last executing test programs:

3m40.304944768s ago: executing program 3 (id=5844):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10)
fcntl$setstatus(r0, 0x4, 0x40800)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
ftruncate(0xffffffffffffffff, 0x2000009)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x7ffff004)

3m40.304776987s ago: executing program 3 (id=5846):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/wake_lock', 0x82002, 0x105)
read$FUSE(r0, &(0x7f00000060c0)={0x2020}, 0x2020)

3m40.257703818s ago: executing program 3 (id=5849):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r6 = memfd_create(&(0x7f0000000100)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x17\xfd\xc5\xad\xd5y\x15\x1fx\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8s\x95\x95B\xee_\x98\x91)\xe7\xa8+\x8c\xee\x83@q\x16\xcf3\x0f\x81\xa8\xa9`i\x01m:\xcc\x1c\xed<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00'/201, 0x2)
fcntl$addseals(r6, 0x409, 0x12)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r6, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1008, 0x0, 0x13, r6, 0x0)
epoll_create1(0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x248, &(0x7f0000000a00)="$eJzsmL1uE08Uxc/Mrtd2FOWff5OCJkhEIgiyjtcCpbEgSEhUNHyJDitZIuNNjJxFIpaQ4AGgo0CiQYIXoKBIRcFDIEEBSEgUcUFBA8Wg2ZmsZz2xd3HL/RWjM3PvfNzj8RQLgiD+Wb5++fn5ycW1a2cAzGIJZT3+3QEYU5ob+Z+e3z/9rHnpxZuPr9/vzD3cH1luVjZCGCMMqEzY3wXwbt1BnO6Uzv4lxZLuLIKn+jo4Tml9E+I/X+vb4LihdQiGW1rfNXQXDL5/HO0o9De60eaddhSuyqYum0A2jdHzDR4zbOq+EEIwI7671++0oijsGcLVsWzIsUaOFNKskVC6WWfB8q8ED4N1jqZxPm4c8NCbVcO/OjjqOqcBhqt6fA1l+L4/tMSo/5g7XN/J1H9QbkV2tVHYk6kyMKlaKSpKNH+oWYf1u5A5XtHpR4X+X5ns9TixLMu5YIfm8XfrKIHsrBKGIenkyG9fxLFcIRfRIhlx82/eeb33FJteyVYxXjyt2pe7gJgv4GpGFKli49UYnxcG+xX7j/0tb0HB8sthxe9PpZA/xh99+ttSRb/Dp/ndTVG2zAQ+vFXvh3jJcFIf87cQwjXej1q8fa+2u9dfaW+3tsKtcCcIGucY8OhsUEseItnOWM+e8T5Xk/dpxnj/SmNyPe7hQSuOe3XVesxDFXHcC5J+kJx7Tid3DzytYlwGcEJ1pONeuqJj7cE8lcOTXKmW7SSCIAiCIAiCIAiCIAiCIIipWARLvoLmEKivsH8CAAD//zcjTJM=")
r7 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x1)
getdents64(r7, &(0x7f0000000fc0)=""/224, 0xe0)
connect$unix(r1, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)

3m38.653452949s ago: executing program 3 (id=5856):
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808080, &(0x7f0000000000), 0x2c, 0x525, &(0x7f0000000100)="$eJzs3c9vG1kdAPCv3fxw03SThT0sCNiyLBRU1U7c3Wi1B1guSGi1WqRlTwh1o8SNothxFDulCZFIJW5ckajECf4EDkgckHrizg1uXIoEUoGKqkFCyGjscZo4dhM1cdzGn4808ps3k/l+n6V5L37+8QIYWlciYicixiLi04iYSusz6Rbvt7bkvCePthd2H20vZKLR+PifI+mZ2wvt89supdfMRXyU7I93iVvb3FqZL5dL6+l+oV5ZK9Q2t64vV+aXSkul1WJxbnZu5t0b7xRPra1vVH7z8DvLH3zy+9998cEfd77x4yTnb7UOjSVtO7VA+7Sel9GY3FeXPHMf9CPYAFxI2zM26ER4LtmI+ExEvJmW9+QGlxMA0F+NxlQ0pvbv95Y5xjkAwIsvec0/GZlsPn39PxnZbD7fnMPLvRYT2XK1Vr92q7qxuhjNOazpGM3eWi6XZtK5wukYzST7s83y0/1ix/6NiHg1In4+frG5n1+olhcH9U8PAAy5Sx3j/+Px1vh/DN4hAICXmZEcAIbP4fF/dCB5AABnx+t/ABg++8b/bt/VBQDOoVzHd/8BgPPvyPn/1+MnPzybVACAM+L9fwAYKt/78MNka+ymv3+9eHtzY6V6+/piqbaSr2ws5Beq62v5pWp1qfmbPZWjrleuVtdm346NO4V6qVYv1Da3blaqG6v1m83f9b5Z8sUCABi8V9+4/+dMROy8d7G5RXstBx8IgHPPbQ7D68KgEwAGZmTQCQADYz4eyBxxvOdHhO71/puLJ8gH6L+rn+sx/9/tf4O7e6X/Nc4uRaBPzP/D8DrZ/L/ZA3iZmf+H4dVoZKznDwBD5hiv4H1EEM65537/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbYZHPLZPPpWuCTkc3m8xGXI2I6RjO3lsulmYh4JSL+ND46nuzPDjppAOCEsn/PpOt/XZ16a7Lz6FjmP+PNx4j40S8//sWd+Xp9fTap/9deff1eWl/sGmC8/20AAPYZ6axoj9Ptcby9vu+TR9sL7e0sE3z47dbioknc3XRrp95KPhejETHx78yBxmROaWHinbsR8Xpn+7N7x6fTlU874yexL/ctfjRbOHkgfvZA/GzzWOsxeS4+ewq5wLC5n/Q/73e7/7JxpfmY3n+Zg51pLn52uHN9Du3+b7fR2f+17vePLueafU23/u/KcWO8/Yfv9jx290Lj8yMRu4f63/aK0LlmqVv8t7pd8KfffLzRUfWXL3zpzV7xG7+KuBrPit8qFeqVtUJtc+v6cmV+qbRUWi0W52bnZt698U6x0JyjLrRnqg/7x3vXXund/oiJHvFzR7T/q70u2uHX//30B19+Rvyvf6Vb/Gy89oz4yZj4tWPGn5/4bc/lu5P4iz3aP3Ig/tiBv0vqrh0z/oO/bi0e81QA4AzUNrdW5svl0rrCSQu5fl350gvSQIUehb99cuCeGng+p1IYWJcEnJGnN/2gMwEAAAAAAAAAAAAAAHqpfT/9yb8+fhlu0G0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/Pp/AAAA///RQMtW")
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f00000001c0)='.\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x111509e, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)

3m36.989660781s ago: executing program 3 (id=5865):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x2e8, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x218, 0x2e8, 0x2e8, 0x218, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x110, 0x130, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@connlimit={{0x40}, {[0x0, 0xff000000, 0xff000000, 0xffffffff], 0xa1, 0x2}}, @common=@inet=@socket1={{0x28}, 0x4c}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x6, 0x3, 0x7, 0xfffff800, 0x96542ae, 0x217, 0x44dc, 0x7]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x348)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0xfd}}, 0x14)
syz_emit_ethernet(0x56, &(0x7f0000000240)={@local, @local, @val, {@ipv6={0x86dd, @generic={0x0, 0x6, "76cd8a", 0x18, 0x0, 0x0, @rand_addr=' \x01\x00', @dev, {[@hopopts={0x0, 0x2, '\x00', [@calipso={0x7, 0x8}, @jumbo={0xc2, 0x4, 0xfffffff7}]}]}}}}}, 0x0)

3m36.177738276s ago: executing program 3 (id=5871):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfd, 0x808b9027}, 0xc)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
socket$inet6(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)

3m36.177500256s ago: executing program 32 (id=5871):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfd, 0x808b9027}, 0xc)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
socket$inet6(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)

3m14.812918952s ago: executing program 2 (id=6057):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000880)=@setlink={0x28, 0x13, 0xbaa23f3d13f2d1f5, 0x3, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_TXQLEN={0x8, 0xd, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

3m14.601209175s ago: executing program 2 (id=6062):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x3})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)

3m14.579757506s ago: executing program 2 (id=6064):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc815}, 0x40)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x38, r3, 0x5, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x2}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xfac05}]]}, 0x38}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r6, 0x339, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0x0, '\x00', 0x20, 0xd1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3m14.493795107s ago: executing program 2 (id=6066):
openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x88402, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x1, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r4, 0xaea2, 0x48a)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0xffffffffffffff8b, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffc}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, 0x0)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
r5 = socket$netlink(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000600)="fc0000001a000700ab092500090007000aab0700a90100001d60369321000100ff0500000005d0000000edff00039815fa2c1ec28656aaa7a70a4b46fe000000bc1d03000500000014000027000089fee1434f1e596534d07302ade0bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201800015b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb00d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d6f0f350b0041f0d48a99c03f080548deac270e33429fd3000175e63fb8d38a8700"/252, 0xfc)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
connect$inet(r2, &(0x7f0000000140)={0x2, 0xc000, @multicast1}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

3m13.637453344s ago: executing program 2 (id=6068):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0x13, @loopback, 0x9}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000080)=0xfffffffe, 0x4)
sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

3m13.026947045s ago: executing program 2 (id=6078):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xe032, 0xffffffffffffffff, 0x80000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000440)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68)
ptrace(0x10, 0x1)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5)

2m57.912935073s ago: executing program 33 (id=6078):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xe032, 0xffffffffffffffff, 0x80000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000440)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0}, 0x68)
ptrace(0x10, 0x1)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5)

1m46.443753289s ago: executing program 6 (id=6782):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x2b)

1m44.186526772s ago: executing program 6 (id=6799):
openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x88402, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x1, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.freeze\x00', 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r4, 0xaea2, 0x48a)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0xffffffffffffff8b, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffc}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, 0x0)
ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000740)='bridge0\x00', 0x10)
connect$inet(r2, &(0x7f0000000140)={0x2, 0xc000, @multicast1}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})

1m43.725282691s ago: executing program 6 (id=6800):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000070000000100010009"], 0x48)
r1 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
bpf$BPF_MAP_GET_NEXT_ID(0xc, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000208500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/power/wake_lock', 0x82002, 0x105)
io_setup(0x20, &(0x7f0000001140)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000300)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r6, &(0x7f00000004c0)="3734df55b8aa384973f953696f65a1aeb67a3a19858b", 0x16}])
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f00000003c0)=""/163}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@fwd={0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x28}, 0x28)

1m42.70147861s ago: executing program 6 (id=6816):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x214000, &(0x7f0000000540)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c6e66732c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c0036b5"], 0xfa, 0x2b0, &(0x7f0000000880)="$eJzs3M1qE1EUwPHTtGnTlDZZiKAgHnSjm6GNTxCkBTGg1EbUhTC1Ew0Zk5KJkYjY7tzqaxQ3gjvB9gW6cede3BRBcNOFdCTz0Xw02tqvqc3/B2VO597Te28zLWcG5m7ce/O0VHCMglmTWEIlJrIsmyLpZhQYCI4xLx6Wdstydeznlwt37j+4mc3lpmdVZ7Jz1zKqOnHx0/OX7y6t1cbufpj4OCLr6YcbPzJf18+un9vYmgt/eqWmps5XKjVz3rZ0oeiUDNXbtmU6lhbLjlXtaC/YlcXFhprlhfHkYtVyHDXLDS1ZDa1VtFZtqPnYLJbVMAwdT0q/GfznjPzK7KyZPZLJIApvEz1OVqtZs3ltjO5oya8cy6wAAMCJElX9/6ToaNHR8m71f0wOVP/3Koewzav/t3bWhTg14s0bgKyZDP5+O1H/AwAAAAAAAAAAAAAAAAAAAADwP9h03ZTruqnwGH6NBC/PhN9HPU8cjX18/gMRTheHrO3FvYSI/bqer+f9o9+eLUhRbLFkMi7yy7seAn48cyM3PametKzaS0G+95LgSJgfSvfOn/LztS1/qZ6PS7J9/Iyk5Ezv/ExXflxE6vlhuXK5Ld+QlHx+JBWxZcG7rlv5r6ZUr9/KdY0/6vUDAAAAAOA0MHRbuvP+199N0jA03Dakq90/2Xo+IKldng+orA5LK39Izg9Ft24AAAAAAPqJ03hRMm3bqnYFKek+Q9AR/PlXd3oDI9hO+a+dXdddanY6+KAxEYlopd9FZE+dE4ey0uMKvj3zP8C9dI7yvxIAAACAo9Aq+veTvfb+8GcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/2evmYWH//ew91jbcYDSrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6G3wEAAP//v/0bCw==")
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x3ea, 0xffffffff, 0x40})
mount$cgroup(0x0, &(0x7f0000002980)='.\x00', &(0x7f00000029c0), 0x8004, &(0x7f0000000000)={[{@name={'name', 0x3d, '\xed\xe4\x00\x00'}}]})

1m42.621345932s ago: executing program 6 (id=6820):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f00000000c0)={0x38, 0x3, 0x8, 0x401, 0x0, 0x0, {0x7, 0x0, 0x6}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8847}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_CLOSING={0x8}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0xfffffffb}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x38}}, 0x8004)

1m42.261406999s ago: executing program 6 (id=6829):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000020000000000000000f3ffff9400000000000000bd417b9e1df860a043014f04d5a761ed6beb393892a149940ba447187e727ca241ad497da9d7ca7e70edfd26f831fa950348d3e5524e9effcfa91d46dd2823573dfaa3801c9e96bbd07d2d2556b144711369a88fcceb5fb7d7bbed83309e2c6c5159728461c6ea31d82eb8f3a0dc48ce6cd94f1cb9fa2d81e3b2bc6947bcd3f8e34fedca6927dcd525ce84a1a7662a854409865e11ce3991452a46bbfa0641b5e773225eee3bd0abcc17"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x4400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r3 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
read(r0, 0x0, 0x0)

1m42.253090219s ago: executing program 34 (id=6829):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x400)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000020000000000000000f3ffff9400000000000000bd417b9e1df860a043014f04d5a761ed6beb393892a149940ba447187e727ca241ad497da9d7ca7e70edfd26f831fa950348d3e5524e9effcfa91d46dd2823573dfaa3801c9e96bbd07d2d2556b144711369a88fcceb5fb7d7bbed83309e2c6c5159728461c6ea31d82eb8f3a0dc48ce6cd94f1cb9fa2d81e3b2bc6947bcd3f8e34fedca6927dcd525ce84a1a7662a854409865e11ce3991452a46bbfa0641b5e773225eee3bd0abcc17"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x4400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r3 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_mreq(r3, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
read(r0, 0x0, 0x0)

4.675570261s ago: executing program 7 (id=7705):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xa9, 0x1f, 0xe2, 0x40, 0x50d, 0x122, 0x69f6, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa, 0x0, 0x0, 0x9c, 0xd1, 0x1c}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000940)={0x44, &(0x7f0000000380)={0x0, 0xa, 0x1, "cf"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000a80)={0x84, &(0x7f0000000580)={0x0, 0x5, 0x2, "8193"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000e80)={0x44, &(0x7f0000000c40)={0x40, 0x3, 0x4, "a81b4559"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.423831925s ago: executing program 5 (id=7717):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1b96, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x3, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x6, 0xa, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000540)={0x24, 0x0, 0x0, &(0x7f00000004c0)={0x0, 0x22, 0xa, {[@local=@item_4={0x3, 0x2, 0x2, "6942c228"}, @main=@item_4={0x3, 0x0, 0x9, "6f9cfc33"}]}}, 0x0}, 0x0)

2.935435194s ago: executing program 4 (id=7720):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x800}]}}]}, 0x38}}, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

2.384343325s ago: executing program 1 (id=7727):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz0\x00', {0xfff9, 0x2, 0x240, 0x9b9a}, 0x9, [0x6, 0x9, 0x5, 0x9, 0x700000, 0x155f, 0x6, 0x5, 0x25cc, 0x1, 0xa5, 0x6, 0xa2b9, 0x1000, 0x0, 0xe4, 0x9, 0xfc000000, 0x6, 0xbbf, 0x5a732f64, 0xc, 0x9, 0x12, 0x2, 0x80, 0x4, 0x1, 0x2, 0x3, 0x7, 0x81, 0x28000, 0x5, 0x0, 0x4, 0x0, 0x91, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x4, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000000, 0xff, 0x0, 0x2, 0x2, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0xa], [0x9, 0x3, 0x6, 0x0, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x7, 0x5, 0x761e, 0x9, 0x4, 0xaca, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x4, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xfeff58b7, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x4, 0xf1, 0x4, 0xab00000, 0x40000005, 0x7, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x8, 0x3, 0x4, 0x6, 0x7, 0x2, 0x9, 0x95, 0x8000, 0x6, 0xf0b, 0x200004, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000005, 0xb, 0x7, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x240, 0xd, 0x5, 0x0, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x200, 0x8000, 0x400, 0x3e58, 0xff, 0xd3, 0x7, 0x3433, 0x3, 0xa6, 0xfc, 0x401, 0x101, 0xdd80, 0x60a2, 0x17fc, 0x1, 0x5, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0xffffffff, 0xd500, 0x8, 0x77, 0x9, 0xfffffffc, 0x10000, 0x8, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x40, 0xff, 0x5, 0x7fbfffff, 0x7, 0x4, 0x10, 0x81, 0x4, 0x9d86, 0x9, 0xfffffff7, 0x20008, 0x40f1, 0x2, 0x1, 0x101, 0x80000001, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x80000002, 0x624dfaee, 0xc, 0x7f, 0x201000, 0x5, 0x2000005, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0x4000000f, 0x2, 0x5337, 0x26d, 0x9, 0xfffffffb, 0x4, 0x80, 0x9, 0x4, 0x463f, 0x4, 0x7, 0x3, 0x8, 0x13ffd, 0x1, 0x1b1a]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[], 0x84}, 0x1, 0x0, 0x0, 0x40044}, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[], 0x214}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0, 0x4000)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfc, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0xff}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x7fffffffffffffff, 0xfff, 0x0, 0x180, 0x1, 0x7d, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x5, 0x6, 0x800, 0x0, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.329700366s ago: executing program 1 (id=7728):
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)={0x1, 0x0, [{0x2, 0x7f, &(0x7f00000001c0)=""/127}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)

2.09009067s ago: executing program 4 (id=7729):
syz_open_dev$evdev(0x0, 0x0, 0x2002)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x1e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x5, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

1.808087045s ago: executing program 1 (id=7730):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x4, r1}, 0x14)
syz_emit_ethernet(0x12, &(0x7f0000000440)=ANY=[], 0x0)

1.800375266s ago: executing program 1 (id=7731):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYRES32], 0x4c}}, 0x0)

1.778874316s ago: executing program 1 (id=7732):
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f00000000c0)={{0x0, 0x1, 0x2, 0x8, 0x73eb, 0x7fffffff, 0x1, 0x52ce, 0x40, 0x4, 0xf, 0xf, 0x401, 0x0, 0x7}})
syz_usb_disconnect(0xffffffffffffffff)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x4004550a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b000000080000000c00000003"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="0500000001000100ff7f00000202000001000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001780), 0x8, r1}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)

1.661310478s ago: executing program 7 (id=7736):
syz_open_dev$evdev(0x0, 0x0, 0x2002)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x1e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x5, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

1.218938397s ago: executing program 4 (id=7737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x80000000000004, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0xa3e, 0x9, 0x3], 0xeeee8000, 0x202})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2c, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x16, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x4, 0x2024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.06650993s ago: executing program 5 (id=7738):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4092})

1.0658844s ago: executing program 4 (id=7739):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f020000d706000020000000620a04ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8"], 0x0}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f0000000280)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x12, "0062ba5d8200"})
r1 = syz_open_pts(r0, 0x20800)
dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x44)

1.06512337s ago: executing program 5 (id=7740):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000000d0a010300000000000000000a0000010900020073797a31000000000900010073797a31"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
close(r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r1, &(0x7f0000002240)={0x0, 0x0, 0x0}, 0x0)

1.04063011s ago: executing program 5 (id=7741):
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)={0x1, 0x0, [{0x2, 0x7f, &(0x7f00000001c0)=""/127}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)

676.972237ms ago: executing program 1 (id=7744):
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x88}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x20}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff51}, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})

526.731ms ago: executing program 0 (id=7748):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xf, r0, 0xfffffffffffffffc, &(0x7f0000000400))

500.18446ms ago: executing program 0 (id=7749):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fdatasync(r0)

482.709671ms ago: executing program 7 (id=7750):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000002, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0x1000000, 0x68ff, 0xa3e, 0x9, 0x3], 0xeeee8000, 0x202})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x2c, 0x80}, {0x5000, 0xeeee6001, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x16, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x4, 0x2024, 0x2, 0x0, 0x3000, [0x6800000000000000, 0x4, 0x3, 0x8]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

410.956582ms ago: executing program 0 (id=7751):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4092})

410.764752ms ago: executing program 0 (id=7752):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = gettid()
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0xfffffffffbfffff4]}, 0x8, 0x0)
readv(r1, &(0x7f0000002500)=[{&(0x7f0000002100)=""/140, 0x8c}, {&(0x7f00000021c0)=""/211, 0xd3}], 0x2)
tkill(r0, 0x8)

405.505762ms ago: executing program 5 (id=7753):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000900", @ANYRES32=0x0, @ANYRES32], 0x4c}}, 0x0)

366.678223ms ago: executing program 7 (id=7754):
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @local, @val, {@ipv6={0x86dd, @generic={0x0, 0x6, "76cd8a", 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @dev}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000000}, 0x48)
socket$packet(0x11, 0x2, 0x300)

200.543416ms ago: executing program 5 (id=7755):
sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, 0x0, 0x4)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000002c00)}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000540)="679512f062b8d965651edd4c06c901784e56aa174403ad4134742b71d211c6a85d8bc563c27f754fc2af5351f2f41e867c71c19837f2feba7862e511a47c446cd11c960f018962a53f6cf31a1123ff8092c9ff560701bfc579fa80f9149acafe2a225fed70d9173f0243a55be3c4028da556cf126da9c1b9b8f8e11356", 0x7d}, {&(0x7f0000002d80)="15", 0x1}, {&(0x7f0000000e80)='S', 0x1}], 0x3}}, {{0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f0000003200)="8c", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000380)="01", 0x1}, {&(0x7f00000012c0)="c89339f96fa636ba2f527aaa37159cc815448e015b23284d531bdd25a86c02e88b8f962021a37fd9614193094b27b21bf40bc7b43441ae5179a127ea80e91899e1f10a7045c4412bb7997ff8838923521fe0754832209cd546f4ed81500298511e080ec7059b1c32c07fd26f721c6611b8cb344a3fd8f7a889c50a42881e09d4d7ee7ee6c308a13ae6436c858933dc99f71924b68ae0faf95b0afcd3533bcc32840737f434728a12e99aea5c4ee6a603636560b8d9de530d395181e440c1a025ff8d6f33062f14ba2403a178e32ff2d4ec5d0d2c83233b01a41103ef38daeed650987abebe0e8ba7effc07bb5dbbc9a38a11f082f2c99937942f017c37a59572f5069ca709702ef133aa9730ebb5b72687f6175906dbc32289108cc93e5c84284bc701a0629e12eca8c15e763acd011323b758fdb82a63665c906b176042a6c601b5428722c8f6b795a4effc0d4c9a4b4963ae30e77afa0b473d27f4938b1f081765f30aee60de80b1154e3afc3593cad6a146f1c4e954a6b7535f7c4f1baf0e7280ae8957eb14aecb29cc42be434b6a73840fb4668ab11c7ad5f300d7561aa60619fc26a1bfe8fa4858b8b4282d0c9a86c8c2eed644303c1213114081f9cd2358f6609ed25113de321db6b3efbfea341c7318fdcf6776383d3329f080e2386a708679852ee2c28c2ab423163be97f818424b862486791ce5b8b25836a4f07079b65c7c3b2e797eee7f267e5cf37fb63bb89f6b15c332da46b2a313ff6cd958152701a73601c7d02b74622ba7ff9c2fccb1826a3238b95163edcf5dbb381c666fcd8f0ce22eb182135bd8a32c627e20354f2253edb77efadbb48d512ca030763df825c1dd71d34295dc2e75e0a3054354ca6674e2d16ae319c8f3bf7a7fe1e1e596cc2679444c2b5e84a5caaa40136a41a3a35e2ca053d8e4ff2134c2bd7dc2c5c7ef55579a7b569b5face778afba93a877b622f473d942fef36d909b7c17e2ba3948fc889f377f0bce583835ce70b86ee8c419f77c9fa9da33d5f3fd2f994c2229b59db0670a15d7ba9b8b3245c7c2f83953c046528db1d9626877752071b0389bb18edd4d3797b6846e8746911526b6cfb1da1a206f5d13f69d7a8a76f5dfaf02abdfde171ed51a80ca2146fe8a181df5f9c9e969c1e2113bb355a956dd0139446d7e5b1ae338513459753977c245177ed5ae398bb23ad503739c2d75b99d70af19a2faf0a6922585378c0c881298f5af7dc63f99b40be3aea8c25bb8f599ffc4d47caec400357f2fa0675c5a81141d6b1697a92f7ab1e465361bdec4bc837595cc257aac0bcd3333eef2199c622268f0aafdccf73b3fda6ddef6102aa03c1a07a85509025be45443e71d63e4a8b54cde98554b1dd9a2f431b62d29f0cf67e069c15988b8b78c6c66f7f1d831e6307473250bf66b88c1c326faa8f093f03824980bbddc34e2324754fdaafa45ea1a1cc4baaef3104108c8e7987696d3634aa61cd9af0f2b5e427eff51cc66792a37a6e09278c6457a92a84d2fd23f7a753120758e5ca80582848d537d2704315ee55374ca8204c427c8f1138c901a29f83c0b63fb00dca30a90aa0b81d09fad2bf556100a3f762dcafd44d89936f8d5e037bff746a3d7f769ef8045ca50b1f7e8b24b723f06b5582564133e8d6b9f78c0e0d19c6808b65aa19e0dbd18527e5cf4f1c2a7e9b9dcf996d781b0851b925a02a02a9ec2887fa049d10bf8e3cf99157df4f6708c9b3673e565ad47f3518d45c69e4c18f511a9973938279a0c607d4d5b010b83b7edf9dc91ac7b9dabcabf45f4abf863c87c9671b22421600e6358ab3798afeabb0021b587e125b4f599271228944365b1333e3a9f5cc7211fde35179bc2237a26d11b9ed5387644e34efbffb54c615c7e52efc06b425d43d85227f73d7d7a7435c4bf35c76be6e5daf24785f197710503a7cf3c6bde5d5f9ac3312f50af0bcd4e05313bf02e8737761c47957cdb07f1efe8468502e58e1ef9d02582fdfe2db9c1300d99d97b2b339b73a78ef91206a8f08a21988076987ca3b6e361bdd86fb74a9184789586a1815935d837fa7590ec4ae4aa838bcc5cc94c9193b4f3084f9854f21223bc2d8fb4cb4f888ebf6dc9daed2b5f36a964955daf5fac1e69e40952b09e3124491d9d6db5eb2529c0d0a6d7a9329a05a9d4d05a9fb55711786daca3519573d1a19c9200561e9e08d74190583fc4127d99ec251cc2597ddfc77562ebcb0c4107ed839e8d4e39cf048f7c3bf4d3af99d32b419f7e46cb70d23039bf965874be68923e7947fcc8f6182f620576221209a1781eb0e490d53831a01e5c3bb406b8004534c5f5c631a6a46a06bbd56c4d309f8e7f1de903dc9561cd23cb9a7ab63db127ab22adf1294aaab41e73bc067935901e66de985aafb506744c96d12af55e5961718a250ccde0db9dc94c5ab817448f193f922361f8d3043d4095ab1bb1126580c094f5f0356773fca30f963c2cf97c033c634a057d376140faeff8e19273749acc9322c94ec87d0f4b70615b76f8e2b256daa5c034382a1b93889081862c20dd2b956566321f69b192fc7f2bc135bdb2bd9575cfff340bfdddc21ce37647f7e34724286e5faf447e039e67fd64938a40151d9aedbb772a059b0ff3d2dd8c2b7f96df3b48f611758e28ad8812fee6708cc39e77bb55743db0df4cc08653c78182adc3a67db7e760d5f3741d6ee241576d0c55d5c40b5932769d80e2a687ec05c7f4c3f137ffdc5abe3e7039fd5a86990374ff0b00192088182e82b970c5bf0cfc054ca99aa225a69df5519a78fa31ca37ced124e84ded418aa9868a5ff95334ada067084fa98e5fdf353285836246154b0eef9ec625c855721a6cd0c649b6d2f72e600ebdbcfc207347a3d083033b03fb233946e9aca086456ef2bb02efff8e7953d833eb986c22afac7fd3753c19a7fd39e4d1f709e70272013b41614df4f1db326250b5588de369c7a8bf3842acf15c78a4d3881a6e092877665ef63e88dc97dd72d38612d5380abc72b9266cd325f05fe16ef0a01799e33adbff1d86d0980d2ed3f496495e5b7f41278c9498d1616db7ba860ffb87aee648df3f19bffa2edafb89940f930fd8beb2825492305b074757730accb8d20c847dd4d8beabc318c78cccfbc406314fea2da4b4cb8a67371bbce9dd7ec2d3c5b4ea21059130fa76fefdb4a7669ee25748468ef2d78088d1b3bb997ae4d51b5b739acfbd3bb1236db07dbcd0c810c07c73e5c6735a0be9d539d5c6caae62b3707d1a18cec5e16cac8575484604ca884e4f91c9bad2476f18be0b873a2cbe9c997335479b8487919a78922fd5175e8dd3b571a7677e6ac9f82e4e7c67cdfcb9ceee59b08a51bbc737bdff9b6e2250877d44a8d8c1d5ef113b2372833307be3cf0db834d043f529db04185b557910009d92cdfaa07c0533483459294a3e3da555c29416e1af2ec90b4b891e028e5af3ff5b274a0dc93ad4a3a33f886675f86bd1573bea665221e6bda9e2682bc00de3e603531f5e7d7a52c5fec65f478414833e22f36fe2b18930be9e4ef6367955623a9b938f79ff7e288678344c378b2bfd168e4c929357ab39640d677bcc17ac12fd999f3d4cd17b25a26e2bf78bcf9f898e89af6af47390908d5ea767f516cd4194165cea481c8f7ab946b66aa3083f21c02e7d61c19a4358c1cc92503c6e3bb1e7bdeb5badafdda9cec995830f5fadfb3fffe12426db1253db1268e4d3a24ca1d3d06822a439d8ccfb26af736751ac2d6dcec3763eba1c56d8a9f0bb66edb73e0dc9d5b56b23058fa9afa3667ac6188027bda68211b45b5451fb5a7e359fc61cdcf13d1f0965d9fddfd3d5d75684353a8687d18c3970b1c89e217b6cc1c7a34cec7c1e667dcd205346c2a8f85835c186811ab1121136ea83d297eb05a9ac1afa3b33346b392c3e9f479a19f7563531d0519f29868015ff20163530ce8d31bb298801b772dbb65d5caeda85982798a5ccdb4576ecc9378dadb21b3bfbb4cc33b3883164fbb6ac1a0401492c453fe2430a9de3b96d445b2c36e9a82200e00df7649544966c8f39a2d173fd8529ff8ac0f068216ae62f68c21485d6a5638f916cb5c27e5b4859c799b0a6786fd48fbacd83a9a472f50e024fa394537b33d3b4f9301266ea5e2462310ee2b862635d32d780d6411e4e6eb49d1e3732d1a0b8f0aef5bb7fd71cf9f861fad635e321fa146a630ac18d45c425214d79becc8cb97b8cac0ed0155daa9861c57ad549ae9d3cab7259a4b1eeaa72f7fb575f1dfd7268365e194e15518e176a32b82cc13544e75170bccf49161b67f649ebd1b81c85b128312b78e93750bbe9a2c456be9743859c8d80c4ec1dc4fd9d1a059042b058347b8bd02e65d469448953ac787b827fc95071d67ba047ac40ddd8a2503f62bf94457ea53073336cc284b2af1ef5598b0c0a0df3e2d729c43a7307dedb785240ab9cbe89075fb6b7ab8e6482b1ce31332e1bfa3f72e850bcea57260e4ee064ea5cfb629a058fba119e7d09ea4abd1f3b13d5ba5f8fc8abf967baf2da74099fd298e3bf3dc19ccbfe4c5e6be8cdb5e10066eceef59da3fef70c4b3d0d3f1ab7c347b63e3373e3327f9df11c73283234de66a9fa7bd2465318c6ef3a6f6a90b09c547bb93c2e5a1d12af02a0abfbc697c38ae95e1cbfd12706e96bbb2e12aaf6d40b032d61f9ee527bf464d51cc1a80ea0baebaeb8fd0523a7028387c43fc27f5fe6d2880a9f2b69eae550e3dcad889ae61abbfca58140760b53c85cea987e242f9ac38ba50ae7da73", 0xfffffe95}, {&(0x7f0000000a00)=',', 0x1}, {&(0x7f00000022c0)='Z', 0x1}, {&(0x7f00000005c0)="f5364e548c550000000000000000000000009c20aa8f88f2a2e98330e3799522896ebfddd4848b9deeecae27e7d77317facda9ee98b10c68444b7c094658bed24fd6766444ba58941c4d2a2cea03546fa8d215c3547d076a9543f841b2add236c19bdcf172a69ab70a7df1ad7ebc55e947f2c7a7a356fd68dbce155d2e22d72a5a65dbc16f7103ee6d06748b2ddf2799d94bfbcf1140285facb31bce2fba7fe3617478337692b1236f", 0x11}, {&(0x7f0000003240)="d4570847b1937948b7111dd96d83d8a455529f100357457d4f0f5c91105a3c58131bf10de83dc9ee9d239e5e89e59edb35abbf64c1a92109f8eb01bf689b90055bd51506423f4e456274a778c228aeb5d65e191f1bbb21f0f6dd25edc276f1264580344fed0ee32709a73a160c7578465757b87291dcefc84e58ae39e56fb10d42fd5a34aa4fca42ff53e3c9467d8dc1278a34d406df142092ed6661092ce85816f8e6a119860c3314d0e13f5d50a266f738b71fd531396d768c35bc45c042ee7d69b0b7b90da2aab111667ef006593c99c27c67bc3812dbc9f1994b4830ed54ed1f0bdf4966c1d20bddeb83972b15a86ed5fdef279ce58447059a2ba491d21120dc7e0a1d8cc5eff2deedec41057e178eb95ff00fed1e7095decea9cfd52c0a7438dbfc135c796bfa2bb290ab03f35ea2f2d72b8b0503f4972d6d7c60bf5a80981c4f9826007fdcaad959e1c90cace1664480e98069a86f1c059d112e9da27fa71716f530c2a5bf2296d09e5fcc726a8e5287499f563089bdcb6bf3779298dc9b6f739190f434983651f5f29857cbf62faac8c20bc7ac69334fe99e70c29a1294d0ee89dd6c9cd57845e64b289f84220b6e1fe9e81381cf688fa945a68eed3ebc0e8c1efa403b5a4cde68a24a863c17c9f8ad6d24a09e60d83fcf2beb51e6faac173ac98bb2269d7523f8654417ffe70ab87b477045715ad6aa3db39d3f32760fe25bdc0f3e083232ea6a55da3986cbdbd654ed71a4780f7dc3edb628e14287963c3b5f7f177a35071d7f1169351863516fc96f8cce8781439de06c9f76d6e303518493676b3b135900b89eeac40d994936e3a5a6bbc2f2cf6a2a8ed0ad2f81386f8c327cf9b15f8039df0a950641f7d14728194d7640f4cf7e28e1f89b2485857f5f70866844cead5b29f5d9166dce885bd4343bb1fd2c8437105e8e295c27cb44b10a01590c0fdddbc8abc71f777171adef0a45fe5c92b39e32a9c119c6c9a340be0df8cb3b8b77a2a6b5ba1ed4449674811dfae90889b3fb174e11fb947e15232d57bdeee29db4bc0816a878120e84e0ec40a99fd2b88bdb8502922d7015dff05a94ce7c79852bb7ea9a043fa629afc702300d49ac7fbe67a7b0161d2703348b8d0efb144f2920e341debd821ddc4a12a3f89891f24427a169c741568a06825d4f12d64da0935f2f217798b41f44b90140ac2f4cf08219f42b5d30bdd52e76c74100326babb4d1bc576c944fc5bd3a985f9b209a6a473e4fe3afe0c110b630ac443b75c6e13b20810fd3e5ecf9c6785dabeb758a5ddcfb1ad889b5349606ead8f3fa34ba8ea706de19da6b3a0bc36c4c2e3173a9c929157aedf649699f1f8887a31fccebbd7f28843c91753483541b2b895e642855f856e3951e4853fb70b4090512112e813edaa8edb0a5ddf2c329dde5381e6a5716ec9d5a79d9438ba6de736ac9ad45754bfe7227ada116507c84ffd942a84f4ce115d4fd9029f17e62383ce5fc7048a3f85d2709f2375334f1fce2f8b1af99742869f00f2d2fa37ccaf385dc2eaabe2f67671f06addf403d94bffda4bf5747a8773e9ce3beb7ca2b2e2714dd50eb387e226d834a0696b689b004cbb5b3a5aa7a2878be737f4dd7d65bf976f8deb39ad07265be604ce4f9246225f91cd10afd4725d800eeae4abcd0fd17fdf11257b19db7dcb4b9c34dc3cee03dce7d9ab6f7ac5e12316ce9879abb4432f87faa2b25094963f48582fc8a617067b1a0f0960ddf8cfd5065352d9aba09d37b9b10c7a8f702547fd86f34b62183cc883e41c40f5b0676eb077bda0204bd08dae7e7922b7934f2b449229950b4fc54cd7dafc709d828e9301be8c767e0f3bc420cd10ee3dac383bb8ab8aefe3515d6b959dfe578d256f375751beecbd24a152939b59f913728e47207b8a642b100aadfc685cd7d77ba43ec2298db4f551d851991723cd1cdd42f2837e7fd5df3dbf52945ea9a97b73d8915336023beb9bd3c91d9b1c7f5d49b0cba9c30016bb3216e9d6e9070a5dff813ce85a2a36fffa6bf750cf21eaa91a754f9788663690189fe58a9205e4733b6ac0711e98123f145a87eceb00561ac7d1a699d00384c57f6dc92939f45956d489946a365440d40911dabed15b67748000e0d244b21276032667f66119a2485f31d2c098da4cbbd0c5bbf8373fb53b662e48fc572b6e6c5700a360c5b905b548eaee0aa928b38703c84f7ed4a9a858801ad26c2911d4bbbfc1f46a070fa64db31a619dad30ba96eea1edccc6b0e67b7acffe1261af8e08ffb27fb625820f7a823c63febe0fb32e8907415a973cb42c8752d6a9ac3af2bcbd91d5e5c3ac288b2e2a92cb860d97cbf2b17da25b5333d90156493076ab457afb59f3443894a3c1d3d8b1ce7cbd47d36a7a64bcb194ea00d46181a7b65e3e104bea46434643ac722d04437b72f518e98289edba99559dd6aa03af60da7a00ad4f6105d31745b808a243c8ee9ebd70fa8516cd471473a1608d206fa93885e696f668a397cf713fe9c2001fdbb6e07f124782f5891bdc238db61a7d7f0575072abfadad9593a6ba8b1c89351784d0c722af86989e137809aa5b7833462a71ceca8d7ee24e883577a128652125bef2bd7558f77bb566719f2672fb07f890f892d2d3a725d1d907a696d2d97065c001cfd9e97d60fe2f584992b9bd80f618531af2f3d5df2c5717da36bb2a64853612b8f1f881c2a306b1e9c4c369e33e5675e0f9195e570ba0b2e0594838ad9aef53686a2c4dfd9eae21a826501af92d48e0d857ee0876cd09996c65b50333ab256b439fe89d836d77135079c51f87b1fb58c446a8d52e3c6432c111af4b66d57306659c81088ea0ef96a2f1b97dfd8beeb578b3016eedb65e2ec190e1ba08c9c37f85e102fdc972c9ba2a4a6f11a79831ed8087a22d1d978f005f6ee8869b8c1717a42b75378a98a5f9b1725cc323151b1996468068afd2827ccede23ffe279aa7b45d7dc683db3a9efb9f7b2093765d7c178c09bc0edeccf18c9ee5845cba0c2dda463989faf6d018e330cb52bc5d7913e6e26ea8cde26b7251d828da7b83a1ecbda1ecb3344b3c60f606a419d868da70ade78c3ecebd9b2bcff9cef2507907f011cdf9b072b1dcc872e5b29365b0f4a7d6c581c9bf42320ad9c3a52b419b73d0c0f616f2f630df9bdb5f3b88bbcdfe618180131be8357099f9e8ea457eb1dcf9324c7081687899fa81bc267e87bdd80b88150f6745cb735936876ca6b3c7a492698d32d762baf5b482fa5f26351cf18018fc1cb49411fb6663c474ea29d2a9d4ad703119fe7a6ed2ce6f97287e7660617c4e38c7b1aa1ee5df253c625a1b1d29c042b6d5dbfb44633dd4c0e93992aff81024c408ff00d24d9c98c07c1d4fe5656e3b053914a09b8f2968008c5c4c115d9f8640136254303cc095f95fa335aa858510dad731af19eb0df690ab0edd2bbed96679dad71ccf94da088cf62b34580548027703f92525b41d36297e71d988901e3e086c0d8f425732e0134a9ac2b111a5745c57d9a138b6a4055e7e3ba220a47fef3474e5bba15d3f4711e1d00f2e29f1a1082f4518a08e36451e887963193b08c3e255f22383c7001540b05836b30e912adaef4130ae8edb9c891c398855b218e76eb94332538b7add4b9261e873a6b91785f5ea6c82306dff166d654987361917fe83fcc5be9be3e8644d96d5a7c7bb445fc1b2c0a48814fabc1b3a190674b5f159a5b041dd317c4cf06076d6c9a7572054a09f2b9b74f14289daf5a16dbe6de85ed6128c91a18518f069451dbe8b9f57dab9bcecb4cc53e6612b90f5e644eaed1765d45ad6e6d9f0358fd3a885df1c572cfdb511bbca345628206d89b16f9251be85e1c617b15302bb86397e0763d757c70362dea82688fe32d0a714d598f3131c2a3a4414898fccdfd901dc8fde466ca269bf211b9863e360ea4aab7fdc107ddfd7ede043708804386e0180542a0802745407ceecf6adb2a9a5614cde89d413f49a32733b875281c8cab7ac5815a92fda65ea23ce2feab66606605f49f526cc336d2a5a067c185845941e4142ba82899966fc95bf40570967ec0a6fe130dccbaca48d251adb0f81a170e3dfac6f02e7c8bb5fa6f5602bdc73267c6756e1a374d5e8b19a92ff39662db3ac9f761b2e9e015c51815e5f111d416ee0a67f3adad81f8c64dad193f19048bb46ad1fa786a0c3f36119bd14bb9ad96f2182a19504e15f2cfd885e5862f4d2467053ee1faa978bd2267d56401a548f17d34adba7e9186a2a58931a69bb815dd50552995aa8ceeb4eda5330227f2078eeb72c9b6845c04679868eb5f6a0f0da8c1ea2b0c7de8781d9fc129561a7b283aa488a117269116f81e44a261ed6c0fc4467125d83fd306bce3c6a29df8db000036cd851d805dda3bf218c800d77fc9837158f883b962efc7886cbe93cc137e0bff8387c4b7d64df8b89805dbf5698babf22be7d735bb7baedd43bb3f577989ddaf83892c55771a10beeb2326f3e766fd40eef0d0ff82969bf5534cbffff4fd493fc34d58f322d22fe21101c4248756ad844876d3a7f3999d14c0962e68eaeac83d44d22d498e04673343f4a3a60abfa4f45ea2af9b65982ff5899fd509beccfc8e7dd125c08096e9e5fb71edc590abdd53592d67afec4d227170c5f6e4f1daceecaec968448c033c0a9b0390a12b5af4b973c0cb7c072bdfc8b4158ea4cc9114816cf1242199d0d62a013c4e9646338bd284fede8c93114d2608c71ae1d0891a3583daa51971a5ba51251f3b9ac6d8a02e0fcb69744a74762e13c24e3f1d8e6e3e2956b99b97506e959ca3c7141faa5e2404c62854ef2b9e75a75760a71003e1b0c004752864f51ed600fc306773f635587504e3cf432d68c2fbce21c26a47dcf3358e434dc2b97941a5bb0e35744e4f3d53fee5719cc931f93e150744baf61754726b84a052bde27f666e472672f1f8f6381bd25bc619ba51a", 0xdc1}, {&(0x7f0000002380)='L', 0x1}], 0x7}}], 0x4, 0xf000000)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

180.966417ms ago: executing program 4 (id=7756):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})

180.040766ms ago: executing program 0 (id=7757):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x0, 0x1002005}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)

105.685108ms ago: executing program 7 (id=7758):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xe, 0x3, 0x0, &(0x7f0000000480)='GPL\x00'}, 0x94)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x2, 0x10, 0x4, 0x64, 0x2, 0x5, 0x4b, 0xa7, @loopback, @dev={0xac, 0x14, 0x14, 0x35}}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty=0x1f, @multicast2=0xe000031f, 0x0, "ff00000058b274e6d845167fefe428970548fc3c7b00000000000000fcff00", 0xb2, 0x0, 0x6, 0x5}, 0x3c)
ioctl$TIOCSBRK(r0, 0x5427)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route(r3, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4040000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x321, 0xffff, 0x4c, 0x101, 0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x4, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x52, 0x5, 0xfffe, {0x0, 0x1}, {0x49, 0x2}, @period={0x5c, 0x2, 0xff7f, 0x7, 0x0, {0x5, 0xfff9, 0x9, 0x1}, 0x0, 0x0}})
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'netpci0\x00', 0x2})
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000140)={0x1, 0x1, [@local]})
write$char_usb(r7, &(0x7f0000000040)="e2", 0x2250)

105.516528ms ago: executing program 0 (id=7759):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r4, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e2b, 0xb, @private1={0xfc, 0x1, '\x00', 0x6}, 0x6}, 0x1c)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x2, &(0x7f00000005c0)=0x4, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000002640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}, 0x7}], 0x1, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

105.395308ms ago: executing program 4 (id=7760):
syz_open_dev$evdev(0x0, 0x0, 0x2002)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x1e}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x5, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

0s ago: executing program 7 (id=7761):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x4)
pwritev(r0, &(0x7f0000000080), 0x0, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}}, {{@in6=@mcast2, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe4)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(r1)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0xb}}}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

`syz.1.6667'.
[ 1835.531801][T24158] EXT4-fs error (device loop4): ext4_xattr_block_get:546: inode #15: comm syz.4.6666: corrupted xattr block 32
[ 1835.550636][T24158] SELinux: inode_doinit_use_xattr:  getxattr returned 74 for dev=loop4 ino=15
[ 1835.670013][T24185] loop4: detected capacity change from 0 to 512
[ 1835.894578][T24185] EXT4-fs (loop4): Ignoring removed oldalloc option
[ 1836.093260][T24207] loop6: detected capacity change from 0 to 128
[ 1836.100931][T24185] EXT4-fs (loop4): 1 truncate cleaned up
[ 1836.111973][T24206] loop5: detected capacity change from 0 to 1024
[ 1836.121091][T24185] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: writeback.
[ 1836.186752][T24206] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1836.240405][   T30] audit: type=1400 audit(2000000005.520:568): avc:  denied  { read } for  pid=24210 comm="syz.1.6683" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1836.261226][T24207] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1836.281815][T24207] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1837.122900][T24237] netlink: 188 bytes leftover after parsing attributes in process `syz.6.6689'.
[ 1837.718890][T24244] loop4: detected capacity change from 0 to 512
[ 1837.758129][T24244] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1837.840026][   T30] audit: type=1400 audit(2000000007.120:569): avc:  denied  { mounton } for  pid=24247 comm="syz.1.6694" path="/339/bus" dev="tmpfs" ino=1842 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1838.056675][T24244] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6693'.
[ 1838.168874][   T30] audit: type=1400 audit(2000000007.450:570): avc:  denied  { bind } for  pid=24256 comm="syz.1.6697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.214404][T24263] SELinux: failed to load policy
[ 1838.258029][   T30] audit: type=1400 audit(2000000007.450:571): avc:  denied  { listen } for  pid=24256 comm="syz.1.6697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.312393][   T30] audit: type=1400 audit(2000000007.500:572): avc:  denied  { write } for  pid=24256 comm="syz.1.6697" path="socket:[86634]" dev="sockfs" ino=86634 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.345951][   T30] audit: type=1400 audit(2000000007.500:573): avc:  denied  { accept } for  pid=24256 comm="syz.1.6697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.365720][   T30] audit: type=1400 audit(2000000007.510:574): avc:  denied  { read } for  pid=24256 comm="syz.1.6697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1838.399145][   T30] audit: type=1400 audit(2000000007.590:575): avc:  denied  { mount } for  pid=24266 comm="syz.4.6700" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1838.421841][   T30] audit: type=1400 audit(2000000007.630:576): avc:  denied  { unmount } for  pid=23506 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1838.443036][   T30] audit: type=1400 audit(2000000007.640:577): avc:  denied  { ioctl } for  pid=24268 comm="syz.6.6701" path="socket:[86644]" dev="sockfs" ino=86644 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1838.665934][  T286] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1839.560730][T24295] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1839.616557][  T286] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1839.628558][  T286] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1839.651869][  T286] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1839.665964][  T286] usb 5-1: config 1 has no interface number 1
[ 1839.673066][  T286] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1839.698144][T24303] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1839.723081][  T286] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1840.827461][T24321] netlink: 188 bytes leftover after parsing attributes in process `syz.6.6720'.
[ 1840.853676][  T286] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1840.902718][T24326] netlink: 'syz.1.6724': attribute type 13 has an invalid length.
[ 1840.918803][  T286] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1841.029363][  T286] usb 5-1: Product: syz
[ 1841.067634][T24324] loop0: detected capacity change from 0 to 4096
[ 1841.089250][T24326] gretap0: refused to change device tx_queue_len
[ 1841.105876][  T286] usb 5-1: Manufacturer: syz
[ 1841.175741][  T286] usb 5-1: SerialNumber: syz
[ 1841.221794][T24326] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1841.238016][T24324] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1841.268404][T24324] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,norecovery,nodioread_nolock,test_dummy_encryption,nogrpid,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[ 1841.886157][  T286] usb 5-1: MIDIStreaming interface descriptor not found
[ 1841.956466][  T286] usb 5-1: USB disconnect, device number 9
[ 1841.991048][T24356] loop4: detected capacity change from 0 to 512
[ 1841.997658][T19076] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96
[ 1842.098633][T24356] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1842.114060][T24356] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1842.726945][T24374] netlink: 188 bytes leftover after parsing attributes in process `syz.0.6734'.
[ 1842.915443][  T286] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[ 1842.977215][T24378] loop6: detected capacity change from 0 to 512
[ 1843.046448][T24378] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1843.061095][T24378] EXT4-fs (loop6): 1 truncate cleaned up
[ 1843.067290][T24378] EXT4-fs (loop6): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1843.205405][  T286] usb 5-1: device descriptor read/64, error -71
[ 1843.235296][T24382] loop5: detected capacity change from 0 to 512
[ 1843.326191][T24382] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1843.334542][T24382] EXT4-fs error (device loop5): ext4_ext_check_inode:501: inode #4: comm syz.5.6742: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 1(1)
[ 1843.386975][T24382] EXT4-fs error (device loop5): ext4_quota_enable:6411: comm syz.5.6742: Bad quota inode: 4, type: 1
[ 1843.399318][T24391] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1843.465665][T24382] EXT4-fs warning (device loop5): ext4_enable_quotas:6452: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1843.480618][T24382] EXT4-fs (loop5): Cannot turn on quotas: error -117
[ 1843.492624][T24382] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1843.645407][  T286] usb 5-1: device descriptor read/64, error -71
[ 1843.685486][T24409] loop0: detected capacity change from 0 to 512
[ 1843.758914][T24409] EXT4-fs (loop0): Ignoring removed nobh option
[ 1843.824505][T24409] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[ 1843.832907][T22450] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1843.942678][T24409] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.6751: attempt to clear invalid blocks 1 len 1
[ 1844.914854][  T286] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[ 1844.925090][T24409] EXT4-fs (loop0): Remounting filesystem read-only
[ 1844.951686][T24409] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1845.046912][T24409] EXT4-fs (loop0): Remounting filesystem read-only
[ 1845.053541][T24409] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.6751: invalid indirect mapped block 1819239214 (level 0)
[ 1845.075330][T22450] usb 6-1: Using ep0 maxpacket: 16
[ 1845.154993][T24425] loop4: detected capacity change from 0 to 128
[ 1845.161740][T24409] EXT4-fs (loop0): Remounting filesystem read-only
[ 1845.177162][T24409] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.6751: invalid indirect mapped block 1819239214 (level 1)
[ 1845.201232][T24409] EXT4-fs (loop0): Remounting filesystem read-only
[ 1845.208358][T24409] EXT4-fs (loop0): 1 truncate cleaned up
[ 1845.214126][T24409] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000100000,resuid=0x0000000000000000,jqfmt=vfsv1,errors=remount-ro,nobh,usrjquota=... Quota mode: writeback.
[ 1845.233835][T22450] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1845.255019][T22450] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1845.271958][T24432] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6760'.
[ 1845.280972][T22450] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1845.331306][T24425] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1845.342886][T24425] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1845.366542][T24425] fscrypt: loop4: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[ 1845.379778][T22450] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1845.444228][T22450] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1845.454622][T22450] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1845.472436][T22450] usb 6-1: config 0 descriptor??
[ 1847.255341][T22450] usbhid 6-1:0.0: can't add hid device: -71
[ 1847.516782][T22450] usbhid: probe of 6-1:0.0 failed with error -71
[ 1847.526812][T22450] usb 6-1: USB disconnect, device number 4
[ 1847.581293][T24476] loop4: detected capacity change from 0 to 512
[ 1848.383661][   T30] audit: type=1400 audit(2000000017.660:578): avc:  denied  { mount } for  pid=24486 comm="syz.4.6778" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1848.434517][   T30] audit: type=1400 audit(2000000017.710:579): avc:  denied  { mounton } for  pid=24486 comm="syz.4.6778" path="/44/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[ 1848.486103][T24487] loop4: detected capacity change from 0 to 128
[ 1849.709461][T24513] loop0: detected capacity change from 0 to 256
[ 1849.822489][   T30] audit: type=1400 audit(2000000019.001:580): avc:  denied  { mounton } for  pid=24486 comm="syz.4.6778" path="/44/file0" dev="cgroup" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1850.172439][T24513] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1850.324363][   T30] audit: type=1400 audit(2000000019.531:581): avc:  denied  { unmount } for  pid=23506 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1850.345045][T24513] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1850.375943][T24513] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1850.393127][T24523] loop4: detected capacity change from 0 to 256
[ 1850.408514][T24523] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[ 1850.614905][T24540] kvm: pic: non byte write
[ 1851.621951][T24573] loop5: detected capacity change from 0 to 512
[ 1851.633918][T24570] kvm: pic: non byte write
[ 1851.641572][T24573] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1851.649029][T24573] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1851.669355][T24573] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.6807: bad orphan inode 16
[ 1851.679701][T24573] ext4_test_bit(bit=15, block=4) = 0
[ 1851.685236][T24573] EXT4-fs (loop5): 1 orphan inode deleted
[ 1851.691139][T24573] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1852.221629][T24598] loop6: detected capacity change from 0 to 128
[ 1852.240373][T24600] syz.1.6818 uses obsolete (PF_INET,SOCK_PACKET)
[ 1852.248770][T24602] loop0: detected capacity change from 0 to 128
[ 1852.255162][   T30] audit: type=1400 audit(2000000000.830:582): avc:  denied  { sys_admin } for  pid=24597 comm="syz.6.6816" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1852.290404][T22767] FAT-fs (loop6): error, invalid access to FAT (entry 0xffff0000)
[ 1852.300855][T22767] FAT-fs (loop6): Filesystem has been set read-only
[ 1852.324711][T22767] FAT-fs (loop6): error, corrupted directory (invalid entries)
[ 1852.338962][T24602] EXT4-fs (loop0): Ignoring removed nobh option
[ 1852.342709][T22767] FAT-fs (loop6): error, corrupted directory (invalid entries)
[ 1852.416183][T24602] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[ 1852.430057][T24602] ext4 filesystem being mounted at /220/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1852.471248][T24603] bridge0: port 3(syz_tun) entered disabled state
[ 1852.485967][T24603] device syz_tun left promiscuous mode
[ 1852.495067][T24603] bridge0: port 3(syz_tun) entered disabled state
[ 1852.631873][T24628] binder: 24627:24628 ioctl 400454ca 0 returned -22
[ 1852.739676][T24631] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1852.746920][T24631] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1852.754635][T24631] device bridge_slave_0 entered promiscuous mode
[ 1852.763326][T24631] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1852.770486][T24631] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1852.778163][T24631] device bridge_slave_1 entered promiscuous mode
[ 1852.849149][T24631] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1852.856234][T24631] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1852.863730][T24631] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1852.870793][T24631] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1852.890647][T24654] device veth0_to_bond entered promiscuous mode
[ 1852.899498][T24653] device veth0_to_bond left promiscuous mode
[ 1852.910091][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1852.919488][ T7692] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1852.927235][ T7692] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1852.946019][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1852.954339][ T7692] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1852.961413][ T7692] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1852.968870][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1852.977259][ T7692] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1852.984307][ T7692] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1852.996951][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1853.111475][ T8498] device bridge_slave_1 left promiscuous mode
[ 1853.118204][ T8498] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1853.129669][ T8498] device bridge_slave_0 left promiscuous mode
[ 1853.136821][ T8498] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1853.151483][ T8498] device veth1_macvtap left promiscuous mode
[ 1853.157866][ T8498] device veth0_vlan left promiscuous mode
[ 1853.298972][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1853.313622][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1853.326643][  T479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1853.335334][  T479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1853.343054][  T479] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1853.351791][T24631] device veth0_vlan entered promiscuous mode
[ 1853.362620][  T479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1853.397556][T24631] device veth1_macvtap entered promiscuous mode
[ 1853.405504][T24664] loop5: detected capacity change from 0 to 128
[ 1853.423893][  T479] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1853.438059][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1853.552280][T24669] attempt to access beyond end of device
[ 1853.552280][T24669] loop5: rw=2049, want=1041, limit=128
[ 1853.580358][T24670] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6842'.
[ 1853.626057][T24664] attempt to access beyond end of device
[ 1853.626057][T24664] loop5: rw=524288, want=481, limit=128
[ 1853.639916][T24664] attempt to access beyond end of device
[ 1853.639916][T24664] loop5: rw=524288, want=673, limit=128
[ 1853.659558][T24664] attempt to access beyond end of device
[ 1853.659558][T24664] loop5: rw=0, want=553, limit=128
[ 1853.670990][T24664] attempt to access beyond end of device
[ 1853.670990][T24664] loop5: rw=0, want=553, limit=128
[ 1853.682436][T24664] attempt to access beyond end of device
[ 1853.682436][T24664] loop5: rw=0, want=553, limit=128
[ 1853.698130][T24664] attempt to access beyond end of device
[ 1853.698130][T24664] loop5: rw=0, want=553, limit=128
[ 1854.008308][  T479] attempt to access beyond end of device
[ 1854.008308][  T479] loop5: rw=1, want=545, limit=128
[ 1854.513177][T24707] loop4: detected capacity change from 0 to 512
[ 1854.549864][T24707] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2228: inode #15: comm syz.4.6855: corrupted in-inode xattr
[ 1854.562211][T24707] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.6855: couldn't read orphan inode 15 (err -117)
[ 1854.574619][T24707] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,,errors=continue. Quota mode: none.
[ 1854.589534][T24707] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.6855: dx entry: limit 0 != root limit 125
[ 1854.601378][T24707] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.6855: Corrupt directory, running e2fsck is recommended
[ 1854.724019][T24719] loop7: detected capacity change from 0 to 16
[ 1854.767342][T24719] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1854.780373][T24719] erofs: (device loop7): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1854.790431][T24719] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop7 ino=46
[ 1854.958264][T24721] loop4: detected capacity change from 0 to 1024
[ 1854.976666][T24721] EXT4-fs (loop4): Ignoring removed nobh option
[ 1854.984858][T24721] EXT4-fs (loop4): Unrecognized mount option "uid<00000000000000000000" or missing value
[ 1855.029677][T24729] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6864'.
[ 1855.321769][T24734] loop0: detected capacity change from 0 to 1024
[ 1855.374562][T24743] loop4: detected capacity change from 0 to 512
[ 1855.406294][T24734] EXT4-fs (loop0): Ignoring removed bh option
[ 1855.414255][T24734] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1855.433724][T24734] EXT4-fs (loop0): Ignoring removed nobh option
[ 1855.489914][T24734] EXT4-fs (loop0): Ignoring removed bh option
[ 1855.505889][T24743] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1855.524386][T24734] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1855.579156][T24755] loop5: detected capacity change from 0 to 512
[ 1855.670141][T24734] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,bh,dioread_lock,mblk_io_submit,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1855.751347][T24755] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1855.772514][T24755] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1855.858882][T24775] loop0: detected capacity change from 0 to 512
[ 1855.870018][T24775] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1855.892282][T24775] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1855.993869][T24775] EXT4-fs error (device loop0): ext4_orphan_get:1427: comm syz.0.6879: bad orphan inode 16
[ 1856.155169][T24775] ext4_test_bit(bit=15, block=4) = 0
[ 1856.164741][T24775] EXT4-fs (loop0): 1 orphan inode deleted
[ 1856.188018][T24775] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1856.785502][T24790] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6884'.
[ 1856.827395][T24788] loop5: detected capacity change from 0 to 512
[ 1856.984739][T24788] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2775: inode #12: comm syz.5.6883: corrupted xattr block 142
[ 1857.054750][T24788] EXT4-fs (loop5): Remounting filesystem read-only
[ 1857.073077][T24808] netlink: 84 bytes leftover after parsing attributes in process `syz.1.6892'.
[ 1857.086201][T24806] loop0: detected capacity change from 0 to 2048
[ 1857.104684][T24788] EXT4-fs (loop5): 1 truncate cleaned up
[ 1857.115530][T24788] EXT4-fs (loop5): mounted filesystem without journal. Opts: abort,jqfmt=vfsv0,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,errors=remount-ro,usrjquota=,noload,. Quota mode: none.
[ 1859.088072][   T30] audit: type=1400 audit(2000000004.610:583): avc:  denied  { read } for  pid=24818 comm="syz.4.6896" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1859.120942][T24823] loop5: detected capacity change from 0 to 512
[ 1859.146712][T24823] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1859.158873][   T30] audit: type=1400 audit(2000000004.610:584): avc:  denied  { open } for  pid=24818 comm="syz.4.6896" path="/63/file0/file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1859.230145][T24823] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6895'.
[ 1859.271715][T24836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6903'.
[ 1860.229061][T24858] loop5: detected capacity change from 0 to 16
[ 1860.240665][T24858] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1861.192483][T24874] loop5: detected capacity change from 0 to 512
[ 1861.476717][T24874] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1861.755337][   T30] audit: type=1400 audit(2000000000.020:585): avc:  denied  { setopt } for  pid=24894 comm="syz.1.6921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1862.003131][T24903] binder: 24902:24903 unknown command 0
[ 1862.009196][T24903] binder: 24902:24903 ioctl c0306201 200000000080 returned -22
[ 1862.076085][T24907] loop0: detected capacity change from 0 to 8192
[ 1862.814329][   T30] audit: type=1326 audit(2000000001.070:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24924 comm="syz.7.6932" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f407ae00ec9 code=0x0
[ 1864.882230][T24970] pit: kvm: requested 81295 ns i8254 timer period limited to 200000 ns
[ 1864.891103][   T30] audit: type=1326 audit(2000000001.110:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1864.940533][T24970] pit: kvm: requested 198628 ns i8254 timer period limited to 200000 ns
[ 1864.950999][T24970] pit: kvm: requested 72914 ns i8254 timer period limited to 200000 ns
[ 1864.962062][T24970] pit: kvm: requested 113981 ns i8254 timer period limited to 200000 ns
[ 1864.972287][T24970] pit: kvm: requested 170971 ns i8254 timer period limited to 200000 ns
[ 1864.984469][T24970] pit: kvm: requested 136609 ns i8254 timer period limited to 200000 ns
[ 1865.033204][T24970] pit: kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[ 1865.041943][T24970] pit: kvm: requested 7542 ns i8254 timer period limited to 200000 ns
[ 1865.310084][   T30] audit: type=1326 audit(2000000001.110:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1865.343769][   T30] audit: type=1326 audit(2000000001.110:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1865.444188][   T30] audit: type=1326 audit(2000000001.130:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1865.519701][   T30] audit: type=1326 audit(2000000001.130:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1865.593682][   T30] audit: type=1326 audit(2000000001.170:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1865.654122][   T30] audit: type=1326 audit(2000000001.230:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f407ae33785 code=0x7ffc0000
[ 1865.694548][   T30] audit: type=1326 audit(2000000001.240:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f407ae33785 code=0x7ffc0000
[ 1865.759015][   T30] audit: type=1326 audit(2000000001.240:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f407ae33785 code=0x7ffc0000
[ 1865.834667][   T30] audit: type=1326 audit(2000000001.250:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24969 comm="syz.7.6946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f407ae33785 code=0x7ffc0000
[ 1866.466262][T25015] loop5: detected capacity change from 0 to 512
[ 1866.517160][T25015] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1866.525640][T25019] loop7: detected capacity change from 0 to 128
[ 1866.537497][T25015] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1866.546578][T25015] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e04ce028, mo2=0002]
[ 1866.554822][T25015] System zones: 0-1, 15-15, 18-18, 34-34
[ 1866.559232][T25023] loop0: detected capacity change from 0 to 512
[ 1866.561014][T25015] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1866.573292][T25015] EXT4-fs warning (device loop5): ext4_enable_quotas:6452: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1866.578252][T25019] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1866.593339][T25015] EXT4-fs (loop5): Cannot turn on quotas: error -22
[ 1866.598671][T25019] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1866.616038][T25023] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1866.616131][T25015] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.6959: bg 0: block 40: padding at end of block bitmap is not set
[ 1866.652305][T25015] EXT4-fs (loop5): Remounting filesystem read-only
[ 1866.699122][T25015] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 1866.709336][T25015] EXT4-fs (loop5): Remounting filesystem read-only
[ 1866.716200][T25015] EXT4-fs (loop5): 1 truncate cleaned up
[ 1866.721892][T25015] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,resuid=0x0000000000000000,nojournal_checksum,mblk_io_submit,acl,errors=remount-ro,sysvgroups,. Quota mode: writeback.
[ 1866.758759][T25033] tc_dump_action: action bad kind
[ 1866.789960][T25019] EXT4-fs (loop7): shut down requested (2)
[ 1866.812863][T25019] fscrypt: loop7: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[ 1866.870809][T25019] fscrypt (loop7, inode 13): Error -5 getting encryption context
[ 1866.884166][T25019] EXT4-fs warning (device loop7): ext4_lookup:1870: Inconsistent encryption contexts: 12/13
[ 1867.449853][T25057] loop4: detected capacity change from 0 to 512
[ 1867.464841][T25057] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1867.764744][T25073] loop4: detected capacity change from 0 to 1024
[ 1868.459779][T25073] EXT4-fs (loop4): Ignoring removed oldalloc option
[ 1868.466625][T25073] EXT4-fs (loop4): Ignoring removed bh option
[ 1868.472762][T25073] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1868.567029][T25073] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1869.008647][T25095] loop5: detected capacity change from 0 to 512
[ 1869.029081][T25095] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1869.124145][T25099] loop5: detected capacity change from 0 to 512
[ 1869.181303][T25099] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1869.222859][T25099] ext4 filesystem being mounted at /207/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1869.303317][T25107] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6986'.
[ 1869.565856][T25099] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #2: comm syz.5.6988: corrupted inode contents
[ 1869.876073][T25099] EXT4-fs error (device loop5): ext4_dirty_inode:6071: inode #2: comm syz.5.6988: mark_inode_dirty error
[ 1869.904255][T25099] EXT4-fs error (device loop5): ext4_do_update_inode:5235: inode #2: comm syz.5.6988: corrupted inode contents
[ 1869.906866][T25121] loop7: detected capacity change from 0 to 512
[ 1869.922457][T25099] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.6988: mark_inode_dirty error
[ 1869.974655][T25121] EXT4-fs error (device loop7): ext4_expand_extra_isize_ea:2775: inode #12: comm syz.7.6995: corrupted xattr block 142
[ 1869.987466][T25121] EXT4-fs (loop7): Remounting filesystem read-only
[ 1869.994144][T25121] EXT4-fs (loop7): 1 truncate cleaned up
[ 1869.999984][T25121] EXT4-fs (loop7): mounted filesystem without journal. Opts: abort,jqfmt=vfsv0,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,errors=remount-ro,usrjquota=,noload,. Quota mode: none.
[ 1870.004401][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1870.004413][   T30] audit: type=1400 audit(2000000000.120:605): avc:  denied  { map } for  pid=25098 comm="syz.5.6988" path="/207/bus/memory.events.local" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1870.261788][T25132] loop0: detected capacity change from 0 to 512
[ 1870.459182][T25132] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1870.762752][T25140] loop5: detected capacity change from 0 to 512
[ 1870.825303][T25145] loop7: detected capacity change from 0 to 512
[ 1870.887788][T25145] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1870.895045][T25140] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1870.912057][T25145] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1870.922368][T25140] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1870.933130][T25145] EXT4-fs error (device loop7): ext4_orphan_get:1427: comm syz.7.7003: bad orphan inode 131083
[ 1870.945222][T25145] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue. Quota mode: none.
[ 1870.945360][T25140] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.6999: bad orphan inode 16
[ 1871.075127][T25140] ext4_test_bit(bit=15, block=4) = 0
[ 1871.080502][T25140] EXT4-fs (loop5): 1 orphan inode deleted
[ 1871.086531][T25140] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1871.998110][T25179] loop7: detected capacity change from 0 to 512
[ 1872.045885][T25179] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1872.408174][T25196] loop0: detected capacity change from 0 to 16
[ 1872.905950][T25196] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1872.918960][T25196] erofs: (device loop0): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1872.929008][T25196] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop0 ino=46
[ 1873.062226][T25179] EXT4-fs (loop7): 1 truncate cleaned up
[ 1873.080414][T25179] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1873.525296][T25214] loop0: detected capacity change from 0 to 512
[ 1873.572143][T25214] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1873.645088][T25223] loop4: detected capacity change from 0 to 512
[ 1873.674462][T25214] EXT4-fs error (device loop0): ext4_init_orphan_info:586: comm syz.0.7024: inode #0: comm syz.0.7024: iget: illegal inode #
[ 1873.722589][T25214] EXT4-fs (loop0): Remounting filesystem read-only
[ 1873.729202][T25214] EXT4-fs (loop0): get orphan inode failed
[ 1873.736249][T25214] EXT4-fs (loop0): mount failed
[ 1873.795922][T25223] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1873.808362][T25223] EXT4-fs (loop4): 1 truncate cleaned up
[ 1873.814328][T25223] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1874.719288][T25239] loop7: detected capacity change from 0 to 128
[ 1875.208823][T25239] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1875.287052][T25239] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1875.425818][T25239] EXT4-fs warning (device loop7): verify_group_input:147: Cannot add at group 131079 (only 1 groups)
[ 1875.481866][T25264] input: syz1 as /devices/virtual/input/input9
[ 1877.679543][T25324] loop5: detected capacity change from 0 to 2048
[ 1877.837802][T25324]  loop5: p1 < > p4
[ 1877.857973][T25324] loop5: p4 size 8388608 extends beyond EOD, truncated
[ 1877.877752][T25329] netlink: 'syz.7.7061': attribute type 4 has an invalid length.
[ 1877.985063][  T101]  loop5: p1 < > p4
[ 1877.992724][  T101] loop5: p4 size 8388608 extends beyond EOD, truncated
[ 1878.420174][  T101]  loop5: p1 < > p4
[ 1878.425192][  T101] loop5: p4 size 8388608 extends beyond EOD, truncated
[ 1878.986087][T25354] loop5: detected capacity change from 0 to 512
[ 1879.025365][T20840] udevd[20840]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[ 1879.035641][T25354] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1879.043497][T21473] udevd[21473]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1879.047187][T25354] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1879.082289][T20840] udevd[20840]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[ 1879.083270][T21473] udevd[21473]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1879.114315][T25354] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7070: bad orphan inode 16
[ 1879.132347][T20840] udevd[20840]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[ 1879.145532][T25354] ext4_test_bit(bit=15, block=4) = 0
[ 1879.150839][T25354] EXT4-fs (loop5): 1 orphan inode deleted
[ 1879.157759][T21473] udevd[21473]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1879.167675][T25354] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1879.482488][T25382] loop4: detected capacity change from 0 to 512
[ 1879.515128][T25382] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1879.526641][T25382] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1879.557595][T25382] EXT4-fs error (device loop4): ext4_do_update_inode:5235: inode #2: comm syz.4.7079: corrupted inode contents
[ 1879.570170][T25382] EXT4-fs error (device loop4): ext4_dirty_inode:6071: inode #2: comm syz.4.7079: mark_inode_dirty error
[ 1879.581951][T25382] EXT4-fs error (device loop4): ext4_do_update_inode:5235: inode #2: comm syz.4.7079: corrupted inode contents
[ 1879.594668][T25382] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.7079: mark_inode_dirty error
[ 1879.602534][   T30] audit: type=1400 audit(2000000000.040:606): avc:  denied  { sys_module } for  pid=25387 comm="syz.7.7080" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1879.690552][T25392] netlink: 292 bytes leftover after parsing attributes in process `syz.4.7081'.
[ 1880.313300][   T20] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[ 1880.703375][   T20] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1880.718439][   T20] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1880.736637][   T20] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1880.953473][   T20] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1880.971165][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1881.000276][   T20] usb 5-1: Product: syz
[ 1881.009985][   T20] usb 5-1: Manufacturer: syz
[ 1881.043927][   T20] usb 5-1: SerialNumber: syz
[ 1881.081769][T25424] loop5: detected capacity change from 0 to 512
[ 1881.093937][   T20] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1881.101838][   T20] cdc_ncm 5-1:1.0: bind() failure
[ 1881.120461][T25424] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1881.148104][T25424] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1881.159945][T25424] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7093: bad orphan inode 16
[ 1881.170567][T25424] ext4_test_bit(bit=15, block=4) = 0
[ 1881.176094][T25424] EXT4-fs (loop5): 1 orphan inode deleted
[ 1881.181920][T25424] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1881.182275][T25434] loop0: detected capacity change from 0 to 1024
[ 1881.256217][T25434] EXT4-fs (loop0): Ignoring removed oldalloc option
[ 1881.285276][T25434] EXT4-fs (loop0): Ignoring removed bh option
[ 1881.291505][T25434] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1881.323477][T25434] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1881.541724][   T20] usb 5-1: USB disconnect, device number 12
[ 1881.676581][T25448] loop7: detected capacity change from 0 to 256
[ 1882.424752][T25466] loop0: detected capacity change from 0 to 512
[ 1882.428715][T25468] loop7: detected capacity change from 0 to 512
[ 1882.461213][T25466] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1882.501747][T25468] EXT4-fs (loop7): 1 orphan inode deleted
[ 1882.508048][T25468] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1882.508362][T25476] loop4: detected capacity change from 0 to 16
[ 1882.519886][T25468] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1882.554846][   T30] audit: type=1400 audit(2000000000.000:607): avc:  denied  { create } for  pid=25467 comm="syz.7.7104" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[ 1882.554951][T25468] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1054: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1882.599174][T25466] EXT4-fs (loop0): 1 truncate cleaned up
[ 1882.605972][T25466] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1882.633968][T25476] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1882.643252][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.652708][T25476] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1882.665563][T25476] erofs: (device loop4): z_erofs_readpage: failed to read, err [-117]
[ 1882.680191][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.689638][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.698980][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 42 @ nid 36
[ 1882.708042][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 41 @ nid 36
[ 1882.717084][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.726394][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 40 @ nid 36
[ 1882.735471][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 39 @ nid 36
[ 1882.744542][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 38 @ nid 36
[ 1882.753703][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.762990][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 31 @ nid 36
[ 1882.772086][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 27 @ nid 36
[ 1882.781138][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 26 @ nid 36
[ 1882.790201][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 25 @ nid 36
[ 1882.799248][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 24 @ nid 36
[ 1882.808468][T25476] attempt to access beyond end of device
[ 1882.808468][T25476] loop4: rw=524288, want=848, limit=16
[ 1882.819492][T25476] attempt to access beyond end of device
[ 1882.819492][T25476] loop4: rw=524288, want=13478624104, limit=16
[ 1882.831239][T25476] attempt to access beyond end of device
[ 1882.831239][T25476] loop4: rw=524288, want=13478624080, limit=16
[ 1882.843967][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 87 @ nid 36
[ 1882.848254][T25480] loop5: detected capacity change from 0 to 512
[ 1882.853009][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 86 @ nid 36
[ 1882.853056][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 84 @ nid 36
[ 1882.877347][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 83 @ nid 36
[ 1882.886404][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.895715][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 82 @ nid 36
[ 1882.898764][T25480] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1882.904773][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 81 @ nid 36
[ 1882.904796][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 80 @ nid 36
[ 1882.929942][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 79 @ nid 36
[ 1882.939009][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 78 @ nid 36
[ 1882.941542][T25480] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1882.948060][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 77 @ nid 36
[ 1882.948086][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 76 @ nid 36
[ 1882.948101][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1882.948116][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 75 @ nid 36
[ 1882.994229][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 74 @ nid 36
[ 1883.003288][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 73 @ nid 36
[ 1883.012306][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 72 @ nid 36
[ 1883.021363][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 71 @ nid 36
[ 1883.030518][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 70 @ nid 36
[ 1883.039655][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 61 @ nid 36
[ 1883.048747][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 60 @ nid 36
[ 1883.057807][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 59 @ nid 36
[ 1883.066873][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1883.076179][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 58 @ nid 36
[ 1883.085337][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 57 @ nid 36
[ 1883.094684][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 56 @ nid 36
[ 1883.103861][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 55 @ nid 36
[ 1883.112962][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 54 @ nid 36
[ 1883.122142][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 53 @ nid 36
[ 1883.131213][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 52 @ nid 36
[ 1883.140260][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 51 @ nid 36
[ 1883.140374][T25480] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7110: bad orphan inode 16
[ 1883.149293][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 50 @ nid 36
[ 1883.149314][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 49 @ nid 36
[ 1883.149331][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 48 @ nid 36
[ 1883.176986][T25480] ext4_test_bit(bit=15, block=4) = 0
[ 1883.191788][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 47 @ nid 36
[ 1883.200932][T25476] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1883.210329][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 46 @ nid 36
[ 1883.219514][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 45 @ nid 36
[ 1883.228639][T25476] erofs: (device loop4): z_erofs_readahead: readahead error at page 44 @ nid 36
[ 1883.239224][T25476] attempt to access beyond end of device
[ 1883.239224][T25476] loop4: rw=524288, want=96, limit=16
[ 1883.251706][T25476] attempt to access beyond end of device
[ 1883.251706][T25476] loop4: rw=524288, want=32, limit=16
[ 1883.273580][T25476] attempt to access beyond end of device
[ 1883.273580][T25476] loop4: rw=524288, want=14425508776, limit=16
[ 1883.359136][T25480] EXT4-fs (loop5): 1 orphan inode deleted
[ 1883.364978][T25480] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1884.137862][T25507] loop4: detected capacity change from 0 to 128
[ 1884.175988][T25511] loop7: detected capacity change from 0 to 1024
[ 1884.238543][T25511] EXT4-fs (loop7): Ignoring removed oldalloc option
[ 1884.249031][T25507] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000002,nouid32,,errors=continue. Quota mode: none.
[ 1884.260304][T25511] EXT4-fs (loop7): Ignoring removed bh option
[ 1884.263513][T25507] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1884.291013][   T30] audit: type=1400 audit(2000000001.730:608): avc:  denied  { setattr } for  pid=25506 comm="syz.4.7117" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1884.312465][T25511] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1884.377774][T25511] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1884.417704][   T30] audit: type=1326 audit(2000000001.860:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.464640][   T30] audit: type=1326 audit(2000000001.860:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.488339][   T30] audit: type=1326 audit(2000000001.890:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.513138][   T30] audit: type=1326 audit(2000000001.890:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.537442][   T30] audit: type=1326 audit(2000000001.890:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.594544][T25530] loop4: detected capacity change from 0 to 1024
[ 1884.633239][T25531] loop0: detected capacity change from 0 to 16
[ 1884.633798][   T30] audit: type=1326 audit(2000000001.890:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.643641][T25530] EXT4-fs (loop4): Ignoring removed oldalloc option
[ 1884.699159][T25531] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1884.707430][T25531] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1884.717078][T25531] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1884.730051][T25531] erofs: (device loop0): z_erofs_readpage: failed to read, err [-117]
[ 1884.769475][T25530] EXT4-fs (loop4): Ignoring removed bh option
[ 1884.785890][T25530] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1884.793666][   T30] audit: type=1326 audit(2000000001.890:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1884.988514][   T30] audit: type=1326 audit(2000000001.890:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1885.058193][T25530] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1885.083843][   T30] audit: type=1326 audit(2000000001.890:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1885.143208][   T30] audit: type=1326 audit(2000000001.980:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25517 comm="syz.0.7121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1886.342559][T25571] loop4: detected capacity change from 0 to 1024
[ 1886.471580][T25578] loop7: detected capacity change from 0 to 512
[ 1886.479383][T25571] EXT4-fs (loop4): Ignoring removed oldalloc option
[ 1886.503066][T25571] EXT4-fs (loop4): Ignoring removed bh option
[ 1886.547237][T25571] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1886.623272][T25578] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1886.650448][T25578] ext4 filesystem being mounted at /61/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1886.663436][T25571] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1886.739128][   T30] audit: type=1400 audit(2000000004.180:619): avc:  denied  { read } for  pid=25577 comm="syz.7.7138" name="file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1886.814670][   T30] audit: type=1400 audit(2000000004.210:620): avc:  denied  { watch } for  pid=25577 comm="syz.7.7138" path="/61/file1/file0" dev="loop7" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1886.938731][T25600] loop4: detected capacity change from 0 to 128
[ 1887.031332][T25600] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1887.050689][T25600] ext4 filesystem being mounted at /117/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1887.313636][T25600] EXT4-fs (loop4): shut down requested (2)
[ 1887.324160][T25600] fscrypt (loop4, inode 12): Error -5 getting encryption context
[ 1887.511392][T25614] loop4: detected capacity change from 0 to 16
[ 1887.545683][T25614] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1887.558721][T25614] erofs: (device loop4): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1887.568790][T25614] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop4 ino=46
[ 1887.848813][T25623] loop5: detected capacity change from 0 to 1024
[ 1887.917645][T25623] EXT4-fs (loop5): Ignoring removed oldalloc option
[ 1887.924572][T25623] EXT4-fs (loop5): Ignoring removed bh option
[ 1887.930971][T25623] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1888.143243][T25623] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1888.372666][T25644] loop0: detected capacity change from 0 to 1024
[ 1888.405466][T25646] loop5: detected capacity change from 0 to 512
[ 1888.448118][T25646] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1888.458167][T25644] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1888.485942][T25646] EXT4-fs (loop5): 1 truncate cleaned up
[ 1888.493049][T25644] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[ 1888.494145][T25646] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1888.511326][T25644] System zones: 0-1, 3-36
[ 1888.541267][T25644] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,bsddf,max_dir_size_kb=0x0000000000000002,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[ 1888.665844][T25644] EXT4-fs (loop0): shut down requested (2)
[ 1888.832566][T25665] loop4: detected capacity change from 0 to 512
[ 1888.873976][T25665] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1888.925319][T25665] EXT4-fs (loop4): 1 truncate cleaned up
[ 1888.931227][T25665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1889.160410][   T20] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[ 1889.289015][T25673] input: syz0 as /devices/virtual/input/input10
[ 1889.525903][T25677] loop0: detected capacity change from 0 to 16
[ 1889.544569][   T20] usb 6-1: config 1 has an invalid interface number: 105 but max is 0
[ 1889.595540][T25677] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1889.608493][T25677] erofs: (device loop0): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1889.618518][T25677] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop0 ino=46
[ 1889.716228][   T20] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1889.727456][   T20] usb 6-1: config 1 has no interface number 0
[ 1889.737774][   T20] usb 6-1: config 1 interface 105 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1889.751929][   T20] usb 6-1: config 1 interface 105 has no altsetting 0
[ 1890.069281][   T20] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1890.082270][   T20] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1890.090454][   T20] usb 6-1: Product: syz
[ 1890.094679][   T20] usb 6-1: Manufacturer: syz
[ 1890.099395][   T20] usb 6-1: SerialNumber: syz
[ 1890.324665][   T30] audit: type=1326 audit(2000000007.770:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.329552][T25687] pit: kvm: requested 182704 ns i8254 timer period limited to 200000 ns
[ 1890.348289][   T30] audit: type=1326 audit(2000000007.770:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.361709][T25655] loop5: detected capacity change from 0 to 1024
[ 1890.380553][   T30] audit: type=1326 audit(2000000007.770:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.389906][T25687] pit: kvm: requested 16761 ns i8254 timer period limited to 200000 ns
[ 1890.410569][   T30] audit: type=1326 audit(2000000007.770:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.419178][T25687] pit: kvm: requested 79619 ns i8254 timer period limited to 200000 ns
[ 1890.441274][   T30] audit: type=1326 audit(2000000007.830:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.474062][T25655] EXT4-fs (loop5): Ignoring removed orlov option
[ 1890.487680][   T30] audit: type=1326 audit(2000000007.890:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f01220d2785 code=0x7ffc0000
[ 1890.511289][   T30] audit: type=1326 audit(2000000007.890:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.535117][   T30] audit: type=1326 audit(2000000007.890:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.577147][   T30] audit: type=1326 audit(2000000007.890:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.605221][T25655] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c118, mo2=0002]
[ 1890.606166][T25698] netlink: 'syz.0.7173': attribute type 13 has an invalid length.
[ 1890.614197][T25655] System zones: 0-1, 3-12
[ 1890.624673][   T30] audit: type=1326 audit(2000000007.920:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25686 comm="syz.0.7171" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1890.634816][T25655] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,inlinecrypt,debug,orlov,,errors=continue. Quota mode: none.
[ 1890.742842][   T20] aqc111: probe of 6-1:1.105 failed with error -22
[ 1890.929191][T25710] loop0: detected capacity change from 0 to 512
[ 1891.290304][T25710] EXT4-fs (loop0): Ignoring removed nobh option
[ 1891.303874][T25710] EXT4-fs (loop0): dax option not supported
[ 1892.587239][T25742] loop0: detected capacity change from 0 to 512
[ 1892.601798][T13571] usb 6-1: USB disconnect, device number 5
[ 1892.636850][T25742] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1892.680294][T25742] EXT4-fs (loop0): 1 truncate cleaned up
[ 1892.696647][T25742] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1892.799951][T25761] loop7: detected capacity change from 0 to 512
[ 1892.835347][T25765] loop5: detected capacity change from 0 to 512
[ 1892.848932][T25761] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[ 1892.861667][T25761] EXT4-fs (loop7): Ignoring removed bh option
[ 1892.869756][T25761] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1892.876671][T25761] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1892.888830][T25765] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1892.899697][T25765] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1892.906740][T25761] EXT4-fs (loop7): 1 truncate cleaned up
[ 1892.915375][T25761] EXT4-fs (loop7): mounted filesystem without journal. Opts: inlinecrypt,mblk_io_submit,bh,auto_da_alloc,barrier,test_dummy_encryption,nogrpid,,errors=continue. Quota mode: none.
[ 1892.916694][T25765] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7197: bad orphan inode 16
[ 1893.270946][T25765] ext4_test_bit(bit=15, block=4) = 0
[ 1893.276713][T25765] EXT4-fs (loop5): 1 orphan inode deleted
[ 1893.282595][T25765] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1893.722437][T25792] loop4: detected capacity change from 0 to 16
[ 1893.790089][T25792] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1893.812891][T25792] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1893.830819][T25792] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1893.868748][T25792] erofs: (device loop4): z_erofs_readpage: failed to read, err [-117]
[ 1894.519866][T25827] loop5: detected capacity change from 0 to 16
[ 1894.605415][T25827] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1894.709185][T25835] loop7: detected capacity change from 0 to 512
[ 1894.740992][T25835] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1894.756849][T25835] EXT4-fs (loop7): 1 truncate cleaned up
[ 1894.762756][T25835] EXT4-fs (loop7): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb2,debug_want_extra_isize=0x0000000000000008,lazytime,nombcache,nolazytime,noquota,,errors=continue. Quota mode: none.
[ 1894.998821][T25850] loop7: detected capacity change from 0 to 256
[ 1895.025562][T25850] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1895.076129][T25850] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[ 1895.107961][T25850] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1895.459143][T25860] input: syz0 as /devices/virtual/input/input12
[ 1895.519587][T25868] loop7: detected capacity change from 0 to 512
[ 1895.552682][T25866] loop0: detected capacity change from 0 to 2048
[ 1895.686961][T25874] sit: Src spoofed 0.0.0.0/2002:0:400:: -> 0.0.0.0/::b975:7ea6:70d2:80:0:7d
[ 1895.704918][T25874] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7234'.
[ 1895.806306][T25868] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c119, mo2=0002]
[ 1895.865194][T25866] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue. Quota mode: writeback.
[ 1895.887146][T25868] System zones: 0-2, 18-18, 34-35
[ 1895.905717][T25868] EXT4-fs (loop7): mounted filesystem without journal. Opts: nombcache,debug,norecovery,,errors=continue. Quota mode: writeback.
[ 1895.949613][T25868] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1896.053282][T25866] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.7233: bg 0: block 234: padding at end of block bitmap is not set
[ 1896.092430][T25866] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1394 with error 28
[ 1896.107634][T25883] loop7: detected capacity change from 0 to 4096
[ 1896.114578][T25866] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1896.114578][T25866] 
[ 1896.124414][T25866] EXT4-fs (loop0): Total free blocks count 0
[ 1896.130470][T25866] EXT4-fs (loop0): Free/Dirty block details
[ 1896.136673][T25866] EXT4-fs (loop0): free_blocks=0
[ 1896.141657][T25866] EXT4-fs (loop0): dirty_blocks=1408
[ 1896.147605][T25866] EXT4-fs (loop0): Block reservation details
[ 1896.153782][T25866] EXT4-fs (loop0): i_reserved_data_blocks=88
[ 1896.200240][T25883] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1896.211240][T25883] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0002]
[ 1896.219694][T25883] System zones: 0-5
[ 1896.224152][T25883] EXT4-fs (loop7): mounted filesystem without journal. Opts: debug,stripe=0x0000000000000061,journal_ioprio=0x0000000000000002,test_dummy_encryption=v1,nodiscard,data_err=ignore,acl,journal_ioprio=0x0000000000000000,resuid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[ 1896.318040][T25895] loop0: detected capacity change from 0 to 16
[ 1896.354230][T25895] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1896.697447][T25902] loop5: detected capacity change from 0 to 256
[ 1896.726605][T25902] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1896.737380][T25902] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1896.747272][T25902] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1897.243846][T25918] loop5: detected capacity change from 0 to 16
[ 1897.429991][T25918] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1897.627316][T25932] loop0: detected capacity change from 0 to 256
[ 1898.462963][T25932] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1898.523977][T25938] loop7: detected capacity change from 0 to 1024
[ 1898.649464][T25932] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1899.030424][T25932] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[ 1899.083811][T25930] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1899.876130][T25968] loop0: detected capacity change from 0 to 128
[ 1899.902212][   T30] kauditd_printk_skb: 21 callbacks suppressed
[ 1899.902228][   T30] audit: type=1400 audit(2000000017.320:652): avc:  denied  { setopt } for  pid=25966 comm="syz.0.7261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1899.993332][T25968] FAT-fs (loop0): error, corrupted directory (invalid entries)
[ 1900.000909][T25968] FAT-fs (loop0): Filesystem has been set read-only
[ 1901.198888][T25989] loop4: detected capacity change from 0 to 16
[ 1901.226845][T25989] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1901.237664][T25989] erofs: (device loop4): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1901.247674][T25989] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop4 ino=46
[ 1901.782168][  T909] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 1901.926815][T25991] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1902.042066][  T909] usb 1-1: Using ep0 maxpacket: 32
[ 1902.212103][  T909] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1902.222056][  T909] usb 1-1: config 0 has no interface number 0
[ 1902.392112][  T909] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1902.406409][  T909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1902.414633][  T909] usb 1-1: Product: syz
[ 1902.436680][  T909] usb 1-1: Manufacturer: syz
[ 1902.441425][  T909] usb 1-1: SerialNumber: syz
[ 1902.447638][  T909] usb 1-1: config 0 descriptor??
[ 1902.521596][  T909] smsc95xx v2.0.0
[ 1902.784923][T26022] loop5: detected capacity change from 0 to 1024
[ 1902.809153][T26022] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1902.821723][T26022] EXT4-fs (loop5): Ignoring removed orlov option
[ 1902.834238][T26025] loop4: detected capacity change from 0 to 512
[ 1902.835244][T26022] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,mb_optimize_scan=0x0000000000000001,quota,,errors=continue. Quota mode: writeback.
[ 1902.874425][T26025] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1902.881702][T26025] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1902.904070][T26025] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.7281: bad orphan inode 16
[ 1902.917403][T26025] ext4_test_bit(bit=15, block=4) = 0
[ 1902.923177][T26025] EXT4-fs (loop4): 1 orphan inode deleted
[ 1902.929032][T26025] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1903.182078][  T909] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[ 1903.192942][  T909] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[ 1903.222615][  T909] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1903.234777][  T909] smsc95xx: probe of 1-1:0.67 failed with error -71
[ 1903.246595][  T909] usb 1-1: USB disconnect, device number 8
[ 1904.955505][T26079] loop4: detected capacity change from 0 to 256
[ 1905.009458][T26073] loop7: detected capacity change from 0 to 512
[ 1905.075835][T26079] exfat: Deprecated parameter 'utf8'
[ 1905.159336][T26079] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x2e76b09e, utbl_chksum : 0xe619d30d)
[ 1905.212873][T26073] EXT4-fs error (device loop7): ext4_get_journal_inode:5151: comm syz.7.7295: inode #196608: comm syz.7.7295: iget: illegal inode #
[ 1905.279401][T26073] EXT4-fs (loop7): no journal found
[ 1905.299223][T26073] EXT4-fs (loop7): can't get journal size
[ 1905.320214][T26073] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[ 1905.334216][T26073] EXT4-fs (loop7): Errors on filesystem, clearing orphan list.
[ 1905.358349][T26073] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="jqfmt=vfsv0,noload,noblock_validity,grpjquota="errors=continue,resuid=0x0000000000000000,i_version,,errors=continue. Quota mode: writeback.
[ 1905.474245][T26098] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7304'.
[ 1905.490680][T26098] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1905.497942][T26098] IPv6: NLM_F_CREATE should be set when creating new route
[ 1905.505222][T26098] IPv6: NLM_F_CREATE should be set when creating new route
[ 1906.512733][T26132] loop5: detected capacity change from 0 to 1024
[ 1906.580796][T26132] EXT4-fs (loop5): Ignoring removed oldalloc option
[ 1906.591899][T26132] EXT4-fs (loop5): Ignoring removed bh option
[ 1906.598157][T26132] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1906.678638][T26132] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1907.905727][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1908.052187][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1908.085821][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1908.106251][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1908.123701][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1908.132156][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1908.141493][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1908.150809][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1908.430939][T26176] loop7: detected capacity change from 0 to 1024
[ 1908.439316][T26182] loop5: detected capacity change from 0 to 1024
[ 1908.472080][T26186] 9pnet: Insufficient options for proto=fd
[ 1908.483731][T26176] EXT4-fs (loop7): Ignoring removed oldalloc option
[ 1908.490377][T26176] EXT4-fs (loop7): Ignoring removed bh option
[ 1908.510081][T26176] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1908.602550][T26182] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1908.624640][T26182] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1908.669350][T26182] EXT4-fs error (device loop5): ext4_map_blocks:740: inode #15: block 3: comm syz.5.7332: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1908.687334][T26176] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1909.242862][   T30] audit: type=1400 audit(2000000026.691:653): avc:  denied  { execute } for  pid=26181 comm="syz.5.7332" path="/258/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1909.269722][T26182] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1909.376129][T26182] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1909.376129][T26182] 
[ 1909.396254][T26202] EXT4-fs error (device loop5): ext4_map_blocks:630: inode #15: block 3: comm syz.5.7332: lblock 3 mapped to illegal pblock 3 (length 1)
[ 1909.716127][T26207] EXT4-fs error (device loop5): ext4_ext_remove_space:2929: inode #15: comm syz.5.7332: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1909.785280][T26207] EXT4-fs error (device loop5) in ext4_setattr:5639: Corrupt filesystem
[ 1910.829201][T26240] loop7: detected capacity change from 0 to 16
[ 1910.836983][  T909] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1910.944719][T26240] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1910.958638][T26240] erofs: (device loop7): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1910.968659][T26240] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop7 ino=46
[ 1911.131624][  T909] usb 6-1: Using ep0 maxpacket: 16
[ 1911.261652][  T909] usb 6-1: config 0 has an invalid interface number: 4 but max is 0
[ 1911.276696][  T909] usb 6-1: config 0 has no interface number 0
[ 1911.284922][  T909] usb 6-1: config 0 interface 4 has no altsetting 0
[ 1911.354246][T26268] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1911.881806][  T909] usb 6-1: New USB device found, idVendor=05ac, idProduct=12a8, bcdDevice=b0.17
[ 1911.907226][  T909] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1911.919657][  T909] usb 6-1: Product: syz
[ 1911.927074][  T909] usb 6-1: Manufacturer: syz
[ 1911.935041][  T909] usb 6-1: SerialNumber: syz
[ 1911.944386][  T909] usb 6-1: config 0 descriptor??
[ 1912.064490][T26284] overlayfs: failed to clone upperpath
[ 1912.377281][  T909] usb 6-1: USB disconnect, device number 6
[ 1912.435951][T26305] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1912.452530][T26308] overlayfs: failed to clone upperpath
[ 1912.458878][T26305] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1912.502197][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1912.515895][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1912.542976][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1912.580780][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1912.611658][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1912.628481][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1912.646558][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1912.674762][ T7692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1912.905782][   T30] audit: type=1400 audit(2000000000.060:654): avc:  denied  { execute_no_trans } for  pid=26326 comm="syz.5.7384" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=5288 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1913.095845][T26332] loop5: detected capacity change from 0 to 8192
[ 1913.251457][T26332]  loop5: p2 p3 p4[EZD]
[ 1913.256257][T26332] loop5: p3 start 360447 is beyond EOD, truncated
[ 1913.262739][T26332] loop5: p4 size 264072 extends beyond EOD, truncated
[ 1913.287588][T26334] loop6: detected capacity change from 0 to 7
[ 1913.640168][T26335] loop5: detected capacity change from 0 to 1024
[ 1914.006698][T26347] netlink: 188 bytes leftover after parsing attributes in process `syz.1.7392'.
[ 1914.363032][T26363] loop4: detected capacity change from 0 to 1024
[ 1914.371735][T26364] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7394'.
[ 1915.229042][T26363] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[ 1915.320854][T26363] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1915.479273][T26393] netlink: 188 bytes leftover after parsing attributes in process `syz.5.7404'.
[ 1916.402558][   T30] audit: type=1400 audit(2000000003.560:655): avc:  denied  { create } for  pid=26410 comm="syz.4.7416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1916.880224][   T30] audit: type=1400 audit(2000000003.980:656): avc:  denied  { execmem } for  pid=26421 comm="syz.4.7419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 1917.294847][T26429] netlink: 188 bytes leftover after parsing attributes in process `syz.7.7421'.
[ 1917.351822][   T30] audit: type=1400 audit(2000000004.440:657): avc:  denied  { create } for  pid=26423 comm="syz.7.7421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1917.379417][   T30] audit: type=1400 audit(2000000004.440:658): avc:  denied  { write } for  pid=26423 comm="syz.7.7421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1917.673090][   T30] audit: type=1400 audit(2000000004.440:659): avc:  denied  { nlmsg_write } for  pid=26423 comm="syz.7.7421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1917.758476][   T30] audit: type=1400 audit(2000000004.450:660): avc:  denied  { getopt } for  pid=26423 comm="syz.7.7421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1918.245642][   T30] audit: type=1400 audit(2000000005.400:661): avc:  denied  { mount } for  pid=26453 comm="syz.1.7431" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[ 1918.299726][   T30] audit: type=1400 audit(2000000005.440:662): avc:  denied  { mounton } for  pid=26458 comm="syz.1.7434" path="/522/file0" dev="tmpfs" ino=2800 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[ 1918.325502][T26464] sit: Src spoofed 0.0.0.0/2002:0:400:: -> 0.0.0.0/::b975:7ea6:70d2:80:0:7d
[ 1918.336165][T26464] netlink: 44 bytes leftover after parsing attributes in process `syz.7.7432'.
[ 1919.053429][T26476] netlink: 188 bytes leftover after parsing attributes in process `syz.4.7436'.
[ 1919.462297][T26485] loop5: detected capacity change from 0 to 128
[ 1919.898914][T26485] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1919.987538][T26485] ext4 filesystem being mounted at /272/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1920.091064][   T30] audit: type=1326 audit(2000000001.220:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26498 comm="syz.0.7446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1920.211954][   T30] audit: type=1326 audit(2000000001.220:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26498 comm="syz.0.7446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f012209fec9 code=0x7ffc0000
[ 1921.111520][T26526] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7456'.
[ 1922.309710][T26554] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7465'.
[ 1922.479313][T26566] sit: Src spoofed 0.0.0.0/2002:0:400:: -> 0.0.0.0/::b975:7ea6:70d2:80:0:7d
[ 1922.489396][T26566] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7468'.
[ 1924.143058][T26603] netlink: 44 bytes leftover after parsing attributes in process `syz.0.7483'.
[ 1924.641339][T26612] loop4: detected capacity change from 0 to 256
[ 1924.671261][T26616] loop5: detected capacity change from 0 to 512
[ 1924.694393][T26616] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1924.704846][T26612] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f78e84, utbl_chksum : 0xe619d30d)
[ 1924.708056][T26616] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1924.744098][T26616] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7486: bad orphan inode 16
[ 1924.754694][T26616] ext4_test_bit(bit=15, block=4) = 0
[ 1924.759982][T26616] EXT4-fs (loop5): 1 orphan inode deleted
[ 1924.765802][T26616] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1924.833056][T26625] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1924.840303][T26625] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1925.568363][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1925.568379][   T30] audit: type=1400 audit(2000000004.220:673): avc:  denied  { mounton } for  pid=26643 comm="syz.1.7496" path="/537/file0" dev="tmpfs" ino=2880 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1925.598035][   T30] audit: type=1400 audit(2000000004.230:674): avc:  denied  { write } for  pid=26643 comm="syz.1.7496" name="file0" dev="tmpfs" ino=2880 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1925.642978][   T30] audit: type=1400 audit(2000000004.230:675): avc:  denied  { open } for  pid=26643 comm="syz.1.7496" path="/537/file0" dev="tmpfs" ino=2880 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1925.992005][T26658] loop4: detected capacity change from 0 to 256
[ 1926.001421][T26658] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1926.012068][T26658] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1926.020652][T26658] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x000003d0, checksum : 0x1119abd0)
[ 1926.031048][T26658] exFAT-fs (loop4): invalid boot region
[ 1926.209388][T26658] exFAT-fs (loop4): failed to recognize exfat type
[ 1926.354077][T26663] loop4: detected capacity change from 0 to 16
[ 1926.380989][T26663] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1926.540953][T26665] loop5: detected capacity change from 0 to 512
[ 1926.550364][T26665] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1926.558050][T26665] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1926.572326][T26665] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7503: bad orphan inode 16
[ 1926.582878][T26665] ext4_test_bit(bit=15, block=4) = 0
[ 1926.588416][T26665] EXT4-fs (loop5): 1 orphan inode deleted
[ 1926.594425][T26665] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1926.886681][T26673] netlink: 76 bytes leftover after parsing attributes in process `syz.0.7506'.
[ 1927.069021][T26686] loop4: detected capacity change from 0 to 1024
[ 1927.082665][T26686] EXT4-fs (loop4): Ignoring removed oldalloc option
[ 1927.089376][T26686] EXT4-fs (loop4): Ignoring removed bh option
[ 1927.095699][T26686] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1927.124292][T26686] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,mb_optimize_scan=0x0000000000000001,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[ 1927.396596][T26694] loop4: detected capacity change from 0 to 16
[ 1927.405976][T26694] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1927.651592][T26706] loop5: detected capacity change from 0 to 512
[ 1927.798068][T26711] loop7: detected capacity change from 0 to 16
[ 1927.814839][T26706] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2775: inode #11: comm syz.5.7519: corrupted xattr block 95
[ 1927.828290][T26706] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.7519: bg 0: block 7: invalid block bitmap
[ 1927.828465][T26711] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1927.852717][T26706] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 1927.873680][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1927.944768][T26711] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1927.960141][T26711] erofs: (device loop7): z_erofs_readpage: failed to read, err [-117]
[ 1927.974107][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1927.983664][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1927.992998][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 42 @ nid 36
[ 1928.002077][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 41 @ nid 36
[ 1928.011203][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.020516][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 40 @ nid 36
[ 1928.029602][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 39 @ nid 36
[ 1928.038675][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 38 @ nid 36
[ 1928.048039][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.057372][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 31 @ nid 36
[ 1928.066504][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 27 @ nid 36
[ 1928.075605][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 26 @ nid 36
[ 1928.084670][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 25 @ nid 36
[ 1928.093737][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 24 @ nid 36
[ 1928.103142][T26711] attempt to access beyond end of device
[ 1928.103142][T26711] loop7: rw=524288, want=848, limit=16
[ 1928.114243][T26711] attempt to access beyond end of device
[ 1928.114243][T26711] loop7: rw=524288, want=13478624104, limit=16
[ 1928.126084][T26711] attempt to access beyond end of device
[ 1928.126084][T26711] loop7: rw=524288, want=13478624080, limit=16
[ 1928.138780][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 87 @ nid 36
[ 1928.147864][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 86 @ nid 36
[ 1928.156985][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 84 @ nid 36
[ 1928.166070][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 83 @ nid 36
[ 1928.175148][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.184566][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 82 @ nid 36
[ 1928.193673][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 81 @ nid 36
[ 1928.202749][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 80 @ nid 36
[ 1928.211820][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 79 @ nid 36
[ 1928.220886][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 78 @ nid 36
[ 1928.229947][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 77 @ nid 36
[ 1928.239021][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 76 @ nid 36
[ 1928.248117][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.257492][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 75 @ nid 36
[ 1928.266574][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 74 @ nid 36
[ 1928.275653][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 73 @ nid 36
[ 1928.284804][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 72 @ nid 36
[ 1928.293878][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 71 @ nid 36
[ 1928.302952][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 70 @ nid 36
[ 1928.312247][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 61 @ nid 36
[ 1928.321326][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 60 @ nid 36
[ 1928.330369][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 59 @ nid 36
[ 1928.339448][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.348786][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 58 @ nid 36
[ 1928.357868][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 57 @ nid 36
[ 1928.366960][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 56 @ nid 36
[ 1928.376065][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 55 @ nid 36
[ 1928.385135][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 54 @ nid 36
[ 1928.394200][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 53 @ nid 36
[ 1928.403279][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 52 @ nid 36
[ 1928.412352][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 51 @ nid 36
[ 1928.421422][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 50 @ nid 36
[ 1928.430472][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 49 @ nid 36
[ 1928.439566][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 48 @ nid 36
[ 1928.448656][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 47 @ nid 36
[ 1928.457732][T26711] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1928.467055][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 46 @ nid 36
[ 1928.476129][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 45 @ nid 36
[ 1928.485207][T26711] erofs: (device loop7): z_erofs_readahead: readahead error at page 44 @ nid 36
[ 1928.494314][T26711] attempt to access beyond end of device
[ 1928.494314][T26711] loop7: rw=524288, want=96, limit=16
[ 1928.505237][T26711] attempt to access beyond end of device
[ 1928.505237][T26711] loop7: rw=524288, want=32, limit=16
[ 1928.516193][T26711] attempt to access beyond end of device
[ 1928.516193][T26711] loop7: rw=524288, want=14425508776, limit=16
[ 1928.578760][T26706] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2941: inode #11: comm syz.5.7519: corrupted xattr block 95
[ 1928.610818][T26706] EXT4-fs warning (device loop5): ext4_evict_inode:303: xattr delete (err -117)
[ 1928.630668][T26706] EXT4-fs (loop5): 1 orphan inode deleted
[ 1928.630751][   T30] audit: type=1326 audit(2000000007.290:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.636519][T26706] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1928.676934][   T30] audit: type=1326 audit(2000000007.290:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.700587][   T30] audit: type=1326 audit(2000000007.330:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.703953][T26725] loop4: detected capacity change from 0 to 512
[ 1928.743048][   T30] audit: type=1326 audit(2000000007.330:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.770271][   T30] audit: type=1326 audit(2000000007.330:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.802269][   T30] audit: type=1326 audit(2000000007.330:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.834973][T26725] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1928.846147][   T30] audit: type=1326 audit(2000000007.330:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26717 comm="syz.7.7523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1928.872326][T26725] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1928.893401][T26725] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.7525: bad orphan inode 16
[ 1928.910731][T26725] ext4_test_bit(bit=15, block=4) = 0
[ 1928.916284][T26725] EXT4-fs (loop4): 1 orphan inode deleted
[ 1928.928951][T26725] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1930.691549][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1930.802676][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1930.811181][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1930.822890][T26768] loop5: detected capacity change from 0 to 512
[ 1930.830004][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1930.838312][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1930.847173][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1930.875794][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1930.900604][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1930.936966][T26768] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1930.954727][T26776] overlayfs: failed to set xattr on upper
[ 1930.968485][T26776] overlayfs: ...falling back to index=off,metacopy=off.
[ 1930.979803][T26776] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[ 1930.989945][T26768] EXT4-fs (loop5): 1 truncate cleaned up
[ 1930.997851][T26768] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,block_validity,init_itable=0x000000007fffffff,. Quota mode: none.
[ 1931.037904][T26782] loop4: detected capacity change from 0 to 16
[ 1931.104101][T26782] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1931.166413][T26782] erofs: (device loop4): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1931.224464][T26782] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop4 ino=46
[ 1931.990978][T26792] loop5: detected capacity change from 0 to 512
[ 1932.017024][T26792] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1932.025750][T26792] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1932.050632][T26792] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7546: bad orphan inode 16
[ 1932.091212][T26792] ext4_test_bit(bit=15, block=4) = 0
[ 1932.096523][T26792] EXT4-fs (loop5): 1 orphan inode deleted
[ 1932.117345][T26792] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1932.899454][T26815] device sit0 left promiscuous mode
[ 1933.060780][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1933.088370][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1933.150844][T26817] serio: Serial port ptm0
[ 1933.168515][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1933.190730][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1933.199782][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1933.230821][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1933.740298][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1933.740314][   T30] audit: type=1400 audit(2000000004.950:686): avc:  denied  { read } for  pid=26847 comm="syz.4.7564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1933.981762][T26861] loop5: detected capacity change from 0 to 512
[ 1934.009813][T26861] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[ 1934.017497][T26861] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1934.040672][T26861] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.7567: bad orphan inode 16
[ 1934.052711][T26861] ext4_test_bit(bit=15, block=4) = 0
[ 1934.058129][T26861] EXT4-fs (loop5): 1 orphan inode deleted
[ 1934.065122][T26861] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,max_dir_size_kb=0x000000000000004a,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,acl,mblk_io_submit,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,bsdgroups,,errors=continue. Quota mode: none.
[ 1935.728901][T26910] loop5: detected capacity change from 0 to 16
[ 1935.790508][T26910] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1935.823722][T26910] erofs: (device loop5): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1935.862500][T26910] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop5 ino=46
[ 1936.147222][T26920] overlayfs: failed to resolve './file0': -2
[ 1936.154280][   T30] audit: type=1400 audit(2000000007.380:687): avc:  denied  { remount } for  pid=26919 comm="syz.0.7586" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1937.736609][T26945] device wg1 left promiscuous mode
[ 1937.753710][T26945] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[ 1937.753753][T26945] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[ 1937.843695][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1937.848868][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1937.851189][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1937.852626][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1937.854582][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1937.856105][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1937.859488][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1937.862373][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1938.859853][T26971] loop7: detected capacity change from 0 to 128
[ 1939.030996][T26984] 9pnet: Insufficient options for proto=fd
[ 1940.258465][T27011] loop5: detected capacity change from 0 to 128
[ 1941.027384][T27011] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1941.042759][T27011] ext4 filesystem being mounted at /304/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1941.567822][   T30] audit: type=1400 audit(2000000012.790:688): avc:  denied  { write } for  pid=27046 comm="syz.5.7624" name="unix" dev="proc" ino=4026532448 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 1941.964681][T27053] loop7: detected capacity change from 0 to 512
[ 1941.990159][T27053] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1942.051979][T27053] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[ 1942.063423][T27053] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.7626: invalid indirect mapped block 2683928664 (level 1)
[ 1942.083226][T27053] EXT4-fs (loop7): 1 truncate cleaned up
[ 1942.090921][T27053] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=continue,minixdf,jqfmt=vfsv0,usrjquota=.",errors=continue. Quota mode: writeback.
[ 1942.239945][   T30] audit: type=1400 audit(2000000013.470:689): avc:  denied  { read } for  pid=27052 comm="syz.7.7626" name="file1" dev="loop7" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1942.421809][T27072] overlayfs: failed to get index nlink (file0/file1, err=-61)
[ 1942.690774][T27077] netlink: 188 bytes leftover after parsing attributes in process `syz.4.7632'.
[ 1943.024495][T27082] loop4: detected capacity change from 0 to 128
[ 1943.201184][T27082] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1943.229798][T27082] ext4 filesystem being mounted at /209/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1944.220727][T27118] loop7: detected capacity change from 0 to 16
[ 1944.559565][T27118] erofs: (device loop7): mounted with root inode @ nid 36.
[ 1944.582900][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.592636][T27118] erofs: (device loop7): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851]
[ 1944.604861][T27118] erofs: (device loop7): z_erofs_readpage: failed to read, err [-117]
[ 1944.616692][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.626057][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.635410][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 42 @ nid 36
[ 1944.644689][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 41 @ nid 36
[ 1944.653772][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.663106][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 40 @ nid 36
[ 1944.672828][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 39 @ nid 36
[ 1944.682017][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 38 @ nid 36
[ 1944.691308][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.700725][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 31 @ nid 36
[ 1944.709951][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 27 @ nid 36
[ 1944.719043][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 26 @ nid 36
[ 1944.728132][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 25 @ nid 36
[ 1944.737245][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 24 @ nid 36
[ 1944.752978][T27118] attempt to access beyond end of device
[ 1944.752978][T27118] loop7: rw=524288, want=848, limit=16
[ 1944.764114][T27118] attempt to access beyond end of device
[ 1944.764114][T27118] loop7: rw=524288, want=13478624104, limit=16
[ 1944.765541][T27130] loop5: detected capacity change from 0 to 1024
[ 1944.780281][T27118] attempt to access beyond end of device
[ 1944.780281][T27118] loop7: rw=524288, want=13478624080, limit=16
[ 1944.794323][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 87 @ nid 36
[ 1944.803646][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 86 @ nid 36
[ 1944.812786][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 84 @ nid 36
[ 1944.821856][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 83 @ nid 36
[ 1944.831072][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.840435][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 82 @ nid 36
[ 1944.849551][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 81 @ nid 36
[ 1944.858879][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 80 @ nid 36
[ 1944.868187][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 79 @ nid 36
[ 1944.877408][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 78 @ nid 36
[ 1944.886626][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 77 @ nid 36
[ 1944.896356][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 76 @ nid 36
[ 1944.908663][T27130] EXT4-fs (loop5): Ignoring removed nobh option
[ 1944.908837][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1944.928920][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 75 @ nid 36
[ 1944.938361][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 74 @ nid 36
[ 1944.939172][T27130] EXT4-fs error (device loop5): ext4_ext_check_inode:501: inode #11: comm syz.5.7650: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1944.966351][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 73 @ nid 36
[ 1944.966588][T27130] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.7650: couldn't read orphan inode 11 (err -117)
[ 1944.987634][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 72 @ nid 36
[ 1944.988004][T27130] EXT4-fs (loop5): mounted filesystem without journal. Opts: sysvgroups,grpjquota=,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue. Quota mode: writeback.
[ 1945.100201][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 71 @ nid 36
[ 1945.116378][T27137] loop4: detected capacity change from 0 to 128
[ 1945.125350][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 70 @ nid 36
[ 1945.135498][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 61 @ nid 36
[ 1945.145367][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 60 @ nid 36
[ 1945.146652][T27130] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:476: comm syz.5.7650: Invalid block bitmap block 0 in block_group 0
[ 1945.168166][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 59 @ nid 36
[ 1945.168627][T27130] Quota error (device loop5): write_blk: dquota write failed
[ 1945.275577][T27130] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[ 1945.276842][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1945.295128][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 58 @ nid 36
[ 1945.304613][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 57 @ nid 36
[ 1945.320334][T27130] EXT4-fs error (device loop5): ext4_acquire_dquot:6200: comm syz.5.7650: Failed to acquire dquot type 0
[ 1945.329086][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 56 @ nid 36
[ 1945.404452][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 55 @ nid 36
[ 1945.404876][T27137] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1945.424677][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 54 @ nid 36
[ 1945.430433][T27137] ext4 filesystem being mounted at /211/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1945.469665][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 53 @ nid 36
[ 1945.479006][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 52 @ nid 36
[ 1945.488191][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 51 @ nid 36
[ 1945.497583][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 50 @ nid 36
[ 1945.506813][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 49 @ nid 36
[ 1945.516084][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 48 @ nid 36
[ 1945.610946][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 47 @ nid 36
[ 1945.620781][T27118] erofs: (device loop7): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[ 1945.620999][ T7692] EXT4-fs error (device loop5): __ext4_get_inode_loc:4352: comm kworker/u4:4: Invalid inode table block 18446744065119617025 in block_group 0
[ 1945.847463][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 46 @ nid 36
[ 1945.858477][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 45 @ nid 36
[ 1945.879277][T27118] erofs: (device loop7): z_erofs_readahead: readahead error at page 44 @ nid 36
[ 1945.888651][T27118] attempt to access beyond end of device
[ 1945.888651][T27118] loop7: rw=524288, want=96, limit=16
[ 1945.900289][T27118] attempt to access beyond end of device
[ 1945.900289][T27118] loop7: rw=524288, want=32, limit=16
[ 1945.911640][T27118] attempt to access beyond end of device
[ 1945.911640][T27118] loop7: rw=524288, want=14425508776, limit=16
[ 1945.994267][T27157] loop4: detected capacity change from 0 to 512
[ 1946.001605][T27157] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[ 1946.013152][T27157] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1946.019601][T27157] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:510: comm syz.4.7659: Block bitmap for bg 0 marked uninitialized
[ 1946.033083][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.039816][T27157] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 1946.048875][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.055650][T27157] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:510: comm syz.4.7659: Block bitmap for bg 0 marked uninitialized
[ 1946.069026][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.075543][T27157] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 1946.084505][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.091063][T27157] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:510: comm syz.4.7659: Block bitmap for bg 0 marked uninitialized
[ 1946.104419][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.111115][T27157] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6178: Corrupt filesystem
[ 1946.119994][T27157] EXT4-fs (loop4): Remounting filesystem read-only
[ 1946.126617][T27157] EXT4-fs (loop4): 1 orphan inode deleted
[ 1946.132442][T27157] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nolazytime,. Quota mode: none.
[ 1946.739339][T27175] binder: 27174:27175 ioctl 4018620d 0 returned -22
[ 1946.993921][T27184] loop7: detected capacity change from 0 to 128
[ 1947.002415][T27184] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1947.013140][T27184] ext4 filesystem being mounted at /161/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1947.186981][T27196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7669'.
[ 1948.870725][T27252] loop5: detected capacity change from 0 to 16
[ 1948.901432][T27252] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1948.912413][T27252] erofs: (device loop5): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1948.922394][T27252] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop5 ino=46
[ 1949.150236][T27254] loop4: detected capacity change from 0 to 128
[ 1949.198804][T27258] 9pnet: p9_errstr2errno: server reported unknown error �@cƒF	ÿÿÿÿÿÿÿÿ00000000000000000000005ÿÿÿÿ
[ 1949.213831][T27254] FAT-fs (loop4): Directory bread(block 414) failed
[ 1949.228395][T27254] FAT-fs (loop4): Directory bread(block 415) failed
[ 1949.241949][T27254] FAT-fs (loop4): Directory bread(block 416) failed
[ 1949.259404][T27254] FAT-fs (loop4): Directory bread(block 417) failed
[ 1949.278667][T27254] FAT-fs (loop4): Directory bread(block 418) failed
[ 1949.298809][T27254] FAT-fs (loop4): Directory bread(block 419) failed
[ 1949.306857][T27254] FAT-fs (loop4): Directory bread(block 420) failed
[ 1949.317996][T27254] FAT-fs (loop4): Directory bread(block 421) failed
[ 1949.339016][T27254] FAT-fs (loop4): Directory bread(block 414) failed
[ 1949.348011][T27254] FAT-fs (loop4): Directory bread(block 415) failed
[ 1950.417836][T27299] loop4: detected capacity change from 0 to 16
[ 1950.450925][T27299] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1950.754626][T27311] loop5: detected capacity change from 0 to 16
[ 1950.851943][T27311] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1950.862686][T27311] erofs: (device loop5): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1950.872690][T27311] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop5 ino=46
[ 1951.809260][ T7352] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[ 1952.239365][ T7352] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1952.252931][ T7352] usb 6-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00
[ 1952.262075][ T7352] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1952.281764][ T7352] usb 6-1: config 0 descriptor??
[ 1952.296753][T27348] overlayfs: failed to clone upperpath
[ 1952.309971][T27350] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7724'.
[ 1952.759915][ T7352] ntrig 0003:1B96:0010.0003: ignoring exceeding usage max
[ 1952.767718][ T7352] ntrig 0003:1B96:0010.0003: item fetching failed at offset 5/7
[ 1952.775548][ T7352] ntrig 0003:1B96:0010.0003: parse failed
[ 1952.781323][ T7352] ntrig: probe of 0003:1B96:0010.0003 failed with error -22
[ 1952.968341][T27363] binder: BINDER_SET_CONTEXT_MGR already set
[ 1952.974415][T27363] binder: 27360:27363 ioctl 4018620d 200000000040 returned -16
[ 1953.025300][ T7352] usb 6-1: USB disconnect, device number 7
[ 1953.120593][T27367] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7731'.
[ 1953.269690][T27378] binder: 27377:27378 ioctl c0306201 0 returned -14
[ 1953.713689][   T30] audit: type=1326 audit(2000000001.290:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.737251][   T30] audit: type=1326 audit(2000000001.290:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.760806][   T30] audit: type=1326 audit(2000000001.290:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.791302][   T30] audit: type=1326 audit(2000000001.290:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.823691][   T30] audit: type=1326 audit(2000000001.290:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.919159][   T30] audit: type=1326 audit(2000000001.290:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.942810][   T30] audit: type=1326 audit(2000000001.290:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.966424][   T30] audit: type=1326 audit(2000000001.290:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1953.990123][   T30] audit: type=1326 audit(2000000001.390:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27383 comm="syz.4.7737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fcf294e5ec9 code=0x7ffc0000
[ 1954.116556][T27399] netlink: 44 bytes leftover after parsing attributes in process `syz.0.7742'.
[ 1954.479109][   T30] audit: type=1326 audit(2000000000.090:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27417 comm="syz.7.7750" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f407ae00ec9 code=0x7ffc0000
[ 1954.572462][T27428] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7753'.
[ 1954.825430][T27442] binder: 27441:27442 ioctl c0306201 0 returned -14
[ 1955.055770][T27449] ==================================================================
[ 1955.063993][T27449] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1955.073204][T27449] Read of size 1 at addr ffff88810d860bf8 by task syz.7.7761/27449
[ 1955.081088][T27449] 
[ 1955.083410][T27449] CPU: 0 PID: 27449 Comm: syz.7.7761 Tainted: G        W         syzkaller #0
[ 1955.092249][T27449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1955.102303][T27449] Call Trace:
[ 1955.105571][T27449]  <TASK>
[ 1955.108486][T27449]  __dump_stack+0x21/0x30
[ 1955.112807][T27449]  dump_stack_lvl+0xee/0x150
[ 1955.117385][T27449]  ? show_regs_print_info+0x20/0x20
[ 1955.122568][T27449]  ? load_image+0x3a0/0x3a0
[ 1955.127058][T27449]  ? unwind_get_return_address+0x4d/0x90
[ 1955.132684][T27449]  print_address_description+0x7f/0x2c0
[ 1955.138214][T27449]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1955.144701][T27449]  kasan_report+0xf1/0x140
[ 1955.149104][T27449]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1955.155600][T27449]  __asan_report_load1_noabort+0x14/0x20
[ 1955.161222][T27449]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[ 1955.167540][T27449]  xfrm_policy_inexact_insert_node+0x938/0xb50
[ 1955.173679][T27449]  ? xfrm_netlink_rcv+0x72/0x90
[ 1955.178516][T27449]  ? netlink_unicast+0x876/0xa40
[ 1955.183435][T27449]  ? netlink_sendmsg+0x86a/0xb70
[ 1955.188355][T27449]  ? ____sys_sendmsg+0x5a2/0x8c0
[ 1955.193277][T27449]  ? ___sys_sendmsg+0x1f0/0x260
[ 1955.198112][T27449]  ? x64_sys_call+0x4b/0x9a0
[ 1955.202687][T27449]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1955.208745][T27449]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[ 1955.214889][T27449]  xfrm_policy_inexact_insert+0x70/0x1130
[ 1955.220597][T27449]  ? __get_hash_thresh+0x10c/0x420
[ 1955.225690][T27449]  ? policy_hash_bysel+0x110/0x4f0
[ 1955.230794][T27449]  xfrm_policy_insert+0x126/0x9a0
[ 1955.235803][T27449]  ? xfrm_policy_construct+0x54f/0x1f00
[ 1955.241333][T27449]  xfrm_add_policy+0x4d1/0x830
[ 1955.246082][T27449]  ? xfrm_dump_sa_done+0xc0/0xc0
[ 1955.251014][T27449]  xfrm_user_rcv_msg+0x45c/0x6e0
[ 1955.255938][T27449]  ? xfrm_netlink_rcv+0x90/0x90
[ 1955.260779][T27449]  ? avc_has_perm_noaudit+0x460/0x460
[ 1955.266143][T27449]  ? x64_sys_call+0x4b/0x9a0
[ 1955.270714][T27449]  ? selinux_nlmsg_lookup+0x237/0x4c0
[ 1955.276071][T27449]  netlink_rcv_skb+0x1e0/0x430
[ 1955.280818][T27449]  ? xfrm_netlink_rcv+0x90/0x90
[ 1955.285654][T27449]  ? netlink_ack+0xb60/0xb60
[ 1955.290222][T27449]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1955.296793][T27449]  ? __netlink_lookup+0x387/0x3b0
[ 1955.301802][T27449]  xfrm_netlink_rcv+0x72/0x90
[ 1955.306464][T27449]  netlink_unicast+0x876/0xa40
[ 1955.311210][T27449]  netlink_sendmsg+0x86a/0xb70
[ 1955.315957][T27449]  ? netlink_getsockopt+0x530/0x530
[ 1955.321142][T27449]  ? sock_alloc_file+0xba/0x260
[ 1955.325976][T27449]  ? security_socket_sendmsg+0x82/0xa0
[ 1955.331419][T27449]  ? netlink_getsockopt+0x530/0x530
[ 1955.336599][T27449]  ____sys_sendmsg+0x5a2/0x8c0
[ 1955.341349][T27449]  ? __sys_sendmsg_sock+0x40/0x40
[ 1955.346356][T27449]  ? import_iovec+0x7c/0xb0
[ 1955.350845][T27449]  ___sys_sendmsg+0x1f0/0x260
[ 1955.355510][T27449]  ? __sys_sendmsg+0x250/0x250
[ 1955.360262][T27449]  ? __fdget+0x1a1/0x230
[ 1955.364494][T27449]  __x64_sys_sendmsg+0x1e2/0x2a0
[ 1955.369417][T27449]  ? ___sys_sendmsg+0x260/0x260
[ 1955.374252][T27449]  ? __kasan_check_write+0x14/0x20
[ 1955.379346][T27449]  ? switch_fpu_return+0x15d/0x2c0
[ 1955.384445][T27449]  x64_sys_call+0x4b/0x9a0
[ 1955.388842][T27449]  do_syscall_64+0x4c/0xa0
[ 1955.393241][T27449]  ? clear_bhb_loop+0x50/0xa0
[ 1955.397905][T27449]  ? clear_bhb_loop+0x50/0xa0
[ 1955.402567][T27449]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1955.408456][T27449] RIP: 0033:0x7f407ae00ec9
[ 1955.412857][T27449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1955.432448][T27449] RSP: 002b:00007f4079869038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1955.440843][T27449] RAX: ffffffffffffffda RBX: 00007f407b057fa0 RCX: 00007f407ae00ec9
[ 1955.448800][T27449] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[ 1955.456754][T27449] RBP: 00007f407ae83f91 R08: 0000000000000000 R09: 0000000000000000
[ 1955.464706][T27449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1955.472658][T27449] R13: 00007f407b058038 R14: 00007f407b057fa0 R15: 00007ffc692b6d38
[ 1955.480615][T27449]  </TASK>
[ 1955.483613][T27449] 
[ 1955.485918][T27449] Allocated by task 27449:
[ 1955.490307][T27449]  __kasan_kmalloc+0xda/0x110
[ 1955.494973][T27449]  __kmalloc+0x13d/0x2c0
[ 1955.499201][T27449]  sk_prot_alloc+0xed/0x320
[ 1955.503685][T27449]  sk_alloc+0x38/0x430
[ 1955.507732][T27449]  pfkey_create+0x12a/0x660
[ 1955.512219][T27449]  __sock_create+0x38d/0x7a0
[ 1955.516880][T27449]  __sys_socket+0xec/0x190
[ 1955.521275][T27449]  __x64_sys_socket+0x7a/0x90
[ 1955.525932][T27449]  x64_sys_call+0x8c5/0x9a0
[ 1955.530418][T27449]  do_syscall_64+0x4c/0xa0
[ 1955.534990][T27449]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1955.540870][T27449] 
[ 1955.543173][T27449] The buggy address belongs to the object at ffff88810d860800
[ 1955.543173][T27449]  which belongs to the cache kmalloc-1k of size 1024
[ 1955.557205][T27449] The buggy address is located 1016 bytes inside of
[ 1955.557205][T27449]  1024-byte region [ffff88810d860800, ffff88810d860c00)
[ 1955.570631][T27449] The buggy address belongs to the page:
[ 1955.576237][T27449] page:ffffea0004361800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d860
[ 1955.586452][T27449] head:ffffea0004361800 order:3 compound_mapcount:0 compound_pincount:0
[ 1955.594753][T27449] flags: 0x4000000000010200(slab|head|zone=1)
[ 1955.600821][T27449] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043080
[ 1955.609401][T27449] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 1955.617958][T27449] page dumped because: kasan: bad access detected
[ 1955.624349][T27449] page_owner tracks the page as allocated
[ 1955.630038][T27449] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1f2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_MEMALLOC|__GFP_HARDWALL), pid 21070, ts 1713454445000, free_ts 1713162005567
[ 1955.651639][T27449]  post_alloc_hook+0x192/0x1b0
[ 1955.656389][T27449]  prep_new_page+0x1c/0x110
[ 1955.660873][T27449]  get_page_from_freelist+0x2cc5/0x2d50
[ 1955.666406][T27449]  __alloc_pages+0x18f/0x440
[ 1955.670980][T27449]  new_slab+0xa1/0x4d0
[ 1955.675033][T27449]  ___slab_alloc+0x381/0x810
[ 1955.679609][T27449]  __slab_alloc+0x49/0x90
[ 1955.683921][T27449]  __kmalloc_track_caller+0x169/0x2c0
[ 1955.689275][T27449]  __alloc_skb+0x21a/0x740
[ 1955.693677][T27449]  __napi_alloc_skb+0x162/0x2e0
[ 1955.698508][T27449]  page_to_skb+0x287/0xb60
[ 1955.702917][T27449]  receive_buf+0xc64/0x4ad0
[ 1955.707419][T27449]  virtnet_poll+0x545/0xef0
[ 1955.711901][T27449]  __napi_poll+0xbe/0x590
[ 1955.716213][T27449]  net_rx_action+0x371/0x8e0
[ 1955.720783][T27449]  handle_softirqs+0x250/0x560
[ 1955.725530][T27449] page last free stack trace:
[ 1955.730176][T27449]  free_unref_page_prepare+0x542/0x550
[ 1955.735616][T27449]  free_unref_page+0xa2/0x550
[ 1955.740274][T27449]  __free_pages+0x6c/0x100
[ 1955.744678][T27449]  __free_slab+0xe8/0x1e0
[ 1955.748995][T27449]  __unfreeze_partials+0x160/0x190
[ 1955.754091][T27449]  put_cpu_partial+0xc6/0x120
[ 1955.758754][T27449]  __slab_free+0x1d4/0x290
[ 1955.763152][T27449]  ___cache_free+0x104/0x120
[ 1955.767723][T27449]  qlink_free+0x4d/0x90
[ 1955.771859][T27449]  qlist_free_all+0x5f/0xb0
[ 1955.776341][T27449]  kasan_quarantine_reduce+0x14a/0x170
[ 1955.781782][T27449]  __kasan_slab_alloc+0x2f/0xf0
[ 1955.786614][T27449]  slab_post_alloc_hook+0x4f/0x2b0
[ 1955.791707][T27449]  kmem_cache_alloc+0xf7/0x260
[ 1955.796453][T27449]  __alloc_skb+0xe0/0x740
[ 1955.800765][T27449]  netlink_sendmsg+0x602/0xb70
[ 1955.805511][T27449] 
[ 1955.807821][T27449] Memory state around the buggy address:
[ 1955.813426][T27449]  ffff88810d860a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1955.821465][T27449]  ffff88810d860b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1955.829503][T27449] >ffff88810d860b80: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[ 1955.837537][T27449]                                                                 ^
[ 1955.845661][T27449]  ffff88810d860c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1955.853727][T27449]  ffff88810d860c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1955.861763][T27449] ==================================================================
[ 1955.869802][T27449] Disabling lock debugging due to kernel taint