283d19e008379e9ccd2706f9c191094d31ca0e4e8148776250302774111ef74b980613bd350f6043e8b745f6134336e615e65d491a2c552407a9b87c2aa2883c2d829441ac92ebd11b4425ced9f5d68aeb034a7e6cacb0cc22267cf8f6b3d8a49371b392b0ac9d1845ca7a3e016a3161cd0099e459fdb05719660edaab4f7f2ee5cabe8802222a3acb2551106a63a1b29d5700742619dd758476a95f5b9f98422d54b0104f01f78ca632dae4e7294a4ba6083882ca7f406d97e6049d32fed8864671fb03992e902d463175de1fc784d0b2bc14023f850a3258658755ac00daa52abc1e824527a028b9bff2abd893e58169c736c26fc16e16dfaf132ca505bb9bff4c058763f54f0f36177e510e0ec237dba1f2c5d051158872ae09e7c2177e7cd366fd706b96ad75604c0477b715871602f00e5020d2112536bd255469d94a2ecf73557aa562da2df3aa12224e2f2a1cef614c5320a72bc54c81712205613f9fbe4449722aeaf130585ee52d993b37b18946958894cf2d795770d831fc6097e5795db584dadcafd5faf9352d31d9968a1bc09b32fd126a897dfa18b07910595446c28cffc0b76c046a1db4dbe14bebf0a44d68ddb6d4c073d5e79fb2788a5fdbfa0df9d6084bca32f7bd135ac843c728c040fdf2e10d1cf691508ae64aa3c40d0a198160c3b32d1d02399b509b88c82d77ca6a2bd81adaf671efdd790741a3f67023417fdb734fc697b456af920b1831ba52df170e1c45c3149ee393972a6b9dc97dd4aca5df478c4a593c76ee67ae259fc414bcad85098692f7e9aa660bb27c3ee6e96171ee240919c636aca69d875543d04d6cf48305a785422f4b4f5a99525a0951448acf33e8fc438b32b31eae7169cc82daba924d51708fd2f64c9076cfc7ad03da98051316209d66eb752346adcbc696dfb13000a77fa3655fdfca05b41ca01247c5d8e385cda3c8e2b65f9b34679130f99c81838e3ae716ab9fc9f07f6267d0197a43ed163e5025a11cb9fc1cec83e253d3c8a2d3a8f697ceaa3772bcf37ed8f0151b47e82bf270e549fc5651541a9da77aa128b193bb98f6e023cae58237daa93ddfa781394cd4c4a2519d4a0ea8a60bef2bd0e7bcac51999e6a916ea3a5566845ae498c048a7d036b1bfb1e59ed700421b0019ff1c1aee887b90cc8e1be4669e44dadb3468593b24e4b8d2c3365b95932d00503a82ce2dba2622986a14967a16233924bbf03a33d5a018274f44ccf31959057a696f63b4d5a319b81d8674cfe615807bdad84f79a1bc3a679bfd5fd24bca93a49c355e1d0c4cf42162111413c328b6df45191d5a38ef9e6e525590332eee19e20174ec5ce53e5ff5988a1135bd49dc1ebed1004afd6c77b79c607f074e8a7bd348706921201b49f656a9218cd3073ae9dccee23d99840c18e7d9eb1c6028f94c5e234a2fa05a350ad23e10a6e6ed6a592cf48877a32dc147f32eb05817e0e438d78c8ff4d5ef22d8747f88ebe57b96ed8a4d00729dd659361bf9198477562a4daec9f60c7a73f18f537db5e43c75edd13c98d224a614fe684835bda1e84cf441fa3240eab03e241fd4f84e594cc82a6acc80ecc74e6ca93e3d9706075cda806a6da92a73a57b5af5be2d8e97500dd2c920fc36d19b4f8673b45fd13ea736aeeaaa5872f6d95ce3fd560a9377f12e0b2440ff9f2986e5c1495f66e7e45cf4822e33670dd150e184c30ee769d9df212ca8a73928188ed025759260b7bcdfe21ff326bb01641305d874316c9d28889fbbdedd1fdf2174558625b3bf161c9fd312b2e41223e03939e04ee3e9fd6779ef6155279ab275949a0e7b84e54daa6eff264e079d5e41744234b86e712f48fd56b1481ed9e7a1c074b0f1a1b3a4c5286fa8d07df3c9eb161401286d09881bd52cd5ac0dd6d84bab3fd907d0fc572c8e4e00060cf6274026e3c3568bc6df507ee2c407d6c77e8a0fca12c40a5e590d4b0ad6a534929986adf883937893fe8a61407341b314796124652d3f94962ed1b25126d1e63aebbe4d2b1c148e98c570838212e253049496da922ea734b19f27a4f17e46a70e2d5a4fa97d2b5df5e0fe0795183e1e6d9be3726909d408dbda8332e59c95180aedfdbca78843fb062f9ed25f5df9cb7635a2214e6c7471913fe8f31b4458133c3cec6d6976e837c8d3da4556b257cb016d5cd0d7a832a4741c2b5693d162ca14f697b4f490a606951b0af34a1de42008e85caeecfad118ed787dd27829fab887fb07bc096a079ac23f78cd6258849e5f30626f222de9015925e944ce7933cf580578a6e14aab46e1a23e1af9a82dfb946ecb6de82bb7843b1ff731631a9c9466bc547a32a38744934a3e88e1f761f23504375d062e9f8d921776e18b8e210aaa20f4d416f481bc497a6a47a022636ab85f91d34b94654a4b39aebc77c40c1493ee44d5ffb2039f830bebefcf5b4ac693d67cc7f9e7bbc363fc3cd888ff85e749e0415ecc5fc70297722b9005aebc", 0x1000, 0x4000, 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x8, 0x11, r1, 0xf6690000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000001c0)=0x40)

366.551421ms ago: executing program 1 (id=5335):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)

355.934351ms ago: executing program 2 (id=5336):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000280)={{0x2}, 'syz1\x00', 0x11})
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$evdev(&(0x7f0000000340), 0x3f, 0x0)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000180)={0x57, 0xfffe, 0x406, {0x7}, {0x0, 0xffff}, @period={0x5d, 0x6735, 0x1788, 0x6, 0x9, {0x7, 0xa, 0x5, 0x40}, 0x0, 0x0}})

354.874201ms ago: executing program 1 (id=5337):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$incfs(&(0x7f0000000580)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000005c0), 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

274.418168ms ago: executing program 1 (id=5338):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000040)={0xc3, 0x9, 0x6d3, 0x89, 0x3, 0x2, &(0x7f00000001c0)="9af071"})

13.764069ms ago: executing program 6 (id=5339):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf3, 0x0, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a2161618162", 0x0, 0x2f, 0xe8034000, 0x0, 0x90, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x50)

0s ago: executing program 2 (id=5340):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0d000000020000000400000006", @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='mm_page_alloc\x00', 0xffffffffffffffff, 0x0, 0x3}, 0x18)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{}, [@TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x58}}, 0x0)

kernel console output (not intermixed with test programs):

=0x7f34bcb8ebe9 code=0x7ffc0000
[  707.548096][   T28] audit: type=1326 audit(1755715785.499:2384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13345 comm="syz.6.4286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  707.742643][T13366] hub 8-0:1.0: USB hub found
[  707.849818][T13366] hub 8-0:1.0: 1 port detected
[  709.151345][T13391] hub 6-0:1.0: USB hub found
[  709.162589][T13391] hub 6-0:1.0: 1 port detected
[  709.249117][T13392] loop1: detected capacity change from 0 to 256
[  709.682231][  T625] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  709.877128][  T625] usb 1-1: Using ep0 maxpacket: 16
[  709.884268][  T625] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  709.898974][  T625] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  710.206318][  T625] usb 1-1: config 0 has no interface number 0
[  710.218217][  T625] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  710.230727][  T625] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.242351][  T625] usb 1-1: Product: syz
[  710.248888][  T625] usb 1-1: Manufacturer: syz
[  710.255887][  T625] usb 1-1: SerialNumber: syz
[  710.265579][  T625] usb 1-1: config 0 descriptor??
[  710.278791][  T625] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  710.291986][  T625] usb 1-1: No valid video chain found.
[  710.491085][  T625] usb 1-1: USB disconnect, device number 46
[  710.741341][   T28] kauditd_printk_skb: 22 callbacks suppressed
[  710.741362][   T28] audit: type=1400 audit(1755715788.849:2407): avc:  denied  { write } for  pid=13416 comm="syz.2.4312" name="usbmon8" dev="devtmpfs" ino=183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  711.796145][T13446] hub 8-0:1.0: USB hub found
[  711.811568][T13446] hub 8-0:1.0: 1 port detected
[  712.606850][T13453] loop6: detected capacity change from 0 to 512
[  712.865657][T13453] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  712.875406][T13453] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  713.474168][T11729] EXT4-fs (loop6): unmounting filesystem.
[  713.535765][T13474] Illegal XDP return value 4294967274 on prog  (id 2407) dev syz_tun, expect packet loss!
[  713.618140][T13477] loop6: detected capacity change from 0 to 512
[  713.649775][T13477] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  713.668879][T13477] EXT4-fs (loop6): 1 truncate cleaned up
[  713.674863][T13477] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  713.684997][T13477] EXT4-fs (loop6): unmounting filesystem.
[  713.788276][  T625] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  713.995749][  T625] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  714.014835][  T625] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  714.076462][  T625] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  714.125693][  T625] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.152549][  T625] usb 2-1: Product: syz
[  714.166614][  T625] usb 2-1: Manufacturer: syz
[  714.182222][  T625] usb 2-1: SerialNumber: syz
[  714.204375][  T625] usb 2-1: config 0 descriptor??
[  714.323543][   T28] audit: type=1400 audit(1755715792.172:2408): avc:  denied  { bind } for  pid=13471 comm="syz.6.4331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  714.646756][  T625] usb 2-1: USB disconnect, device number 39
[  714.755893][   T28] audit: type=1326 audit(1755715792.569:2409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  714.800108][   T28] audit: type=1326 audit(1755715792.569:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  714.856532][   T28] audit: type=1326 audit(1755715792.569:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  714.901421][   T28] audit: type=1326 audit(1755715792.578:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  714.953020][T13498] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4340'.
[  714.953465][   T28] audit: type=1326 audit(1755715792.578:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  715.030534][   T28] audit: type=1326 audit(1755715792.578:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13488 comm="syz.0.4336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  716.872201][T13540] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4358'.
[  716.881471][T13540] netem: invalid attributes len -15
[  716.886765][T13540] netem: change failed
[  717.974443][T13551] SELinux:  policydb version -1973046224 does not match my version range 15-33
[  717.983518][T13551] SELinux: failed to load policy
[  718.161489][T13547] loop5: detected capacity change from 0 to 512
[  718.169661][T13547] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  718.383948][T13547] EXT4-fs (loop5): 1 truncate cleaned up
[  718.389749][T13547] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  718.681198][T13566] loop1: detected capacity change from 0 to 512
[  718.688617][   T28] audit: type=1400 audit(1755715796.205:2415): avc:  denied  { create } for  pid=13564 comm="syz.6.4366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  718.979521][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  719.076573][T13566] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  719.098723][T13566] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  719.111131][   T28] audit: type=1400 audit(1755715796.464:2416): avc:  denied  { ioctl } for  pid=13564 comm="syz.6.4366" path="socket:[73349]" dev="sockfs" ino=73349 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  719.221759][T13585] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4372'.
[  719.235757][   T28] audit: type=1400 audit(1755715796.464:2417): avc:  denied  { write } for  pid=13564 comm="syz.6.4366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  719.266303][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  719.303386][   T28] audit: type=1326 audit(1755715796.556:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.328673][   T28] audit: type=1326 audit(1755715796.556:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.353692][   T28] audit: type=1326 audit(1755715796.556:2420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.440162][   T28] audit: type=1326 audit(1755715796.556:2421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.464145][   T28] audit: type=1326 audit(1755715796.556:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.471741][T13600] block device autoloading is deprecated and will be removed.
[  719.488273][   T28] audit: type=1326 audit(1755715796.575:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.520157][   T28] audit: type=1326 audit(1755715796.575:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13571 comm="syz.5.4368" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  719.892209][T13615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4385'.
[  720.226715][T13631] loop6: detected capacity change from 0 to 256
[  720.237135][T13631] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  721.461159][T13644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4392'.
[  721.738630][T13651] SELinux: ebitmap: truncated map
[  721.759269][T13651] SELinux: failed to load policy
[  722.725635][T13667] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4405'.
[  722.910945][T13678] netlink: 'syz.6.4409': attribute type 12 has an invalid length.
[  722.918857][T13678] netlink: 248 bytes leftover after parsing attributes in process `syz.6.4409'.
[  723.029922][ T8169] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  723.214281][ T8169] usb 3-1: device descriptor read/64, error -71
[  723.280241][T13685] device bridge_slave_0 left promiscuous mode
[  723.290022][T13685] bridge0: port 1(bridge_slave_0) entered disabled state
[  723.306460][T13685] device bridge_slave_1 left promiscuous mode
[  723.314638][T13689] loop1: detected capacity change from 0 to 256
[  723.321080][T13685] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.396914][T13697] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4418'.
[  723.517087][T13707] loop6: detected capacity change from 0 to 2048
[  723.524196][ T8169] usb 3-1: device descriptor read/64, error -71
[  723.645138][T13707] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  723.815200][T11729] EXT4-fs (loop6): unmounting filesystem.
[  723.864247][ T8169] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  723.906964][T13716] bridge0: port 1(macsec1) entered blocking state
[  723.913612][T13716] bridge0: port 1(macsec1) entered disabled state
[  724.034671][T13728] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4429'.
[  724.043795][ T8169] usb 3-1: device descriptor read/64, error -71
[  724.118054][   T28] kauditd_printk_skb: 130 callbacks suppressed
[  724.118071][   T28] audit: type=1326 audit(1755715801.208:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13717 comm="syz.6.4424" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  724.376958][ T8169] usb 3-1: device descriptor read/64, error -71
[  724.507465][ T8169] usb usb3-port1: attempt power cycle
[  725.012585][ T8169] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  725.057444][ T8169] usb 3-1: device descriptor read/8, error -71
[  725.386620][ T8169] usb 3-1: device descriptor read/8, error -71
[  725.705988][ T8169] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  725.750780][ T8169] usb 3-1: device descriptor read/8, error -71
[  725.945910][ T8169] usb 3-1: device descriptor read/8, error -71
[  726.228859][ T8169] usb usb3-port1: unable to enumerate USB device
[  726.620574][T13763] loop1: detected capacity change from 0 to 512
[  726.666947][T13763] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  726.676034][T13763] ext4 filesystem being mounted at /266/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  726.912167][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  727.099901][ T8169] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  727.374449][ T8169] usb 1-1: Using ep0 maxpacket: 32
[  727.389132][ T8169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  727.412075][ T8169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  727.432302][ T8169] usb 1-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  727.451557][ T8169] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.474227][ T8169] usb 1-1: config 0 descriptor??
[  727.835249][   T28] audit: type=1400 audit(1755715804.642:2556): avc:  denied  { relabelfrom } for  pid=13793 comm="syz.5.4451" name="NETLINK" dev="sockfs" ino=73832 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  727.896865][T13794] SELinux:  Context system_u:object_r:crash_device_t:s0 is not valid (left unmapped).
[  727.954568][   T28] audit: type=1400 audit(1755715804.743:2557): avc:  denied  { relabelto } for  pid=13793 comm="syz.5.4451" name="NETLINK" dev="sockfs" ino=73832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_route_socket permissive=1 trawcon="system_u:object_r:crash_device_t:s0"
[  728.202682][T13810] loop5: detected capacity change from 0 to 256
[  728.345257][T13812] xt_hashlimit: max too large, truncated to 1048576
[  728.526808][T13811] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  728.875739][ T8169] usbhid 1-1:0.0: can't add hid device: -71
[  728.897944][ T8169] usbhid: probe of 1-1:0.0 failed with error -71
[  728.934686][ T8169] usb 1-1: USB disconnect, device number 47
[  729.196043][T13835] loop1: detected capacity change from 0 to 512
[  729.203242][T13835] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  729.218713][T13835] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  729.227825][T13835] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  729.442077][T13839] 9pnet: Could not find request transport: rdma
[  729.505320][   T28] audit: type=1326 audit(1755715806.183:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.529609][   T28] audit: type=1326 audit(1755715806.183:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.555540][   T28] audit: type=1326 audit(1755715806.183:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.580088][   T28] audit: type=1326 audit(1755715806.183:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.605581][   T28] audit: type=1326 audit(1755715806.183:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.630639][   T28] audit: type=1326 audit(1755715806.183:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.654810][   T28] audit: type=1326 audit(1755715806.183:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  729.678590][   T28] audit: type=1326 audit(1755715806.183:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13844 comm="syz.0.4470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5e018ebe9 code=0x7ffc0000
[  730.079519][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  730.165567][T13857] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4475'.
[  730.240677][T13866] loop6: detected capacity change from 0 to 512
[  730.249726][T13866] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.4479: Invalid inode bitmap blk 4 in block_group 0
[  730.262651][T13866] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  730.275465][T13866] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4479'.
[  730.275475][   T28] audit: type=1400 audit(1755715806.894:2566): avc:  denied  { nlmsg_read } for  pid=13864 comm="syz.6.4479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  730.311864][T11729] EXT4-fs (loop6): unmounting filesystem.
[  730.361926][T13872] xt_hashlimit: max too large, truncated to 1048576
[  730.373459][   T28] audit: type=1326 audit(1755715806.986:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13870 comm="syz.6.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  730.397309][   T28] audit: type=1326 audit(1755715806.986:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13870 comm="syz.6.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  730.421453][   T28] audit: type=1326 audit(1755715806.995:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13870 comm="syz.6.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  730.453991][T13875] raw_sendmsg: syz.6.4482 forgot to set AF_INET. Fix it!
[  730.559782][ T8169] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  730.754743][ T8169] usb 3-1: Using ep0 maxpacket: 32
[  730.761776][ T8169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  730.773117][ T8169] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  730.783107][ T8169] usb 3-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  730.792450][ T8169] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  730.803126][ T8169] usb 3-1: config 0 descriptor??
[  731.416555][T13882] loop6: detected capacity change from 0 to 1024
[  731.423522][T13882] EXT4-fs: Ignoring removed orlov option
[  731.431776][T13882] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  731.451091][T11729] EXT4-fs (loop6): unmounting filesystem.
[  731.465118][ T8169] usbhid 3-1:0.0: can't add hid device: -71
[  731.535306][ T8169] usbhid: probe of 3-1:0.0 failed with error -71
[  731.542846][ T8169] usb 3-1: USB disconnect, device number 48
[  732.122285][T13890] netlink: 'syz.1.4487': attribute type 13 has an invalid length.
[  732.194129][T13898] mmap: syz.1.4491 (13898) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  732.443318][T13906] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  732.451935][T13906] xt_hashlimit: max too large, truncated to 1048576
[  732.518947][T13908] SELinux:  Context system_u:object_r:sendmail_exec_t:s0 is not valid (left unmapped).
[  732.531615][  T625] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  732.737338][  T625] usb 2-1: Using ep0 maxpacket: 16
[  732.744711][  T625] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  732.756046][  T625] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  732.767822][  T625] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  732.777247][  T625] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.785884][  T625] usb 2-1: Product: syz
[  732.790290][  T625] usb 2-1: Manufacturer: syz
[  732.795148][  T625] usb 2-1: SerialNumber: syz
[  732.965021][    T6] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  733.116176][  T625] usb 2-1: 0:2 : does not exist
[  733.126828][  T625] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  733.536136][  T625] usb 2-1: USB disconnect, device number 40
[  733.636608][    T6] usb 3-1: Using ep0 maxpacket: 32
[  733.643110][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  733.655043][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.665135][    T6] usb 3-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  733.674746][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.683724][    T6] usb 3-1: config 0 descriptor??
[  734.740692][T13951] loop1: detected capacity change from 0 to 256
[  735.286307][T13974] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  735.296264][T13974] xt_hashlimit: max too large, truncated to 1048576
[  735.303663][    T6] usbhid 3-1:0.0: can't add hid device: -71
[  735.311214][    T6] usbhid: probe of 3-1:0.0 failed with error -71
[  735.320217][    T6] usb 3-1: USB disconnect, device number 49
[  735.565115][  T625] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  735.760149][  T625] usb 7-1: Using ep0 maxpacket: 16
[  735.766825][  T625] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  735.777121][  T625] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  735.787705][  T625] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  735.796847][  T625] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.804900][  T625] usb 7-1: Product: syz
[  735.809141][  T625] usb 7-1: Manufacturer: syz
[  735.813813][  T625] usb 7-1: SerialNumber: syz
[  736.037908][  T625] usb 7-1: 0:2 : does not exist
[  736.044978][  T625] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  736.055829][  T625] usb 7-1: USB disconnect, device number 7
[  736.138553][T13984] syz.5.4524[13984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  736.138607][T13984] syz.5.4524[13984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  736.356107][ T8169] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  736.540339][ T8169] usb 1-1: device descriptor read/64, error -71
[  736.614257][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  736.614273][   T28] audit: type=1326 audit(1755715812.745:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.644260][   T28] audit: type=1326 audit(1755715812.745:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.667925][   T28] audit: type=1326 audit(1755715812.745:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.691857][   T28] audit: type=1326 audit(1755715812.745:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.715804][   T28] audit: type=1326 audit(1755715812.745:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.746168][   T28] audit: type=1326 audit(1755715812.745:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.770260][   T28] audit: type=1326 audit(1755715812.745:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.794565][   T28] audit: type=1326 audit(1755715812.745:2595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.818860][   T28] audit: type=1326 audit(1755715812.745:2596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.843369][   T28] audit: type=1326 audit(1755715812.755:2597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13994 comm="syz.2.4528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  736.876035][ T8169] usb 1-1: device descriptor read/64, error -71
[  737.024919][T14017] hub 8-0:1.0: USB hub found
[  737.031044][T14017] hub 8-0:1.0: 1 port detected
[  737.223057][ T8169] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  737.385272][ T8169] usb 1-1: device descriptor read/64, error -71
[  737.497810][  T625] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  737.677855][ T8169] usb 1-1: device descriptor read/64, error -71
[  737.835234][ T8169] usb usb1-port1: attempt power cycle
[  737.861968][  T625] usb 6-1: Using ep0 maxpacket: 16
[  737.873516][  T625] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  737.883699][  T625] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  738.033431][T14028] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4540'.
[  738.242087][  T625] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  738.258285][  T625] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  738.268347][  T625] usb 6-1: Product: syz
[  738.272641][  T625] usb 6-1: Manufacturer: syz
[  738.283563][  T625] usb 6-1: SerialNumber: syz
[  738.327833][ T8169] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  738.372258][ T8169] usb 1-1: device descriptor read/8, error -71
[  738.507399][  T625] usb 6-1: 0:2 : does not exist
[  738.516326][  T625] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  738.533534][  T625] usb 6-1: USB disconnect, device number 24
[  738.583721][ T8169] usb 1-1: device descriptor read/8, error -71
[  738.754995][T14048] loop1: detected capacity change from 0 to 256
[  738.938084][ T8169] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  738.989881][ T8169] usb 1-1: device descriptor read/8, error -71
[  739.164638][ T8169] usb 1-1: device descriptor read/8, error -71
[  739.303291][ T8169] usb usb1-port1: unable to enumerate USB device
[  739.423648][T14075] syz.6.4556[14075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  739.423726][T14075] syz.6.4556[14075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  739.460073][T14078] netlink: 592 bytes leftover after parsing attributes in process `syz.6.4557'.
[  739.494823][T14080] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=14080 comm=syz.0.4558
[  739.532294][T14082] loop6: detected capacity change from 0 to 512
[  739.540782][T14082] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  739.586785][T14082] EXT4-fs (loop6): 1 orphan inode deleted
[  739.592975][T14082] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  739.602276][T14082] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  739.613285][  T350] EXT4-fs error (device loop6): ext4_release_dquot:6837: comm kworker/u4:4: Failed to release dquot type 1
[  739.653433][T11729] EXT4-fs (loop6): unmounting filesystem.
[  740.910081][T14101] xt_hashlimit: max too large, truncated to 1048576
[  740.912954][T14102] loop6: detected capacity change from 0 to 512
[  740.928011][T14099] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  740.971059][T14102] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  741.072904][T14102] EXT4-fs (loop6): 1 truncate cleaned up
[  741.078708][T14102] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  741.192288][T14106] hub 8-0:1.0: USB hub found
[  741.298472][T14106] hub 8-0:1.0: 1 port detected
[  741.458942][ T8169] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  741.697264][ T8169] usb 1-1: Using ep0 maxpacket: 16
[  741.703755][ T8169] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  741.723010][ T8169] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  741.746180][ T8169] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  741.810128][T11729] EXT4-fs (loop6): unmounting filesystem.
[  741.823484][ T8169] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.839195][T14124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4572'.
[  741.859139][ T8169] usb 1-1: Product: syz
[  741.863420][ T8169] usb 1-1: Manufacturer: syz
[  741.868037][ T8169] usb 1-1: SerialNumber: syz
[  742.509727][ T8169] usb 1-1: 0:2 : does not exist
[  742.550820][ T8169] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  742.696093][T14138] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4571'.
[  742.722255][ T8169] usb 1-1: USB disconnect, device number 52
[  742.888297][   T28] kauditd_printk_skb: 61 callbacks suppressed
[  742.888314][   T28] audit: type=1400 audit(1755715818.533:2658): avc:  denied  { append } for  pid=14139 comm="syz.6.4576" name="usbmon8" dev="devtmpfs" ino=183 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  742.973993][T14143] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4577'.
[  743.072475][   T28] audit: type=1326 audit(1755715818.699:2659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.106276][T14147] bridge0: port 3(macsec1) entered blocking state
[  743.123732][T14147] bridge0: port 3(macsec1) entered disabled state
[  743.134638][   T28] audit: type=1326 audit(1755715818.736:2660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.202083][   T28] audit: type=1326 audit(1755715818.736:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.276279][   T28] audit: type=1326 audit(1755715818.736:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.354444][   T28] audit: type=1326 audit(1755715818.736:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.431248][   T28] audit: type=1326 audit(1755715818.736:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.467814][   T28] audit: type=1326 audit(1755715818.736:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.492692][   T28] audit: type=1326 audit(1755715818.736:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.541559][   T28] audit: type=1326 audit(1755715818.736:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14146 comm="syz.1.4579" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  743.583132][T14162] loop1: detected capacity change from 0 to 256
[  744.080973][ T8169] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  744.303309][T14180] bridge0: port 3(macsec1) entered blocking state
[  744.309976][ T8169] usb 1-1: Using ep0 maxpacket: 32
[  744.315568][T14180] bridge0: port 3(macsec1) entered disabled state
[  744.323648][ T8169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  744.335982][ T8169] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  744.347462][ T8169] usb 1-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  744.363956][ T8169] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.378086][ T8169] usb 1-1: config 0 descriptor??
[  744.824847][ T8169] wacom 0003:056A:0315.0039: Unknown device_type for 'HID 056a:0315'. Assuming pen.
[  744.838676][ T8169] wacom 0003:056A:0315.0039: hidraw0: USB HID v0.07 Device [HID 056a:0315] on usb-dummy_hcd.0-1/input0
[  744.857504][ T8169] input: Wacom Intuos Pro M Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0315.0039/input/input76
[  744.968503][T14208] bridge0: port 1(macsec1) entered blocking state
[  744.975076][T14208] bridge0: port 1(macsec1) entered disabled state
[  745.036580][T14214] loop6: detected capacity change from 0 to 128
[  745.044919][T14214] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  745.053818][T14214] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.053903][  T625] usb 1-1: USB disconnect, device number 53
[  745.080219][T11729] EXT4-fs (loop6): unmounting filesystem.
[  746.034613][T14238] 9pnet_fd: Insufficient options for proto=fd
[  746.282230][T14240] bridge0: port 1(macsec1) entered blocking state
[  746.298314][T14240] bridge0: port 1(macsec1) entered disabled state
[  747.006024][ T8169] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  747.326282][T14285] netlink: 120 bytes leftover after parsing attributes in process `syz.6.4634'.
[  747.335649][T14285] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4634'.
[  747.344617][ T8169] usb 6-1: Using ep0 maxpacket: 32
[  747.356155][ T8169] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  747.368103][ T8169] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.378047][ T8169] usb 6-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  747.387342][ T8169] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.398598][ T8169] usb 6-1: config 0 descriptor??
[  747.780121][T14303] loop1: detected capacity change from 0 to 128
[  747.789431][T14303] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  747.798258][T14303] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  747.826011][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  747.943819][T14306] loop6: detected capacity change from 0 to 512
[  747.977231][T14306] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  747.996201][ T8169] wacom 0003:056A:0315.003A: item fetching failed at offset 1/5
[  748.045123][ T8169] wacom 0003:056A:0315.003A: parse failed
[  748.095516][ T8169] wacom: probe of 0003:056A:0315.003A failed with error -22
[  748.118336][T14306] EXT4-fs (loop6): 1 truncate cleaned up
[  748.124218][T14306] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  749.106420][ T8169] usb 6-1: USB disconnect, device number 25
[  749.114601][T11729] EXT4-fs (loop6): unmounting filesystem.
[  749.300793][   T28] kauditd_printk_skb: 117 callbacks suppressed
[  749.300811][   T28] audit: type=1326 audit(1755715824.449:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.330906][   T28] audit: type=1326 audit(1755715824.449:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.365252][   T28] audit: type=1326 audit(1755715824.514:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.394194][   T28] audit: type=1326 audit(1755715824.514:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.418135][   T28] audit: type=1326 audit(1755715824.514:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.443327][   T28] audit: type=1326 audit(1755715824.514:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.467078][   T28] audit: type=1326 audit(1755715824.514:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.490900][   T28] audit: type=1326 audit(1755715824.514:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f34bcb8e7eb code=0x7ffc0000
[  749.514644][   T28] audit: type=1326 audit(1755715824.514:2793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f34bcb8d550 code=0x7ffc0000
[  749.538607][   T28] audit: type=1326 audit(1755715824.514:2794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14321 comm="syz.6.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  749.778362][T14342] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4657'.
[  749.821258][T14346] syz.1.4659[14346] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  749.821348][T14346] syz.1.4659[14346] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  749.853568][T14346] loop1: detected capacity change from 0 to 512
[  749.872200][T14346] EXT4-fs: Ignoring removed mblk_io_submit option
[  749.879508][T14346] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  749.891197][T14346] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  749.899377][T14346] System zones: 1-12
[  749.904634][T14346] EXT4-fs (loop1): 1 truncate cleaned up
[  749.910529][T14346] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  749.923793][T14346] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4659'.
[  749.996278][ T8169] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  750.202145][ T8169] usb 6-1: Using ep0 maxpacket: 16
[  750.209489][ T8169] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  750.217911][ T8169] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  750.245467][ T8169] usb 6-1: config 0 has no interface number 0
[  750.252409][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  750.260587][ T8169] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  750.271410][T14351] loop1: detected capacity change from 0 to 512
[  750.276830][ T8169] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  750.278393][T14351] EXT4-fs: Ignoring removed oldalloc option
[  750.294253][T14351] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.4660: Parent and EA inode have the same ino 15
[  750.295892][ T8169] usb 6-1: Product: syz
[  750.325434][ T8169] usb 6-1: Manufacturer: syz
[  750.328911][T14351] EXT4-fs (loop1): Remounting filesystem read-only
[  750.335649][ T8169] usb 6-1: SerialNumber: syz
[  750.343161][T14351] EXT4-fs (loop1): 1 orphan inode deleted
[  750.349544][T14351] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  750.363386][ T8169] usb 6-1: config 0 descriptor??
[  750.372860][T14351] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4660'.
[  750.382881][ T8169] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[  750.384819][T14351] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=14351 comm=syz.1.4660
[  750.392741][ T8169] usb 6-1: No valid video chain found.
[  750.415337][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  750.490295][T14363] bridge0: port 3(macsec1) entered blocking state
[  750.496822][T14363] bridge0: port 3(macsec1) entered disabled state
[  750.556333][T14368] support for cryptoloop has been removed.  Use dm-crypt instead.
[  750.578424][T14370] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4668'.
[  750.612187][ T8169] usb 6-1: USB disconnect, device number 26
[  750.954219][T14388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4675'.
[  751.093651][T14390] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4676'.
[  751.136306][T14392] loop6: detected capacity change from 0 to 512
[  751.157704][T14392] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  751.167644][T14392] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  751.181225][T14392] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.4677: corrupted inode contents
[  751.205762][T14392] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #2: comm syz.6.4677: mark_inode_dirty error
[  751.223577][T14392] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.4677: corrupted inode contents
[  751.236825][T14398] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.4677: corrupted inode contents
[  751.261544][T14398] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #2: comm syz.6.4677: mark_inode_dirty error
[  751.273445][T14398] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.4677: corrupted inode contents
[  751.295938][T11729] EXT4-fs (loop6): unmounting filesystem.
[  751.344207][T14407] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4682'.
[  751.391365][T14413] netlink: 'syz.5.4686': attribute type 4 has an invalid length.
[  751.412811][T14413] netlink: 'syz.5.4686': attribute type 4 has an invalid length.
[  751.558447][T14424] device bridge_slave_0 left promiscuous mode
[  751.564648][T14424] bridge0: port 1(bridge_slave_0) entered disabled state
[  751.572303][T14424] device bridge_slave_1 left promiscuous mode
[  751.579030][T14424] bridge0: port 2(bridge_slave_1) entered disabled state
[  751.751433][ T8169] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  751.759185][  T339] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  751.979072][  T339] usb 6-1: Using ep0 maxpacket: 16
[  751.979102][ T8169] usb 1-1: Using ep0 maxpacket: 16
[  751.992127][ T8169] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  752.015553][  T339] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  752.035125][ T8169] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  752.055962][  T339] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  752.097604][  T339] usb 6-1: config 0 has no interface number 0
[  752.104595][ T8169] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  752.114442][ T8169] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.122721][ T8169] usb 1-1: Product: syz
[  752.127017][ T8169] usb 1-1: Manufacturer: syz
[  752.131719][ T8169] usb 1-1: SerialNumber: syz
[  752.136812][  T339] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  752.146143][  T339] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.154584][  T339] usb 6-1: Product: syz
[  752.158873][  T339] usb 6-1: Manufacturer: syz
[  752.164460][  T339] usb 6-1: SerialNumber: syz
[  752.174032][  T339] usb 6-1: config 0 descriptor??
[  752.182040][  T339] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[  752.188544][  T339] usb 6-1: No valid video chain found.
[  752.252597][T14438] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4695'.
[  752.382144][ T8169] usb 1-1: 0:2 : does not exist
[  752.390204][ T8169] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  752.399145][  T625] usb 6-1: USB disconnect, device number 27
[  752.409340][ T8169] usb 1-1: USB disconnect, device number 54
[  752.968830][T14464] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4706'.
[  753.070838][T14467] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4703'.
[  753.309730][T14476] block device autoloading is deprecated and will be removed.
[  753.374936][T14481] random: crng reseeded on system resumption
[  753.609903][T14491] netlink: 292 bytes leftover after parsing attributes in process `syz.1.4717'.
[  753.682739][T14491] netlink: 292 bytes leftover after parsing attributes in process `syz.1.4717'.
[  753.808866][T14502] loop2: detected capacity change from 0 to 128
[  753.831179][T14502] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  753.841215][T14502] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  753.897913][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  754.457618][T14521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4729'.
[  754.763257][   T28] kauditd_printk_skb: 191 callbacks suppressed
[  754.784278][   T28] audit: type=1400 audit(1755715828.898:2986): avc:  denied  { map_create } for  pid=14515 comm="syz.6.4729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  754.846971][   T28] audit: type=1400 audit(1755715828.898:2987): avc:  denied  { map_read map_write } for  pid=14515 comm="syz.6.4729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  754.899786][   T28] audit: type=1400 audit(1755715828.953:2988): avc:  denied  { mounton } for  pid=14515 comm="syz.6.4729" path="/220/file0" dev="tmpfs" ino=1186 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  754.946121][   T28] audit: type=1400 audit(1755715829.489:2989): avc:  denied  { module_request } for  pid=14522 comm="syz.2.4728" kmod="tcp-ulp-tls" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  754.970211][   T28] audit: type=1400 audit(1755715829.516:2990): avc:  denied  { read } for  pid=14524 comm="syz.2.4730" dev="nsfs" ino=4026532374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  754.986725][T14530] device syzkaller0 entered promiscuous mode
[  754.992529][   T28] audit: type=1400 audit(1755715829.516:2991): avc:  denied  { open } for  pid=14524 comm="syz.2.4730" path="net:[4026532374]" dev="nsfs" ino=4026532374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  755.021264][   T28] audit: type=1400 audit(1755715829.516:2992): avc:  denied  { create } for  pid=14524 comm="syz.2.4730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  755.094204][   T28] audit: type=1400 audit(1755715829.563:2993): avc:  denied  { read } for  pid=14526 comm="syz.5.4731" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  755.167884][   T28] audit: type=1400 audit(1755715829.563:2994): avc:  denied  { open } for  pid=14526 comm="syz.5.4731" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  755.193272][   T28] audit: type=1400 audit(1755715829.563:2995): avc:  denied  { ioctl } for  pid=14526 comm="syz.5.4731" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  755.225565][T14539] bridge0: port 3(macsec1) entered blocking state
[  755.232495][T14539] bridge0: port 3(macsec1) entered disabled state
[  755.244115][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4737'.
[  755.297931][T14551] loop6: detected capacity change from 0 to 512
[  755.307303][T14551] EXT4-fs (loop6): 1 truncate cleaned up
[  755.313077][T14551] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  755.335286][T11729] EXT4-fs (loop6): unmounting filesystem.
[  757.119603][T14638] loop6: detected capacity change from 0 to 1024
[  757.127009][T14638] EXT4-fs: Ignoring removed orlov option
[  757.134200][T14639] 9pnet: Could not find request transport: rdma
[  757.160463][T14638] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  757.557050][T14646] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.4778: bg 0: block 88: padding at end of block bitmap is not set
[  757.675548][T11729] EXT4-fs (loop6): unmounting filesystem.
[  758.680324][T14678] loop2: detected capacity change from 0 to 256
[  759.037951][T14681] loop6: detected capacity change from 0 to 2048
[  759.054599][T14687] SELinux: failed to load policy
[  759.081270][T14681] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  759.117172][T11729] EXT4-fs (loop6): unmounting filesystem.
[  759.927231][T14714] loop6: detected capacity change from 0 to 128
[  759.962488][T14714] bio_check_eod: 28038 callbacks suppressed
[  759.962509][T14714] syz.6.4803: attempt to access beyond end of device
[  759.962509][T14714] loop6: rw=2049, sector=145, nr_sectors = 89 limit=128
[  760.203608][   T28] kauditd_printk_skb: 305 callbacks suppressed
[  760.203626][   T28] audit: type=1400 audit(1755715834.519:3301): avc:  denied  { wake_alarm } for  pid=14731 comm="syz.0.4812" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  760.259854][   T28] audit: type=1400 audit(1755715834.574:3302): avc:  denied  { create } for  pid=14731 comm="syz.0.4812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  760.283044][   T28] audit: type=1400 audit(1755715834.574:3303): avc:  denied  { setopt } for  pid=14731 comm="syz.0.4812" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  760.386158][T14750] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4820'.
[  760.408068][  T625] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  760.415868][   T28] audit: type=1400 audit(1755715834.713:3304): avc:  denied  { append } for  pid=14751 comm="syz.1.4821" name="001" dev="devtmpfs" ino=182 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  760.475038][   T28] audit: type=1400 audit(1755715834.768:3305): avc:  denied  { bind } for  pid=14751 comm="syz.1.4821" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  760.508075][T14754] xt_hashlimit: max too large, truncated to 1048576
[  760.551409][   T28] audit: type=1400 audit(1755715834.796:3306): avc:  denied  { create } for  pid=14740 comm="syz.0.4816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  760.841417][  T625] usb 7-1: Using ep0 maxpacket: 16
[  760.849977][  T625] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  760.860189][  T625] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  760.870731][  T625] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  760.880432][  T625] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  761.104871][  T625] usb 7-1: Product: syz
[  761.109250][  T625] usb 7-1: Manufacturer: syz
[  761.114009][  T625] usb 7-1: SerialNumber: syz
[  761.302226][   T28] audit: type=1400 audit(1755715835.534:3307): avc:  denied  { execute } for  pid=14763 comm="syz.0.4825" name="file1" dev="tmpfs" ino=2235 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  761.324877][   T28] audit: type=1400 audit(1755715835.534:3308): avc:  denied  { execute_no_trans } for  pid=14763 comm="syz.0.4825" path="/418/file1" dev="tmpfs" ino=2235 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  761.350885][  T625] usb 7-1: 0:2 : does not exist
[  761.358339][  T625] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  761.371004][  T625] usb 7-1: USB disconnect, device number 8
[  761.492108][T14771] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  761.501846][   T28] audit: type=1400 audit(1755715835.710:3309): avc:  denied  { relabelto } for  pid=14770 comm="syz.0.4828" name="file0" dev="tmpfs" ino=2251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  761.529484][   T28] audit: type=1400 audit(1755715835.710:3310): avc:  denied  { associate } for  pid=14770 comm="syz.0.4828" name="file0" dev="tmpfs" ino=2251 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  762.025495][T14786] loop2: detected capacity change from 0 to 512
[  762.295217][T14786] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  762.304422][T14786] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  762.330912][  T625] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  762.417406][T14786] EXT4-fs (loop2): 1 truncate cleaned up
[  762.427621][T14786] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  765.614846][T14808] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4837'.
[  765.761152][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  765.849484][   T28] kauditd_printk_skb: 44 callbacks suppressed
[  765.849501][   T28] audit: type=1400 audit(1755715839.734:3355): avc:  denied  { getopt } for  pid=14820 comm="syz.0.4846" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  766.238973][   T28] audit: type=1326 audit(1755715840.094:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  766.967091][   T28] audit: type=1326 audit(1755715840.325:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.007405][   T28] audit: type=1326 audit(1755715840.325:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.032665][   T28] audit: type=1326 audit(1755715840.325:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.056357][   T28] audit: type=1326 audit(1755715840.334:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.080667][   T28] audit: type=1326 audit(1755715840.334:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.111323][   T28] audit: type=1326 audit(1755715840.334:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.135129][   T28] audit: type=1326 audit(1755715840.334:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.159274][   T28] audit: type=1326 audit(1755715840.343:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14824 comm="syz.2.4840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  767.320420][  T339] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  767.328231][ T8169] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  767.547762][ T8169] usb 3-1: Using ep0 maxpacket: 16
[  767.554305][  T339] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  767.565537][ T8169] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  767.575793][  T339] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  767.585665][ T8169] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  767.594714][  T339] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  767.603910][  T339] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.613124][  T339] usb 1-1: config 0 descriptor??
[  767.618257][ T8169] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  767.627528][ T8169] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.635820][ T8169] usb 3-1: Product: syz
[  767.640769][ T8169] usb 3-1: Manufacturer: syz
[  767.645451][ T8169] usb 3-1: SerialNumber: syz
[  767.874082][ T8169] usb 3-1: 0:2 : does not exist
[  767.881185][ T8169] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  767.892152][ T8169] usb 3-1: USB disconnect, device number 50
[  768.152118][T14869] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4863'.
[  768.294460][T14873] loop5: detected capacity change from 0 to 512
[  768.301427][T14873] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  768.313675][T14873] EXT4-fs (loop5): 1 truncate cleaned up
[  768.319451][T14873] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  768.338909][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  768.353062][T14877] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4867'.
[  769.104407][  T339] uclogic 0003:256C:006D.003B: v1 frame probing failed: -71
[  769.130797][  T339] uclogic 0003:256C:006D.003B: failed probing parameters: -71
[  769.167732][  T339] uclogic: probe of 0003:256C:006D.003B failed with error -71
[  769.197909][  T339] usb 1-1: USB disconnect, device number 55
[  769.547241][T14912] loop2: detected capacity change from 0 to 512
[  769.554360][T14912] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  769.582691][T14912] EXT4-fs (loop2): 1 truncate cleaned up
[  769.588614][T14912] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  769.653818][T14915] netlink: 'syz.1.4875': attribute type 16 has an invalid length.
[  769.661918][T14915] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.4875'.
[  771.043371][  T339] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  771.105382][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  771.111741][T14922] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4883'.
[  771.121268][T14926] device sit0 entered promiscuous mode
[  771.222137][T14949] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4895'.
[  771.231393][T14949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4895'.
[  771.296395][  T339] usb 6-1: Using ep0 maxpacket: 16
[  771.302881][  T339] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  771.313677][  T339] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  771.324348][  T339] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  771.335394][  T339] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.352810][  T339] usb 6-1: Product: syz
[  771.357056][  T339] usb 6-1: Manufacturer: syz
[  771.361710][  T339] usb 6-1: SerialNumber: syz
[  771.462489][T14956] netlink: 'syz.0.4897': attribute type 16 has an invalid length.
[  771.470915][T14956] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.4897'.
[  771.590910][  T339] usb 6-1: 0:2 : does not exist
[  771.610687][  T339] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  771.743725][  T339] usb 6-1: USB disconnect, device number 28
[  772.283052][   T28] kauditd_printk_skb: 58 callbacks suppressed
[  772.283095][   T28] audit: type=1400 audit(1755715845.660:3423): avc:  denied  { getopt } for  pid=14960 comm="syz.1.4899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  772.380712][T14970] loop2: detected capacity change from 0 to 512
[  772.388825][T14970] EXT4-fs: Ignoring removed oldalloc option
[  772.398753][T14970] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  772.436599][T14970] EXT4-fs (loop2): orphan cleanup on readonly fs
[  772.459097][T14970] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  772.477532][T14970] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  772.487781][T14970] EXT4-fs error (device loop2): ext4_acquire_dquot:6801: comm syz.2.4900: Failed to acquire dquot type 1
[  772.501115][T14970] EXT4-fs (loop2): 1 truncate cleaned up
[  772.544385][T14970] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  772.551253][T14976] loop6: detected capacity change from 0 to 128
[  772.577177][T14976] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  772.593391][T14976] ext4 filesystem being mounted at /257/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  772.629506][   T28] audit: type=1400 audit(1755715845.992:3424): avc:  denied  { create } for  pid=14980 comm="syz.1.4907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  772.661554][   T28] audit: type=1400 audit(1755715846.010:3425): avc:  denied  { setopt } for  pid=14980 comm="syz.1.4907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  772.685634][T11729] EXT4-fs (loop6): unmounting filesystem.
[  773.197552][T14991] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4908'.
[  773.443283][T14996] bridge0: port 3(macsec1) entered blocking state
[  773.457348][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  773.489903][T14996] bridge0: port 3(macsec1) entered disabled state
[  773.649266][T15007] serio: Serial port ptm0
[  773.950468][T15028] loop6: detected capacity change from 0 to 256
[  774.551935][T15030] netlink: 'syz.2.4923': attribute type 16 has an invalid length.
[  774.718761][T15030] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.4923'.
[  775.052287][   T28] audit: type=1400 audit(1755715848.226:3426): avc:  denied  { setcurrent } for  pid=15044 comm="syz.5.4930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  775.083487][T15047] loop5: detected capacity change from 0 to 128
[  775.097200][   T28] audit: type=1400 audit(1755715848.244:3427): avc:  denied  { connect } for  pid=15040 comm="syz.0.4928" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  775.102817][T15047] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  775.126886][T15047] System zones: 1-3, 19-19, 35-36
[  775.133098][T15047] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  775.143204][T15047] ext4 filesystem being mounted at /567/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  775.189023][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  775.328394][T15060] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  775.340364][T15060] tipc: Disabling bearer <eth:syzkaller0>
[  775.716869][   T28] audit: type=1400 audit(1755715848.844:3428): avc:  denied  { create } for  pid=15066 comm="syz.5.4939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  775.759607][T15073] loop5: detected capacity change from 0 to 1024
[  775.773030][T15073] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  775.783743][   T28] audit: type=1400 audit(1755715848.899:3429): avc:  denied  { read write } for  pid=15071 comm="syz.5.4942" name="file2" dev="loop5" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  775.807969][   T28] audit: type=1400 audit(1755715848.927:3430): avc:  denied  { open } for  pid=15071 comm="syz.5.4942" path="/573/file1/file2" dev="loop5" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  775.841717][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  775.876659][T15081] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15081 comm=syz.5.4944
[  776.692639][T15103] netlink: 'syz.5.4950': attribute type 16 has an invalid length.
[  776.705999][T15103] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.4950'.
[  776.720012][T15106] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=149 sclass=netlink_route_socket pid=15106 comm=syz.0.4954
[  777.121342][T15120] random: crng reseeded on system resumption
[  777.252419][T15122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4956'.
[  777.332063][T15125] ÿÿÿÿÿÿ: renamed from vlan1
[  777.489683][T15132] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4963'.
[  777.510600][T15132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=15132 comm=syz.0.4963
[  777.755552][T15156] loop6: detected capacity change from 0 to 256
[  777.762171][T15156] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  778.033780][T15172] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4981'.
[  778.057317][T15174] netlink: 24 bytes leftover after parsing attributes in process `+}[@'.
[  778.112825][T15181] syz.0.4986[15181] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  778.112909][T15181] syz.0.4986[15181] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  778.125604][T15181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4986'.
[  778.146869][   T28] kauditd_printk_skb: 48 callbacks suppressed
[  778.146883][   T28] audit: type=1326 audit(1755715851.087:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15177 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  778.188724][   T28] audit: type=1326 audit(1755715851.115:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15177 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  778.213913][   T28] audit: type=1326 audit(1755715851.115:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15177 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5a98ebe9 code=0x7ffc0000
[  778.240006][   T28] audit: type=1400 audit(1755715851.142:3482): avc:  denied  { read } for  pid=15183 comm="syz.5.4988" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  778.328045][T15192] 9pnet_fd: Insufficient options for proto=fd
[  778.354509][   T28] audit: type=1400 audit(1755715851.142:3483): avc:  denied  { open } for  pid=15183 comm="syz.5.4988" path="/dev/rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  778.388594][   T28] audit: type=1400 audit(1755715851.142:3484): avc:  denied  { ioctl } for  pid=15183 comm="syz.5.4988" path="/dev/rtc0" dev="devtmpfs" ino=263 ioctlcmd=0x7007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  778.436561][T15190] netlink: 'syz.2.4982': attribute type 16 has an invalid length.
[  778.444536][T15190] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.4982'.
[  778.726419][T15194] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4989'.
[  778.890753][   T28] audit: type=1326 audit(1755715851.761:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15210 comm="syz.1.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  778.957975][   T28] audit: type=1326 audit(1755715851.761:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15210 comm="syz.1.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  779.078783][   T28] audit: type=1326 audit(1755715851.761:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15210 comm="syz.1.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  779.152355][   T28] audit: type=1326 audit(1755715851.761:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15210 comm="syz.1.4998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  780.115150][T15234] syz.5.5008[15234] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  780.115234][T15234] syz.5.5008[15234] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  780.140130][T15234] loop5: detected capacity change from 0 to 512
[  780.159382][T15234] EXT4-fs: Ignoring removed mblk_io_submit option
[  780.168583][T15234] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  780.184030][T15234] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  780.205505][T15234] System zones: 1-12
[  780.217109][T15234] EXT4-fs (loop5): 1 truncate cleaned up
[  780.222873][T15234] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  780.244926][T15242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5011'.
[  780.782914][T15258] bridge0: port 3(macsec1) entered blocking state
[  780.821546][T15258] bridge0: port 3(macsec1) entered disabled state
[  780.975394][T15272] netlink: 'syz.1.5022': attribute type 13 has an invalid length.
[  781.518203][T15294] bridge0: port 3(macsec1) entered blocking state
[  781.538722][T15294] bridge0: port 3(macsec1) entered disabled state
[  781.668789][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  781.897561][T15305] loop5: detected capacity change from 0 to 512
[  781.904754][T15305] EXT4-fs: Ignoring removed mblk_io_submit option
[  781.911299][T15305] EXT4-fs: Ignoring removed bh option
[  781.917388][T15305] EXT4-fs (loop5): Test dummy encryption mode enabled
[  781.924496][T15305] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  781.939797][T15305] EXT4-fs (loop5): 1 truncate cleaned up
[  781.945548][T15305] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  783.238859][ T6634] EXT4-fs (loop5): unmounting filesystem.
[  783.335250][T15333] loop5: detected capacity change from 0 to 128
[  783.381564][T15333] syz.5.5046: attempt to access beyond end of device
[  783.381564][T15333] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  784.385198][   T28] kauditd_printk_skb: 108 callbacks suppressed
[  784.385227][   T28] audit: type=1326 audit(1755715856.846:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15370 comm="syz.2.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  784.803601][   T28] audit: type=1326 audit(1755715857.225:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15370 comm="syz.2.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  784.820929][T15378] loop5: detected capacity change from 0 to 128
[  784.846494][T15378] syz.5.5062: attempt to access beyond end of device
[  784.846494][T15378] loop5: rw=2049, sector=138, nr_sectors = 112 limit=128
[  784.874791][T15378] syz.5.5062: attempt to access beyond end of device
[  784.874791][T15378] loop5: rw=2049, sector=144, nr_sectors = 2 limit=128
[  784.892236][   T28] audit: type=1326 audit(1755715857.225:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15370 comm="syz.2.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  784.929670][T15378] Buffer I/O error on dev loop5, logical block 72, lost async page write
[  784.951636][T15383] syz.5.5062: attempt to access beyond end of device
[  784.951636][T15383] loop5: rw=2049, sector=138, nr_sectors = 2 limit=128
[  784.967271][   T28] audit: type=1326 audit(1755715857.225:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15370 comm="syz.2.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  785.088375][T15383] Buffer I/O error on dev loop5, logical block 69, lost async page write
[  785.102406][T15383] syz.5.5062: attempt to access beyond end of device
[  785.102406][T15383] loop5: rw=2049, sector=140, nr_sectors = 2 limit=128
[  785.142921][T15383] Buffer I/O error on dev loop5, logical block 70, lost async page write
[  785.150355][   T28] audit: type=1326 audit(1755715857.225:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15370 comm="syz.2.5060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  786.137978][   T28] audit: type=1326 audit(1755715857.289:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15379 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  786.190879][   T28] audit: type=1326 audit(1755715857.289:3603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15379 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  786.214639][   T28] audit: type=1326 audit(1755715857.289:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15379 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  786.238746][   T28] audit: type=1326 audit(1755715857.289:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15379 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  786.302245][   T28] audit: type=1326 audit(1755715857.289:3606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15379 comm="syz.2.5063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  787.273054][T15407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5071'.
[  787.295761][T15411] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5074'.
[  787.450710][T15420] SELinux:  Context system_u:object is not valid (left unmapped).
[  787.758253][T15429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5082'.
[  789.964860][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  789.964877][   T28] audit: type=1400 audit(1755715861.997:3615): avc:  denied  { write } for  pid=15468 comm="syz.0.5096" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  789.993917][T15471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5093'.
[  790.646366][    T6] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  790.841336][    T6] usb 3-1: Using ep0 maxpacket: 16
[  790.856810][    T6] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  790.899613][    T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  790.972543][    T6] usb 3-1: config 0 has no interface number 0
[  791.002664][    T6] usb 3-1: too many endpoints for config 0 interface 105 altsetting 48: 120, using maximum allowed: 30
[  791.252959][    T6] usb 3-1: config 0 interface 105 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 120
[  791.269345][    T6] usb 3-1: config 0 interface 105 has no altsetting 0
[  791.448865][    T6] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  791.464582][   T28] audit: type=1400 audit(1755715863.372:3616): avc:  denied  { mounton } for  pid=15493 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  791.479716][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.530850][    T6] usb 3-1: Product: syz
[  791.539808][    T6] usb 3-1: Manufacturer: syz
[  791.548929][   T43] tipc: Left network mode
[  791.550335][    T6] usb 3-1: SerialNumber: syz
[  791.564082][T15493] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.572892][    T6] usb 3-1: config 0 descriptor??
[  791.578137][T15493] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.586335][T15493] device bridge_slave_0 entered promiscuous mode
[  791.595336][T15493] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.603132][T15493] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.611465][T15493] device bridge_slave_1 entered promiscuous mode
[  791.654097][   T28] audit: type=1326 audit(1755715863.538:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.710153][   T28] audit: type=1326 audit(1755715863.557:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.736559][   T28] audit: type=1326 audit(1755715863.575:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.761444][   T28] audit: type=1326 audit(1755715863.575:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.791910][   T28] audit: type=1326 audit(1755715863.575:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.823481][    T6] usb 3-1: USB disconnect, device number 51
[  791.854985][   T28] audit: type=1326 audit(1755715863.575:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.883242][   T28] audit: type=1326 audit(1755715863.575:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.909810][   T28] audit: type=1326 audit(1755715863.575:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15499 comm="syz.1.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bd6b8ebe9 code=0x7ffc0000
[  791.941200][T15493] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.948313][T15493] bridge0: port 2(bridge_slave_1) entered forwarding state
[  791.955677][T15493] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.962884][T15493] bridge0: port 1(bridge_slave_0) entered forwarding state
[  791.991822][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  792.003082][  T344] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.011012][  T344] bridge0: port 2(bridge_slave_1) entered disabled state
[  792.027890][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  792.036736][  T344] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.044251][  T344] bridge0: port 1(bridge_slave_0) entered forwarding state
[  792.052082][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  792.061903][  T344] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.069452][  T344] bridge0: port 2(bridge_slave_1) entered forwarding state
[  792.088288][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  792.096638][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  792.116644][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  792.133454][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  792.143403][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  792.151160][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  792.159249][T15493] device veth0_vlan entered promiscuous mode
[  792.175798][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  792.188735][T15493] device veth1_macvtap entered promiscuous mode
[  792.203349][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  792.219178][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  792.494267][T15521] netlink: 'syz.1.5110': attribute type 13 has an invalid length.
[  792.503214][T15521] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  792.518507][T15521] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  792.528283][T15521] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  792.542521][  T339] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  792.544268][T15521] device veth0_vlan left promiscuous mode
[  792.556524][T15521] device veth0_vlan entered promiscuous mode
[  792.563611][T15521] device veth1_macvtap left promiscuous mode
[  792.570636][T15521] device veth1_macvtap entered promiscuous mode
[  792.579669][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  792.587946][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  792.595718][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  792.604686][  T344] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.611834][  T344] bridge0: port 1(bridge_slave_0) entered forwarding state
[  792.619458][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  792.629699][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  792.638463][  T344] bridge0: port 2(bridge_slave_1) entered blocking state
[  792.645883][  T344] bridge0: port 2(bridge_slave_1) entered forwarding state
[  792.653771][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  792.662382][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  792.670899][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  792.679416][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): 
4
@0Ù: link becomes ready
[  792.687935][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  792.696356][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  792.705421][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  792.713992][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  792.722675][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  792.731172][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  792.739574][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  792.748411][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  792.756441][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  792.764626][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  792.772946][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  792.781447][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  792.790116][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  792.798961][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  792.805658][T15528] block device autoloading is deprecated and will be removed.
[  792.807249][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  792.815534][  T339] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  792.822433][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  792.836436][  T339] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  792.841442][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): ÿÿÿÿÿÿ: link becomes ready
[  792.851112][  T339] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  792.868250][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  792.868255][  T339] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.869004][  T339] usb 6-1: config 0 descriptor??
[  792.878452][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  792.899072][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  792.907475][  T344] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  793.097852][T15532] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5114'.
[  793.113320][T15532] xt_hashlimit: max too large, truncated to 1048576
[  793.491886][T15536] bridge0: port 1(macsec1) entered blocking state
[  793.498524][T15536] bridge0: port 1(macsec1) entered disabled state
[  793.558160][T15540] syz.1.5117[15540] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  793.558244][T15540] syz.1.5117[15540] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  793.605209][T15546] loop1: detected capacity change from 0 to 128
[  793.625552][T15546] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  793.634780][T15546] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  793.661295][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  793.841337][T15559] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5124'.
[  793.944632][T15567] loop6: detected capacity change from 0 to 1024
[  793.959876][T15567] EXT4-fs: Ignoring removed nobh option
[  793.969673][T15567] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  793.986846][T15567] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  794.010385][T15567] JBD2: no valid journal superblock found
[  794.016279][T15567] EXT4-fs (loop6): error loading journal
[  794.381702][  T339] uclogic 0003:256C:006D.003C: v1 frame probing failed: -71
[  794.407871][  T339] uclogic 0003:256C:006D.003C: failed probing parameters: -71
[  794.509567][  T339] uclogic: probe of 0003:256C:006D.003C failed with error -71
[  794.525109][  T339] usb 6-1: USB disconnect, device number 29
[  794.651319][T15576] device bridge0 entered promiscuous mode
[  794.657602][T15576] bridge0: port 3(macsec1) entered blocking state
[  794.664150][T15576] bridge0: port 3(macsec1) entered disabled state
[  794.671529][T15576] device bridge0 left promiscuous mode
[  794.919001][T15590] loop1: detected capacity change from 0 to 256
[  795.132346][T15593] netlink: 'syz.0.5136': attribute type 13 has an invalid length.
[  795.168373][T15593] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  795.209124][T15593] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  795.222123][T15593] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  795.242407][T15593] device veth0_vlan left promiscuous mode
[  795.249000][T15593] device veth0_vlan entered promiscuous mode
[  795.256656][T15593] device veth1_macvtap left promiscuous mode
[  795.263891][T15593] device veth1_macvtap entered promiscuous mode
[  795.270740][T15593] IPv6: ADDRCONF(NETDEV_CHANGE): syztnl0: link becomes ready
[  795.280922][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  795.288594][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  795.296240][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  795.305154][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  795.312357][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  795.321239][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  795.373502][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  795.382407][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  795.389505][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  795.397324][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  795.406720][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  795.415229][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  795.423696][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  795.432387][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  795.441049][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  795.442967][   T28] kauditd_printk_skb: 75 callbacks suppressed
[  795.442984][   T28] audit: type=1400 audit(1755715867.046:3700): avc:  denied  { create } for  pid=15609 comm="syz.6.5143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  795.449493][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  795.483506][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  795.491811][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  795.500231][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  795.508653][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  795.517254][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  795.520736][   T28] audit: type=1400 audit(1755715867.119:3701): avc:  denied  { ioctl } for  pid=15609 comm="syz.6.5143" path="socket:[79931]" dev="sockfs" ino=79931 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  795.539215][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  795.559118][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  795.567436][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  795.578771][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  795.587164][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  795.595377][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  795.604375][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  795.612738][   T28] audit: type=1400 audit(1755715867.202:3702): avc:  denied  { bind } for  pid=15609 comm="syz.6.5143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  795.613149][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  795.640816][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  795.648947][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  795.656670][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  795.664635][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  795.673052][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  795.681466][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  795.689779][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth3: link becomes ready
[  795.697723][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth2: link becomes ready
[  795.705468][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  795.715645][T15603] device bridge0 entered promiscuous mode
[  795.722476][T15603] bridge0: port 3(macsec1) entered blocking state
[  795.729301][T15603] bridge0: port 3(macsec1) entered disabled state
[  795.737021][T15603] device bridge0 left promiscuous mode
[  795.748298][T15615] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5143'.
[  795.782781][   T28] audit: type=1326 audit(1755715867.359:3703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15602 comm="syz.5.5141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a078ebe9 code=0x7ffc0000
[  795.845614][   T28] audit: type=1326 audit(1755715867.359:3704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15602 comm="syz.5.5141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a078ebe9 code=0x7ffc0000
[  795.936151][   T28] audit: type=1326 audit(1755715867.489:3705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15625 comm="syz.5.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a078ebe9 code=0x7ffc0000
[  795.965233][   T28] audit: type=1326 audit(1755715867.489:3706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15625 comm="syz.5.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f15a078ebe9 code=0x7ffc0000
[  795.989235][   T28] audit: type=1326 audit(1755715867.489:3707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15625 comm="syz.5.5148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15a078ebe9 code=0x7ffc0000
[  796.266466][   T28] audit: type=1326 audit(1755715867.609:3708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  796.275518][T15628] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15628 comm=syz.5.5149
[  796.291068][   T28] audit: type=1326 audit(1755715867.609:3709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.2.5146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  796.464310][  T339] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  796.660739][  T339] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  796.671826][  T339] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  796.681659][  T339] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  796.690766][  T339] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.699438][  T339] usb 7-1: config 0 descriptor??
[  796.793037][T15643] loop2: detected capacity change from 0 to 512
[  796.813834][T15643] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  796.823328][T15643] ext4 filesystem being mounted at /366/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  796.835098][T15643] EXT4-fs (loop2): unmounting filesystem.
[  797.904206][T15673] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5166'.
[  798.190665][  T339] uclogic 0003:256C:006D.003D: v1 frame probing failed: -71
[  798.198107][  T339] uclogic 0003:256C:006D.003D: failed probing parameters: -71
[  798.206110][  T339] uclogic: probe of 0003:256C:006D.003D failed with error -71
[  798.206412][T15687] loop2: detected capacity change from 0 to 1024
[  798.214741][  T339] usb 7-1: USB disconnect, device number 9
[  798.222092][T15687] EXT4-fs: Ignoring removed bh option
[  798.227634][T15689] netlink: 'syz.1.5172': attribute type 16 has an invalid length.
[  798.233476][T15687] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  798.239830][T15689] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.5172'.
[  798.259449][T15687] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 2: comm syz.2.5173: lblock 2 mapped to illegal pblock 2 (length 1)
[  798.274895][T15687] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 48: comm syz.2.5173: lblock 0 mapped to illegal pblock 48 (length 1)
[  798.289699][T15687] EXT4-fs error (device loop2): ext4_acquire_dquot:6801: comm syz.2.5173: Failed to acquire dquot type 0
[  798.301447][T15687] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5917: Corrupt filesystem
[  798.313541][T15687] EXT4-fs error (device loop2): ext4_evict_inode:279: inode #11: comm syz.2.5173: mark_inode_dirty error
[  798.326770][T15687] EXT4-fs warning (device loop2): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  798.338133][T15687] EXT4-fs (loop2): 1 orphan inode deleted
[  798.344226][T15687] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  798.354537][   T43] EXT4-fs error (device loop2): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  798.372802][   T43] EXT4-fs error (device loop2): ext4_release_dquot:6837: comm kworker/u4:2: Failed to release dquot type 0
[  798.390286][T15687] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[  798.405161][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  798.956244][  T339] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  799.162013][  T339] usb 3-1: Using ep0 maxpacket: 16
[  799.168877][  T339] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  799.177414][  T339] usb 3-1: config 0 has an invalid descriptor of length 120, skipping remainder of the config
[  799.187977][  T339] usb 3-1: config 0 has no interface number 0
[  799.206499][  T339] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  799.216048][  T339] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  799.224179][  T339] usb 3-1: Product: syz
[  799.228491][  T339] usb 3-1: Manufacturer: syz
[  799.233149][  T339] usb 3-1: SerialNumber: syz
[  799.239059][  T339] usb 3-1: config 0 descriptor??
[  799.463040][  T339] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  799.469820][  T339] usb 3-1: No valid video chain found.
[  799.475978][  T339] usb 3-1: USB disconnect, device number 52
[  799.495153][T15718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5185'.
[  799.509310][T15718] device sit0 left promiscuous mode
[  799.517787][T15718] bridge0: port 2(bridge_slave_1) entered disabled state
[  799.525167][T15718] bridge0: port 1(bridge_slave_0) entered disabled state
[  799.797979][T15734] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  800.089826][T15740] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5194'.
[  800.116561][T15740] device sit1 entered promiscuous mode
[  800.150824][T15748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5198'.
[  800.171540][T15748] device sit1 left promiscuous mode
[  800.317874][T15753] netlink: 'syz.5.5199': attribute type 16 has an invalid length.
[  800.325903][T15753] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.5199'.
[  801.036375][T11834] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  801.231363][T11834] usb 7-1: Using ep0 maxpacket: 16
[  801.237817][T11834] usb 7-1: config 0 has an invalid interface number: 105 but max is 0
[  801.247120][T11834] usb 7-1: config 0 has an invalid descriptor of length 120, skipping remainder of the config
[  801.258194][T11834] usb 7-1: config 0 has no interface number 0
[  801.273764][T11834] usb 7-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  801.291127][T11834] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  801.308519][T11834] usb 7-1: Product: syz
[  801.317426][T11834] usb 7-1: Manufacturer: syz
[  801.326857][T11834] usb 7-1: SerialNumber: syz
[  801.335969][T15780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5210'.
[  801.340027][T11834] usb 7-1: config 0 descriptor??
[  801.374635][T15784] 9pnet: p9_errstr2errno: server reported unknown error 
[  801.444661][   T28] kauditd_printk_skb: 72 callbacks suppressed
[  801.444677][   T28] audit: type=1326 audit(1755715872.584:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.474775][   T28] audit: type=1326 audit(1755715872.584:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.499878][   T28] audit: type=1326 audit(1755715872.584:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.524380][   T28] audit: type=1326 audit(1755715872.584:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.548141][   T28] audit: type=1326 audit(1755715872.584:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.571953][   T28] audit: type=1326 audit(1755715872.584:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15792 comm="syz.2.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bd958ebe9 code=0x7ffc0000
[  801.600506][T11834] usb 7-1: Found UVC 0.00 device syz (046d:08f3)
[  801.607324][T11834] usb 7-1: No valid video chain found.
[  801.614574][T11834] usb 7-1: USB disconnect, device number 10
[  801.702933][   T28] audit: type=1400 audit(1755715872.824:3785): avc:  denied  { read append } for  pid=15803 comm="syz.5.5221" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  801.729646][   T28] audit: type=1400 audit(1755715872.824:3786): avc:  denied  { open } for  pid=15803 comm="syz.5.5221" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  802.205672][   T28] audit: type=1326 audit(1755715873.285:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15812 comm="syz.6.5224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  802.231573][   T28] audit: type=1326 audit(1755715873.294:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15812 comm="syz.6.5224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f34bcb8ebe9 code=0x7ffc0000
[  802.298119][T15824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5229'.
[  803.184556][T15844] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5234'.
[  803.439079][T15845] xt_hashlimit: max too large, truncated to 1048576
[  803.913936][T15846] loop6: detected capacity change from 0 to 512
[  803.921517][T15844] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  803.967228][T15846] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  804.032648][T15846] EXT4-fs (loop6): 1 truncate cleaned up
[  804.038413][T15846] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  804.084027][T15857] loop2: detected capacity change from 0 to 512
[  804.123452][T15857] EXT4-fs (loop2): orphan cleanup on readonly fs
[  804.146775][T15857] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  804.184055][T15857] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  804.232770][T15857] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.5239: attempt to clear invalid blocks 2 len 1
[  804.344871][T15857] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.5239: invalid indirect mapped block 1819239214 (level 0)
[  804.453155][T15857] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.5239: invalid indirect mapped block 1819239214 (level 1)
[  804.479399][T15857] EXT4-fs (loop2): 1 truncate cleaned up
[  804.490294][T15857] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  804.925933][T15857] EXT4-fs error (device loop2): ext4_lookup:1855: inode #2: comm syz.2.5239: 'file1' linked to parent dir
[  804.938342][T11729] EXT4-fs (loop6): unmounting filesystem.
[  804.945783][ T9928] EXT4-fs (loop2): unmounting filesystem.
[  805.001697][  T625] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  805.148280][T15892] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5247'.
[  805.160112][T15892] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  805.174610][T15892] xt_hashlimit: max too large, truncated to 1048576
[  805.489239][  T625] usb 2-1: Using ep0 maxpacket: 16
[  805.500493][  T625] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  805.515934][T15903] loop5: detected capacity change from 0 to 1024
[  805.522701][  T625] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  805.533295][T15903] EXT4-fs: Ignoring removed nomblk_io_submit option
[  805.540058][  T625] usb 2-1: config 0 has no interface number 0
[  805.546904][T15903] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  805.560100][  T625] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  805.571800][  T625] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.576073][T15903] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  805.579919][  T625] usb 2-1: Product: syz
[  805.592281][  T625] usb 2-1: Manufacturer: syz
[  805.597067][  T625] usb 2-1: SerialNumber: syz
[  805.602413][  T625] usb 2-1: config 0 descriptor??
[  805.612195][  T625] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  805.612762][T15903] System zones: 
[  805.619911][  T625] usb 2-1: No valid video chain found.
[  805.631238][T15903] 0-1, 3-36
[  805.635929][T15903] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  805.659743][T15493] EXT4-fs (loop5): unmounting filesystem.
[  805.718911][  T625] usb 2-1: USB disconnect, device number 42
[  807.265207][   T28] kauditd_printk_skb: 211 callbacks suppressed
[  807.265227][   T28] audit: type=1400 audit(1755715877.346:4000): avc:  denied  { bind } for  pid=15922 comm="syz.2.5264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  807.320360][   T28] audit: type=1400 audit(1755715877.355:4001): avc:  denied  { setopt } for  pid=15925 comm="syz.1.5265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  807.320394][   T28] audit: type=1400 audit(1755715877.355:4002): avc:  denied  { write } for  pid=15925 comm="syz.1.5265" path="socket:[81156]" dev="sockfs" ino=81156 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  807.456587][   T28] audit: type=1400 audit(1755715878.131:4003): avc:  denied  { create } for  pid=15931 comm="syz.2.5267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  807.457165][T15932] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5267'.
[  807.630116][T15937] loop2: detected capacity change from 0 to 512
[  807.630513][   T28] audit: type=1400 audit(1755715878.297:4004): avc:  denied  { mounton } for  pid=15936 comm="syz.2.5269" path="/397/file1" dev="tmpfs" ino=2113 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  807.633941][   T28] audit: type=1400 audit(1755715878.297:4005): avc:  denied  { mount } for  pid=15936 comm="syz.2.5269" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  807.666632][   T28] audit: type=1400 audit(1755715878.325:4006): avc:  denied  { unmount } for  pid=9928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  807.681790][T15933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5266'.
[  807.747517][   T28] audit: type=1400 audit(1755715878.389:4007): avc:  denied  { create } for  pid=15939 comm="syz.2.5270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  807.829397][   T28] audit: type=1400 audit(1755715878.454:4008): avc:  denied  { read write } for  pid=15939 comm="syz.2.5270" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  807.882264][T15944] loop5: detected capacity change from 0 to 1024
[  807.896168][   T28] audit: type=1400 audit(1755715878.454:4009): avc:  denied  { open } for  pid=15939 comm="syz.2.5270" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  807.911498][T15944] EXT4-fs: Ignoring removed nobh option
[  807.940579][T15946] loop1: detected capacity change from 0 to 512
[  807.977488][T15944] EXT4-fs: Ignoring removed bh option
[  807.992055][T15946] EXT4-fs: Ignoring removed mblk_io_submit option
[  808.003714][T15946] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  808.025710][T15944] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  808.041985][T15946] EXT4-fs (loop1): 1 truncate cleaned up
[  808.050604][T15946] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  808.100309][ T8169] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  808.126333][ T9841] EXT4-fs (loop1): unmounting filesystem.
[  808.243522][T15493] EXT4-fs (loop5): unmounting filesystem.
[  808.306136][ T8169] usb 3-1: Using ep0 maxpacket: 16
[  808.312782][ T8169] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  808.323722][ T8169] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  808.497122][T15968] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5275'.
[  808.506955][T15968] IPv6: ADDRCONF(NETDEV_CHANGE): wg2: link becomes ready
[  808.525047][T15968] xt_hashlimit: max too large, truncated to 1048576
[  808.679174][ T8169] usb 3-1: config 0 has no interface number 0
[  808.748025][ T8169] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  808.766290][T15970] random: crng reseeded on system resumption
[  808.776987][ T8169] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.789163][T15967] loop5: detected capacity change from 0 to 512
[  808.796463][T15967] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  808.804514][ T8169] usb 3-1: Product: syz
[  808.815143][ T8169] usb 3-1: Manufacturer: syz
[  808.821410][T15967] EXT4-fs (loop5): 1 truncate cleaned up
[  808.824411][ T8169] usb 3-1: SerialNumber: syz
[  808.827739][T15967] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  808.849514][T15493] EXT4-fs (loop5): unmounting filesystem.
[  808.855844][T15970] Restarting kernel threads ... done.
[  808.873311][ T8169] usb 3-1: config 0 descriptor??
[  808.889680][ T8169] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  808.906160][ T8169] usb 3-1: No valid video chain found.
[  808.931429][T15977] loop6: detected capacity change from 0 to 8192
[  809.046528][T15973] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5283'.
[  809.109549][ T8169] usb 3-1: USB disconnect, device number 53
[  810.535897][T16011] tipc: Started in network mode
[  810.548653][T16011] tipc: Node identity ac14140f, cluster identity 4711
[  810.556271][T16011] tipc: New replicast peer: 255.255.255.255
[  810.569288][T16015] random: crng reseeded on system resumption
[  810.589948][T16011] tipc: Enabled bearer <udp:s>, priority 10
[  810.977711][T16021] loop6: detected capacity change from 0 to 128
[  811.007066][T16025] netlink: 'syz.2.5302': attribute type 7 has an invalid length.
[  811.014990][T16025] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5302'.
[  811.128399][T16032] 9pnet: Could not find request transport: rdma
[  811.202540][T16013] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5298'.
[  811.361406][T16030] ------------[ cut here ]------------
[  811.366963][T16030] WARNING: CPU: 1 PID: 16030 at mm/page_alloc.c:5831 __alloc_pages+0x272/0x450
[  811.376789][T16030] Modules linked in:
[  811.381012][T16030] CPU: 1 PID: 16030 Comm: syz.6.5304 Not tainted 6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[  811.391746][T16030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  811.402280][T16030] RIP: 0010:__alloc_pages+0x272/0x450
[  811.407833][T16030] Code: 0c 25 28 00 00 00 48 3b 8c 24 c0 00 00 00 0f 85 a3 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 02 83 bf 05 01 <0f> 0b eb a5 a9 00 00 08 00 48 8b 54 24 08 75 17 44 89 f6 81 e6 7f
[  811.427615][T16030] RSP: 0018:ffffc9000dcef6e0 EFLAGS: 00010246
[  811.434130][T16030] RAX: ffffc9000dcef700 RBX: 0000000000000016 RCX: 0000000000000000
[  811.442266][T16030] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc9000dcef768
[  811.450483][T16030] RBP: ffffc9000dcef7f8 R08: dffffc0000000000 R09: ffffc9000dcef750
[  811.458958][T16030] R10: fffff52001b9deed R11: 1ffff92001b9deea R12: dffffc0000000000
[  811.467058][T16030] R13: 0000000000000000 R14: 0000000000040dc0 R15: 1ffff92001b9dee0
[  811.475386][T16030] FS:  00007f34bda136c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  811.484610][T16030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  811.491478][T16030] CR2: 000020000000f000 CR3: 000000011fd0f000 CR4: 00000000003506a0
[  811.499576][T16030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  811.507914][T16030] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  811.515941][T16030] Call Trace:
[  811.519323][T16030]  <TASK>
[  811.522401][T16030]  ? __cfi___alloc_pages+0x10/0x10
[  811.527561][T16030]  ? kasan_save_alloc_info+0x25/0x30
[  811.532953][T16030]  ? __kasan_slab_alloc+0x72/0x80
[  811.538244][T16030]  ? slab_post_alloc_hook+0x6d/0x2d0
[  811.543718][T16030]  ? ebitmap_read+0x398/0x920
[  811.548714][T16030]  __kmalloc_large_node+0xa1/0x1c0
[  811.554041][T16030]  ? hashtab_init+0xcd/0x160
[  811.558853][T16030]  __kmalloc+0xe0/0x1e0
[  811.563119][T16030]  hashtab_init+0xcd/0x160
[  811.567813][T16030]  symtab_init+0x40/0x60
[  811.572160][T16030]  policydb_read+0x961/0x25e0
[  811.577164][T16030]  ? __cfi_policydb_read+0x10/0x10
[  811.582636][T16030]  ? __kasan_kmalloc+0x95/0xb0
[  811.587685][T16030]  ? security_load_policy+0x118/0xea0
[  811.593303][T16030]  ? kmalloc_trace+0x40/0xb0
[  811.598197][T16030]  security_load_policy+0x153/0xea0
[  811.603529][T16030]  ? irqentry_exit+0x37/0x40
[  811.608389][T16030]  ? exc_page_fault+0x5e/0xb0
[  811.613202][T16030]  ? asm_exc_page_fault+0x27/0x30
[  811.618552][T16030]  ? __cfi_security_load_policy+0x10/0x10
[  811.624391][T16030]  ? copy_user_enhanced_fast_string+0xa/0x40
[  811.630690][T16030]  sel_write_load+0x36f/0x5e0
[  811.635473][T16030]  ? __cfi_sel_write_load+0x10/0x10
[  811.640823][T16030]  ? security_file_permission+0x94/0xb0
[  811.647147][T16030]  ? __cfi_sel_write_load+0x10/0x10
[  811.652542][T16030]  vfs_write+0x40c/0xca0
[  811.657088][T16030]  ? __cfi_vfs_write+0x10/0x10
[  811.661954][T16030]  ? __kasan_check_write+0x14/0x20
[  811.667212][T16030]  ? mutex_lock+0x8d/0x1a0
[  811.671766][T16030]  ? __cfi_mutex_lock+0x10/0x10
[  811.676745][T16030]  ? __fdget_pos+0x2cd/0x380
[  811.681491][T16030]  ? ksys_write+0x71/0x240
[  811.686409][T16030]  ksys_write+0x140/0x240
[  811.690820][T16030]  ? __cfi_ksys_write+0x10/0x10
[  811.695768][T16030]  ? fpregs_restore_userregs+0x128/0x260
[  811.701843][T16030]  __x64_sys_write+0x7b/0x90
[  811.706764][T16030]  x64_sys_call+0x27b/0x9a0
[  811.711386][T16030]  do_syscall_64+0x4c/0xa0
[  811.715968][T16030]  ? clear_bhb_loop+0x30/0x80
[  811.720943][T16030]  ? clear_bhb_loop+0x30/0x80
[  811.725821][T16030]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  811.732060][T16030] RIP: 0033:0x7f34bcb8ebe9
[  811.736731][T16030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.756916][T16030] RSP: 002b:00007f34bda13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  811.765464][T16030] RAX: ffffffffffffffda RBX: 00007f34bcdb5fa0 RCX: 00007f34bcb8ebe9
[  811.773570][T16030] RDX: 000000000000fd44 RSI: 0000200000000000 RDI: 0000000000000003
[  811.781808][T16030] RBP: 00007f34bcc11e19 R08: 0000000000000000 R09: 0000000000000000
[  811.790225][T16030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  811.798478][T16030] R13: 00007f34bcdb6038 R14: 00007f34bcdb5fa0 R15: 00007ffd39f099c8
[  811.806667][T16030]  </TASK>
[  811.809751][T16030] ---[ end trace 0000000000000000 ]---
[  811.820973][ T1782] tipc: Node number set to 2886997007
[  811.821307][T16030] SELinux: failed to load policy
[  813.431202][   T28] kauditd_printk_skb: 148 callbacks suppressed
[  813.431220][   T28] audit: type=1400 audit(1755715883.650:4158): avc:  denied  { read append } for  pid=16044 comm="syz.5.5307" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  813.458280][T16046] random: crng reseeded on system resumption
[  813.489063][   T28] audit: type=1400 audit(1755715883.650:4159): avc:  denied  { read } for  pid=16045 comm="syz.1.5309" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  813.512149][   T28] audit: type=1400 audit(1755715883.650:4160): avc:  denied  { open } for  pid=16045 comm="syz.1.5309" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  813.540262][   T28] audit: type=1400 audit(1755715883.669:4161): avc:  denied  { ioctl } for  pid=16045 comm="syz.1.5309" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  813.592067][   T28] audit: type=1400 audit(1755715883.696:4162): avc:  denied  { write } for  pid=16051 comm="syz.6.5311" name="001" dev="devtmpfs" ino=176 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  813.716817][T16066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5314'.
[  813.795933][   T28] audit: type=1400 audit(1755715883.983:4163): avc:  denied  { remount } for  pid=16078 comm="syz.6.5322" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  816.279908][   T28] audit: type=1400 audit(1755715886.272:4164): avc:  denied  { mount } for  pid=16078 comm="syz.6.5322" name="/" dev="incremental-fs" ino=1744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  816.287256][T16079] incfs_lookup_dentry err:-36
[  816.332295][   T28] audit: type=1400 audit(1755715886.309:4165): avc:  denied  { read write } for  pid=16088 comm="syz.5.5325" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  816.392124][T16097] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5328'.
[  816.412991][   T28] audit: type=1400 audit(1755715886.309:4166): avc:  denied  { name_bind } for  pid=16090 comm="syz.0.5324" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  816.435110][   T28] audit: type=1400 audit(1755715886.309:4167): avc:  denied  { open } for  pid=16088 comm="syz.5.5325" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  816.565140][T16116] input: syz1 as /devices/virtual/input/input79
[  816.574202][ T9841] ------------[ cut here ]------------
[  816.579687][ T9841] WARNING: CPU: 0 PID: 9841 at fs/inode.c:332 drop_nlink+0xc5/0x110
[  816.587762][ T9841] Modules linked in:
[  816.591719][ T9841] CPU: 0 PID: 9841 Comm: syz-executor Tainted: G        W          6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[  816.603362][ T9841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  816.613890][ T9841] RIP: 0010:drop_nlink+0xc5/0x110
[  816.619154][ T9841] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 03 ea f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 5b 8a ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[  816.639199][ T9841] RSP: 0018:ffffc90001237c38 EFLAGS: 00010293
[  816.645670][ T9841] RAX: ffffffff81c37cd5 RBX: ffff888136e1b1a8 RCX: ffff888127ec5100
[  816.653747][ T9841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  816.661837][ T9841] RBP: ffffc90001237c60 R08: 0000000000000004 R09: 0000000000000003
[  816.669828][ T9841] R10: fffff52000246f78 R11: 1ffff92000246f78 R12: dffffc0000000000
[  816.677882][ T9841] R13: 1ffff11026dc363e R14: ffff888136e1b1f0 R15: 0000000000000000
[  816.685882][ T9841] FS:  0000555578ac3500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  816.694915][ T9841] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  816.701548][ T9841] CR2: 0000555578ae64e8 CR3: 000000010755a000 CR4: 00000000003506b0
[  816.709879][ T9841] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  816.717974][ T9841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  816.725976][ T9841] Call Trace:
[  816.729289][ T9841]  <TASK>
[  816.732244][ T9841]  shmem_rmdir+0x5b/0x90
[  816.736654][ T9841]  vfs_rmdir+0x393/0x500
[  816.740952][ T9841]  incfs_kill_sb+0x105/0x220
[  816.745653][ T9841]  deactivate_locked_super+0xb5/0x120
[  816.751244][ T9841]  deactivate_super+0xaf/0xe0
[  816.755974][ T9841]  cleanup_mnt+0x45f/0x4e0
[  816.760559][ T9841]  __cleanup_mnt+0x19/0x20
[  816.765022][ T9841]  task_work_run+0x1db/0x240
[  816.769804][ T9841]  ? __cfi_task_work_run+0x10/0x10
[  816.774977][ T9841]  ? __x64_sys_umount+0x125/0x160
[  816.780053][ T9841]  ? __cfi___x64_sys_umount+0x10/0x10
[  816.785725][ T9841]  exit_to_user_mode_loop+0x9b/0xb0
[  816.791088][ T9841]  exit_to_user_mode_prepare+0x5a/0xa0
[  816.796573][ T9841]  syscall_exit_to_user_mode+0x1a/0x30
[  816.802176][ T9841]  do_syscall_64+0x58/0xa0
[  816.806786][ T9841]  ? clear_bhb_loop+0x30/0x80
[  816.811507][ T9841]  ? clear_bhb_loop+0x30/0x80
[  816.816290][ T9841]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  816.822393][ T9841] RIP: 0033:0x7f0bd6b8ff17
[  816.826904][ T9841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  816.846896][ T9841] RSP: 002b:00007ffcb17b2cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  816.855543][ T9841] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0bd6b8ff17
[  816.863530][ T9841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb17b2d70
[  816.871533][ T9841] RBP: 00007ffcb17b2d70 R08: 0000000000000000 R09: 0000000000000000
[  816.879559][ T9841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb17b3e00
[  816.887686][ T9841] R13: 00007f0bd6c11c05 R14: 00000000000c4cf3 R15: 00007ffcb17b3e40
[  816.896127][ T9841]  </TASK>
[  816.899347][ T9841] ---[ end trace 0000000000000000 ]---
[  816.905200][ T9841] ==================================================================
[  816.913382][ T9841] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[  816.919657][ T9841] Write of size 4 at addr 0000000000000170 by task syz-executor/9841
[  816.927750][ T9841] 
[  816.930117][ T9841] CPU: 1 PID: 9841 Comm: syz-executor Tainted: G        W          6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[  816.941671][ T9841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  816.951929][ T9841] Call Trace:
[  816.955223][ T9841]  <TASK>
[  816.958175][ T9841]  __dump_stack+0x21/0x24
[  816.962540][ T9841]  dump_stack_lvl+0xee/0x150
[  816.967266][ T9841]  ? __cfi_dump_stack_lvl+0x8/0x8
[  816.972401][ T9841]  ? ihold+0x20/0x60
[  816.976366][ T9841]  ? ihold+0x20/0x60
[  816.980268][ T9841]  print_report+0x3d/0x60
[  816.984699][ T9841]  kasan_report+0x122/0x150
[  816.989219][ T9841]  ? ihold+0x20/0x60
[  816.993124][ T9841]  kasan_check_range+0x280/0x290
[  816.998108][ T9841]  __kasan_check_write+0x14/0x20
[  817.003162][ T9841]  ihold+0x20/0x60
[  817.006973][ T9841]  vfs_rmdir+0x25f/0x500
[  817.011234][ T9841]  incfs_kill_sb+0x105/0x220
[  817.015833][ T9841]  deactivate_locked_super+0xb5/0x120
[  817.021312][ T9841]  deactivate_super+0xaf/0xe0
[  817.026027][ T9841]  cleanup_mnt+0x45f/0x4e0
[  817.030458][ T9841]  __cleanup_mnt+0x19/0x20
[  817.034885][ T9841]  task_work_run+0x1db/0x240
[  817.039488][ T9841]  ? __cfi_task_work_run+0x10/0x10
[  817.044615][ T9841]  ? __x64_sys_umount+0x125/0x160
[  817.049736][ T9841]  ? __cfi___x64_sys_umount+0x10/0x10
[  817.055205][ T9841]  exit_to_user_mode_loop+0x9b/0xb0
[  817.060415][ T9841]  exit_to_user_mode_prepare+0x5a/0xa0
[  817.065970][ T9841]  syscall_exit_to_user_mode+0x1a/0x30
[  817.071635][ T9841]  do_syscall_64+0x58/0xa0
[  817.076072][ T9841]  ? clear_bhb_loop+0x30/0x80
[  817.080858][ T9841]  ? clear_bhb_loop+0x30/0x80
[  817.085604][ T9841]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  817.091527][ T9841] RIP: 0033:0x7f0bd6b8ff17
[  817.095955][ T9841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  817.115836][ T9841] RSP: 002b:00007ffcb17b2cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  817.124259][ T9841] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0bd6b8ff17
[  817.132236][ T9841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb17b2d70
[  817.140213][ T9841] RBP: 00007ffcb17b2d70 R08: 0000000000000000 R09: 0000000000000000
[  817.148189][ T9841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb17b3e00
[  817.156252][ T9841] R13: 00007f0bd6c11c05 R14: 00000000000c4cf3 R15: 00007ffcb17b3e40
[  817.164321][ T9841]  </TASK>
[  817.167354][ T9841] ==================================================================
[  817.175687][ T9841] Disabling lock debugging due to kernel taint
[  817.182296][ T9841] BUG: kernel NULL pointer dereference, address: 0000000000000170
[  817.190135][ T9841] #PF: supervisor write access in kernel mode
[  817.196300][ T9841] #PF: error_code(0x0002) - not-present page
[  817.202373][ T9841] PGD 12d028067 P4D 12d028067 PUD 0 
[  817.207734][ T9841] Oops: 0002 [#1] PREEMPT SMP KASAN
[  817.213029][ T9841] CPU: 0 PID: 9841 Comm: syz-executor Tainted: G    B   W          6.1.145-syzkaller-00015-g87b9d836c3d8 #0
[  817.224482][ T9841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  817.234544][ T9841] RIP: 0010:ihold+0x26/0x60
[  817.239057][ T9841] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 c1 81 ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 b1
[  817.258670][ T9841] RSP: 0018:ffffc90001237c78 EFLAGS: 00010246
[  817.264742][ T9841] RAX: ffff888127ec5100 RBX: 0000000000000000 RCX: ffff888127ec5100
[  817.272819][ T9841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  817.280798][ T9841] RBP: ffffc90001237c88 R08: dffffc0000000000 R09: fffffbfff0f2d4fd
[  817.288784][ T9841] R10: fffffbfff0f2d4fd R11: 1ffffffff0f2d4fc R12: ffff888136e1b1b4
[  817.297204][ T9841] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  817.305442][ T9841] FS:  0000555578ac3500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  817.314409][ T9841] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  817.321102][ T9841] CR2: 0000000000000170 CR3: 000000010755a000 CR4: 00000000003506b0
[  817.329096][ T9841] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  817.337080][ T9841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  817.345317][ T9841] Call Trace:
[  817.348606][ T9841]  <TASK>
[  817.351550][ T9841]  vfs_rmdir+0x25f/0x500
[  817.355827][ T9841]  incfs_kill_sb+0x105/0x220
[  817.360613][ T9841]  deactivate_locked_super+0xb5/0x120
[  817.366108][ T9841]  deactivate_super+0xaf/0xe0
[  817.370890][ T9841]  cleanup_mnt+0x45f/0x4e0
[  817.375367][ T9841]  __cleanup_mnt+0x19/0x20
[  817.379818][ T9841]  task_work_run+0x1db/0x240
[  817.384609][ T9841]  ? __cfi_task_work_run+0x10/0x10
[  817.389729][ T9841]  ? __x64_sys_umount+0x125/0x160
[  817.394760][ T9841]  ? __cfi___x64_sys_umount+0x10/0x10
[  817.400149][ T9841]  exit_to_user_mode_loop+0x9b/0xb0
[  817.405449][ T9841]  exit_to_user_mode_prepare+0x5a/0xa0
[  817.411269][ T9841]  syscall_exit_to_user_mode+0x1a/0x30
[  817.416876][ T9841]  do_syscall_64+0x58/0xa0
[  817.421312][ T9841]  ? clear_bhb_loop+0x30/0x80
[  817.426088][ T9841]  ? clear_bhb_loop+0x30/0x80
[  817.430768][ T9841]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  817.436666][ T9841] RIP: 0033:0x7f0bd6b8ff17
[  817.441087][ T9841] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  817.460785][ T9841] RSP: 002b:00007ffcb17b2cb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  817.469210][ T9841] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f0bd6b8ff17
[  817.477368][ T9841] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb17b2d70
[  817.485440][ T9841] RBP: 00007ffcb17b2d70 R08: 0000000000000000 R09: 0000000000000000
[  817.493688][ T9841] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb17b3e00
[  817.501666][ T9841] R13: 00007f0bd6c11c05 R14: 00000000000c4cf3 R15: 00007ffcb17b3e40
[  817.509732][ T9841]  </TASK>
[  817.512752][ T9841] Modules linked in:
[  817.516667][ T9841] CR2: 0000000000000170
[  817.521235][ T9841] ---[ end trace 0000000000000000 ]---
[  817.526974][ T9841] RIP: 0010:ihold+0x26/0x60
[  817.532025][ T9841] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 c1 81 ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 <f0> 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 b1
[  817.551652][ T9841] RSP: 0018:ffffc90001237c78 EFLAGS: 00010246
[  817.557818][ T9841] RAX: ffff888127ec5100 RBX: 0000000000000000 RCX: ffff888127ec5100
[  817.565803][ T9841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  817.573788][ T9841] RBP: ffffc90001237c88 R08: dffffc0000000000 R09: fffffbfff0f2d4fd
[  817.581776][ T9841] R10: fffffbfff0f2d4fd R11: 1ffffffff0f2d4fc R12: ffff888136e1b1b4
[  817.589791][ T9841] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000
[  817.597785][ T9841] FS:  0000555578ac3500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  817.606813][ T9841] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  817.613504][ T9841] CR2: 0000000000000170 CR3: 000000010755a000 CR4: 00000000003506b0
[  817.621532][ T9841] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  817.629523][ T9841] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  817.637667][ T9841] Kernel panic - not syncing: Fatal exception
[  817.644012][ T9841] Kernel Offset: disabled
[  817.648354][ T9841] Rebooting in 86400 seconds..