last executing test programs:

1m34.479901851s ago: executing program 3 (id=2110):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @auto="b8f92416074d3848"}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}})

1m34.347274422s ago: executing program 3 (id=2114):
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x100000000000600d, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
setreuid(0xee01, 0xee01)
ioctl$IOC_PR_RELEASE(r0, 0x401070ca, 0x0)

1m34.294135311s ago: executing program 3 (id=2116):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000)
signalfd4(0xffffffffffffffff, &(0x7f0000000300)={[0x8]}, 0x8, 0x800)

1m34.260288572s ago: executing program 3 (id=2119):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x68, 0x14, 0x70b, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0xc}, {0x4}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x10, 0xfc, 0x200, 0x80000a, 0x0, 0x0, 0x7e}}, {0x4}}, {{0x1c, 0x1, {0x0, 0xc, 0x8, 0xd, 0x1, 0xa, 0x2}}, {0x4}}]}]}, 0x68}}, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010102}, 0x10)

1m34.235923802s ago: executing program 3 (id=2121):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)

1m34.215834592s ago: executing program 3 (id=2122):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000002c0)='timer_start\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

1m29.171469433s ago: executing program 32 (id=2278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000180)={0x1, 0x0, [{0x17b, 0x0, 0xb}]})

1m19.185981213s ago: executing program 33 (id=2122):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f00000002c0)='timer_start\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

1m8.333564439s ago: executing program 2 (id=2971):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000d80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b00)={{r0}, &(0x7f0000000000), &(0x7f0000000b80)}, 0x20)

1m8.333254068s ago: executing program 2 (id=2972):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='-'], 0x9)

1m8.333045408s ago: executing program 2 (id=2973):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)

1m8.332740959s ago: executing program 2 (id=2974):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000001080), 0x1, 0x4f7, &(0x7f0000001440)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000380)='./file0\x00', 0x10e, &(0x7f0000000140)={[{@inlinecrypt}, {@nodelalloc}, {@jqfmt_vfsold}, {@bh}, {@block_validity}, {@quota}]}, 0xb, 0x460, &(0x7f0000001380)="$eJzs289vFFUcAPDvzLZg+WEr4g9+qFU0Nv5oaUHl4EGNJh40MfGCx9oWgizU0JoIIYrG4NGQeDceTfwLPOnFqCcTr3o3JMRwEU1M1szuDLs77C4U2i5lP59k4L2d17733Tdv9715nQAG1nj2TxKxLSJ+j4jRRra9wHjjvyuXz879c/nsXBK12tt/JfVyf18+O1cULX5ua56ZSCPSz5LY06HepdNnjs9Wqwun8vzU8on3p5ZOn3n22InZowtHF07OHDp08MD0C8/PPHeDkfxX63X2nqytuz9a3Lvr9XcuvDl3+MK7P3+bFPGX4lgl471OPlHr2dwNZ3tLOhnqY0NYkUpEZN01XB//o1GJZueNxmuf9rVxwJqq5bqcPlcD7mBJ9LsFQH8UX/TZ+rc41m/20X+XXm4sgLK4r+RH48xQpNFYGA2X1reraTwiDp/796vsiLW5DwEA0Ob7bP7zTKf5Xxr3t5S7O98bGsv3UnZExL0RsTMi7ouol30gIh5cYf3lTZJr5z/pxZsK7AZl878X872t9vlfWhQZq+S57fXMcHLkWHVhf/6eTMTw5iw/3aOOH1797Ytu51rnf9mR1V/MBfN2XBza3P4z87PLs7cSc6tLn0TsHuoUf3J1JyCJiF0Rsfsm6zj21Dd7u50rxT/SvvlY9lJ7dhX2mWpfRzzZ6P9zUYq/kPTen5y6K6oL+6eKq+Jav/x6/q1u9V+//9dW1v9bOl7/V+MfS1r3a5dWXsf5Pz7vuqaZXPH1vyk65T6cXV4+NR2xKXmj0ejW12ea5Yt8UT6Lf2Jf5/G/I5rvxJ6IyC7ihyLi4Yh4JO+7RyPisYjYVw4sbSZ/euXx95q59gv8duj/+VL/j7UXKfV/M7Epyq90TlSO//hd+29sJm/s8+9gPTWRv5J9/l1v97y1FUmPBt7auwcAAAAbQxoR2yJJJ6+m03RysvE3/DtjS1pdXFp++sjiByfnG88IjMVwWtzpatwPbtwPnc6X9UV+ppQ/kN83/rIyUs9Pzi1W5/sdPAy4rV3Gf+bPSr9bB6w5z2vB4DL+YXAZ/zC4jH8YXB3G/0g/2gGsv07f/x83k7XR9WwMsK5K49+2HwwQ638YXMY/DK7W8d/z+XvgTrI0Er0f3h+ARHp7NGODJSLtW+3pqv/mZI1Hwbb+99dKE/3+ZAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wcAAP//nHbk3g==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x31486c, &(0x7f0000000140)='usrjquota=')

1m8.215139419s ago: executing program 2 (id=2975):
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x3a, &(0x7f0000000440)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0)

1m8.11653498s ago: executing program 2 (id=2981):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x103)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a40), 0x200001, 0x0)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000a80), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00), 0x800000, &(0x7f0000000ac0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m8.09270475s ago: executing program 34 (id=2981):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0x103)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000a40), 0x200001, 0x0)
r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000a80), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00), 0x800000, &(0x7f0000000ac0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

1m8.04141928s ago: executing program 5 (id=2983):
r0 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={<r1=>0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000000400)=0xc)
syz_mount_image$exfat(&(0x7f0000000140), &(0x7f0000000240)='./file1\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r2, @ANYRES64=r1, @ANYRES8=r3, @ANYRES16=r1, @ANYRES64=r1, @ANYBLOB="2c6469736361726459ad809e1eb82c00fb278330ab3b4884d36adf6908d11f5783dc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14fc, &(0x7f0000002a80)="$eJzs3AuUjlXbOPB97b1vxjTpaZLDsK993TxpsE2S5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDR5pUmSkJCw/0vv+356v97v6/3W2/+z1jfXb629Zl9zP9f1XPdcs+a572eteb7rOapei/q1mxGR+LfAX7+kCCFihBDDhBDXCSECIUSl+Erxl48XUJDy7z0J+3M9nH61O2BXE88/b+P55208/7yN55+38fzzNp5/3sbzz9t4/ozlZdvnFLueV95d/P5/Xsav//+H5Jaf/NXG8jf2+h+k8PzzNp5/3sbzz9t4/nkbzz9v4/n/31frvznG88/beP6M5WVX+/1nXld3Xe3fP8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjecM5f4UWQvx9f7X7YowxxhhjjDHG2J/H57/aHTDGGGOMMcYYY+z/PxBSKKFFIPKJ/CJGFBCx4hoRJ64VBcV1IiKuF/HiBlFI3CgKiyKiqCgmEkRxUUIYgcIKEqEoKUqJqLhJlBY3i0RRRpQV5YQT5UWSuEVUELeKiuI2UUncLiqLO0QVUVVUE9XFnaKGuEvUFLVEbXG3qCPqinqivrhHNBD3iobiPtFI3C8aiwdEE/GgaCoeEs3Ew6K5eES0EI+KluIx0Uq0Fm1EW9Hut/l98/+L+S+JvuJl0U/0FyligBgoXhGDxGAxRAwVw8SrYrh4TYwQr4tUMVKMEm+I0eJNMUa8JcaKcWK8eFtMEBPFJDFZTBFTRZp4R0wT74rp4j0xQ8wUs8RskS7miLnifTFPzBcLxAdiofhQLBKLxRKxVGSIj0SmWCayxMdiufhEZIsVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLT8UOsVPsErvFHrFX7BOfif3ic3FAfCFyxJf/w/yz/ym/FwgQIEGCBg35IB/EQAzEQizEQRwUhIIQgQjEQzwUgkJQGApDUSgKCZAAJaAEICAQEJSEkhCFKJSG0pAIiVAWyoIDB0mQBBXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCyZAMXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB1SYSSMgjfgDXgTxsAZGAvjYDyMhxpyIkyCyUByKqRBGkyDaTAdpsMMmAkzYTakwxyYC3NhHsyH+fABLIQP4UNYDIthKWRABmTCMsiCLFgOZyEbVsBKWAWrYQ2shnWwHtbBRtgEG2ELbIFtsA0+hU9hJ+yE3bAb9sJe+Aw+g8/hc0iFHMiBg3AQDsEhOAyHIRdy4QgcgaNwFI7BMTgOx+EEnIRTcBJOw2k4A2fhHJyD83AeLsALCd8031tmQ6qQl2mpZT6ZT8bIGBkrY2WcjJMFZUEZkREZL+NlIVlIFpaFZVFZVCbIBFlClpAoUZIMZUlZUkZlVJaWpWWiTJRlZVnppJNJMklWkBVkRVlRVpK3y8ryDllFVpUdXXVZXdaQnVxNWUvWlrVlHVlX1pP1ZX3ZQDaQDWVD2Ug2ko1lY9lEPiibygEwBB6WlyfTQo6ElnIUtJKtZRvZVr4Jj8v2cgx0kB1lJ/mkHAdjoYts75LlM7KrnATd5HNyMjwve8ip0FO+KHvJ3rKPfEn2lR1cP9lfzoABcqCcDYPkYDlEDpXzoK68PLF68nWZKkfKUfINuRTelGPkW3KsHCfHy7flBDlRTpKT5RQ5VabJd+Q0+a6cLt+TM+RMOUvOlulyjpwr35fz5Hy5QH4gF8oP5SK5WC6RS2WG/EhmymUyS34sl8tPZLZcIVfKVXK1XCPXynVyvdwgN8pNcrPcIrfKbXK7/FTukDvlLrlb7pF75T75mdwvP5cH5BcyR34pD8q/yEPyK3lYfi1z5TfyiPxWHpXfyWPye3lc/iBPyJPylPxRnpY/yTPyrDwnf5bn5S/ygrwoL0kvhQIllVJaBSqfyq9iVAEVq65RcepaVVBdpyLqehWvblCF1I2qsCqiiqpiKkEVVyWUUaisIhWqkqqUiqqbVGl1s0pUZVRZVU45VV4lqVtUBXWrqqhuU5XU7aqyukNVUVVVNVVd3alqqLtUTVVL1VZ3qzqqrqqn6qt7VAN1r2qo7lON1P2qsXpANVEPqqbqIdVMPayaq0dUC/WoaqkeU61Ua9VGtVXt1OOqvXpCdVAdVSf1pOqsnlJd1NMqWT2juqpnVTf1nOqunlc91Auqp3pR9VK9VR91UV1SXvVT/VWKGqAGqlfUIDVYDVFD1TD1qhquXlMj1OsqVY1Uo9QbarR6U41Rb6mxapwar95WE9RENUlNVlPUVJWm3lHT1LtqunpPzVAz1Sw1W6WrOWrI3yot+Bfy3/0n+SN+ffZtarv6VO1QO9UutVvtUXvVPrVP7Vf71QF1QOWoHHVQHVSH1CF1WB1WuSpXHVFH1FF1VB1Tx9RxdVydUCfVz+pHdVr9pM6os+qs+lmdV+fVhb/9DIQGLbXSWgc6n86vY3QBHauv0XH6Wl1QX6cj+nodr2/QhfSNurAuoovqYjpBF9cltNGorSYd6pK6lI7qm3RpfbNO1GV0WV1OO11eJ+lb/u38P+qvnW6n2+v2uoPuoDvpTrqz7qy76C46WSfrrrqr7qa76e66u+6he+ieuqfupXvpPrqP7qv76n66n07RKXqgfkUP0oP1ED1UD9Ov6uF6uB6hR+hUnapH6VF6tB6tx+gxeqweq8fr8XqCnqAn6Ul6ip6i03Sanqan6el6up6hZ+hZepZO1+l6rp6r5+l5eoFeoBfqhXqRXqSX6CU6Q2foTJ2ps3SWXq6X62y9Qq/Qq/QqvUav0ev0Or1Bb9Cb9Ca9RW/R2Xq73q536B16l96l9+g9ep/ep/fr/fqAPqBzdI4+qA/qQ/qQPqwP61ydq4/oI/qoPqqP6WP6uD6uT+gT+pQ+pU/r0/qMPqPP6XP6vD6vL+gL+pK+dPmyL5CBDHSgg3xBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEYAIMbEBBGJQMSgXR4KagdHBzkBiUCcoG5QIXlA+SgluCCsGtQcXgtqBScHtQObgjqBJUDaoF1YM7gxrBXUHNoFZQO7g7qBPUDeoF9YN7ggbBvUHD4L6gUXB/0Dh4IGgSPBg0DR4KmgUPB82DR4IWwaNBy+CxoFXQOmgTtA3a/an1vT9T5AnXz/Q3KWaAGWheMYPMYDPEDDXDzKtmuHnNjDCvm1Qz0owyb5jR5k0zxrxlxppxZrx520wwE80kM9lMMVNNmnnHTDPvmunmPTPDzDSzzGyTbuaYueZ9M8/MNwvMB2ah+dAsMovNErPUZJiPTKZZZrLMx2a5+cRkmxVmpVllVps1Zq1ZZ9abDWaj2WQ2my1mq9lmtptPzQ6z0+wyu80es9fsM5+Z/eZzc8B8YXLMl+ag+Ys5ZL4yh83XJtd8Y46Yb81R8505Zr43x80P5oQ5aU6ZH81p85M5Y86ac+Znc978Yi6Yi+aS8Zcv7i+/vKNGjfkwH8ZgDMZiLMZhHBbEghjBCMZjPBbCQlgYC2NRLIoJmIAlsAReRkhYEktiFKNYGktjIiZiWSyLDh0mYRJWwApYEStiJayElbEyVsEqWA2r4Z14J96Fd2EtrIV3491YF+tifayPDbABNsSG2AgbYWNsjE2wCTbFptgMm2FzbI4tsAW2xJbYClthG2yD7bAdtsf22AE7YCfshJ2xM3bBLpiMydgVu2I37IbdsTv2wB7YE3tiL+yFfbAP9sW+2A/7YQqm4EAciINwEA7BITgMh+FwHI4jcASmYiqOwlE4GkfjGByDY3Ecjse3cQJOxEk4GafgVEzDNJyG03A6TscZOANn4SxMx3Sci3NxHs7DBbgAF+JCXISLcAkuwQzMwEzMxCzMwuW4HLMxG1fiSlyNq3EtrsX1uB434kbcjJtxK27F7bgdd+AO3IW7cA/uwX24D/fjfjyABzAHc/AgHsRDeAgP42HMxVw8gkfwKB7FY3gMj+NxPIEn8BSewtN4Gs/gGTyH5/A8/oIX8CJeQo8xVopYe42Ns9fagvY6G2ML2N/GRW0xm2CL2xLW2MK2yD/EaK1NtGVsWVvOOlveJtlbfhdXsVVtNVvd3mlr2Ltszd/FDey9tqG9zzay99v69p5/iBvbB2wT+6htah+zzWxr29y2tS3so7alfcy2sq1tG9vWdrZP2S72aZtsn7Fd7bO/izPtMrvebrAb7Sa7335uz9mf7VH7nT1vf7H9bH87zL5qh9vX7Aj7uk21I38Xj7dv2wl2op1kJ9spdurv4ll2tk23c+xc+76dZ+f/Ls6wH9mFNssusovtErv01/hyT1n2Y7vcfmKz7Qq70q6yq+0au9au+49eV9ktdqvdZvfZz+wOu9PusrvtHrv31/jyeRywX9gc+6U9Yr+1h+xX9rA9ZnPtN7/Gl8/vmP3eHrc/2BP2pD1lf7Sn7U/2jD376/lfPvcf7UV7yXorCEiSIk0B5aP8FEMFKJauoTi6lgrSdRSh6ymebqBCdCMVpiJUlIpRAhWnEmQIyRJRSCWpFEXpJipNN1MilaGyVI4clackuoUq0K1UkW6jSnQ7VaY7qApVpWpUne6kGnQX1aRaVJvupjpUl+pRfbqHGtC91JDuo0Z0PzWmB6gJPUhN6SFqRg9Tc3qEWtCj1JIeo1bUmtpQW2pHj1N7eoI6UEfqRE9SZ3qKutDTlEzPUFd6lrrRc9Sdnqce9AL1pBepF/WmPvQS9aWXqR/1pxQaQAPpFRpEg2kIDaVh9CoNp9doBL1OqTSSRtEbNJrepDH0Fo2lcTSe3qYJNJEm0WSaQlMpjd6hafQuTaf3aAbNpFk0m9JpDs2l92kezacF9AEtpA9pES2mJbSUMugjyqRllEUf03L6hLJpBa2kVbSa1tBaWkfraQNtpE20mbbQVtpG2+lT2kE7aRftpj20l/bRZ7SfPqcD9AXl0Jd0kP5Ch+grOkxfUy59Q0foWzpK39Ex+p6O0w90gk7SKfqRTtNPdIbO0jn6mc7TL3SBLtIl8iRCCGWoQh0GYb4wfxgTFghjw2vCuPDasGB4XRgJrw/jwxvCQuGNYeGwSFg0LBYmhMXDEqEJMbQhhWFYMiwVRsObwtLhzWFiWCYsG5YLXVg+TApvCSuEt4YVw9vCSuHtYeXwjrBKWDV89P7q4Z1hjfCusGZYK6wd3h3WCeuG9cL64T1hg/DesGF4X9govD+sGD4QNgkfDJuGD4XNwofD5uEjYYvw0bBl+FjYKmwdtgnbhu3Cx8P24RNhh7Bj2Cl8MuwcPhV2CZ8Ok8Nnwq7hs394PCUcEA4MXwlfCb2/Ty2JLo1mRD+KZkaXRbOiH0eXRz+JZkdXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W9r59fOHDSKadd4PK5/C7GFXCx7hoX5651Bd11LuKud/HuBlfI3egKuyKuqCvmElxxV8IZh846cqEr6Uq5qLvJlXY3u0RXxpV15Zxz5V2Sa+vauXauvXvCdXAdXSf3pHvSPeWeck+7p90zrqt71nVzz7nu7nnXw73gXnAvul6ut+vjXnJ93cuun+vvUlyKG+gGukFukBvihrhhbpgb7oa7EW6ES3WpbpQb5Ua70W6MG+PGurFuvBvvJrgJbpKb5Ka4KS7Npblpbpqb7qa7GW6Gm+VmuXSX7ua6uW6em+cWuAVuYeJCt8gtckvcEpfhMlymy3RZLsstd8tdtst2K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfL7XJ73B63z+1z+91+d8AdcDkuxx10B90hd8gddl+7XPeNO+K+dUfdd+6Y+94ddz+4E+6kO+V+dKfdT+6MO+vOuZ/defeLu+AuukvOu7TIO5FpkXcj0yPvRWZEZkZmRWZH0iNzInMj70fmReZHFkQ+iCyMfBhZFFkcWRJZGsmIfBTJjCyLZEU+jiyPfBLJjqyIrIysiqyOrIl4X3xH6Ev6Uj7qb/Kl/c0+0ZfxZX0573x5n+Rv8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/tnfFf/rO/mn/Pd/fO+h3/B9/Qv+l6+t+/jX/J9/cu+n+/vU/wAP9C/4gf5wX6IH+qH+Vf9cP+aH+Ff96l+pB/l3/Cj/Zt+jH/Lj/Xj/Hj/tp/gJ/pJfrKf4qf6NP+On+bf9dP9e36Gn+ln+dk+3c/xc/37fp6f7xf4D/xC/6Ff5Bf7JX6pz/Af+Uy/zGf5j/1y/4nP9iv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nb/ef+h1+p9/ld/s9fq/f5z/z+/3n/oD/wuf4L/1B/xd/yH/lD/uvfa7/xh/x3/qj/jt/zH/vj/sf/Al/0p/yP/rT/id/xp/15/zP/rz/xV/wF/0l/p81xhhjjLF/ifqD4wP+yffk39ZlA4UQ1+4slvufa24u/Nf9YJnQOSKEeKZ/z4f/vurUSdn698dmKxGUWiyEiFzJzyeuxCtEJ/GUSBYdRYV/2t9g2fs8/b5+Sspv6kdvFyL2Nzkx4kp8pf6t/0X9x58cn1k5PBf/39RfLERiqSs5BcSV+Er9iv9F/SLt/6D/Al+lCdHhNzlx4kp8pX6SeEI8K5L/4ZGMMcYYY4wxxthfDZbVuv/R/fPl+/MEfSUnv7gS/9H9OWOMMcYYY4wxxq6+53v3efrx5OSO3XnDG97w5j82V/svE2OMMcYYY+zPduWi/2p3whhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5V3/Gx8ndrXPkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLva/l8AAAD//zG6PD0=")
setxattr$security_capability(&(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x2000000)

1m7.99912532s ago: executing program 5 (id=2984):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0x0, 0x10000}}}, 0x24}}, 0x0)

1m7.95971152s ago: executing program 5 (id=2985):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
kcmp(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff)

1m7.953459341s ago: executing program 5 (id=2986):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')

1m7.946118641s ago: executing program 5 (id=2987):
r0 = socket(0x2c, 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000280)=0x497, 0x4)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100))

1m7.759234342s ago: executing program 5 (id=2988):
prctl$PR_SET_NAME(0x4, 0x0)
r0 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_getfd(r1, 0xffffffffffffffff, 0x0)

1m7.731230752s ago: executing program 35 (id=2988):
prctl$PR_SET_NAME(0x4, 0x0)
r0 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_getfd(r1, 0xffffffffffffffff, 0x0)

40.599179695s ago: executing program 6 (id=3980):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000340)={&(0x7f00000011c0), 0x0})
r2 = dup3(r0, r1, 0x0)
ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000d80)={&(0x7f0000000300), &(0x7f0000005200)=""/4144, 0x1030})

40.554137426s ago: executing program 6 (id=3981):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc225, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x0, [{{0x9, 0x4, 0x0, 0xa, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xc1, 0x0, 0x1, {0x22, 0x2}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xa, 0x0, 0x3}}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000000)={0x0, 0x10, 0x2, {0x2, 0x30}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

38.956550416s ago: executing program 6 (id=4000):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz0\x00', {0x0, 0x4, 0x0, 0x2}, 0x4f, [0x0, 0x0, 0x0, 0x0, 0x3, 0x6, 0x0, 0xffff9519, 0x40000000, 0x0, 0x2, 0xfffffffe, 0x0, 0xfffffe00, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x8000, 0x2, 0x3, 0x3, 0x7, 0x0, 0x5ff339ba, 0x200, 0x8, 0x0, 0xa345, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xf, 0x3562, 0x0, 0x0, 0x0, 0x0, 0x2004, 0x0, 0x200, 0x10000, 0x1000, 0x0, 0x3, 0x0, 0x3, 0xfffffffc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x400000, 0x0, 0x1, 0x6, 0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3ff1, 0x0, 0xfffffffb, 0x0, 0xfffffffd, 0x0, 0x4, 0x4, 0xffff, 0x0, 0x0, 0x1, 0x6, 0x0, 0x0, 0x0, 0x1000, 0x4000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0xde, 0x20000000, 0x0, 0x0, 0x4], [0x0, 0x0, 0x101, 0x0, 0x40, 0x0, 0x6, 0x0, 0xfffffffd, 0x53, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x10000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x483534d7, 0x1, 0x1, 0x0, 0x6, 0xd, 0x10001, 0x4, 0xfffffffd, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc4, 0x10000, 0x0, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x1000, 0x3b6, 0x68, 0x2, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x5, 0x200003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x4, 0x7fffffff, 0x5, 0x0, 0x0, 0x5, 0x48, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x81, 0x6, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x10000, 0x9, 0x101, 0x7]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)

38.956079726s ago: executing program 6 (id=4001):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a9, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnfxO+17y4MF7dRUQNFA6MTW2Ci4qLkSwUNC1bZhMQ80kUzKT0oRAW0RwI6i4EHTTtT/qzq0/tvpfuJCWqmmx4kJG7mQmmTQzadJmZor5fODmnnPPvTnnO/fXmbmHmQAOrLH0TybiSES8n0SM1JYnEdFXTfVGnFpf797aai6dkqhUXv81qa5zd201Fw3bpA7VMv+PiO/eiTia2V5vaXllbrpQyC/W8hPl+YsTpeWVYxfmp2fzs/mFE5NTU8dPPnfyxP7F+vuPK4dvffDK01+e+vPt/9147/skTsXhWlljHPtlLMZqr0lf+hJu8fJ+V9ZlSbcbwENJT82e9bM8jsRI9FRTLQx1smUAQLtciYgKAHDAJO7/AHDA1D8HuLu2mqtP3f1EorNuvxQRg+vx159vrpf01p7ZDVafgw7fTbY8GUkiYnQf6h+LiE+/fvPzdIo2PYcEaObqtYg4Nzq2/fqfbBuzsFfP7FRYGajOxu5b7PoHnfNN2v95vln/L7PR/4km/Z+BJufuw3jw+Z+5uQ/VtJT2/15sGNt2ryH+mtGeWu5f1T5fX3L+QiGfXtv+HRHj0TeQ5ierqzYfBTV+5687repv7P/99uFbn6X1p/PNNTI3ewe2bjMzXZ5+1Ljrbl+LeKK3WfzJxv5PWvR/z+yyjldfePeTVmVp/Gm89Wl7/O1VuR7xVNP9v7kvkx3HJ05UD4eJ+kHRxFc/fTzcqv7N/T9Qnaf1198LdEK6/4d3jn80aRyvWdp7HT9cH/m2VVnj8d88/ubHf3/yRjXdX1t2ebpcXpyM6E9e2778+Oa29Xx9/TT+8Sebn/+tjv9MbWzsuY1cS9UhtL23fvmi9q+axl91tVX87ZXGP7On/b9DolLb5r6iG/fmelrVv7v9P1VNjdeW7Ob694CWPsLRDAAAAAAAAAAAAAAAAAAAAAAAAAB7l4mIw5FkshvpTCabXf8N7//GcKZQLJWPni8uLcxE9beyR6MvU/+qy5GG70OdrH0ffj1//L78sxHxn4j4aGComs/mioWZbgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADWHtv7+/5V0ls2ul/080O3WAQBtM9jtBgAAHef+DwAHz97u/0NtawcA0Dl7fv9fSdrTEACgY3Z9/z/X3nYAAJ3j+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABtdub06XSq/LG2mkvzM5eWl+aKl47N5Etz2fmlXDZXXLyYnS0WZwv5bK443/IfXV2fFYrFi1OxsHR5opwvlSdKyytn54tLC+WzF+anZ/Nn830diwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdq+0vDI3XSjkFyV2TAw1LxrsesO6lOiNx6IZ//hEf9dqb7xKDHXvAgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwmPs7AAD//yjFJO4=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0)
r0 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0)
read$FUSE(r0, &(0x7f0000001640)={0x2020}, 0x2020)

38.913223216s ago: executing program 6 (id=4002):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029"], 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000089d400000000020000000000000000000000000000000000000000000000000000000000000000000000000000ecff000000000000000000feffffffffffff"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x7}}, 0xb8}}, 0x10)

38.398918519s ago: executing program 6 (id=4004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
getrusage(0xffffffffffffffff, &(0x7f00000011c0))

38.398739749s ago: executing program 36 (id=4004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
getrusage(0xffffffffffffffff, &(0x7f00000011c0))

15.765668436s ago: executing program 9 (id=4627):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2, 0x0, &(0x7f00000002c0)='\x00\x00', 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40}, 0x50)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69)
close(r0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

15.716041246s ago: executing program 9 (id=4631):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000280))

15.698932726s ago: executing program 9 (id=4633):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
mlock2(&(0x7f000034f000/0x4000)=nil, 0x4000, 0x0)

15.666560586s ago: executing program 9 (id=4636):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000001440)={[{@noinit_itable}, {@usrquota}, {@jqfmt_vfsv0}, {@abort}, {@nodelalloc}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0x1, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0x189000, 0x1)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x8004587d, &(0x7f0000000140)={0x2, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
lsetxattr$trusted_overlay_redirect(&(0x7f0000000600)='./file0/file0\x00', &(0x7f0000000640), 0x0, 0x0, 0x2)

15.483213827s ago: executing program 9 (id=4638):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000023000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000080)="f00fba2e66370066b9800000c00f326635010000000f30660f38005b6066660fc7b4701bba2100b8a759ef66b92800000066b80c00000066ba000000000f30660f38803bd287ad000f00150f09", 0x4d}], 0x1, 0x33, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.271317458s ago: executing program 9 (id=4643):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x8, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x40002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xddf, r0, 0x4}, 0x38)

15.271048568s ago: executing program 37 (id=4643):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x8, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x40002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xddf, r0, 0x4}, 0x38)

3.074393832s ago: executing program 4 (id=5096):
getsockopt(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001900)=ANY=[@ANYBLOB="1201000000000040c41090ea00000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

1.73541234s ago: executing program 8 (id=5135):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = io_uring_setup(0xad5, &(0x7f0000000040)={0x0, 0xfffffffc})
close(r0)
clock_nanosleep(0x2, 0x1, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)

1.464053292s ago: executing program 1 (id=5156):
syz_open_procfs(0x0, &(0x7f00000007c0)='map_files\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

1.463838032s ago: executing program 1 (id=5157):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@cred={{0x1c}}], 0x20}, 0x0)

1.463608282s ago: executing program 1 (id=5158):
unshare(0x400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000d62b00006110600000000000c6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r1, r0, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@map=r1, r0, 0x5, 0x0, 0x0, @void, @value}, 0x10)

1.411335422s ago: executing program 1 (id=5160):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x8000)

1.361049452s ago: executing program 4 (id=5165):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$binfmt_misc(r2, &(0x7f0000000200), 0xfffffecc)
splice(r1, 0x0, r0, 0x0, 0x8001, 0x0)

1.346548273s ago: executing program 1 (id=5167):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000af802c082505a4a47e9e01020301090224"], 0x0)
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x10000000)

887.364365ms ago: executing program 8 (id=5184):
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000000c"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

856.208436ms ago: executing program 8 (id=5185):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
llistxattr(0x0, 0x0, 0x0)

855.723496ms ago: executing program 8 (id=5186):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46040700030d0000000000000003000300060000000903000038000000000000000e00000000002000030005000000ff0f0000000002000000000000800900000000000100010000002d09000004000000fa00000000000068144f5b0003000000000400000700000002000000000000000d00000003"], 0x98)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

843.565666ms ago: executing program 8 (id=5187):
r0 = socket$nl_route(0x10, 0x3, 0x0)
pipe(0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000002000010000000000000000000a00000000000000000000001400110064766d7270310000000001000000000008000a00000046"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0300000000000000640012800b0001006970366772650000540002800800150061db0a0008000100", @ANYRES32, @ANYBLOB="14000700fe8000000000000000000000000000aa08000d005fe1ffff060010004e22000008000500200c000014000600fc"], 0x94}}, 0x0)

763.893506ms ago: executing program 8 (id=5191):
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x200}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
writev(r1, &(0x7f0000000740)=[{&(0x7f00000003c0)='O', 0x1}], 0x1)

625.746107ms ago: executing program 7 (id=5202):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

605.982997ms ago: executing program 0 (id=5203):
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r1}, 0x18)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x808410, 0x0)

605.717647ms ago: executing program 7 (id=5204):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000006c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000000)=0x507, 0x4)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a4918713031596ea6fd01124f973f257ccd9665aee7df4a9d64f079d176abc00000000d7af3e2dd4396f72373fb0a787a6129ca41181f5087fb843212550b58e3707d5a0399de36c2503836cbe2133de4f574e9e05c96788b0de1bd13e390445433d96737b964fa8af2ac4b2f0f9390ca93d8d3d810044d024359e067c4553230ab748947d33f8fc115ce9a49e6571c45a05d786cbd49342c236537dbbeec666b07baab917252113a5b9a77283189b518f356debe42d80cf2d0687b9c64d0253a6a09286fded6e4f8557b8fb4f25ca4fb138af8945c74bbc98748eaaa030be5317646f195e6e085ac6ddb29542e3581961259987241f7e7061526a7afec8962e74215fea43703a4e543ee9d1a3c3f5f2a41977ece8fdadcf89ce331ce59bebae5f53513d0e10485d7ddbda60513bf339602510b3a23ea29a0d5d03a61e34d12942ea4a847c884b27b5344a456d02a55f8929cc567e7c792c01fab7a7b32780a14c361000609b817dd91507b04d875279527946fdb8fb92a512485e234d092c28f1d0a0498731ccc0eb10515d510e8945839307b46512ceca6f495fdd2c6ae5eb2ef3b2a40ebdc7edf0048e3fb5e3d97a9ea5113a6b70d20ad5c43f0df95d88c0f121a1884da21a21f0ba47420f8391a97921cc51871dbb272e43710fe71d5e342c3afd10608a8b02f00e8fbd8d570b6faace86c494ecea8913233391e7b7cec3d571bb3032181ed58e1b513e511f79ee562c8cde9b3b74c2e95dcde7fadb5a666bdc0c1684794620ce8cf0c0aee8e90b3ef6e7160d3f055cb4d1ced32e4edc15e7d102952d3237e6c02c591a95a182bf190c0124abc7f1225332ff1c5e1b94e4e9bf02c1a18bd7bfce20707f7298da322560bc1a4cf298d46f5bf8ff41da21e25aa17f65f9ee43ca890b5ef6a3ccf3efedf3ca60a9acef1352ad0c43e6cf375108cf0974ce89a99adba7e6a3f8949dc573440fafe0e3abdd0066057a2d868e8386080f18a421568d8e7a89536a4173861bd55245c8fcf7dcba18edce36d2e85b9630fbc218db9ebd16abb11ac06fdbf2bc3e6394d4c6e7ae71813d30772d487743a2856348fee09989ce03331e7848770fc91e62191c20fe5f4a73c5dae467dd612bdb63b1e50921d38271305d7412103d5a6214d6d534d1d530b9169f882b6926bbd338f0282a8bd9a44603934e5249e83f1d0947b39f82a7843d2b6f796d8abf7ff3e66cfd4519324d71cebbf6580dffc10d555e479e9acaa12c3c59e3732c181aa4223d0fcdac514e9d7c7963c2634964520286b028f60a4ae612b8e6049315139e884cbffd6836253094ad023329183496cf663366ad4d7f7f5f1bd2db9b0d33f106c041fba4494c7da404d45d8955e5459ca4a62862721ec1fa534fd95e262c5814426816e60000000000000000001aa4fb6f40ec24f42f6949cc28d2a0d4eb61cb1664627582d962523586539445b81e9759321652280ecb", 0xffe3, 0x0, 0x0, 0x0)

557.166137ms ago: executing program 7 (id=5205):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x2, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f00000006c0), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

556.948707ms ago: executing program 0 (id=5206):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x2c, r2, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}]}, 0x2c}}, 0x0)

556.780797ms ago: executing program 7 (id=5207):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000080), 0x4)

556.676537ms ago: executing program 7 (id=5208):
r0 = socket(0x2, 0x3, 0x6)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000240)=0x4dd9, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10)
recvfrom$unix(r0, 0x0, 0x0, 0x12122, 0x0, 0x0)

556.567207ms ago: executing program 0 (id=5209):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000007c0), 0x0)

556.366137ms ago: executing program 7 (id=5210):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='sys_enter\x00', r1}, 0x10)
exit(0x0)

503.255908ms ago: executing program 0 (id=5211):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001400)={{r0}, 0x0, &(0x7f00000013c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

503.006808ms ago: executing program 0 (id=5212):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c8, &(0x7f0000000100))

502.854148ms ago: executing program 0 (id=5213):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000180)=0x9ebb, 0x4)
bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffefffff3ff3e, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000080))

502.613228ms ago: executing program 4 (id=5214):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)={0x54, r2, 0x1, 0x70bd29, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x28, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}]}, 0x54}}, 0x4000040)

502.474478ms ago: executing program 4 (id=5215):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f821ffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000004c0)={r2, 0x3, 0x6, @broadcast}, 0x10)

474.821128ms ago: executing program 4 (id=5216):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

457.540648ms ago: executing program 4 (id=5217):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_aout(r1, 0x0, 0x6a)
fcntl$setpipe(r1, 0x407, 0x0)
ppoll(&(0x7f0000000480)=[{r1, 0x421}], 0x1, 0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000500)=""/137, 0x89}], 0x1)

0s ago: executing program 1 (id=5218):
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='cmdline\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 attempt to access beyond end of device
[  139.608632][ T9068] loop6: rw=3, sector=226, nr_sectors = 6 limit=128
[  139.622016][ T9068] syz.6.3803: attempt to access beyond end of device
[  139.622016][ T9068] loop6: rw=2051, sector=232, nr_sectors = 2 limit=128
[  139.920100][    T6] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  140.101156][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.112435][    T6] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.122589][    T6] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  140.131834][    T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.140498][    T6] usb 7-1: config 0 descriptor??
[  140.165264][ T9096] raw_sendmsg: syz.4.3816 forgot to set AF_INET. Fix it!
[  140.190131][ T9101] loop4: detected capacity change from 0 to 256
[  140.271695][ T9110] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  140.279539][ T9110] SELinux: failed to load policy
[  140.359435][ T9122] loop8: detected capacity change from 0 to 2048
[  140.391456][ T9122] Alternate GPT is invalid, using primary GPT.
[  140.397741][ T9122]  loop8: p1 p2 p3
[  140.480139][   T19] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  140.552411][ T9137] netlink: 'syz.0.3833': attribute type 4 has an invalid length.
[  140.561447][    T6] sony 0003:054C:024B.001A: unexpected long global item
[  140.568609][    T6] sony 0003:054C:024B.001A: parse failed
[  140.574514][    T6] sony: probe of 0003:054C:024B.001A failed with error -22
[  140.592560][ T9139] netlink: 'syz.7.3834': attribute type 4 has an invalid length.
[  140.613626][ T9145] loop7: detected capacity change from 0 to 128
[  140.621400][ T9145] EXT4-fs (loop7): Test dummy encryption mode enabled
[  140.629349][ T9145] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  140.641715][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  140.641729][   T28] audit: type=1400 audit(140.621:6517): avc:  denied  { write } for  pid=9143 comm="syz.7.3836" name="file1" dev="loop7" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  140.669551][   T28] audit: type=1400 audit(140.621:6518): avc:  denied  { add_name } for  pid=9143 comm="syz.7.3836" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  140.689704][   T28] audit: type=1400 audit(140.621:6519): avc:  denied  { rename } for  pid=9143 comm="syz.7.3836" name="file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  140.712055][   T28] audit: type=1400 audit(140.621:6520): avc:  denied  { remove_name } for  pid=9143 comm="syz.7.3836" name="file2" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  140.712637][ T7168] EXT4-fs (loop7): unmounting filesystem.
[  140.733921][   T28] audit: type=1400 audit(140.621:6521): avc:  denied  { unlink } for  pid=9143 comm="syz.7.3836" name="file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1
[  140.762605][   T19] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  140.767260][   T60] usb 7-1: USB disconnect, device number 4
[  140.773539][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.773564][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.799927][   T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  140.818689][   T19] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  140.829171][   T19] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  140.838356][   T19] usb 5-1: Manufacturer: syz
[  140.844181][ T9157] tun0: tun_chr_ioctl cmd 1074025675
[  140.844783][   T19] usb 5-1: config 0 descriptor??
[  140.849712][ T9159] loop0: detected capacity change from 0 to 1024
[  140.854808][ T9157] tun0: persist enabled
[  140.862058][ T9159] EXT4-fs: Ignoring removed i_version option
[  140.870015][ T9157] tun0: tun_chr_ioctl cmd 1074025675
[  140.871110][ T9159] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.876459][ T9157] tun0: persist disabled
[  140.882974][ T9159] EXT4-fs: Ignoring removed nobh option
[  140.892882][ T9159] EXT4-fs: Ignoring removed bh option
[  140.898702][ T9159] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  140.921786][ T9159] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  140.939636][   T28] audit: type=1400 audit(140.911:6522): avc:  denied  { map } for  pid=9158 comm="syz.0.3843" path="/742/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  140.964049][  T285] EXT4-fs (loop0): unmounting filesystem.
[  141.084510][   T28] audit: type=1400 audit(141.061:6523): avc:  denied  { write } for  pid=9171 comm="syz.0.3849" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  141.150140][ T9176] device batadv_slave_1 entered promiscuous mode
[  141.156942][ T9175] device batadv_slave_1 left promiscuous mode
[  141.202418][   T28] audit: type=1400 audit(141.181:6524): avc:  denied  { relabelfrom } for  pid=9183 comm="syz.0.3854" name="NETLINK" dev="sockfs" ino=54099 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  141.226278][   T28] audit: type=1400 audit(141.181:6525): avc:  denied  { relabelto } for  pid=9183 comm="syz.0.3854" name="NETLINK" dev="sockfs" ino=54099 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_netfilter_socket permissive=1
[  141.267675][   T19] appleir 0003:05AC:8243.001B: unknown main item tag 0x0
[  141.275253][   T19] appleir 0003:05AC:8243.001B: No inputs registered, leaving
[  141.275437][   T28] audit: type=1400 audit(141.251:6526): avc:  denied  { bind } for  pid=9187 comm="syz.0.3856" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  141.284030][   T19] appleir 0003:05AC:8243.001B: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  141.340853][ T9194] loop8: detected capacity change from 0 to 1024
[  141.348979][   T19] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[  141.356563][ T9198] loop0: detected capacity change from 0 to 1024
[  141.357160][   T19] hid-generic 0000:0000:0000.001C: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  141.363645][ T9198] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.374491][ T9194] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  141.379738][ T9198] EXT4-fs: Mount option(s) incompatible with ext2
[  141.402006][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  141.550954][   T19] usb 5-1: USB disconnect, device number 17
[  141.654274][ T9234] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9234 comm=syz.8.3875
[  141.781981][ T9240] bridge0: port 3(syz_tun) entered blocking state
[  141.788506][ T9240] bridge0: port 3(syz_tun) entered disabled state
[  141.788977][ T9240] device syz_tun entered promiscuous mode
[  141.789079][ T9240] bridge0: port 3(syz_tun) entered blocking state
[  141.807573][ T9240] bridge0: port 3(syz_tun) entered forwarding state
[  141.878885][ T9246] loop8: detected capacity change from 0 to 128
[  142.009367][ T9261] loop0: detected capacity change from 0 to 256
[  142.016559][ T9261] exfat: Deprecated parameter 'namecase'
[  142.024940][ T9261] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  142.056131][ T9263] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3888'.
[  142.108903][ T9273] loop0: detected capacity change from 0 to 256
[  142.117516][ T9273] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  142.131792][ T9273] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  142.141033][ T9273] exFAT-fs (loop0): Filesystem has been set read-only
[  142.187866][ T9280] incfs: Options parsing error. -22
[  142.193157][   T19] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  142.196525][ T9280] incfs: mount failed -22
[  142.253672][ T9296] loop4: detected capacity change from 0 to 512
[  142.267862][ T9296] EXT4-fs error (device loop4): ext4_get_branch:178: inode #13: block 33619980: comm syz.4.3904: invalid block
[  142.280118][ T9296] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.3904: invalid indirect mapped block 10 (level 1)
[  142.299074][ T9296] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.3904: invalid indirect mapped block 8 (level 1)
[  142.314576][ T9296] EXT4-fs (loop4): 1 truncate cleaned up
[  142.320455][ T9296] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  142.351680][  T286] EXT4-fs (loop4): unmounting filesystem.
[  142.381185][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.400069][   T19] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  142.437390][   T19] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  142.460097][   T19] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.480314][   T19] usb 9-1: config 0 descriptor??
[  142.888257][   T19] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0
[  142.898832][   T19] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  142.909595][   T19] plantronics 0003:047F:FFFF.001D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  143.007922][ T9355] loop6: detected capacity change from 0 to 8192
[  143.140302][ T9370] loop0: detected capacity change from 0 to 8192
[  143.156651][ T9370] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  143.165662][ T9370] FAT-fs (loop0): Filesystem has been set read-only
[  143.172778][    T6] usb 9-1: USB disconnect, device number 4
[  143.686133][ T9385] loop8: detected capacity change from 0 to 256
[  143.692634][ T9385] exfat: Deprecated parameter 'namecase'
[  143.700708][ T9385] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  143.733139][ T9388] loop8: detected capacity change from 0 to 512
[  143.741457][ T9388] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.3943: casefold flag without casefold feature
[  143.754207][ T9388] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.3943: couldn't read orphan inode 15 (err -117)
[  143.766188][ T9388] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  143.782815][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  143.793762][ T9392] syz.8.3944[9392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.793807][ T9392] syz.8.3944[9392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.075551][ T9428] loop6: detected capacity change from 0 to 512
[  144.095749][ T9428] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  144.107143][ T9428] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  144.111393][ T9430] loop7: detected capacity change from 0 to 8192
[  144.117312][ T9428] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.3961: invalid block
[  144.130486][ T9430] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  144.142575][ T9428] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.3961: invalid indirect mapped block 4294967295 (level 1)
[  144.159722][ T9430] FAT-fs (loop7): Filesystem has been set read-only
[  144.167540][ T9428] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.3961: invalid indirect mapped block 4294967295 (level 1)
[  144.182001][ T9428] EXT4-fs (loop6): 2 truncates cleaned up
[  144.188982][ T9428] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  144.213685][ T9428] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.3961: bg 0: block 5: invalid block bitmap
[  144.226151][ T9428] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  144.272203][ T9441] loop4: detected capacity change from 0 to 2048
[  144.283875][ T6163] EXT4-fs (loop6): unmounting filesystem.
[  144.349810][  T286] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  144.379638][ T9464] loop8: detected capacity change from 0 to 512
[  144.392349][ T9464] EXT4-fs: Ignoring removed mblk_io_submit option
[  144.400024][ T9464] EXT4-fs: Ignoring removed mblk_io_submit option
[  144.408029][ T9464] EXT4-fs (loop8): Test dummy encryption mode enabled
[  144.414862][ T9464] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  144.426005][ T9464] EXT4-fs (loop8): 1 truncate cleaned up
[  144.435096][ T9464] fscrypt: AES-256-XTS using blk-crypto-fallback
[  144.680097][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  144.720097][   T39] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  144.861150][   T24] usb 7-1: config 0 interface 0 altsetting 10 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.871134][   T24] usb 7-1: config 0 interface 0 has no altsetting 0
[  144.877760][   T24] usb 7-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.00
[  144.886825][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.895314][   T24] usb 7-1: config 0 descriptor??
[  144.901384][   T39] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  144.911631][   T39] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  144.921902][   T39] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  144.930989][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.939010][   T39] usb 5-1: Product: syz
[  144.943192][   T39] usb 5-1: Manufacturer: syz
[  144.947827][   T39] usb 5-1: SerialNumber: syz
[  145.155137][   T39] usb 5-1: 0:2 : does not exist
[  145.162258][   T39] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  145.172683][   T39] usb 5-1: USB disconnect, device number 18
[  145.247284][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.253694][ T9489] Bluetooth: hci0: Frame reassembly failed (-84)
[  145.303400][   T24] lg-g15 0003:046D:C225.001E: item fetching failed at offset 0/2
[  145.311354][   T24] lg-g15: probe of 0003:046D:C225.001E failed with error -22
[  145.348308][ T9495] loop8: detected capacity change from 0 to 128
[  145.471046][ T9499] kvm: apic: phys broadcast and lowest prio
[  145.504907][   T39] usb 7-1: USB disconnect, device number 5
[  146.016811][ T9519] input: syz0 as /devices/virtual/input/input30
[  146.039147][ T9521] loop6: detected capacity change from 0 to 2048
[  146.064428][   T28] kauditd_printk_skb: 2048 callbacks suppressed
[  146.064441][   T28] audit: type=1400 audit(146.041:8575): avc:  denied  { mounton } for  pid=9520 comm="syz.6.4001" path="/388/file2/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  146.073019][ T6163] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 32: comm syz-executor: path /388/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.115827][ T6163] EXT4-fs error (device loop6): ext4_empty_dir:3154: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.136209][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.147865][ T6163] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 32: comm syz-executor: path /388/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.170545][ T6163] EXT4-fs error (device loop6): ext4_empty_dir:3154: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.190923][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.202467][ T6163] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 32: comm syz-executor: path /388/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.225012][ T6163] EXT4-fs error (device loop6): ext4_empty_dir:3154: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.245349][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.256886][ T6163] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 32: comm syz-executor: path /388/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.279441][ T6163] EXT4-fs error (device loop6): ext4_empty_dir:3154: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.299793][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.311359][ T6163] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 32: comm syz-executor: path /388/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.333941][ T6163] EXT4-fs error (device loop6): ext4_empty_dir:3154: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  146.354283][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.366258][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.378132][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.389995][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.401975][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.413876][ T6163] EXT4-fs warning (device loop6): ext4_empty_dir:3156: inode #11: comm syz-executor: directory missing '..'
[  146.485309][ T9526] loop8: detected capacity change from 0 to 512
[  146.493039][ T9526] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  146.502087][ T9526] EXT4-fs (loop8): mounting ext2 file system using the ext4 subsystem
[  146.511296][ T9526] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  146.519326][ T9526] System zones: 0-2, 18-18, 34-34
[  146.524975][ T9526] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  146.542598][ T9526] EXT4-fs (loop8): 1 truncate cleaned up
[  146.592069][ T9531] netlink: 'syz.8.4005': attribute type 1 has an invalid length.
[  146.599868][ T9531] netlink: 'syz.8.4005': attribute type 2 has an invalid length.
[  146.609058][ T9531] netlink: 'syz.8.4005': attribute type 1 has an invalid length.
[  146.621214][ T9531] netlink: 'syz.8.4005': attribute type 2 has an invalid length.
[  146.639821][ T9534] loop4: detected capacity change from 0 to 2048
[  146.677216][ T9534] Alternate GPT is invalid, using primary GPT.
[  146.687699][ T9534]  loop4: p2 p3 p7
[  146.752817][ T9539] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.759969][ T9539] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.767465][ T9539] device bridge_slave_0 entered promiscuous mode
[  146.777938][ T9539] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.785060][ T9539] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.787568][ T9556] support for the xor transformation has been removed.
[  146.792751][ T9539] device bridge_slave_1 entered promiscuous mode
[  146.855919][ T9539] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.862967][ T9539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.870214][ T9539] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.877237][ T9539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.901944][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  146.909551][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.918299][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.929215][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  146.937542][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.944597][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  146.958303][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  146.967032][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.974086][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  146.981453][   T28] audit: type=1400 audit(146.951:8576): avc:  denied  { nlmsg_read } for  pid=9562 comm="syz.0.4020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  147.006302][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  147.016527][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  147.024580][ T9567] loop0: detected capacity change from 0 to 512
[  147.033747][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.044245][ T9567] EXT4-fs error (device loop0): ext4_quota_enable:6993: comm syz.0.4022: Bad quota inum: 1, type: 2
[  147.055412][ T9567] EXT4-fs warning (device loop0): ext4_enable_quotas:7041: Failed to enable quota tracking (type=2, err=-117, ino=1). Please run e2fsck to fix.
[  147.061027][ T9539] device veth0_vlan entered promiscuous mode
[  147.076443][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  147.080649][ T9567] EXT4-fs (loop0): mount failed
[  147.085071][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  147.096417][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  147.104275][   T10] device bridge_slave_1 left promiscuous mode
[  147.110543][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.117791][   T10] device bridge_slave_0 left promiscuous mode
[  147.123967][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.133249][   T10] device veth1_macvtap left promiscuous mode
[  147.140141][   T10] device veth0_vlan left promiscuous mode
[  147.161583][ T9573] loop4: detected capacity change from 0 to 16
[  147.168227][ T9573] erofs: (device loop4): mounted with root inode @ nid 36.
[  147.269934][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  147.279684][ T9539] device veth1_macvtap entered promiscuous mode
[  147.290094][ T2942] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  147.290135][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[  147.300113][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.322951][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  147.338325][ T9584] futex_wake_op: syz.7.4029 tries to shift op by 32; fix this program
[  147.379851][ T9586] loop9: detected capacity change from 0 to 2048
[  147.386973][ T9588] device veth3 entered promiscuous mode
[  147.426146][    T8] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  147.441115][    T8] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 65793 with max blocks 1 with error 28
[  147.454396][    T8] EXT4-fs (loop9): This should not happen!! Data will be lost
[  147.454396][    T8] 
[  147.464229][    T8] EXT4-fs (loop9): Total free blocks count 0
[  147.470316][    T8] EXT4-fs (loop9): Free/Dirty block details
[  147.476331][    T8] EXT4-fs (loop9): free_blocks=66060288
[  147.481995][    T8] EXT4-fs (loop9): dirty_blocks=16
[  147.487354][    T8] EXT4-fs (loop9): Block reservation details
[  147.493429][    T8] EXT4-fs (loop9): i_reserved_data_blocks=1
[  147.522532][ T9604] loop7: detected capacity change from 0 to 128
[  147.529347][ T9604] EXT4-fs (loop7): Test dummy encryption mode enabled
[  147.546533][   T28] audit: type=1400 audit(147.521:8577): avc:  denied  { rename } for  pid=9602 comm="syz.7.4036" name="file2" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  147.568459][   T28] audit: type=1400 audit(147.521:8578): avc:  denied  { reparent } for  pid=9602 comm="syz.7.4036" name="file2" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  147.594358][   T28] audit: type=1400 audit(147.521:8579): avc:  denied  { rmdir } for  pid=9602 comm="syz.7.4036" name="file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  147.747168][ T9620] loop8: detected capacity change from 0 to 40427
[  147.754538][ T9620] F2FS-fs (loop8): invalid crc value
[  147.761337][ T9620] F2FS-fs (loop8): Found nat_bits in checkpoint
[  147.789091][ T9620] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  147.801736][ T9620] syz.8.4043: attempt to access beyond end of device
[  147.801736][ T9620] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  147.871962][ T9629] tipc: Started in network mode
[  147.876875][ T9629] tipc: Node identity -:, cluster identity 4711
[  147.883237][ T9629] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  148.158833][   T28] audit: type=1400 audit(148.131:8580): avc:  denied  { ioctl } for  pid=9653 comm="syz.8.4057" path="socket:[56303]" dev="sockfs" ino=56303 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  148.280313][ T9658] tipc: Cannot configure node identity twice
[  148.312891][ T9665] block device autoloading is deprecated and will be removed.
[  148.511344][   T28] audit: type=1400 audit(148.491:8581): avc:  denied  { search } for  pid=9683 comm="syz.4.4070" name="/" dev="configfs" ino=14195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  148.583034][ T9695] device batadv_slave_1 entered promiscuous mode
[  148.589850][ T9695] device batadv_slave_1 left promiscuous mode
[  148.615658][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4078'.
[  148.650987][   T28] audit: type=1400 audit(148.631:8582): avc:  denied  { ioctl } for  pid=9706 comm="syz.8.4081" path="socket:[56495]" dev="sockfs" ino=56495 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  148.685119][ T9713] xt_bpf: check failed: parse error
[  148.691438][ T9715] usb usb8: usbfs: process 9715 (syz.4.4085) did not claim interface 0 before use
[  148.743946][ T9724] device ip6gretap0 entered promiscuous mode
[  148.749934][ T9724] device macsec1 entered promiscuous mode
[  148.756318][ T9724] device ip6gretap0 left promiscuous mode
[  148.893813][ T9734] loop8: detected capacity change from 0 to 512
[  148.901789][ T9734] EXT4-fs error (device loop8): ext4_orphan_get:1426: comm syz.8.4093: bad orphan inode 15
[  148.912020][ T9734] ext4_test_bit(bit=14, block=5) = 0
[  148.990112][ T2088] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  149.100133][   T60] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  149.170103][ T2088] usb 5-1: Using ep0 maxpacket: 32
[  149.176339][ T2088] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.187230][ T2088] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.196986][ T2088] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  149.206041][ T2088] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.214674][ T2088] usb 5-1: config 0 descriptor??
[  149.281273][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.292360][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.302215][   T60] usb 10-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  149.311391][   T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.320503][   T60] usb 10-1: config 0 descriptor??
[  149.623807][ T2088] savu 0003:1E7D:2D5A.001F: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  149.728258][   T60] cp2112 0003:10C4:EA90.0020: unknown main item tag 0x0
[  149.735815][   T60] cp2112 0003:10C4:EA90.0020: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.9-1/input0
[  149.900922][ T2088] usb 5-1: USB disconnect, device number 19
[  149.927978][   T60] cp2112 0003:10C4:EA90.0020: Part Number: 0x82 Device Version: 0xFE
[  150.021163][ T9764] loop8: detected capacity change from 0 to 512
[  150.027712][ T9764] ext4: Unknown parameter 'fowner>18446744073709551615'
[  150.135483][   T60] cp2112 0003:10C4:EA90.0020: error requesting SMBus config
[  150.143224][   T60] cp2112: probe of 0003:10C4:EA90.0020 failed with error -71
[  150.151512][   T60] usb 10-1: USB disconnect, device number 2
[  150.421949][ T9782] input: syz1 as /devices/virtual/input/input31
[  150.492402][ T9785] loop4: detected capacity change from 0 to 256
[  150.498836][ T9785] exfat: Deprecated parameter 'namecase'
[  150.504506][ T9785] exfat: Deprecated parameter 'utf8'
[  150.512578][ T9785] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  150.591445][ T9793] loop4: detected capacity change from 0 to 1024
[  150.617485][ T9798] loop4: detected capacity change from 0 to 512
[  150.687612][ T9811] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4126'.
[  150.700638][ T2088] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  150.713496][   T28] audit: type=1400 audit(150.691:8583): avc:  denied  { read } for  pid=9814 comm="syz.7.4128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  150.809799][ T9813] loop4: detected capacity change from 0 to 40427
[  150.817719][ T9813] F2FS-fs (loop4): invalid crc value
[  150.823602][ T9820] SELinux:  policydb magic number 0x6b7a7973 does not match expected magic number 0xf97cff8c
[  150.824493][ T9813] F2FS-fs (loop4): Found nat_bits in checkpoint
[  150.833927][ T9820] SELinux: failed to load policy
[  150.869529][ T9813] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  150.890153][ T2088] usb 9-1: Using ep0 maxpacket: 32
[  150.899243][ T2088] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  150.907768][ T2088] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  150.907959][  T286] syz-executor: attempt to access beyond end of device
[  150.907959][  T286] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  150.916456][ T2088] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  150.939244][ T2088] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  150.949296][ T2088] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  150.958962][ T2088] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  150.971985][ T2088] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  150.981069][ T2088] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.995772][ T2088] usb 9-1: config 0 descriptor??
[  151.045417][   T28] audit: type=1400 audit(151.021:8584): avc:  denied  { unlink } for  pid=9833 comm="syz.4.4135" name="#8" dev="tmpfs" ino=4847 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  151.073098][ T9834] overlayfs: conflicting lowerdir path
[  151.090902][ T9834] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  151.213333][ T2088] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  151.365657][ T9850] loop0: detected capacity change from 0 to 40427
[  151.373625][ T9850] F2FS-fs (loop0): invalid crc value
[  151.380159][ T9850] F2FS-fs (loop0): Found nat_bits in checkpoint
[  151.400565][ T9865] tmpfs: Unknown parameter 'nolazytime1'
[  151.417431][ T9850] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  151.444731][   T28] audit: type=1400 audit(151.421:8585): avc:  denied  { shutdown } for  pid=9871 comm="syz.7.4151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  151.461944][ T9874] loop7: detected capacity change from 0 to 512
[  151.464872][   T28] audit: type=1400 audit(151.421:8586): avc:  denied  { write } for  pid=9871 comm="syz.7.4151" path="socket:[57790]" dev="sockfs" ino=57790 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  151.473643][ T9850] syz.0.4142: attempt to access beyond end of device
[  151.473643][ T9850] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  151.510312][ T9874] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  151.525701][  T285] syz-executor: attempt to access beyond end of device
[  151.525701][  T285] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  151.544818][ T9876] loop9: detected capacity change from 0 to 512
[  151.640091][ T2252] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  151.698845][ T9901] loop0: detected capacity change from 0 to 512
[  151.705913][ T9901] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  151.723709][   T28] audit: type=1400 audit(151.701:8587): avc:  denied  { relabelto } for  pid=9900 comm="syz.0.4163" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:hwdata_t:s0"
[  151.724380][ T9901] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  151.820145][ T2252] usb 5-1: Using ep0 maxpacket: 16
[  151.826458][ T2252] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.837444][ T2252] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.847243][ T2252] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  151.860100][ T2252] usb 5-1: config 0 interface 0 has no altsetting 0
[  151.866705][ T2252] usb 5-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  151.875736][ T2252] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.884544][ T2252] usb 5-1: config 0 descriptor??
[  151.910109][   T19] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  152.092606][   T19] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  152.103637][   T19] usb 10-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  152.112760][   T19] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.121517][   T19] usb 10-1: config 0 descriptor??
[  152.126911][ T9893] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[  152.294320][ T2252] hid-generic 0003:045E:05DA.0021: unknown main item tag 0x0
[  152.301986][ T2252] hid-generic 0003:045E:05DA.0021: unknown main item tag 0x0
[  152.309376][ T2252] hid-generic 0003:045E:05DA.0021: unknown main item tag 0x0
[  152.316765][ T2252] hid-generic 0003:045E:05DA.0021: ignoring exceeding usage max
[  152.325840][ T2252] hid-generic 0003:045E:05DA.0021: unknown main item tag 0x0
[  152.333608][ T2252] hid-generic 0003:045E:05DA.0021: unknown main item tag 0x0
[  152.341019][ T2252] hid-generic 0003:045E:05DA.0021: unbalanced collection at end of report description
[  152.350762][ T2252] hid-generic: probe of 0003:045E:05DA.0021 failed with error -22
[  152.506715][ T2252] usb 5-1: USB disconnect, device number 20
[  152.536898][   T19] usbhid 10-1:0.0: can't add hid device: -71
[  152.542977][   T19] usbhid: probe of 10-1:0.0 failed with error -71
[  152.549953][   T19] usb 10-1: USB disconnect, device number 3
[  153.125782][ T9934] loop0: detected capacity change from 0 to 512
[  153.140154][ T9934] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  153.170544][ T9934] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.4178: bad orphan inode 131083
[  153.417987][   T19] usb 9-1: USB disconnect, device number 5
[  153.427341][   T19] usblp0: removed
[  153.482423][ T9944] loop0: detected capacity change from 0 to 40427
[  153.489673][ T9944] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  153.500797][ T9944] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  153.509378][ T9944] F2FS-fs (loop0): heap/no_heap options were deprecated
[  153.517518][ T9944] F2FS-fs (loop0): invalid crc value
[  153.529859][ T9944] F2FS-fs (loop0): Found nat_bits in checkpoint
[  153.544225][   T28] audit: type=1400 audit(153.521:8588): avc:  denied  { bind } for  pid=9953 comm="syz.4.4185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  153.603584][ T9944] F2FS-fs (loop0): Start checkpoint disabled!
[  153.626759][ T9944] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  153.640085][ T9944] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  153.744636][  T313] kworker/u4:3: attempt to access beyond end of device
[  153.744636][  T313] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  153.769662][ T9959] netlink: 'syz.4.4188': attribute type 280 has an invalid length.
[  153.812902][ T9961] loop4: detected capacity change from 0 to 512
[  153.834281][ T9961] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  153.845673][   T19] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  153.883442][ T9961] EXT4-fs warning (device loop4): ext4_group_add:1723: Can't resize non-sparse filesystem further
[  153.984799][    T6] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  153.992896][    T6] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  154.041191][   T19] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  154.052059][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.067319][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.078439][   T19] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  154.093454][ T9971] hid-generic 0000:0000:0000.0022: pid 9971 passed too short report
[  154.101798][   T19] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  154.111694][   T19] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  154.113972][ T9980] loop0: detected capacity change from 0 to 128
[  154.120079][   T19] usb 9-1: Manufacturer: syz
[  154.149606][   T19] usb 9-1: config 0 descriptor??
[  154.555470][ T9990] loop9: detected capacity change from 0 to 131072
[  154.562487][ T9990] F2FS-fs (loop9): Wrong CP boundary, start(512) end(1536) blocks(0)
[  154.570613][ T9990] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  154.579518][ T9990] F2FS-fs (loop9): invalid crc value
[  154.586116][   T19] appleir 0003:05AC:8243.0023: unknown main item tag 0x0
[  154.593455][   T19] appleir 0003:05AC:8243.0023: No inputs registered, leaving
[  154.602450][   T19] appleir 0003:05AC:8243.0023: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0
[  154.618639][ T9990] F2FS-fs (loop9): Found nat_bits in checkpoint
[  154.638882][   T28] audit: type=1400 audit(154.601:8589): avc:  denied  { write } for  pid=10008 comm="syz.7.4206" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  154.664694][ T9990] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  154.671863][ T9990] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  154.804554][   T28] audit: type=1400 audit(154.781:8590): avc:  denied  { append } for  pid=9945 comm="syz.8.4182" name="hiddev0" dev="devtmpfs" ino=899 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.866060][T10015] loop4: detected capacity change from 0 to 40427
[  154.872984][T10015] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  154.880775][T10015] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  154.891322][   T24] usb 9-1: USB disconnect, device number 6
[  154.891519][T10015] F2FS-fs (loop4): Found nat_bits in checkpoint
[  154.933248][T10015] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  154.940392][T10015] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  155.034660][T10031] loop9: detected capacity change from 0 to 256
[  155.043389][T10031] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  155.048946][T10033] loop4: detected capacity change from 0 to 2048
[  155.061122][   T28] audit: type=1326 audit(155.041:8591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10030 comm="syz.9.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  155.084912][   T28] audit: type=1326 audit(155.041:8592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10030 comm="syz.9.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  155.108095][   T28] audit: type=1326 audit(155.071:8593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10030 comm="syz.9.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  155.130287][T10033] fs-verity: sha512 using implementation "sha512-avx2"
[  155.131191][   T28] audit: type=1326 audit(155.071:8594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10030 comm="syz.9.4215" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  155.169970][T10038] loop9: detected capacity change from 0 to 512
[  155.176815][T10038] EXT4-fs (loop9): Test dummy encryption mode enabled
[  155.183664][T10038] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  155.195254][T10038] EXT4-fs (loop9): 1 truncate cleaned up
[  155.217877][T10043] loop9: detected capacity change from 0 to 256
[  155.427168][T10053] loop8: detected capacity change from 0 to 128
[  155.446508][T10055] loop9: detected capacity change from 0 to 512
[  155.500009][T10061] loop7: detected capacity change from 0 to 256
[  155.501050][T10059] input: syz0 as /devices/virtual/input/input32
[  155.661532][T10063] loop7: detected capacity change from 0 to 40427
[  155.662277][T10063] F2FS-fs (loop7): fault_injection options not supported
[  155.675118][T10063] F2FS-fs (loop7): fault_type options not supported
[  155.681737][T10063] F2FS-fs (loop7): Image doesn't support compression
[  155.681789][T10063] F2FS-fs (loop7): Image doesn't support compression
[  155.682468][T10063] F2FS-fs (loop7): invalid crc value
[  155.700954][   T19] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  155.702367][T10063] F2FS-fs (loop7): Found nat_bits in checkpoint
[  155.744245][T10063] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  155.772934][ T7168] syz-executor: attempt to access beyond end of device
[  155.772934][ T7168] loop7: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  155.790110][    T6] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[  155.880085][   T19] usb 9-1: Using ep0 maxpacket: 32
[  155.886277][   T19] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 195, changing to 11
[  155.886311][   T19] usb 9-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26623, setting to 1024
[  155.909543][   T19] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  155.909572][   T19] usb 9-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  155.909594][   T19] usb 9-1: Product: syz
[  155.909608][   T19] usb 9-1: Manufacturer: syz
[  155.927810][T10053] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  155.928261][   T19] hub 9-1:4.0: USB hub found
[  155.981135][    T6] usb 10-1: config 0 has an invalid interface number: 39 but max is 0
[  155.981164][    T6] usb 10-1: config 0 has no interface number 0
[  155.981205][    T6] usb 10-1: config 0 interface 39 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  156.006642][    T6] usb 10-1: New USB device found, idVendor=0499, idProduct=4d3f, bcdDevice=d2.2a
[  156.006667][    T6] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.006686][    T6] usb 10-1: Product: syz
[  156.006734][    T6] usb 10-1: Manufacturer: syz
[  156.006749][    T6] usb 10-1: SerialNumber: syz
[  156.007444][    T6] usb 10-1: config 0 descriptor??
[  156.035164][T10072] loop7: detected capacity change from 0 to 40427
[  156.035656][T10072] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[  156.035678][T10072] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  156.035807][T10072] F2FS-fs (loop7): heap/no_heap options were deprecated
[  156.036453][T10072] F2FS-fs (loop7): invalid crc value
[  156.051473][T10072] F2FS-fs (loop7): Found nat_bits in checkpoint
[  156.085283][T10072] F2FS-fs (loop7): Start checkpoint disabled!
[  156.105528][T10072] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  156.112869][T10072] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  156.129324][   T19] hub 9-1:4.0: 2 ports detected
[  156.170124][    T8] kworker/u4:0: attempt to access beyond end of device
[  156.170124][    T8] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  156.221718][    T6] usb 10-1: USB disconnect, device number 4
[  156.329746][   T19] hub 9-1:4.0: hub_hub_status failed (err = -71)
[  156.336150][   T19] hub 9-1:4.0: config failed, can't get hub status (err -71)
[  156.370312][   T19] usb 9-1: USB disconnect, device number 7
[  156.570247][ T2982] Bluetooth: hci0: command 0x1003 tx timeout
[  156.570274][ T9582] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  156.602962][T10088] loop0: detected capacity change from 0 to 512
[  156.771240][T10105] tmpfs: Unknown parameter 'n'
[  157.106284][T10101] loop9: detected capacity change from 0 to 131072
[  157.118971][T10125] loop8: detected capacity change from 0 to 4096
[  157.130570][T10101] F2FS-fs (loop9): Invalid log sectorsize (67108873)
[  157.137267][T10101] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  157.146477][T10101] F2FS-fs (loop9): invalid crc value
[  157.163574][T10101] F2FS-fs (loop9): Found nat_bits in checkpoint
[  157.199724][T10101] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  157.207131][T10101] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  157.334156][T10127] loop0: detected capacity change from 0 to 131072
[  157.343030][T10127] F2FS-fs (loop0): invalid crc value
[  157.350025][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  157.358884][ T7179] EXT4-fs unmount: 39 callbacks suppressed
[  157.358899][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  157.361566][   T28] audit: type=1400 audit(157.321:8597): avc:  denied  { write } for  pid=10129 comm="syz.4.4253" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  157.392485][T10127] F2FS-fs (loop0): Found nat_bits in checkpoint
[  157.428950][T10127] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  157.739339][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  157.762751][T10173] kernel profiling enabled (shift: 5)
[  157.950407][T10192] loop9: detected capacity change from 0 to 40427
[  157.957639][T10192] F2FS-fs (loop9): fault_injection options not supported
[  157.965220][T10192] F2FS-fs (loop9): Image doesn't support compression
[  157.972921][T10192] F2FS-fs (loop9): invalid crc value
[  157.979297][T10192] F2FS-fs (loop9): Found nat_bits in checkpoint
[  158.006961][T10192] F2FS-fs (loop9): Start checkpoint disabled!
[  158.014141][T10192] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  158.035604][T10192] syz.9.4277: attempt to access beyond end of device
[  158.035604][T10192] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.051002][T10192] syz.9.4277: attempt to access beyond end of device
[  158.051002][T10192] loop9: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  158.080572][    T8] kworker/u4:0: attempt to access beyond end of device
[  158.080572][    T8] loop9: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  158.199838][ T2252] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[  158.207725][ T2252] hid-generic 0000:0000:0000.0024: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  158.295412][T10209] loop9: detected capacity change from 0 to 256
[  158.304424][T10209] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  158.318763][T10209] exFAT-fs (loop9): hint_cluster is invalid (17)
[  158.447206][T10231] loop8: detected capacity change from 0 to 256
[  158.680161][T10237] device bridge0 entered promiscuous mode
[  158.686186][T10236] device bridge0 left promiscuous mode
[  158.730538][ T2252] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  158.843957][T10248] xt_hashlimit: size too large, truncated to 1048576
[  158.886579][T10250] loop0: detected capacity change from 0 to 128
[  158.902784][T10250] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  158.912346][ T2252] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.927711][ T2252] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.944039][  T285] EXT4-fs (loop0): unmounting filesystem.
[  158.949827][ T2252] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  158.964053][ T2252] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  158.978346][ T2252] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.987660][ T2252] usb 10-1: config 0 descriptor??
[  159.034371][T10261] loop0: detected capacity change from 0 to 512
[  159.041016][T10261] EXT4-fs: Ignoring removed orlov option
[  159.046981][T10261] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  159.058682][T10261] EXT4-fs (loop0): 1 orphan inode deleted
[  159.064480][T10261] EXT4-fs (loop0): 1 truncate cleaned up
[  159.070176][T10261] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  159.083532][T10261] EXT4-fs error (device loop0): ext4_check_all_de:666: inode #12: block 7: comm syz.0.4308: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=124 fake=0
[  159.103349][T10261] EXT4-fs (loop0): Remounting filesystem read-only
[  159.111229][T10261] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.0.4308: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=56 fake=0
[  159.132182][T10261] EXT4-fs (loop0): Remounting filesystem read-only
[  159.138690][T10261] EXT4-fs error (device loop0) in ext4_delete_inline_entry:1804: Corrupt filesystem
[  159.148265][T10261] EXT4-fs (loop0): Remounting filesystem read-only
[  159.161348][  T285] EXT4-fs (loop0): unmounting filesystem.
[  159.175599][T10268] loop0: detected capacity change from 0 to 512
[  159.182173][T10268] EXT4-fs: Ignoring removed nobh option
[  159.189508][T10268] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  159.206647][  T285] EXT4-fs (loop0): unmounting filesystem.
[  159.402758][ T2252] plantronics 0003:047F:FFFF.0025: unknown main item tag 0xd
[  159.411781][ T2252] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving
[  159.420496][ T2252] plantronics 0003:047F:FFFF.0025: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  159.450842][T10299] I/O error, dev loop15, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  159.460081][T10299] FAT-fs (loop15): unable to read boot sector
[  159.532021][   T28] audit: type=1400 audit(159.511:8598): avc:  denied  { setopt } for  pid=10310 comm="syz.0.4331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  159.535705][T10313] loop7: detected capacity change from 0 to 1024
[  159.558648][T10313] EXT4-fs: Ignoring removed orlov option
[  159.564605][T10313] EXT4-fs: Ignoring removed nomblk_io_submit option
[  159.582645][T10313] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  159.603750][ T7168] EXT4-fs (loop7): unmounting filesystem.
[  159.631061][T10324] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  159.664154][T10331] netlink: 'syz.7.4339': attribute type 2 has an invalid length.
[  159.711847][ T2088] usb 10-1: USB disconnect, device number 5
[  159.770114][ T9582] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  159.770147][ T2982] Bluetooth: hci0: command 0x1003 tx timeout
[  159.857356][T10348] loop7: detected capacity change from 0 to 1024
[  159.914653][T10348] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  159.935457][T10348] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  159.979481][T10348] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 65 with error 28
[  159.992158][T10348] EXT4-fs (loop7): This should not happen!! Data will be lost
[  159.992158][T10348] 
[  160.022353][T10348] EXT4-fs (loop7): Total free blocks count 0
[  160.040115][T10348] EXT4-fs (loop7): Free/Dirty block details
[  160.046086][T10348] EXT4-fs (loop7): free_blocks=4293918720
[  160.051874][T10348] EXT4-fs (loop7): dirty_blocks=80
[  160.057113][T10348] EXT4-fs (loop7): Block reservation details
[  160.063199][T10348] EXT4-fs (loop7): i_reserved_data_blocks=5
[  160.080748][   T60] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  160.082981][ T7168] EXT4-fs (loop7): unmounting filesystem.
[  160.120146][T10362] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4352'.
[  160.147772][T10365] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  160.286731][   T60] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  160.310092][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.318659][   T60] usb 5-1: config 0 descriptor??
[  160.682400][T10355] loop8: detected capacity change from 0 to 262144
[  160.689790][T10355] F2FS-fs (loop8): invalid crc value
[  160.696557][T10355] F2FS-fs (loop8): Found nat_bits in checkpoint
[  160.723987][T10355] F2FS-fs (loop8): Start checkpoint disabled!
[  160.730829][T10355] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  160.930616][   T60] usb 5-1: Cannot set autoneg
[  160.935436][   T60] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71
[  160.944453][   T60] usb 5-1: USB disconnect, device number 21
[  161.012212][T10382] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  161.159042][T10389] loop9: detected capacity change from 0 to 128
[  161.165558][T10389] EXT4-fs: Ignoring removed nobh option
[  161.173101][T10389] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  161.190425][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  161.305768][T10410] loop8: detected capacity change from 0 to 1024
[  161.321852][T10410] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  161.340774][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  161.354688][T10404] loop9: detected capacity change from 0 to 40427
[  161.362386][T10404] F2FS-fs (loop9): invalid crc value
[  161.369012][T10404] F2FS-fs (loop9): Found nat_bits in checkpoint
[  161.397588][T10404] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  161.417726][ T9539] syz-executor: attempt to access beyond end of device
[  161.417726][ T9539] loop9: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[  161.432014][ T9539] syz-executor: attempt to access beyond end of device
[  161.432014][ T9539] loop9: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  161.446423][ T9539] F2FS-fs (loop9): Issue discard(4614, 4614, 1019) failed, ret: -5
[  161.446450][ T9539] F2FS-fs (loop9): Issue discard(5637, 5637, 10747) failed, ret: -5
[  161.464624][T10423] loop4: detected capacity change from 0 to 512
[  161.497815][T10423] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #3: comm syz.4.4376: corrupted inode contents
[  161.515203][T10423] EXT4-fs error (device loop4): ext4_dirty_inode:6120: inode #3: comm syz.4.4376: mark_inode_dirty error
[  161.528118][   T28] audit: type=1326 audit(161.511:8599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.561552][   T28] audit: type=1326 audit(161.511:8600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.584880][   T28] audit: type=1326 audit(161.511:8601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.607950][   T28] audit: type=1326 audit(161.511:8602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.630892][   T28] audit: type=1326 audit(161.511:8603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.636349][T10423] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #3: comm syz.4.4376: corrupted inode contents
[  161.655683][   T28] audit: type=1326 audit(161.531:8604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10428 comm="syz.9.4375" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c7c78e929 code=0x7ffc0000
[  161.688723][T10423] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.4376: mark_inode_dirty error
[  161.700776][T10423] Quota error (device loop4): write_blk: dquota write failed
[  161.708340][T10423] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  161.728486][T10423] EXT4-fs error (device loop4): ext4_acquire_dquot:6789: comm syz.4.4376: Failed to acquire dquot type 0
[  161.741359][T10423] EXT4-fs (loop4): 1 orphan inode deleted
[  161.748591][T10423] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  161.763421][   T10] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:1: Failed to release dquot type 1
[  161.822103][  T286] EXT4-fs (loop4): unmounting filesystem.
[  161.828026][   T10] EXT4-fs error (device loop4): ext4_release_dquot:6825: comm kworker/u4:1: Failed to release dquot type 1
[  161.958096][T10460] loop9: detected capacity change from 0 to 1024
[  161.967311][T10460] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  162.015573][T10460] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  162.044225][T10460] EXT4-fs error (device loop9): ext4_expand_extra_isize_ea:2748: inode #12: comm syz.9.4390: corrupted in-inode xattr
[  162.052912][T10456] loop8: detected capacity change from 0 to 40427
[  162.058112][T10460] EXT4-fs (loop9): Remounting filesystem read-only
[  162.065059][T10456] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[  162.078032][T10456] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  162.086512][T10456] F2FS-fs (loop8): fault_injection options not supported
[  162.088975][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  162.093795][T10456] F2FS-fs (loop8): fault_type options not supported
[  162.106784][T10456] F2FS-fs (loop8): invalid crc value
[  162.113500][T10456] F2FS-fs (loop8): Found nat_bits in checkpoint
[  162.151792][T10456] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  162.158850][T10456] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  162.192147][T10456] syz.8.4389: attempt to access beyond end of device
[  162.192147][T10456] loop8: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  162.192659][T10478] input: syz0 as /devices/virtual/input/input34
[  162.212570][T10478] input: failed to attach handler leds to device input34, error: -6
[  162.221482][ T7179] syz-executor: attempt to access beyond end of device
[  162.221482][ T7179] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  162.267255][T10482] loop9: detected capacity change from 0 to 2048
[  162.281476][T10482] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  162.300192][ T2088] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  162.308650][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  162.399360][T10496] loop9: detected capacity change from 0 to 2048
[  162.406024][T10496] ext4: Unknown parameter 'noacl'
[  162.490542][ T2088] usb 5-1: Using ep0 maxpacket: 16
[  162.497018][ T2088] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  162.507250][ T2088] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  162.517725][ T2088] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  162.526838][ T2088] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.534981][ T2088] usb 5-1: Product: syz
[  162.539261][ T2088] usb 5-1: Manufacturer: syz
[  162.543980][ T2088] usb 5-1: SerialNumber: syz
[  162.626817][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[  162.751995][ T2088] usb 5-1: Audio class v2/v3 interfaces need an interface association
[  162.761218][ T2088] snd-usb-audio: probe of 5-1:1.0 failed with error -22
[  162.768756][ T2088] usb 5-1: USB disconnect, device number 22
[  163.233713][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  163.233728][   T28] audit: type=1400 audit(163.211:8614): avc:  denied  { remount } for  pid=10509 comm="syz.7.4410" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  163.276329][T10513] xt_hashlimit: size too large, truncated to 1048576
[  163.300888][   T28] audit: type=1400 audit(163.281:8615): avc:  denied  { mount } for  pid=10516 comm="syz.0.4413" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  163.342966][   T28] audit: type=1400 audit(163.311:8616): avc:  denied  { mounton } for  pid=10516 comm="syz.0.4413" path="/891/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  163.425351][T10505] loop8: detected capacity change from 0 to 40427
[  163.460352][T10505] F2FS-fs (loop8): invalid crc value
[  163.481051][T10505] F2FS-fs (loop8): Found nat_bits in checkpoint
[  163.550225][T10505] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  163.585451][T10518] loop7: detected capacity change from 0 to 40427
[  163.593335][T10518] F2FS-fs (loop7): invalid crc value
[  163.618883][T10518] F2FS-fs (loop7): Found nat_bits in checkpoint
[  163.694099][T10518] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  163.744419][T10505] syz.8.4408: attempt to access beyond end of device
[  163.744419][T10505] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  163.758667][ T7168] syz-executor: attempt to access beyond end of device
[  163.758667][ T7168] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  163.873506][T10541] loop0: detected capacity change from 0 to 40427
[  163.880783][T10541] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  163.888579][T10541] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  163.938060][T10541] F2FS-fs (loop0): invalid crc value
[  163.970882][T10541] F2FS-fs (loop0): Found nat_bits in checkpoint
[  164.021943][T10556] loop8: detected capacity change from 0 to 512
[  164.032806][T10541] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  164.040229][T10541] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  164.051656][T10556] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  164.064151][T10556] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4425: corrupted inode contents
[  164.076303][T10556] EXT4-fs error (device loop8): ext4_dirty_inode:6120: inode #2: comm syz.8.4425: mark_inode_dirty error
[  164.087845][T10556] EXT4-fs error (device loop8): ext4_do_update_inode:5255: inode #2: comm syz.8.4425: corrupted inode contents
[  164.102811][T10556] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.4425: mark_inode_dirty error
[  164.121045][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x4
[  164.128704][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x2
[  164.152292][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.158707][T10570] binder: 10569:10570 ioctl c018620c 200000000180 returned -22
[  164.160243][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.175550][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.175843][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  164.183437][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.197657][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.205354][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.212646][   T28] audit: type=1400 audit(164.191:8617): avc:  denied  { watch watch_reads } for  pid=10573 comm="syz.0.4433" path="/900/file1" dev="tmpfs" ino=4688 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  164.213136][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.244689][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.252348][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.259967][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.267607][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.275275][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.282940][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.291652][ T2088] hid-generic 0000:3000000:0000.0026: unknown main item tag 0x0
[  164.299785][ T2088] hid-generic 0000:3000000:0000.0026: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  164.321302][T10579] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4431'.
[  164.362682][T10589] loop8: detected capacity change from 0 to 128
[  164.370732][T10589] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  164.390651][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  164.478783][T10606] loop8: detected capacity change from 0 to 1024
[  164.485862][T10606] EXT4-fs: Ignoring removed bh option
[  164.497512][T10606] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  164.511438][T10606] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  164.532847][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  164.650239][ T2982] Bluetooth: hci0: command 0x1003 tx timeout
[  164.660084][ T9582] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  165.279734][T10652] loop7: detected capacity change from 0 to 512
[  165.296363][T10652] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  165.327042][T10652] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  165.348090][T10652] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.4467: corrupted xattr block 19
[  165.360088][T10652] EXT4-fs (loop7): Remounting filesystem read-only
[  165.366629][T10652] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[  165.376368][T10652] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.4467: corrupted xattr block 19
[  165.388462][T10652] EXT4-fs (loop7): Remounting filesystem read-only
[  165.395023][T10652] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[  165.404897][   T28] audit: type=1400 audit(165.381:8618): avc:  denied  { link } for  pid=10651 comm="syz.7.4467" name="file1" dev="loop7" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  165.405396][T10652] EXT4-fs error (device loop7): ext4_xattr_block_get:546: inode #15: comm syz.7.4467: corrupted xattr block 19
[  165.438358][T10652] EXT4-fs (loop7): Remounting filesystem read-only
[  165.444890][T10652] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop7 ino=15
[  165.466006][ T7168] EXT4-fs (loop7): unmounting filesystem.
[  165.675796][T10670] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  165.689980][T10670] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  165.730101][T10674] loop9: detected capacity change from 0 to 512
[  165.741774][T10674] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  165.759943][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  165.782821][T10680] loop9: detected capacity change from 0 to 256
[  165.789423][T10680] exFAT-fs (loop9): bogus sector size bits : 0
[  165.795740][T10680] exFAT-fs (loop9): failed to read boot sector
[  165.802217][T10680] exFAT-fs (loop9): failed to recognize exfat type
[  165.853508][   T28] audit: type=1400 audit(165.831:8619): avc:  denied  { create } for  pid=10679 comm="syz.9.4478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  165.896590][T10686] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  165.978697][   T19] kernel write not supported for file /stat (pid: 19 comm: kworker/0:1)
[  166.053594][T10711] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4491'.
[  166.183044][   T28] audit: type=1326 audit(166.151:8620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10656 comm="syz.8.4468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f599ab8e929 code=0x7fc00000
[  166.201255][T10729] loop8: detected capacity change from 0 to 512
[  166.214300][T10729] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  166.233186][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  166.285924][T10742] loop8: detected capacity change from 0 to 512
[  166.301608][T10742] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  166.319452][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  166.464433][T10734] binder: 10733:10734 ioctl c0306201 200000001a80 returned -14
[  166.504629][T10759] loop7: detected capacity change from 0 to 128
[  166.512088][T10759] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[  166.520181][T10759] System zones: 1-3, 19-19, 35-36
[  166.525593][T10759] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  166.536997][T10759] EXT4-fs warning (device loop7): ext4_group_add:1743: No reserved GDT blocks, can't resize
[  166.554123][ T7168] EXT4-fs (loop7): unmounting filesystem.
[  166.902415][T10801] loop9: detected capacity change from 0 to 40427
[  166.919252][T10801] F2FS-fs (loop9): invalid crc value
[  166.952048][T10801] F2FS-fs (loop9): Found nat_bits in checkpoint
[  166.970675][   T28] audit: type=1326 audit(166.951:8621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10813 comm="syz.7.4534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe5a692ab19 code=0x7ffc0000
[  167.025324][   T28] audit: type=1326 audit(166.971:8622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10813 comm="syz.7.4534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a698e929 code=0x7ffc0000
[  167.060540][T10801] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  167.082344][   T28] audit: type=1326 audit(166.971:8623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10813 comm="syz.7.4534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a698e929 code=0x7ffc0000
[  167.135809][T10829] loop8: detected capacity change from 0 to 1024
[  167.149485][T10829] EXT4-fs (loop8): Test dummy encryption mode enabled
[  167.187616][T10829] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  167.221207][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  167.257850][T10834] syz.9.4529: attempt to access beyond end of device
[  167.257850][T10834] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  167.447342][T10845] loop4: detected capacity change from 0 to 1024
[  167.515623][T10845] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  167.541807][T10838] loop8: detected capacity change from 0 to 40427
[  167.559703][T10838] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504)
[  167.573030][T10838] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  167.573732][  T286] EXT4-fs (loop4): unmounting filesystem.
[  167.581957][T10838] F2FS-fs (loop8): fault_injection options not supported
[  167.595141][T10838] F2FS-fs (loop8): fault_type options not supported
[  167.606407][T10838] F2FS-fs (loop8): invalid crc value
[  167.614632][T10838] F2FS-fs (loop8): Found nat_bits in checkpoint
[  167.647945][T10838] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  167.655170][T10838] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  167.713306][ T7179] syz-executor: attempt to access beyond end of device
[  167.713306][ T7179] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  167.880618][T10898] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4569'.
[  167.960107][ T2088] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  167.976695][T10894] loop4: detected capacity change from 0 to 40427
[  167.984462][T10894] F2FS-fs (loop4): invalid crc value
[  167.991309][T10894] F2FS-fs (loop4): Found nat_bits in checkpoint
[  168.026766][T10894] F2FS-fs (loop4): Start checkpoint disabled!
[  168.033490][T10894] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  168.099209][   T10] kworker/u4:1: attempt to access beyond end of device
[  168.099209][   T10] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  168.100112][    T6] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  168.160964][ T2088] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  168.180158][ T2088] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  168.197721][T10932] binder: 10931:10932 ioctl c0306201 200000000080 returned -14
[  168.209905][ T2088] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  168.212928][T10936] overlayfs: failed to clone upperpath
[  168.224697][ T2088] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.238469][ T2088] usb 10-1: Product: syz
[  168.245088][ T2088] usb 10-1: Manufacturer: syz
[  168.249769][ T2088] usb 10-1: SerialNumber: syz
[  168.275261][   T28] kauditd_printk_skb: 701 callbacks suppressed
[  168.275276][   T28] audit: type=1400 audit(168.251:9325): avc:  denied  { getopt } for  pid=10939 comm="syz.7.4588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  168.331203][    T6] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.332091][T10946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4591'.
[  168.350068][    T6] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  168.370829][    T6] usb 9-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=ef.18
[  168.380127][    T6] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.388195][    T6] usb 9-1: Product: syz
[  168.394925][   T28] audit: type=1400 audit(168.381:9326): avc:  denied  { setopt } for  pid=10948 comm="syz.4.4593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  168.414192][    T6] usb 9-1: Manufacturer: syz
[  168.418807][    T6] usb 9-1: SerialNumber: syz
[  168.424317][    T6] usb 9-1: config 0 descriptor??
[  168.429319][   T28] audit: type=1400 audit(168.401:9327): avc:  denied  { read } for  pid=10948 comm="syz.4.4593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  168.436714][T10934] loop0: detected capacity change from 0 to 40427
[  168.455035][T10934] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  168.463783][T10934] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  168.464241][ T2088] usb 10-1: 0:2 : does not exist
[  168.476314][T10934] F2FS-fs (loop0): Found nat_bits in checkpoint
[  168.479546][ T2088] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[  168.518591][ T2088] usb 10-1: USB disconnect, device number 6
[  168.527900][T10934] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  168.534997][T10934] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  168.676000][T10892] netlink: 43 bytes leftover after parsing attributes in process `syz.8.4559'.
[  168.696088][    T6] usb 9-1: USB disconnect, device number 8
[  168.999977][T10999] loop9: detected capacity change from 0 to 512
[  169.008222][T10999] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #15: comm syz.9.4613: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964)
[  169.026890][T10999] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.4613: couldn't read orphan inode 15 (err -117)
[  169.039197][T10999] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  169.064134][T10999] EXT4-fs (loop9): shut down requested (2)
[  169.077776][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  169.106386][T11015] loop0: detected capacity change from 0 to 1024
[  169.137521][T11015] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  169.151536][   T28] audit: type=1400 audit(169.131:9328): avc:  denied  { execute } for  pid=11014 comm="syz.0.4620" path="/935/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  169.175472][T11015] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  169.190626][T11015] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  169.203084][T11015] EXT4-fs (loop0): This should not happen!! Data will be lost
[  169.203084][T11015] 
[  169.221303][T11015] EXT4-fs (loop0): Total free blocks count 0
[  169.232699][T11031] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  169.237047][T11015] EXT4-fs (loop0): Free/Dirty block details
[  169.250584][T11015] EXT4-fs (loop0): free_blocks=4293918720
[  169.256326][T11015] EXT4-fs (loop0): dirty_blocks=16
[  169.261486][T11015] EXT4-fs (loop0): Block reservation details
[  169.267744][T11015] EXT4-fs (loop0): i_reserved_data_blocks=1
[  169.294746][    T8] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  169.327260][T11048] loop9: detected capacity change from 0 to 1024
[  169.327936][T11049] loop0: detected capacity change from 0 to 512
[  169.342464][T11048] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  169.355004][T11048] EXT4-fs (loop9): shut down requested (2)
[  169.362322][T11048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.366912][T11055] loop8: detected capacity change from 0 to 256
[  169.371213][T11048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.377844][T11055] exfat: Deprecated parameter 'utf8'
[  169.387153][T11048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.393690][T11049] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  169.400433][T11048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.418808][T11048] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.428142][T11048] overlayfs: failed to create directory ./file1/work (errno: 5); mounting read-only
[  169.438874][T11055] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  169.453344][T11049] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  169.467953][T11049] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 31 with error 28
[  169.480569][T11049] EXT4-fs (loop0): This should not happen!! Data will be lost
[  169.480569][T11049] 
[  169.486913][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.490424][T11049] EXT4-fs (loop0): Total free blocks count 0
[  169.505392][T11049] EXT4-fs (loop0): Free/Dirty block details
[  169.511335][T11049] EXT4-fs (loop0): free_blocks=65280
[  169.516625][T11049] EXT4-fs (loop0): dirty_blocks=31
[  169.520148][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.522210][T11049] EXT4-fs (loop0): Block reservation details
[  169.537015][T11049] EXT4-fs (loop0): i_reserved_data_blocks=31
[  169.537383][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.552136][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.554822][   T28] audit: type=1400 audit(169.531:9329): avc:  denied  { lock } for  pid=11054 comm="syz.8.4637" path="/358/file0/file1" dev="loop8" ino=1048816 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  169.561106][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.593870][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.604137][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.604434][  T285] EXT4-fs (loop0): unmounting filesystem.
[  169.618469][ T9539] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop9 ino=11
[  169.627701][   T28] audit: type=1400 audit(169.611:9330): avc:  denied  { rmdir } for  pid=9539 comm="syz-executor" name="lost+found" dev="loop9" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  169.654474][ T9539] EXT4-fs (loop9): unmounting filesystem.
[  169.660293][    T8] tipc: Left network mode
[  169.792380][T11079] loop8: detected capacity change from 0 to 256
[  169.841587][T11088] netlink: 'syz.0.4654': attribute type 4 has an invalid length.
[  169.890880][T11100] loop0: detected capacity change from 0 to 1024
[  169.923706][T11100] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  169.932939][T11084] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.939979][T11084] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.949176][T11084] device bridge_slave_0 entered promiscuous mode
[  169.957399][T11084] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.992223][T11084] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.999816][T11084] device bridge_slave_1 entered promiscuous mode
[  170.001118][  T285] EXT4-fs (loop0): unmounting filesystem.
[  170.080661][T11094] loop4: detected capacity change from 0 to 40427
[  170.096320][T11094] F2FS-fs (loop4): fault_injection options not supported
[  170.098311][T11124] loop8: detected capacity change from 0 to 256
[  170.111085][T11094] F2FS-fs (loop4): invalid crc value
[  170.126059][T11094] F2FS-fs (loop4): Found nat_bits in checkpoint
[  170.176497][T11133] netem: incorrect gi model size
[  170.191603][T11135] loop8: detected capacity change from 0 to 256
[  170.197895][T11133] netem: change failed
[  170.215301][T11084] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.222359][T11084] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.229723][T11094] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  170.249074][T11135] FAT-fs (loop8): Directory bread(block 64) failed
[  170.267511][T11135] FAT-fs (loop8): Directory bread(block 65) failed
[  170.294805][T11135] FAT-fs (loop8): Directory bread(block 66) failed
[  170.307416][T10575] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.316855][T10575] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  170.324453][T11135] FAT-fs (loop8): Directory bread(block 67) failed
[  170.331840][T11135] FAT-fs (loop8): Directory bread(block 68) failed
[  170.337691][T11140] loop0: detected capacity change from 0 to 2048
[  170.338979][  T286] syz-executor: attempt to access beyond end of device
[  170.338979][  T286] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  170.350473][T10575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  170.358838][T11135] FAT-fs (loop8): Directory bread(block 69) failed
[  170.387109][T10575] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  170.398751][T11135] FAT-fs (loop8): Directory bread(block 70) failed
[  170.400391][T10575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  170.406641][T11135] FAT-fs (loop8): Directory bread(block 71) failed
[  170.427360][T10575] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.434414][T10575] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.437956][T11135] FAT-fs (loop8): Directory bread(block 72) failed
[  170.441883][T11140]  loop0: p1 < > p4
[  170.458345][T11135] FAT-fs (loop8): Directory bread(block 73) failed
[  170.465105][T11140] loop0: p4 size 8388608 extends beyond EOD, truncated
[  170.475155][T10575] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  170.505166][T10575] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.512325][T10575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.521514][   T28] audit: type=1400 audit(170.501:9331): avc:  denied  { map } for  pid=11142 comm="syz.4.4676" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  170.545933][    T8] device bridge_slave_1 left promiscuous mode
[  170.556121][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.570685][    T8] device bridge_slave_0 left promiscuous mode
[  170.589650][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.608152][    T8] device veth1_macvtap left promiscuous mode
[  170.619105][    T8] device veth0_vlan left promiscuous mode
[  170.675713][T11159] loop4: detected capacity change from 0 to 16
[  170.682432][T11159] erofs: (device loop4): mounted with root inode @ nid 36.
[  170.691553][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.701183][T11159] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851]
[  170.712640][T11159] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117]
[  170.723793][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.734042][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  170.738350][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.742335][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  170.754194][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 42 @ nid 36
[  170.768100][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.769576][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  170.786920][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 41 @ nid 36
[  170.801074][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  170.806552][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.809880][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  170.826138][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  170.827374][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 40 @ nid 36
[  170.835255][T11084] device veth0_vlan entered promiscuous mode
[  170.849157][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 39 @ nid 36
[  170.858380][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 38 @ nid 36
[  170.867733][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 36 @ nid 36
[  170.873800][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  170.877050][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  170.886707][T11084] device veth1_macvtap entered promiscuous mode
[  170.900261][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 31 @ nid 36
[  170.909528][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 25 @ nid 36
[  170.909715][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  170.918737][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 24 @ nid 36
[  170.927610][  T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  170.935864][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 19 @ nid 36
[  170.953289][T11159] syz.4.4684: attempt to access beyond end of device
[  170.953289][T11159] loop4: rw=524288, sector=784, nr_sectors = 64 limit=16
[  170.967003][T11159] syz.4.4684: attempt to access beyond end of device
[  170.967003][T11159] loop4: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  170.981735][T11159] syz.4.4684: attempt to access beyond end of device
[  170.981735][T11159] loop4: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  170.996525][T11159] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[2639]
[  171.008627][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.017984][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 47 @ nid 36
[  171.027094][T11159] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.036398][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 46 @ nid 36
[  171.045693][T11159] erofs: (device loop4): z_erofs_readahead: readahead error at page 45 @ nid 36
[  171.056416][T11159] syz.4.4684: attempt to access beyond end of device
[  171.056416][T11159] loop4: rw=524288, sector=24, nr_sectors = 8 limit=16
[  171.070382][T11159] syz.4.4684: attempt to access beyond end of device
[  171.070382][T11159] loop4: rw=524288, sector=16, nr_sectors = 8 limit=16
[  171.084822][T11159] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[3537]
[  171.103341][T11167] loop1: detected capacity change from 0 to 512
[  171.109976][T11167] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  171.150082][   T60] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  171.276776][   T28] audit: type=1326 audit(171.251:9332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11180 comm="syz.7.4694" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe5a698e929 code=0x0
[  171.341393][   T60] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  171.355937][T11171] loop4: detected capacity change from 0 to 40427
[  171.361217][T11175] loop1: detected capacity change from 0 to 40427
[  171.362440][   T60] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  171.369944][T11171] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  171.377799][T11175] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  171.385708][T11171] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  171.393424][   T60] usb 9-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  171.402679][T11171] F2FS-fs (loop4): invalid crc value
[  171.412001][T11175] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  171.418696][T11171] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  171.425447][   T60] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  171.438150][T11171] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  171.450611][T11175] F2FS-fs (loop1): invalid crc value
[  171.462901][   T60] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  171.476538][   T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  171.484720][   T60] usb 9-1: SerialNumber: syz
[  171.490450][T11171] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  171.497609][T11171] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  171.506235][T11175] F2FS-fs (loop1): Found nat_bits in checkpoint
[  171.538517][   T28] audit: type=1400 audit(171.511:9333): avc:  denied  { mounton } for  pid=11170 comm="syz.4.4689" path="/1022/bus/bus" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  171.561071][   T28] audit: type=1400 audit(171.511:9334): avc:  denied  { setattr } for  pid=11170 comm="syz.4.4689" name="work" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  171.581965][T11197] loop0: detected capacity change from 0 to 512
[  171.590258][T11175] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  171.597373][T11175] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  171.617734][T11197] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  171.634762][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  171.646736][    T8] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  171.663486][  T285] EXT4-fs (loop0): unmounting filesystem.
[  171.694840][   T60] usb 9-1: 0:2 : does not exist
[  171.699762][   T60] usb 9-1: unit 5 not found!
[  171.714228][   T60] usb 9-1: USB disconnect, device number 9
[  171.741289][T11207] loop4: detected capacity change from 0 to 128
[  171.755836][T11209] loop0: detected capacity change from 0 to 512
[  171.763890][T11209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  171.783628][  T285] EXT4-fs (loop0): unmounting filesystem.
[  171.809454][T11218] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4706'.
[  171.841811][T11223] loop4: detected capacity change from 0 to 256
[  171.870324][T11229] loop1: detected capacity change from 0 to 512
[  171.877086][T11229] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  171.888663][T11229] EXT4-fs (loop1): 1 truncate cleaned up
[  171.894530][T11229] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  171.914224][T11084] EXT4-fs (loop1): unmounting filesystem.
[  171.929284][T11233] loop1: detected capacity change from 0 to 128
[  171.938562][T11233] EXT4-fs: Ignoring removed nobh option
[  171.945473][T11233] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  171.956149][T11233] EXT4-fs error (device loop1): __ext4_remount:6598: comm syz.1.4712: Abort forced by user
[  171.966430][T11233] EXT4-fs (loop1): Remounting filesystem read-only
[  171.973015][T11233] EXT4-fs (loop1): re-mounted. Quota mode: none.
[  171.987782][T11084] EXT4-fs (loop1): unmounting filesystem.
[  172.068679][T11246] netlink: 165 bytes leftover after parsing attributes in process `syz.1.4718'.
[  172.202435][T11263] loop1: detected capacity change from 0 to 256
[  172.382682][T11289] loop8: detected capacity change from 0 to 128
[  172.393457][T11289] EXT4-fs: Ignoring removed nobh option
[  172.401051][T11289] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  172.414671][T11289] fscrypt (loop8, inode 12): Mutually exclusive encryption flags (0x16)
[  172.430679][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  172.469475][T11301] loop8: detected capacity change from 0 to 512
[  172.479188][T11301] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  172.500777][T11301] EXT4-fs (loop8): 1 truncate cleaned up
[  172.506482][T11301] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  172.671745][ T7179] EXT4-fs (loop8): unmounting filesystem.
[  172.722468][T11316] loop8: detected capacity change from 0 to 512
[  172.756576][T11316] EXT4-fs error (device loop8): ext4_acquire_dquot:6789: comm syz.8.4748: Failed to acquire dquot type 1
[  172.768576][T11316] EXT4-fs (loop8): 1 truncate cleaned up
[  172.775681][T11316] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  172.776364][T11324] device batadv_slave_1 entered promiscuous mode
[  172.795364][T11316] EXT4-fs error (device loop8): ext4_acquire_dquot:6789: comm syz.8.4748: Failed to acquire dquot type 1
[  172.811646][T11323] device batadv_slave_1 left promiscuous mode
[  173.054175][T11362] incfs: iterate_incfs_dir / -22
[  173.231382][T11378] loop4: detected capacity change from 0 to 1024
[  173.298620][T11384] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4780'.
[  173.347439][T11390] syz.1.4783[11390] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.347504][T11390] syz.1.4783[11390] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.467884][T11407] loop4: detected capacity change from 0 to 1024
[  173.486317][T11407] EXT4-fs: Ignoring removed orlov option
[  173.834925][T11423] loop4: detected capacity change from 0 to 40427
[  173.848960][T11423] F2FS-fs (loop4): fault_type options not supported
[  173.865129][T11423] F2FS-fs (loop4): invalid crc value
[  173.882579][T11423] F2FS-fs (loop4): Found nat_bits in checkpoint
[  173.931427][T11423] F2FS-fs (loop4): Start checkpoint disabled!
[  173.938097][T11423] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  174.009412][  T313] kworker/u4:3: attempt to access beyond end of device
[  174.009412][  T313] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  174.041982][   T28] kauditd_printk_skb: 19 callbacks suppressed
[  174.041996][   T28] audit: type=1400 audit(174.021:9350): avc:  denied  { setattr } for  pid=11441 comm="syz.8.4805" name="/" dev="incremental-fs" ino=2060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.150653][T11454] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4811'.
[  174.173010][T11458] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4803'.
[  174.213757][T11463] loop4: detected capacity change from 0 to 256
[  174.222811][T11463] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  174.291935][T11481] loop8: detected capacity change from 0 to 2048
[  174.318210][T11481] EXT4-fs (loop8): shut down requested (1)
[  174.328149][T11486] loop4: detected capacity change from 0 to 1024
[  174.335135][T11486] EXT4-fs: Ignoring removed nobh option
[  174.341089][T11486] EXT4-fs: Ignoring removed bh option
[  174.346802][T11486] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  174.391322][T11503] loop4: detected capacity change from 0 to 256
[  174.399643][T11503] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  174.428688][   T28] audit: type=1400 audit(174.401:9351): avc:  denied  { watch watch_reads } for  pid=11502 comm="syz.4.4830" path="/1054/file0/file0" dev="loop4" ino=1048828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.466754][T11509] loop4: detected capacity change from 0 to 128
[  174.477840][T11511] loop1: detected capacity change from 0 to 256
[  174.484631][T11511] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  174.495953][T11511] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  174.506579][T11511] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  174.519943][T11509] syz.4.4834 (pid 11509) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  174.538264][   T28] audit: type=1400 audit(174.511:9352): avc:  denied  { rename } for  pid=11510 comm="syz.1.4835" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=1048834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  174.656365][   T28] audit: type=1326 audit(174.631:9353): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11534 comm="syz.1.4845" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff2f6d8e929 code=0x0
[  174.778873][T11551] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4852'.
[  174.854664][T11563] loop0: detected capacity change from 0 to 256
[  174.864006][T11563] exfat: Deprecated parameter 'utf8'
[  174.872231][T11563] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011e3e, chksum : 0x38c882e6, utbl_chksum : 0xe619d30d)
[  174.927224][T11581] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4867'.
[  174.929987][T11583] loop0: detected capacity change from 0 to 16
[  174.943487][T11583] erofs: (device loop0): mounted with root inode @ nid 36.
[  174.952213][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 39 @ nid 36
[  174.960806][   T28] audit: type=1400 audit(174.931:9354): avc:  denied  { write } for  pid=6 comm="kworker/0:0" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=64344 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  174.961439][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 38 @ nid 36
[  174.994271][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 37 @ nid 36
[  175.003320][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 36 @ nid 36
[  175.013248][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 35 @ nid 36
[  175.022298][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 34 @ nid 36
[  175.031346][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 33 @ nid 36
[  175.040385][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 32 @ nid 36
[  175.049443][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36
[  175.058535][T11583] erofs: (device loop0): z_erofs_readahead: readahead error at page 16 @ nid 36
[  175.067718][T11583] syz.0.4868: attempt to access beyond end of device
[  175.067718][T11583] loop0: rw=524288, sector=1049272, nr_sectors = 32 limit=16
[  175.081687][T11583] syz.0.4868: attempt to access beyond end of device
[  175.081687][T11583] loop0: rw=524288, sector=376, nr_sectors = 32 limit=16
[  175.095465][T11583] syz.0.4868: attempt to access beyond end of device
[  175.095465][T11583] loop0: rw=524288, sector=384, nr_sectors = 32 limit=16
[  175.109058][T11583] syz.0.4868: attempt to access beyond end of device
[  175.109058][T11583] loop0: rw=524288, sector=8, nr_sectors = 32 limit=16
[  175.122445][T11583] syz.0.4868: attempt to access beyond end of device
[  175.122445][T11583] loop0: rw=524288, sector=16, nr_sectors = 32 limit=16
[  175.209333][T11604] netlink: 'syz.0.4877': attribute type 4 has an invalid length.
[  175.260101][ T2088] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  175.303263][T11616] xt_hashlimit: size too large, truncated to 1048576
[  175.452359][ T2088] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  175.466490][ T2088] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  175.487889][ T2088] usb 9-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  175.505856][ T2088] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.522721][ T2088] usb 9-1: Product: syz
[  175.531429][ T2088] usb 9-1: Manufacturer: syz
[  175.541456][ T2088] usb 9-1: SerialNumber: syz
[  175.552738][ T2088] usb 9-1: config 0 descriptor??
[  175.563838][T11587] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  175.581379][T11587] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  175.766175][T11639] loop4: detected capacity change from 0 to 40427
[  175.774416][T11639] F2FS-fs (loop4): invalid crc value
[  175.780694][T11639] F2FS-fs (loop4): Found nat_bits in checkpoint
[  175.794763][T11587] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  175.810110][T11587] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  175.837038][T11639] F2FS-fs (loop4): Start checkpoint disabled!
[  175.843832][T11639] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  175.901353][T11639] F2FS-fs (loop4): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  175.939260][T11639] F2FS-fs (loop4): ino:10, start:0, end:0, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  175.960021][   T10] kworker/u4:1: attempt to access beyond end of device
[  175.960021][   T10] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  176.143198][T11657] netlink: 'syz.7.4895': attribute type 2 has an invalid length.
[  176.222536][ T2088] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  176.625078][ T2088] dm9601 9-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  176.640645][ T2088] usb 9-1: USB disconnect, device number 10
[  176.661314][T11691] SELinux: failed to load policy
[  176.714697][T11691] loop4: detected capacity change from 0 to 10865
[  176.722590][T11691] F2FS-fs (loop4): invalid crc value
[  176.735825][T11691] syz.4.4914: attempt to access beyond end of device
[  176.735825][T11691] loop4: rw=12288, sector=12288, nr_sectors = 8 limit=10865
[  176.749808][T11691] syz.4.4914: attempt to access beyond end of device
[  176.749808][T11691] loop4: rw=12288, sector=12288, nr_sectors = 8 limit=10865
[  176.763765][T11691] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-5)
[  176.764052][T11709] loop1: detected capacity change from 0 to 256
[  177.171734][T11721] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4927'.
[  177.290147][    T6] ip6_tnl_xmit_ctl: 5 callbacks suppressed
[  177.290163][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.360157][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.420117][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.443727][T11737] loop4: detected capacity change from 0 to 40427
[  177.451616][T11737] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  177.458015][T11737] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  177.475208][T11737] F2FS-fs (loop4): invalid crc value
[  177.487155][T11752] loop1: detected capacity change from 0 to 128
[  177.490174][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.502215][T11737] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  177.518489][T11752] FAT-fs (loop1): error, corrupted directory (invalid i_start)
[  177.533733][T11752] FAT-fs (loop1): Filesystem has been set read-only
[  177.537967][T11737] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  177.547488][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.555122][T11737] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  177.580176][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.592439][T11737] syz.4.4935: attempt to access beyond end of device
[  177.592439][T11737] loop4: rw=0, sector=77824, nr_sectors = 8 limit=40427
[  177.597930][T11758] input: syz1 as /devices/virtual/input/input35
[  177.620203][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.633320][   T28] audit: type=1400 audit(177.611:9355): avc:  denied  { create } for  pid=11759 comm="syz.1.4945" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  177.720140][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.727874][T11765] loop0: detected capacity change from 0 to 512
[  177.756277][T11765] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  177.789406][T11770] loop4: detected capacity change from 0 to 1024
[  177.790201][T11765] EXT4-fs (loop0): 1 truncate cleaned up
[  177.800168][    T6] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  177.834078][   T28] audit: type=1400 audit(177.811:9356): avc:  denied  { mounton } for  pid=11769 comm="syz.4.4944" path="/1081/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  177.897178][  T286] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 16: block 81:freeing already freed block (bit 5); block bitmap corrupt.
[  177.915956][T11784] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4953'.
[  177.960411][   T19] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  178.106880][T11803] loop1: detected capacity change from 0 to 1024
[  178.124426][T11805] loop0: detected capacity change from 0 to 256
[  178.157581][T11809] loop0: detected capacity change from 0 to 256
[  178.176897][T11811] loop8: detected capacity change from 0 to 1024
[  178.191570][T11809] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  178.209169][T11811] EXT4-fs: Ignoring removed orlov option
[  178.215309][T11809] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  178.220122][T11811] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.226625][T11809] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  178.319796][   T28] audit: type=1400 audit(178.291:9357): avc:  denied  { execute_no_trans } for  pid=11810 comm="syz.8.4964" path="/413/file1/file0/file0" dev="loop8" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  178.358618][T11829] loop4: detected capacity change from 0 to 1024
[  178.365483][T11829] EXT4-fs: Ignoring removed nobh option
[  178.371800][T11829] EXT4-fs: Ignoring removed bh option
[  178.377573][T11829] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.408346][T11832] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4974'.
[  178.429685][T11837] loop0: detected capacity change from 0 to 512
[  178.472115][T11837] EXT4-fs (loop0): 1 orphan inode deleted
[  178.613304][T11874] syz.4.4992[11874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.613392][T11874] syz.4.4992[11874] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  178.729041][T11888] loop0: detected capacity change from 0 to 256
[  178.761812][T11888] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  178.857575][T11920] loop1: detected capacity change from 0 to 1024
[  178.903288][T11929] loop1: detected capacity change from 0 to 256
[  179.130580][   T19] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  179.190086][    T6] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  179.310115][   T19] usb 9-1: Using ep0 maxpacket: 32
[  179.316356][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.327275][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.337030][   T19] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  179.346109][   T19] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.354586][   T19] usb 9-1: config 0 descriptor??
[  179.391039][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.401963][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.411724][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  179.424582][    T6] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  179.433612][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.443515][    T6] usb 2-1: config 0 descriptor??
[  179.747681][T11969] netlink: 74 bytes leftover after parsing attributes in process `syz.7.5034'.
[  179.766790][   T19] savu 0003:1E7D:2D5A.0027: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[  179.804130][T11977] xt_hashlimit: size too large, truncated to 1048576
[  179.851540][    T6] plantronics 0003:047F:FFFF.0028: unknown main item tag 0x6
[  179.859128][    T6] plantronics 0003:047F:FFFF.0028: No inputs registered, leaving
[  179.877051][    T6] plantronics 0003:047F:FFFF.0028: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  179.889559][ T2088] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  180.031092][   T24] usb 9-1: USB disconnect, device number 11
[  180.075964][    T6] usb 2-1: USB disconnect, device number 12
[  180.081943][ T2088] usb 5-1: Using ep0 maxpacket: 16
[  180.088077][ T2088] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  180.098332][ T2088] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  180.108715][ T2088] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  180.119312][ T2088] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  180.128382][ T2088] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.136690][ T2088] usb 5-1: Product: syz
[  180.141075][ T2088] usb 5-1: Manufacturer: syz
[  180.145681][ T2088] usb 5-1: SerialNumber: syz
[  180.554389][ T2088] usb 5-1: 0:2 : does not exist
[  180.661659][T12013] netlink: 3657 bytes leftover after parsing attributes in process `syz.8.5055'.
[  180.719207][T12027] netlink: 2 bytes leftover after parsing attributes in process `syz.7.5062'.
[  180.804487][T12038] loop8: detected capacity change from 0 to 512
[  180.811519][T12038] EXT4-fs: Ignoring removed orlov option
[  180.818839][T12038] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.5067: casefold flag without casefold feature
[  180.831663][T12038] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.5067: couldn't read orphan inode 15 (err -117)
[  181.160608][ T2088] usb 5-1: USB disconnect, device number 23
[  181.208339][T12046] loop1: detected capacity change from 0 to 131072
[  181.216155][T12046] F2FS-fs (loop1): invalid crc value
[  181.222810][T12046] F2FS-fs (loop1): Found nat_bits in checkpoint
[  181.249375][T12046] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  181.323956][   T28] audit: type=1400 audit(181.301:9358): avc:  denied  { listen } for  pid=12068 comm="syz.7.5080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  181.343412][   T28] audit: type=1400 audit(181.321:9359): avc:  denied  { accept } for  pid=12068 comm="syz.7.5080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  181.481967][   T28] audit: type=1400 audit(181.461:9360): avc:  denied  { shutdown } for  pid=12074 comm="syz.1.5082" laddr=::1 lport=255 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  181.542964][T12081] loop1: detected capacity change from 0 to 2048
[  181.795756][T12090] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«Qÿ0x0000000000000004
[  181.869632][   T28] audit: type=1400 audit(181.841:9361): avc:  denied  { name_bind } for  pid=12101 comm="syz.0.5093" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  181.971881][T12112] SELinux: failed to load policy
[  182.004498][T12116] usb usb8: usbfs: process 12116 (syz.0.5101) did not claim interface 0 before use
[  182.096350][T12128] syz.0.5107[12128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.096442][T12128] syz.0.5107[12128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  182.190124][   T24] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  182.401185][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.420081][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.439978][   T24] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  182.458721][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.470724][   T24] usb 5-1: config 0 descriptor??
[  182.858779][T12174] loop1: detected capacity change from 0 to 40427
[  182.865872][T12174] F2FS-fs (loop1): fault_type options not supported
[  182.873204][T12174] F2FS-fs (loop1): invalid crc value
[  182.878691][   T24] cp2112 0003:10C4:EA90.0029: unknown main item tag 0x0
[  182.879478][T12174] F2FS-fs (loop1): Found nat_bits in checkpoint
[  182.886414][   T24] cp2112 0003:10C4:EA90.0029: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[  182.917108][T12174] F2FS-fs (loop1): Start checkpoint disabled!
[  182.923792][T12174] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  182.969318][   T28] audit: type=1400 audit(182.941:9362): avc:  denied  { relabelfrom } for  pid=12182 comm="syz.0.5125" name="RFCOMM" dev="sockfs" ino=67015 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  182.969354][T12183] SELinux:  Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped).
[  183.017468][   T28] audit: type=1400 audit(182.981:9363): avc:  denied  { relabelto } for  pid=12182 comm="syz.0.5125" name="RFCOMM" dev="sockfs" ino=67015 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=bluetooth_socket permissive=1 trawcon="system_u:object_r:var_lib_t:s0"
[  183.063489][    T8] bio_check_eod: 1 callbacks suppressed
[  183.063506][    T8] kworker/u4:0: attempt to access beyond end of device
[  183.063506][    T8] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  183.083269][   T24] cp2112 0003:10C4:EA90.0029: error requesting version
[  183.083668][   T28] audit: type=1400 audit(183.061:9364): avc:  denied  { create } for  pid=12186 comm="syz.0.5128" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  183.100529][   T24] cp2112: probe of 0003:10C4:EA90.0029 failed with error -71
[  183.131426][ T2942] Bluetooth: hci0: command 0x1003 tx timeout
[  183.144729][ T9582] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  183.149348][   T24] usb 5-1: USB disconnect, device number 24
[  183.156879][T12059] Bluetooth: hci0: Opcode 0x080f failed: -22
[  183.297977][T12214] loop1: detected capacity change from 0 to 2048
[  183.321243][T12214] Alternate GPT is invalid, using primary GPT.
[  183.327439][T12214]  loop1: p1 p2 p3
[  183.348047][T12218] netlink: 116 bytes leftover after parsing attributes in process `syz.7.5143'.
[  183.357167][T12218] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5143'.
[  183.379548][T12222] x_tables: duplicate underflow at hook 4
[  183.455909][T12238] overlayfs: failed to clone upperpath
[  183.493329][T12245] syz.7.5155[12245] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  183.493395][T12245] syz.7.5155[12245] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  183.537886][T12255] device macsec1 entered promiscuous mode
[  183.555110][T12255] device vlan1 entered promiscuous mode
[  183.561706][T12255] device vlan1 left promiscuous mode
[  183.820293][T12289] 9pnet_fd: Insufficient options for proto=fd
[  183.910089][ T2088] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  184.090131][ T2088] usb 2-1: Using ep0 maxpacket: 8
[  184.096656][ T2088] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  184.115592][ T2088] usb 2-1: config 0 has no interfaces?
[  184.129137][ T2088] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e
[  184.146531][T12311] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5187'.
[  184.155963][ T2088] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.165152][ T2088] usb 2-1: Product: syz
[  184.175777][ T2088] usb 2-1: Manufacturer: syz
[  184.189560][ T2088] usb 2-1: SerialNumber: syz
[  184.200211][ T2252] ip6_tnl_xmit_ctl: 5 callbacks suppressed
[  184.200232][ T2252] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.200421][ T2088] usb 2-1: config 0 descriptor??
[  184.260407][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.310239][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.434224][ T2088] usb 2-1: USB disconnect, device number 13
[  184.485021][T12370] device veth0 entered promiscuous mode
[  184.490718][ T2252] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  184.498390][T12369] device veth0 left promiscuous mode
[  184.510803][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.580394][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.681164][ T2252] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  184.695399][ T2252] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  184.704477][ T2252] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.712524][ T2252] usb 9-1: Product: syz
[  184.716689][ T2252] usb 9-1: Manufacturer: syz
[  184.721281][ T2252] usb 9-1: SerialNumber: syz
[  184.726375][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.760150][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.800129][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.840112][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.920173][   T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  184.935978][ T2252] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  184.948256][   T28] audit: type=1326 audit(184.931:9365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12377 comm="syz.1.5218" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff2f6d8e929 code=0x0
[  185.151014][ T2252] usb 9-1: USB disconnect, device number 12
[  185.157511][ T2252] usblp0: removed
[  185.210064][    C0] ==================================================================
[  185.218140][    C0] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[  185.225192][    C0] Write of size 8 at addr ffff888118dfca00 by task swapper/0/0
[  185.232739][    C0] 
[  185.235056][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.1.138-syzkaller-00052-g4cf22d978348 #0
[  185.244489][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  185.254543][    C0] Call Trace:
[  185.257812][    C0]  <IRQ>
[  185.260650][    C0]  __dump_stack+0x21/0x24
[  185.265002][    C0]  dump_stack_lvl+0xee/0x150
[  185.269581][    C0]  ? __cfi_dump_stack_lvl+0x8/0x8
[  185.274590][    C0]  ? profile_hits+0x8e5/0xbe0
[  185.279264][    C0]  ? __run_timers+0x32b/0x9a0
[  185.284376][    C0]  print_address_description+0x71/0x210
[  185.289923][    C0]  print_report+0x4a/0x60
[  185.294249][    C0]  kasan_report+0x122/0x150
[  185.298737][    C0]  ? __run_timers+0x32b/0x9a0
[  185.303405][    C0]  __asan_report_store8_noabort+0x17/0x20
[  185.309135][    C0]  __run_timers+0x32b/0x9a0
[  185.313633][    C0]  ? sched_clock+0x9/0x10
[  185.317948][    C0]  ? sched_clock_cpu+0x6e/0x250
[  185.322779][    C0]  ? calc_index+0x200/0x200
[  185.327267][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  185.332468][    C0]  run_timer_softirq+0x6a/0xf0
[  185.337217][    C0]  handle_softirqs+0x1d7/0x600
[  185.342006][    C0]  ? irqtime_account_irq+0xc4/0x240
[  185.347191][    C0]  __irq_exit_rcu+0x52/0xf0
[  185.351680][    C0]  irq_exit_rcu+0x9/0x10
[  185.355912][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  185.361532][    C0]  </IRQ>
[  185.364456][    C0]  <TASK>
[  185.367373][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  185.373348][    C0] RIP: 0010:default_idle+0xf/0x20
[  185.378356][    C0] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 23 79 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  185.397939][    C0] RSP: 0018:ffffffff86e07d58 EFLAGS: 00000257
[  185.403990][    C0] RAX: ffff8881f7000000 RBX: ffffffff86e1c500 RCX: ec0fcf18ed3e8800
[  185.411977][    C0] RDX: 0000000000000001 RSI: ffffffff85a9f700 RDI: ffffffff85a9f6c0
[  185.419931][    C0] RBP: ffffffff86e07d58 R08: dffffc0000000000 R09: ffffed103ee06917
[  185.427886][    C0] R10: 0000000000000000 R11: ffffffff84efba50 R12: 0000000000000000
[  185.435843][    C0] R13: 0000000000000000 R14: ffffffff86e1c500 R15: dffffc0000000000
[  185.443799][    C0]  ? __cfi_default_idle+0x10/0x10
[  185.448812][    C0]  arch_cpu_idle+0x1c/0x20
[  185.453212][    C0]  default_idle_call+0x71/0x1d0
[  185.458046][    C0]  do_idle+0x1a7/0x520
[  185.462095][    C0]  ? irqentry_exit+0x30/0x40
[  185.466668][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  185.471888][    C0]  ? schedule_idle+0x5b/0x90
[  185.476481][    C0]  ? do_idle+0x1/0x520
[  185.480540][    C0]  cpu_startup_entry+0x43/0x60
[  185.485301][    C0]  rest_init+0x10a/0x130
[  185.489535][    C0]  ? __cfi_x86_late_time_init+0x8/0x8
[  185.494895][    C0]  arch_call_rest_init+0xe/0x10
[  185.499732][    C0]  start_kernel+0x482/0x4f0
[  185.504219][    C0]  x86_64_start_reservations+0x2a/0x2c
[  185.509670][    C0]  x86_64_start_kernel+0x7c/0x81
[  185.514594][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[  185.520471][    C0]  </TASK>
[  185.523477][    C0] 
[  185.525790][    C0] Allocated by task 12059:
[  185.530186][    C0]  kasan_set_track+0x4b/0x70
[  185.534775][    C0]  kasan_save_alloc_info+0x25/0x30
[  185.539875][    C0]  __kasan_kmalloc+0x95/0xb0
[  185.544536][    C0]  __kmalloc+0xb1/0x1e0
[  185.548684][    C0]  hci_alloc_dev_priv+0x27/0x1bd0
[  185.553698][    C0]  hci_uart_tty_ioctl+0x3d6/0xa20
[  185.558705][    C0]  tty_ioctl+0x8ef/0xc60
[  185.562932][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  185.567593][    C0]  __x64_sys_ioctl+0x7b/0x90
[  185.572169][    C0]  x64_sys_call+0x58b/0x9a0
[  185.576656][    C0]  do_syscall_64+0x4c/0xa0
[  185.581077][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  185.586997][    C0] 
[  185.589304][    C0] Freed by task 12059:
[  185.593351][    C0]  kasan_set_track+0x4b/0x70
[  185.597924][    C0]  kasan_save_free_info+0x31/0x50
[  185.602936][    C0]  ____kasan_slab_free+0x132/0x180
[  185.608031][    C0]  __kasan_slab_free+0x11/0x20
[  185.612849][    C0]  slab_free_freelist_hook+0xc2/0x190
[  185.618222][    C0]  __kmem_cache_free+0xb7/0x1b0
[  185.623055][    C0]  kfree+0x6f/0xf0
[  185.626761][    C0]  hci_release_dev+0x13ad/0x1500
[  185.631678][    C0]  bt_host_release+0x82/0x90
[  185.636255][    C0]  device_release+0xa4/0x1d0
[  185.640832][    C0]  kobject_put+0x19d/0x280
[  185.645240][    C0]  put_device+0x1f/0x30
[  185.649380][    C0]  hci_dev_cmd+0x265/0x720
[  185.653790][    C0]  hci_sock_ioctl+0x41e/0x7f0
[  185.658445][    C0]  sock_do_ioctl+0x101/0x310
[  185.663015][    C0]  sock_ioctl+0x4d8/0x6e0
[  185.667328][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  185.671995][    C0]  __x64_sys_ioctl+0x7b/0x90
[  185.676590][    C0]  x64_sys_call+0x58b/0x9a0
[  185.681080][    C0]  do_syscall_64+0x4c/0xa0
[  185.685489][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  185.691378][    C0] 
[  185.693686][    C0] Last potentially related work creation:
[  185.699373][    C0]  kasan_save_stack+0x3a/0x60
[  185.704034][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[  185.709405][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  185.715195][    C0]  insert_work+0x51/0x300
[  185.719510][    C0]  __queue_work+0x9b1/0xd30
[  185.723996][    C0]  queue_work_on+0xd2/0x140
[  185.728479][    C0]  __hci_cmd_sync_sk+0xa3e/0xcf0
[  185.733403][    C0]  hci_cmd_sync_status+0x53/0x120
[  185.738409][    C0]  hci_dev_cmd+0x628/0x720
[  185.742812][    C0]  hci_sock_ioctl+0x41e/0x7f0
[  185.747468][    C0]  sock_do_ioctl+0x101/0x310
[  185.752037][    C0]  sock_ioctl+0x4d8/0x6e0
[  185.756349][    C0]  __se_sys_ioctl+0x12f/0x1b0
[  185.761014][    C0]  __x64_sys_ioctl+0x7b/0x90
[  185.765596][    C0]  x64_sys_call+0x58b/0x9a0
[  185.770084][    C0]  do_syscall_64+0x4c/0xa0
[  185.774498][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  185.780378][    C0] 
[  185.782680][    C0] Second to last potentially related work creation:
[  185.789239][    C0]  kasan_save_stack+0x3a/0x60
[  185.793983][    C0]  __kasan_record_aux_stack+0xb6/0xc0
[  185.799337][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[  185.805129][    C0]  insert_work+0x51/0x300
[  185.809444][    C0]  __queue_work+0x9b1/0xd30
[  185.813925][    C0]  queue_work_on+0xd2/0x140
[  185.818408][    C0]  hci_cmd_timeout+0x191/0x200
[  185.823149][    C0]  process_one_work+0x71f/0xc40
[  185.827987][    C0]  worker_thread+0xa29/0x11f0
[  185.832638][    C0]  kthread+0x281/0x320
[  185.836684][    C0]  ret_from_fork+0x1f/0x30
[  185.841090][    C0] 
[  185.843413][    C0] The buggy address belongs to the object at ffff888118dfc000
[  185.843413][    C0]  which belongs to the cache kmalloc-8k of size 8192
[  185.857446][    C0] The buggy address is located 2560 bytes inside of
[  185.857446][    C0]  8192-byte region [ffff888118dfc000, ffff888118dfe000)
[  185.870875][    C0] 
[  185.873184][    C0] The buggy address belongs to the physical page:
[  185.879581][    C0] page:ffffea0004637e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x118df8
[  185.889791][    C0] head:ffffea0004637e00 order:3 compound_mapcount:0 compound_pincount:0
[  185.898088][    C0] flags: 0x4000000000010200(slab|head|zone=1)
[  185.904142][    C0] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043500
[  185.912701][    C0] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[  185.921258][    C0] page dumped because: kasan: bad access detected
[  185.927651][    C0] page_owner tracks the page as allocated
[  185.933341][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9304, tgid 9303 (syz.6.3907), ts 142750674826, free_ts 142678223111
[  185.956066][    C0]  post_alloc_hook+0x1f5/0x210
[  185.960818][    C0]  prep_new_page+0x1c/0x110
[  185.965305][    C0]  get_page_from_freelist+0x2c6e/0x2ce0
[  185.970856][    C0]  __alloc_pages+0x19e/0x3a0
[  185.975429][    C0]  alloc_slab_page+0x6e/0xf0
[  185.980002][    C0]  new_slab+0x98/0x3d0
[  185.984054][    C0]  ___slab_alloc+0x6f6/0xb50
[  185.988626][    C0]  __slab_alloc+0x5e/0xa0
[  185.992940][    C0]  __kmem_cache_alloc_node+0x203/0x2c0
[  185.998381][    C0]  kmalloc_trace+0x29/0xb0
[  186.002799][    C0]  audit_log_d_path+0xc6/0x240
[  186.007552][    C0]  audit_log_d_path_exe+0x42/0x70
[  186.012563][    C0]  audit_log_task+0x205/0x2e0
[  186.017218][    C0]  audit_seccomp+0x7f/0x160
[  186.021701][    C0]  __seccomp_filter+0xacd/0x19d0
[  186.026628][    C0]  __secure_computing+0xea/0x290
[  186.031544][    C0] page last free stack trace:
[  186.036200][    C0]  free_unref_page_prepare+0x742/0x750
[  186.041639][    C0]  free_unref_page+0x8f/0x530
[  186.046299][    C0]  __free_pages+0x67/0x100
[  186.050731][    C0]  __free_slab+0xca/0x1a0
[  186.055047][    C0]  __unfreeze_partials+0x160/0x190
[  186.060138][    C0]  put_cpu_partial+0xa9/0x100
[  186.064795][    C0]  __slab_free+0x1c4/0x280
[  186.069202][    C0]  ___cache_free+0xbf/0xd0
[  186.073593][    C0]  qlist_free_all+0xc6/0x140
[  186.078164][    C0]  kasan_quarantine_reduce+0x14a/0x170
[  186.083601][    C0]  __kasan_slab_alloc+0x24/0x80
[  186.088429][    C0]  slab_post_alloc_hook+0x4f/0x2d0
[  186.093520][    C0]  kmem_cache_alloc+0x16e/0x330
[  186.098345][    C0]  __kernfs_new_node+0xdb/0x680
[  186.103174][    C0]  kernfs_new_node+0x150/0x260
[  186.107918][    C0]  __kernfs_create_file+0x4e/0x270
[  186.113020][    C0] 
[  186.115322][    C0] Memory state around the buggy address:
[  186.120929][    C0]  ffff888118dfc900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  186.128971][    C0]  ffff888118dfc980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  186.137008][    C0] >ffff888118dfca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  186.145038][    C0]                    ^
[  186.149097][    C0]  ffff888118dfca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  186.157134][    C0]  ffff888118dfcb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  186.165164][    C0] ==================================================================
[  186.173212][    C0] Disabling lock debugging due to kernel taint
[  186.179421][    C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  186.191122][    C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  186.199516][    C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G    B              6.1.138-syzkaller-00052-g4cf22d978348 #0
[  186.210421][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  186.220454][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  186.225723][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 2b 6d 00 49 8b 7d 00 e8 53 c2
[  186.245304][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  186.251351][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c500
[  186.259308][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  186.267256][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  186.275205][    C0] R10: ffffed10231bf939 R11: 1ffff110231bf939 R12: dffffc0000000000
[  186.283156][    C0] R13: 0000000000000000 R14: ffff888118dfc9c8 R15: 0000000000000008
[  186.291107][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  186.300020][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  186.306599][    C0] CR2: 0000001b2cc19ff8 CR3: 0000000121636000 CR4: 00000000003506b0
[  186.314550][    C0] Call Trace:
[  186.317827][    C0]  <IRQ>
[  186.320653][    C0]  delayed_work_timer_fn+0x61/0x80
[  186.325749][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  186.331538][    C0]  call_timer_fn+0x46/0x2a0
[  186.336030][    C0]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[  186.341827][    C0]  __run_timers+0x667/0x9a0
[  186.346333][    C0]  ? calc_index+0x200/0x200
[  186.350820][    C0]  ? kvm_sched_clock_read+0x18/0x40
[  186.356099][    C0]  run_timer_softirq+0x6a/0xf0
[  186.360860][    C0]  handle_softirqs+0x1d7/0x600
[  186.365613][    C0]  ? irqtime_account_irq+0xc4/0x240
[  186.370810][    C0]  __irq_exit_rcu+0x52/0xf0
[  186.375298][    C0]  irq_exit_rcu+0x9/0x10
[  186.379515][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  186.385125][    C0]  </IRQ>
[  186.388070][    C0]  <TASK>
[  186.390986][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  186.396951][    C0] RIP: 0010:default_idle+0xf/0x20
[  186.401963][    C0] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 23 79 56 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[  186.421560][    C0] RSP: 0018:ffffffff86e07d58 EFLAGS: 00000257
[  186.427610][    C0] RAX: ffff8881f7000000 RBX: ffffffff86e1c500 RCX: ec0fcf18ed3e8800
[  186.435560][    C0] RDX: 0000000000000001 RSI: ffffffff85a9f700 RDI: ffffffff85a9f6c0
[  186.443511][    C0] RBP: ffffffff86e07d58 R08: dffffc0000000000 R09: ffffed103ee06917
[  186.451463][    C0] R10: 0000000000000000 R11: ffffffff84efba50 R12: 0000000000000000
[  186.459416][    C0] R13: 0000000000000000 R14: ffffffff86e1c500 R15: dffffc0000000000
[  186.467367][    C0]  ? __cfi_default_idle+0x10/0x10
[  186.472376][    C0]  arch_cpu_idle+0x1c/0x20
[  186.476790][    C0]  default_idle_call+0x71/0x1d0
[  186.481627][    C0]  do_idle+0x1a7/0x520
[  186.485678][    C0]  ? irqentry_exit+0x30/0x40
[  186.490248][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  186.495424][    C0]  ? schedule_idle+0x5b/0x90
[  186.499995][    C0]  ? do_idle+0x1/0x520
[  186.504080][    C0]  cpu_startup_entry+0x43/0x60
[  186.508826][    C0]  rest_init+0x10a/0x130
[  186.513146][    C0]  ? __cfi_x86_late_time_init+0x8/0x8
[  186.518509][    C0]  arch_call_rest_init+0xe/0x10
[  186.523345][    C0]  start_kernel+0x482/0x4f0
[  186.527853][    C0]  x86_64_start_reservations+0x2a/0x2c
[  186.533293][    C0]  x86_64_start_kernel+0x7c/0x81
[  186.538212][    C0]  secondary_startup_64_no_verify+0xce/0xdb
[  186.544092][    C0]  </TASK>
[  186.547099][    C0] Modules linked in:
[  186.550983][    C0] ---[ end trace 0000000000000000 ]---
[  186.556422][    C0] RIP: 0010:__queue_work+0x575/0xd30
[  186.561699][    C0] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 70 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 2b 6d 00 49 8b 7d 00 e8 53 c2
[  186.581297][    C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046
[  186.587350][    C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffffffff86e1c500
[  186.595319][    C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  186.603265][    C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007
[  186.611220][    C0] R10: ffffed10231bf939 R11: 1ffff110231bf939 R12: dffffc0000000000
[  186.619175][    C0] R13: 0000000000000000 R14: ffff888118dfc9c8 R15: 0000000000000008
[  186.627124][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  186.636184][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  186.642747][    C0] CR2: 0000001b2cc19ff8 CR3: 0000000121636000 CR4: 00000000003506b0
[  186.650718][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[  186.658238][    C0] Kernel Offset: disabled
[  186.662550][    C0] Rebooting in 86400 seconds..