last executing test programs:

24.413276272s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20)
ustat(0x8, &(0x7f0000000100))

24.356531631s ago: executing program 3:
r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000002f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0xedaaa4e2537566fb, 0x0)

24.270922144s ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x63)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x0, 0xf2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x48, 0x0, 0x0)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
mkdirat(r0, &(0x7f0000000140)='./file0\x00', 0x20)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000324000/0x2000)=nil, 0x1000})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001880)=ANY=[@ANYBLOB="010369a252b93ac50448aed5af060a48cab4065eb218dd875675ae0c4c6fdfc7bcb5e59fc84d8ee735992082d88f3ddccf46d330fb671f8214e4581de1caf4b3555588d1cd8886c3da81e6d23a2bd4a2c705c3be7d84b52c30973ed672bc494711e0575b61fcfd94010275c1d27211ac1b0068fde80c6d94244e70eda4dcf7a469cabaa23de758e1c03e07554620a61a26243a6b83613ac29ef05c1a608c3263964663ab6968ba39055b60faac6023db2eb44d66c2fe385374ac05d68f9b1fda3cb7db0baee86c70eb83842f112f5982462b5c9a0a25e60b784d002c4e463853a0704e895ed54550a638ae907dcff369dcf93e776d0e1dd4a0f4437afcf31e9261640db6de3bf81ded532e8f0faa1363c21202f85c335c45d110a37870d9ec8f97fa2dd868c2dc8ed5c17f5f5b027502d54738a20b874dd1c1734e86a33a9023972aa6345db340feb3fe7235431c658992478b9314ca0176b7cb6b39448e2bf7a8427e28a83365cde7c65fa224d7563fd505fea225f20cdb03fd7c3d1b9e12d40d256b02d09959a4eca38c0554cef38556c71dd3aa889073be6f45ee4d8894fc1c15af3ee2dfb391cae78e1e52955b19b7d8e1bc1f6cb24206e24c1191f79e8983ceeb64e1c5516cccf82a3f6270796211d6071db20553fd095bb812a0a5dfd7b83af3e1de216f5661519f3a22bbf5093a78c9deebea9f89d593770c40330726ac8417f9f1e6e2f326df41f7f781cee2a3632935dd226d2c7a9a8ed027a337055129d5608aa387bc1d2f19f49a5a525c61cfba251674692057f8f9557b68b9e0a884441b9505c9c20bddf68f8d3a8e03508c308672084479388ff6b0de6f4e678cfce9de4d4e9005bf66a11b404fd7f6acaea0304085babc4395d3ac12049e12f5bba5c7f0b3da4275237f55cd597be11ae155676af01b6d8844c06dcf498148dadf99eb5c314c6bf5a4428019212a5c01dfd42cc3970ce32809be01db9cdc6df90f3342b91c00b4447ca31e83a2a3b989ebcbd4714e5a75bb3de6cf1b5a14e22ccb7945050be7133b10b1fe3246c005fcf2a5774318e40e47be6bffc7551e8c4f9d243347a624a5e4358e246d640e35daf9ebdaf8293956a02cb5d092175c0a9a7e6fd71e499258b0ffca9fff81267d30aec4df8571af00091d5b683ad3adf3ccb05819fa5cc41059058976256fd295dae6fbb129b3d96ab74e58f383abccf0675d430ec16b2532cd661e055bf1d310798ef44611a994611662de12f52cdf6ef0d98709f31c14907dc2f52eaf8806735a2d5eb04f3d849bb5c3a9238f5e7d120cc115b21aaaefcf6bfb7a038935d2148f6573aeb55da7033761de870f4419d39e80087c602865f3aa88abe2d831dcb272f8b25935c6f804b1c1babfbd9677b1dff5ee9c6ecaf3471947433a9d0ee06baa4a9f23cd957fa58381fefe87c742dd1bab318857f7aaaef6d5dcbe95226ed664315a43a0fae82a8730471f1b0cee9103c65ecd9f4996064fcb6b18400b796de1a19b22dd72469bb469116a45df59deb82490a301f5c71051a9587e2430dce76b968e43039ae59aa3d012caa92c957e1af1e0ed980ca70049f8454f74518e7053919321312f989fcd5b3645a992f6243a4fee7fe99965b2902f56796c4789413daaff9e7d5c3d6c89761871966868aff89e48f4b518ff9079ac52375d1e61cd9f3c4888bb5f24275e62ac5873d79c5e117943c0fd46636669d87d1ed6e63ac6823fb049021be4a8897e34bee77643d16e17c0a30c0f086d273116871838789292355c588d89377c8cd9b412841f56ba4b4435fb551900744ac5011820b12444bdf0d8f42063dad3b8b4d6b75b729068e698731460a1ae2da72b4fcbc1bfc5787dcf9acf1cfabf5144369a877255eea6395ae6a02dc48682ac666744b006e555d15e9cd4bce6030fcfbca91fd443bc2b8590cad5ea273fcad031f5802eb8626f7806cbd817d263472dffc8d866d15b28eec269b26bc388499e97fb36c6cf1027d3fe2f74f099996fcfeb98914c193b56f195c3fafa426c967112ed3de069fe4395f45072a78f83b6ded19fd5e22a0ec92be34b0af4e191f18d7c68074947e816ed06bf556992a779c948eb724bb5552aa00949a46617ab616b7face346edea9effccc80fe091abbe31d155a6e5954b8553a8e877037c58a37706dd3e485634e620bef3eb59fc1d37d6284d105c3a85c3c4c56c391d8557855b6497afe93724036199f1a9da58a55fee61ea0c623870a56d6c6b08990f41d8988770379552c199f1d87eb436ac6a0a03ab65ee0cf3e3000102e6f4cb6695f9e4ab7b3f42421a215de0d36ad0d252c7fb1750108c1d496536d6d46b22add9b212991709e4e03e3cca8ae54625b25f3db2b002411620adc94c63a13169b8aaea19286abcc12801a6ed80d9c794e0dc106784dc976a75e7193476e1e97e4e90cdaf24201427709a615abf047c398d815f4cc4c1119a406c2365dc85a9efcf4437a920c257bad4f792d59fa7c701a38334d883f0434caf9ce33d47c07e28e022256b8308b2c44762eac19c31a4d627a3b605235e5116e4b5455f647ef031bc638710534623f697000702750e6f54012ee00390227e262d09931b213cfeb9e3c6cc9005e90345daca03dbcac4f992d18bcdb14d9af557ec0d0cde26d3d3cd3721b4cf04c386a03037a0f0d9f70757a5394dadbb63d6b1d3ab00bad0f4340b7e00f9f24ae312d05295c734d1a5f066e1fe1de8ac208a5fd3867797b02b120bab340ca31af5b247fb757f27e8375e176dc779a7c3483eff7e548736b756c4eed3abad425c050b4fcce55f1f004ff8bce195bdcc78fc87e582998924c4716f40c2d620f748fb88e0ab683f2294507642883e132341b10e71f52ae8", @ANYBLOB="d2ac5629fd011a18ad971852ca18533b8ebcd18256e3621cc8bfcb6439e5fb5074f21bb7a0e337ff97a1d2cbd6e9ff49edb6e3be8c7662f2d2cbc1caec465309b88814de1c51ddfeefe5e43278c81afc2dfae334c5ff5146ccb0b1bee7207a289359a5c4920f2a9a06f6397be6e9b148acf5636866a59caa097a3743d8c4b85e2515c016c140ac71c30f89c9430a5866e336c9bce8b14c672f34aea152fbe8416caa1b660c5cdba680f63a25c9fc822ac176020dd7de5e91d73dabdcf5295579058e3fc9bfff1822cf603dc38479c5fa959b1f862cbc28d6d9e817e3bc366b4fd003a32c4634503d66b86d5fecfd5ea7eba4bbc0695affc4ef33b8d5e876454d84f8227c44c85974816fde18ed79a005a288fddca303cd1fefcef55b077b0712a5cb29ff98d26ef5b87e20501239e4c6f78ca3a9f5aee37bcd1ac62f28abafe77a10e9fbf3aa74646349bb0ded2ee2ff7321968da81e421fe2d3fb8f680c4601500433f96be2a2cef1e51c7d65714c9bbe1a8451aebbf1b51209224eebdaec7770bece9f66e03ab4799414b2ae0d71b6de7a4e26cd0c964234d6b6dc15dd943f5bbec889b332d92454f334e13d635b8a6a9d715fbe80c11a30eb5b84f46305450eb603b90f4eafa4a001deb36626cb21781d77fac6760ad60af748722feff49117b6887901db075807ac9ef08aaa00bc57fb4ffdaab8072e3551261c1afa4c32bd2c71401f06f55f7acf34f2a6fdb09a5d0102524e0d2992ba1ed9039c834f5e93f59b2af465828a834ea55bb896b621ecad1ab96dbd39f60d0012b6cc5dcfa7fa65d3c3dc12ac0023a4c53fb863d4e0b9f2c5281ea3e55f42cdff0d764a77b5acca4b948ec337f0b6fa25c5a7bb48d5bd21878addceff6a8dbc4a566260c2c08dd9d22535e6ba8856e5d4f837ea24da2d547d5b15c8d30d7f3a5f00f801172a3ff2596a78aa0a862719082ea430d9c2393ef28d880479a5d406b21b01b78ceee41062036ee91bc8116966416ea5abb13b721f6a5eacf8b81fd744b6781e84f1373934393b72e8cee594c18b7c8756d8c8e172702a4d43378db54ef1eb73eb6d6672625b5a855f88256f76f0199c240da8c03a491f7e98cd9c25ac2a1cfb76b6289ccbc1516730f9f3f7e25d7c627de5fab37bc7e71c3c5b729b31619123e5872590da60edbefb9faf7a5ffeb42a04ba4cb5263d1ddbd79c33db79aeb5fdb159d8dc6f0af0781866ce21e6ec87164f193daaa7ee975be326bfac562d40afcdeda0e7211f5c4bc3b8e9ae0d5c904627b94d3083c7d3186188a31c15fda3e7d19eea175070068a2c36563b484c2fdb018a4bd67f0189bacaed5922a8703beb312ac66d375e6f2ad26a8bf183188d4e534b09686211bf609e2ed133b8521c5b1d1b700911854b9960724d348af3c4e9d5626c85600146d1b51ca49b70d76911c6b196906a25a20372982ac1968b5447fd560bd7d120dc1ba0907380f46b531ee233c4ac794997ce2338ce7ad91350e81defd3a09692385c3d3bf13c69114d71f4959b822d7da3ef754308118bbc0c92e03d82758d8419f4ec30f1d5977af8005cc2e7bdf64644133a516c68ce20ab66970e5adb2ebd181a0ad285a824826fd675e30ed8d59c541ae6667464080fc4f7d0ba9bbaa08fdd9542d0b8fb64d9b960ed221f21f45fda8019842c695ccd6178c88b91b03f6e14ebe96f045549be96a690ad55976a0ec5c0ab81e87ee84f2c83c0ef4c4ef7152c6e956027d548e6784f0ee025db8d97f77ae9f513a62cef3d40354a6fed64274e1ea6e0adac3483f4db131455c6f0d8ac5157dd36acca140742d300ef891df32a1ba9479edddd9843e136e2676edb400af7e4b1f9dac26211fecf1ea5e317d8f69087431013315131d5d9542808d9d105202a23cfb3c8e698a449bc760df357cbe62602f95702772ff7ff46afe5d1e70a797d129f67c5b0171d0e0582210615c4dce0d6771992ea1c211cc0ab269c80244814feca6805a0e5edbc70968aa0bcb890765801a6c69933aa7ef54a751b8d4dd935f14b18fa1904be1b39d7455e113bb11d4c5fa61811ca13d1a16700bb30e62c52b890ea42d0d4e6c0ce58fd85016aa8e76a2d3fac29fffa7161d66d6d5461ef267f0e3431d82da0095b11a8a261b059028d1228a4d0d70edf2062bf5e6ab17a55fd1bf5f8645ef6665febd4c87a92773eb0ffde1d06ff396d9a6d27e78d1dfc86343922f56ae6962c3f4bca7f9aa1a825b6e5b22cdfbe2e193f27b76862725703d4779a06f53a063746da880a20a2ba3dcebf3f8a31f75f55e04de133955b3e7e51c490e256be2d4e0b1e8106ad03aa09f09394d219cef951d3b1fc6b9ee3e815ae51512ce3d23911f06041b8d4dc6183053a33795311d98257f3c30743ac2ed47e698c63d22c13e7016ad7fa35823a0926c7e292f31a608002f7cd8ba224750389b52ec6c37862222c7c96bdd34bf1ffd760b56db2a74acacfa62d99da1c500e5cce354e7021cfb40c1b77fc4beaa3c0de7a730eeb381bc2287d05087de2c9dd2ff76ef505489f9a71d0a12e73569bea595364b38f0aefa4bcf655e38d3a3df8262fe82e4989c028b9e8653c13fbb35cae0981086ebaf577511ad96277148a9e395d12a16920f379892d8bdeb6811838b081ab1dfbd14e1b8c0ccb60b771fa97737b89539274cb5f45696bd45db105851d2ea1282638f410b679f9c110a4e75c03cb56f7e3179e18f7b6c9d5622f6b2b25c282a35db8ac8e39f83a13bef5078552b8021912f75b96f965e61bd32ad231cdd56c0493ca2c5997e73bbf04aeff4ca98e8d92a91129660324fde3507f044c7ba24718e2e59422cd521816e21b5fefc9406555529f63ba615947ea526a92a9100395cf811a9fc5fe8137044a241f940bf6758c12a953559a6edb17432eff163dd50f7fc018194102718cd2159fa8537b4496358876cbbdfcb97c574d3522a72666db112d44fa21ff2656b99d0322326ae23b5a360ec45189fabd3b12d11718b06101e279780013db498cf69031d71654a57a107cf238ad0661d545f32eafaa9752988f53cbe165cd6d51f8f25a3739bf3f240c0fbd64335b80f99462b9ca9e42b5f735b51231dd3fae1f2b47b93240a2bfc978de64f0f268c2035ab67832d54491433411714d3ce3da987b7711a824f55eb8c3c2c119377719ede9c2afb7f0e03d61a661a363fc18ff909cc63894b39dccce2aeb1cf685830f0bedf3449e652afcb9b9672b22baad24618a97813f11139d6667fc9402a130d67b6c87842e465bee8868a7732a564c68f97e3cb83289cb6b9cd3f7223b45bd982f5f1d079e80b330b148dcd2419a642a5256739e447e765cb44b32fcf8073d7623a2a341c301addef1279251d0ecce8f023b1ddcae460f1e57062a191271e47d78ff4c2b1c3169b9590a1b6c96f4a35c4562803126d6d97f80e21913f49a4e33aa64f4a5b6e543404892c70434b64e34e270a8ed5703fb54576155a88bba0bcb8dd5ad5ff2e2c14eddc5492c807dff3423bacbb010a650cde5d5a9dcd192a64eaef62d7c97c5539687dffbb7d1cfb071dbfd8eaa0bbbbb363445bd00bb5ab2e1d4f3cb3263ba76206f2ce397aa307ebd22c9e2fac9f11d2d16ccb0c3c11b1f934035b56ab20de77fa1fa3228ee99886c95801a87d1d7d5e8813279d0d92d7b4a4b49fd4105ad2c13847eb98c450898d6af127b7df767c0198604e8408da2f4ac15a5c1064754810b2b3666d2c2f789747b6dc6c3d5cff7236a03d1e6a66a5baaa645691df2ec1b1f9e171f445a14e3714f8d9ff57e9775ffeee180e62a92ad1fb39298a2d94d3cb590ad261434f4c1a5ec486816d821c87f9a7ea08b55bdb00c6ff542c0050765fc37d0d955bc660497c11e07847646883c5e5ab781d986ded47917e87b5ba7f8e95d38a08b429f00f746a05064b6560577a2969c60ea2c50a9053eb758484e70b36bea57eedefa09d20d1bacfd72067a3f984d91d38a13f38118d84115d00d826162283dfd00a5f6b80fb8465e8ea76b9f4264bb4b5f65b27655582fd277b115368ee2d5dccdf22d0be6118292f5a379fa3e6f9baf12c817a3c4a25619e221647ad2ee2f0afb3ac65536ac2600175af2e87328ca6874f2ce05e003f2f50a31bd808b1277fb3df3d25428e3fe9ca6be58b7f2953a5a8a18ad12d06d953e7532c72748cbb4c1808fbd00762731dc2150a9f101c3aa1f1b716be54790892c1786ffbaa72dcf7178244cb3478dd1f0061525bc0361e9ecc6a1e47c960e4923b6dfffe14679c64d767de32337f9480f51342779cc774c952590d2ab5c3a46074afa964d09699bd1163961321aae2b0e5c44a3c814c192e2a9e9c697a7ba7b9fe034545705e27911508a47163be38852bc21db68360b040f90a6f3a5af3c35dd24e13ef27f3d1b8d1a10d78d73e3023b8e33e84a7b4ce3903780d302feb143e54c6bc3e927210745e09086396ca79d1f0bff4f7b4683b1f1261ace078aeb16d80dfeda93e3a550b802fc5e6385fb8bc3cddf1a3eb205e35129b83d1d9e26240349d2d1dc36ab227f6322ee5c254bea8ca6364c4e2b300b4164743bd2a6372d7831a25cd52767966d16a5e6e7530d545ffb0fa96abd781376dbd3cef3f8b1aac4dd2134c3d422a64401aa12330a3603c8ba2bdfedc3c760f0e0249c96b6cf9c225c8eeab827f28c818ae735bff3c5511e28137a31cbaaf5f18fc746d0285c6e3116c140da99ee164f49ad8088b5af3ff2e56870b3b2bc6453982f5fc12e245ee4fab50a39a1d79647ae919e3a45ffa1eb332959e1891b9e06ba6bb9dccc2b3c4b89ffe65435d33ac18b4052e01eabafb6ecc7ab5c37b8f49259d3119e12aebd6d2d8e60b1a38480b1961dd3debfd14aa580789e1cf89ef1b01eb572b3bbb4ce0375e215a82188e2b04357c4232f20b919a6c3cd0f4cd15b34487ac6b3fe7b65ccae0ab01e3c5b3a067c2aca717fcc3744d3238bcffdf1d00a5fe4aac7ea45025e90b98f347c35745069ae28f6d6f64d508335d926590e7d305caebce3a19f7478fa825327b97789e07f9d2512bde7abbd72057feb7bd212a7f3f5cc7c4f7df168a528cd215e9b1b6d15dc7b8e5dfa4d74463c7e433c83daddf12d2a1796fed2f5d1e549b62d780adad07b5396ba7633b019212ed7b0ed6dbcd7803cfb758c07ebe6ca76634b24edb43f1b9ed48bf739988f2dc7fb15c8b6e4aa51d8fa9b994b90ea401fb03eb0ca441ca0ea4d829b01798f08f697bda89311588ac2821bf4ae6e87be6b1d5a132c0cc1f643e697bef05c365e2d91f504191a301659c3d5730606856aacf53154163cc5ceb4335a9c9b70ccfd86f6a1ed4d61214b32555d95a54543aeb76e754daad307be482fc27509cf3eabf8423a60869d08a7ccc71dfbfa972354120fd27c8ee0524b0a", @ANYRES16=r1], 0x38}}, 0x4000050)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

23.572147913s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
clock_settime(0x0, 0x0)

23.465133419s ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
getresgid(0x0, 0x0, 0x0)

23.410314368s ago: executing program 3:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getregs(0x4207, r1, 0x0, 0x0)

19.587348991s ago: executing program 1:
open(&(0x7f0000000000)='./file0\x00', 0x80ff, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000080))
fcntl$setlease(r0, 0x400, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/140, 0x8c}], 0x1, 0x0, 0x0)

19.050446064s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000020bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e024334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd617545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d36c309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r0, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6)

19.0122039s ago: executing program 1:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
fcntl$setpipe(r0, 0x407, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/124, 0x7c)
write$char_usb(r1, &(0x7f0000001540)="f7", 0x1)

18.865650023s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
getrlimit(0x0, 0x0)

18.790608334s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000008900000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000007500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='ext4_allocate_inode\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x26e1, 0x0)

18.734756293s ago: executing program 1:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getregs(0x4203, r1, 0x0, 0x0)

3.985324972s ago: executing program 4:
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0xc0ed0040, &(0x7f0000000000)={[{@prjquota}, {@jqfmt_vfsv0}, {@dioread_lock}]}, 0xfe, 0x470, &(0x7f0000000940)="$eJzs3MtvVFUYAPDvTqel5WER8QGCVtFIfLS0PGThRqOJC40musC4qtNCkIEaWhMhRNEFxrgwJO6NSxP/Ale6MerKxC3uDYkxbEBXY87MvdAOM7WPaac4v19y4Zx773DOd889M+eeM0MAPWsk/ZFFbI2IKxExHBHl5hNGGn/duHah8ve1C5UsarU3/srSy+L6tQuV/J+ob8mWxo5aLc9valHupbcjJqvV6bN5fmzu9Htjs+fOP3Py9OSJ6RPTZyaOHj10cO/AkYnDHYkzxXV994cze3a9/NblVyvHLr/z87epvlvz40UcnTTSuLotPd7pwrps27x0Vu5iRViW1G79+XYlhqMvhm4eG46XPulq5YA1VavVaq0+n3MXa8D/WBbdrgHQHcUHfXr+LbZ1GnpsCH8+35jwSHHfyLfGkXKU8nP6m55vO2kwIo5d/OertMUazUMAAMz3fRr/PN1q/FeK++add1e+hrI9Iu6OiB0RcU9E7IyIeyPq594fEQ8ss/zmFZLbxz+lqysKbInS+O+5fG1r4fivGP3F9r48t60ef392/GR1+kB+TfZH/6aUH1/wkoV+ePG3L5r3fZ5Ps4/MG/+lLZVfjAXzelwtN03QTU3OTXYk+BT/xxG7y63iz26uA2YRsSsidq+wjJNPfrOn3bH/jn8RHVhnqn0d8USj/S9GU/yFrO365PizRyYOjw1GdfrAWHFX3O6XXy+93q78VcXfAan9N7e8/xvxp2fEbDBi9tz5U/X12tnll3Hp908rWZtjO1d4/w9kb9bTA/m+Dybn5s6ORwxkr6Ts0IL9E7deW+SL81P8+/e17v87Go9n9SvxYESkm3hvRDwUEQ/nbfdIRDwaEfsWif+nFx57t92x9u2/yKx8B6X4pxZp//SWl1K32n/5ib5TP37Xrvzaktr/UD21P9+zlPe/pVZwNdcOAAAA7hSl+nfgs9LozXSpNDra+A7/zthcqs7Mzj11fOb9M1ON78pvj/5SMdM1PG8+dDyfGy7yE035g/m88Zd9Q/X8aGWmOtXt4KHHbWnT/5M/+rpdO2DN+b0W9C79H3qX/g+9S/+H3qX/Q48aaL37o/WuB9AVy//8H1yTegDrz/gfepf+D71L/4ee1Pa38aVV/eT/Tk2UN0Y1WiaGNkY1ikSUNkQ1Opd47bNGl9go9SkS5SX/ZxYrTGxqeajb70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//z8/5no=")
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x2b}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x72}}, 0xe8)
r2 = socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="0207000702"], 0x10}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r3 = syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000000)='./file1\x00', 0x200040, &(0x7f0000000540)=ANY=[@ANYBLOB="6e66733d6e6f7374616c655f726f2c6e6f646f74732c6e6f636173652c636f6465706167653d3835302c6e6f646f74732c646f74732c6e6f646f74732c646f74732c73686f77657865632c6e6f646f74732c646f74732c756d61736b3d30000000003030303030303030303030303030303030322c646f74732c6e6f646f74732c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c6e6f636173652c646f74732c6e6f646f74732c6e6f646f74732c6e6f646f74732c7379735f696d6d787461626c652c6e6f646f74732c646f74732c636865636b3d726557617865642c7375626a5f726f6c653d646f733178466c6f7070792c7365636c6162656c2c6673757569643d3433e667356564382d333466302d373532342d306531302d62653662303061312c00"/324], 0x1, 0x1c2, &(0x7f0000000200)="$eJzs3bFqU1EYB/D/jbWJgthNEIcLLk5BfYKKVBADopJBJ4XWpREhWaKL9S18QB9AOnWRiL2xsSXVGsm9Nv5+Sz7yP8l3vuVkyrkvb7zZ3X47ev352qd0OkVam9nMQZGNtPLDXgCAVXIwmeTLpNL0XgCAepzh9/9rzVsCAJbs2fMXj+71eltPy7KT7O+N++N+9VrlDx72tm6XhzZmn9ofj/sXjvI7VV4ezy/m8jS/Ozdfz62bh/nH79n9x70TeTvbyx8fAAAAAAAAAAAAAAAAAAAAAAAa0S2PzL3fp9s9La+qn+4HOnF/z1qur9U2BgAAAAAAAAAAAAAAAAAAAJxro3fvd18NBjvDWdFOcvydxYrJ1VNbzCvKJH/f9E+LVurrdd6K4t/YxgJFWUuvJ1d+tyaLffN6kl+vuZRkyQPOzoh2Y6cTAAAAAAAAAAAAAAAAAAD8X6b/9S2Go6Z3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNqZ7/P9gZLlJ8SHKGxdNWRcOjAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMK+BQAA//8lqitL")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000880)=ANY=[@ANYBLOB="1c7c6723b96bb110ba7f0a8a63090c63caf7d87e0fba3f4f97e492", @ANYBLOB="c32ab801000000007a00000055bc60af00", @ANYRESOCT=0x0, @ANYRES16, @ANYRES8=r3, @ANYRES32, @ANYRESOCT, @ANYRESDEC=r3, @ANYBLOB="e0ae70e73e3a1376d0bf8027d10ff786ffb9de22995f6b306b7b57085f545bac91ff73276d7854139ab64ebf05e2149dd04edfc4b31d76601e006cd811c2a11d33eb6f48bb33a6d941d017af4872678e75f41a5661e17b85a71a0cf775892807d7d6a3237d8f50293b4f5a067dd515a17463081556a31bc394e4098d05a811e111283b3144f68d8db8a30590196aa090e929058e652f442508cbc058f9d61884fe1b9ab1b0d47b9fce2fa6332f409579445cee2d68e5c95f7947b46a0f91100922779d44eb4842a3afd9e8aac62c000000006d944b6fd1bf33c1cb94224c47443a9749ea4b94fbfa857a9cd40f7b77d32b123f23223603547341c01a0ad6ee4cc1e8114b52f33b310a6d0ec74012ffb92fc8c28dc2c4fdbd5a1df00d6afda8db139a764952b65d2aa3a152a0f17047319f30b9e5a141d33cda6d578f325097815cbea4c811099c83f2dc824d9e7a87bce077", @ANYRES64], 0x3, 0x0, &(0x7f00000000c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
pwritev2(r0, 0x0, 0x0, 0x1000, 0x21f6, 0x0)

3.530945902s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a0000000210001000000000000000000e0000002000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000000000000500011"], 0xa0}}, 0x0)

3.450387924s ago: executing program 2:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000200)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], <r1=>0x0, 0x64, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xf7, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x0, r0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, r1, 0x0, 0x49, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='sys_enter\x00', r2}, 0x10)
syz_open_dev$hiddev(&(0x7f00000005c0), 0x1, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
dup(0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_RATE_ENABLE={0x8, 0x5, 0xffffffff}, @TCA_FQ_FLOW_REFILL_DELAY={0x8}]}}]}, 0x40}}, 0x0)

3.433834197s ago: executing program 4:
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000003c0)='./file1\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced0100000000000080c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x97, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x1714, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7896de1fdcf335263bdbcef549ba197fce47ddfdd753abd9501ce721b6ae9b49600002a00", "43610000181c208220000000b9000201000000000000f001fffffff2ff00"})
write$P9_RCLUNK(r0, &(0x7f0000000180)={0x7}, 0x7)

3.416529569s ago: executing program 2:
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000b40)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)={0x20, 0x0, 0x1}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000000140)="83", 0x1)

3.213223041s ago: executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000005000000850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_pid(r1, &(0x7f0000000980), 0x12)

3.15816012s ago: executing program 0:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c710016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa73d897e3896d863081b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbd744e517e65ddab19e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f200004304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188541c300f5c1bf56705ba12d198e897186b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710f7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47cbb0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9ea410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be0a33c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06a6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c6062368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c5bed4b0d73dffb17a88aaad5921aee7dae6a2f3009d9cb434898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a64d903b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e7ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000006a728258ca3d846a000e80d5f43109a48ddc54cec5d7f78c80e010ed02ffc0846577cafcd9e0ad83149bfb08ba7b5b431311041deb5e5d65610ad6e8d6ed55e900071b4d37d9fadb17a0407e7251866b63faccfe936980f59ceaa9d6b6863024b482023799a4f30a225b560f320e89ed44130e78f8cf000ac3c743b08d4256f282fc36162ac4b59527a3b67560313914ff6ac4ac43cd0e79d6372da631de3fde6c29de3b43d3046df23019ecadd57f175a2443928b1bcb9be16f54936796c3b928dc07c70771622cef2fafeb239a3ca4"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0xfffffc49, &(0x7f0000000400)="e4e647c9e0b8e9a2f2ab3026da58", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.150624081s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='ext4_es_find_extent_range_exit\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

3.070385443s ago: executing program 4:
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000080000085000000d0000000a50000009700000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
removexattr(0x0, 0x0)

750.672033ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a0000000210001000000000000000000e0000002000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000000000000500011"], 0xa0}}, 0x0)

714.485329ms ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000075981400000000003b810000850000007d000000760000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f000086fff4))
r5 = getpid()
r6 = getpid()
kcmp$KCMP_EPOLL_TFD(r5, r6, 0x7, r1, &(0x7f00000000c0)={r4, r3})

679.301544ms ago: executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000040)={0x1, 0x0, [{0x80000008, 0x0, 0x0, 0x800}]})

507.812331ms ago: executing program 0:
unshare(0x400)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x66043, 0x0)
finit_module(r0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000240)=ANY=[], 0xfd, 0x11ff, &(0x7f0000003300)="$eJzs3E+LHEUYB+A348bdbNw/aowmBy3w4qnJ7sGTIItsQHZAiVkhEYSO26vDtjPD9LAwIkZPXv0cnr0JfoO9+Bm87cVjDmJLurMmEyeRHLIDyfMcpl+q6kd1wTDQQ1Ufv/fT1wf7Vbafj6Nz5kx0hhHpTooUnTjx5k57vXFzZ6vb3b6W0tWt6xvvppRW3/rts28XI+L8p7+s/roYR+ufH/+5+cfRxaNLx39f/6pXpV6V+oNxytOtwWCc3yqLtNerDrKUPi6LvCpSr18Vo6n+/XIwHE5S3t9bWR6OiqpKeX+SDopJGg/SeDRJ+Zd5r5+yLEsry8Ejnf3/Ibs/36nrOqKuz8aLUdd1fS6W43y8FCuxGt9HxMvxSrwaF+K1uBivxxtxqRl1GrcPAAAAAAAAAAAAAAAAAAAAz4/Hnf9fi3Xn/wEAAAAAAAAAAAAAAAAAAOAUfHLj5s5Wt7t9LaWliPLHw93D3fba9m/tRy/KKOJKrMVf0Zz+b7X11Q+721dSYz1+KG/fy98+3H2hzd/9uJvfaF4ncC+/0PSd5DfafJrOL8byg/NvxlpcmD3/5sz8Urzz9gP5LNbi9y9iEGXsNXPfz3+3kdIHH3Ufyl9uxgEAAMCzIEv/mvn8nmWP6m/zT/D/wEPP1wtxeWG+ayeimnxzkHfKYtQU5Umx9J8WxWOKxemWzlOaqxNzX6niWS3OxXTLvH+ZOA33vwbzvhMAAAAAAAAAAACexFPeV7gQM3aWvT+fpQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAAAD///7lyMc=")
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
lseek(r1, 0x7fd, 0x1)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1})
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000140)={0xffffffff, 0x7, 0xe8, 0x2f}, 0x10)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
fcntl$setstatus(r3, 0x4, 0x2800)
connect$vsock_stream(r3, &(0x7f0000000200)={0x28, 0x0, 0x2711, @my=0x1}, 0xe)
connect$vsock_stream(r3, &(0x7f00000003c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x14552, &(0x7f0000000240)=ANY=[], 0x1, 0x11f3, &(0x7f0000000980)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000040)=""/104, 0x4d)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
getdents64(r1, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f00000001c0)={0x2020}, 0x2020)

372.299192ms ago: executing program 2:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000600), 0x4)
getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, &(0x7f0000002180))

339.053737ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)=""/144, 0x28}], 0x300)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x800452d2, &(0x7f0000000100))

251.616811ms ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

35.089914ms ago: executing program 0:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = eventfd(0x800a6)
write$eventfd(r2, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
r3 = dup(r2)
read$eventfd(r3, &(0x7f0000000280), 0x8)

0s ago: executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000005000000850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_pid(r1, &(0x7f0000000980), 0x12)

kernel console output (not intermixed with test programs):

slave_0) entered disabled state
[   75.734338][   T41] usbhid 3-1:0.0: can't add hid device: -71
[   75.752332][   T41] usbhid: probe of 3-1:0.0 failed with error -71
[   75.752514][  T822] device veth1_macvtap left promiscuous mode
[   75.766181][   T41] usb 3-1: USB disconnect, device number 4
[   75.766721][  T822] device veth0_vlan left promiscuous mode
[   75.814633][ T1720] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   76.163581][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   76.172367][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   76.183204][ T1684] device veth0_vlan entered promiscuous mode
[   76.198267][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   76.210063][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   76.245460][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   76.253940][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   76.277949][ T1684] device veth1_macvtap entered promiscuous mode
[   76.326237][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   76.336756][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.348265][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.350592][ T1729] loop2: detected capacity change from 0 to 256
[   76.374690][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   76.391333][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.655520][ T1744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1744 comm=syz-executor.3
[   76.782287][ T1749] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   76.802860][ T1751] loop3: detected capacity change from 0 to 128
[   76.846590][ T1751] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   76.862018][ T1751] ext4 filesystem being mounted at /root/syzkaller-testdir3581307062/syzkaller.FXDsHv/120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[   76.928590][ T1757] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[   77.069091][   T28] audit: type=1400 audit(1717599423.580:790): avc:  denied  { shutdown } for  pid=1761 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   77.098623][  T315] EXT4-fs (loop3): unmounting filesystem.
[   77.116423][ T1762] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure
[   77.147466][   T28] audit: type=1400 audit(1717599423.660:791): avc:  denied  { read } for  pid=1761 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   77.232628][ T1771] loop3: detected capacity change from 0 to 256
[   77.249412][ T1771] exfat: Deprecated parameter 'namecase'
[   77.278454][ T1771] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   77.358213][   T28] audit: type=1400 audit(1717599423.870:792): avc:  denied  { read append open } for  pid=1770 comm="syz-executor.3" path="/root/syzkaller-testdir3581307062/syzkaller.FXDsHv/122/file0/cpuacct.usage_sys" dev="loop3" ino=1048711 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.425754][ T1778] mmap: syz-executor.1 (1778) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   77.446859][   T28] audit: type=1400 audit(1717599423.900:793): avc:  denied  { map } for  pid=1770 comm="syz-executor.3" path="/root/syzkaller-testdir3581307062/syzkaller.FXDsHv/122/file0/cpuacct.usage_sys" dev="loop3" ino=1048711 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.457426][ T1778] binder_alloc: binder_alloc_mmap_handler: 1776 20ffc000-20ffd000 already mapped failed -16
[   78.271994][ T1812] loop3: detected capacity change from 0 to 256
[   78.729455][ T1831] loop2: detected capacity change from 0 to 512
[   78.756959][ T1831] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   78.799595][ T1831] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   78.827939][ T1831] EXT4-fs (loop2): 1 truncate cleaned up
[   78.838111][ T1831] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   78.889626][  T317] EXT4-fs (loop2): unmounting filesystem.
[   79.777805][    T6] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   80.154383][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.175594][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.206703][    T6] usb 2-1: New USB device found, idVendor=056a, idProduct=00e2, bcdDevice= 0.00
[   80.232337][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.263670][    T6] usb 2-1: config 0 descriptor??
[   80.279259][ T1883] loop2: detected capacity change from 0 to 256
[   80.299016][ T1883] exfat: Deprecated parameter 'namecase'
[   80.324454][ T1883] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[   80.530588][   T28] kauditd_printk_skb: 8 callbacks suppressed
[   80.530620][   T28] audit: type=1400 audit(1717599427.040:802): avc:  denied  { remove_name } for  pid=1891 comm="syz-executor.0" name="file0" dev="incremental-fs" ino=1967 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.599374][   T28] audit: type=1400 audit(1717599427.040:803): avc:  denied  { rename } for  pid=1891 comm="syz-executor.0" name="file0" dev="incremental-fs" ino=1967 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   80.634397][   T28] audit: type=1400 audit(1717599427.040:804): avc:  denied  { rmdir } for  pid=1891 comm="syz-executor.0" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="incremental-fs" ino=1970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   81.603304][    T6] wacom 0003:056A:00E2.0004: unknown main item tag 0x0
[   81.669454][ T1903] device wireguard0 entered promiscuous mode
[   81.730422][    T6] wacom 0003:056A:00E2.0004: hidraw0: USB HID v0.00 Device [HID 056a:00e2] on usb-dummy_hcd.1-1/input0
[   81.759390][    T6] usb 2-1: USB disconnect, device number 4
[   81.874962][ T1914] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   82.185052][ T1939] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[   82.296103][ T1953] loop4: detected capacity change from 0 to 512
[   82.339119][ T1953] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   82.391340][ T1953] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   82.419064][ T1953] EXT4-fs (loop4): 1 truncate cleaned up
[   82.425868][ T1953] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   82.517466][ T1966] overlayfs: failed to create directory ./file0\/work (errno: 126); mounting read-only
[   82.558003][ T1966] overlayfs: failed to resolve './file1': -2
[   82.568058][  T314] EXT4-fs (loop4): unmounting filesystem.
[   82.576570][ T1971] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   82.639999][ T1971] overlayfs: failed to create directory ./file0/work (errno: 126); mounting read-only
[   82.641513][ T1976] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.4'.
[   82.880451][   T28] audit: type=1326 audit(1717599429.020:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1986 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4b0947cf69 code=0x0
[   84.305927][ T2014] overlayfs: failed to create directory ./file0\/work (errno: 126); mounting read-only
[   84.336976][ T2014] overlayfs: failed to resolve './file1': -2
[   84.350096][ T2023] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[   84.350788][ T2021] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'.
[   84.394792][   T28] audit: type=1326 audit(1717599430.530:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2012 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b0947cf69 code=0x0
[   84.429492][ T2023] overlayfs: failed to create directory ./file0/work (errno: 126); mounting read-only
[   85.780269][ T2059] overlayfs: failed to create directory ./file0\/work (errno: 126); mounting read-only
[   85.790196][ T2059] overlayfs: failed to resolve './file1': -2
[   85.800833][ T2059] overlayfs: failed to create directory ./file0/work (errno: 126); mounting read-only
[   85.887637][ T2065] device wireguard0 entered promiscuous mode
[   87.229336][ T2100] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   87.354188][   T28] audit: type=1326 audit(1717599433.490:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2102 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x0
[   88.376871][ T2124] SELinux: security_context_str_to_sid (root::) failed with errno=-22
[   88.462804][ T2113] device wireguard0 entered promiscuous mode
[   88.794941][ T2160] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   88.886964][   T28] audit: type=1400 audit(1717599435.030:808): avc:  denied  { read write } for  pid=2164 comm="syz-executor.4" name="uhid" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   88.890362][    T6] hid-generic 0000:0000:0000.0005: item fetching failed at offset 0/1
[   89.605097][    T6] hid-generic: probe of 0000:0000:0000.0005 failed with error -22
[   89.617227][   T28] audit: type=1400 audit(1717599435.030:809): avc:  denied  { open } for  pid=2164 comm="syz-executor.4" path="/dev/uhid" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   89.856931][ T2175] serio: Serial port ptm0
[   90.055765][ T2188] loop0: detected capacity change from 0 to 256
[   90.080877][ T2188] exfat: Bad value for 'allow_utime'
[   90.190229][ T2188] kvm [2187]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x30303030303d6b73
[   90.232239][ T2196] loop4: detected capacity change from 0 to 512
[   90.289007][ T2196] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   90.338109][ T2196] ext4 filesystem being mounted at /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0 supports timestamps until 2038 (0x7fffffff)
[   90.360969][ T2201] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[   90.480341][ T2196] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[   90.516826][ T2196] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[   90.580207][ T2196] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[   90.592606][ T2196] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error
[   90.624433][   T28] audit: type=1400 audit(1717599436.760:810): avc:  denied  { mounton } for  pid=2195 comm="syz-executor.4" path="/root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   91.397523][   T28] audit: type=1400 audit(1717599437.520:811): avc:  denied  { create } for  pid=2195 comm="syz-executor.4" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[   91.425736][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   91.513506][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   91.593999][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   91.655478][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   91.710627][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   91.762240][  T314] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor.4: path /root/syzkaller-testdir878117838/syzkaller.qoJIan/149/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   91.809932][ T2190] loop3: detected capacity change from 0 to 40427
[   91.834318][ T2190] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   91.842235][ T2190] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   92.024693][ T2190] F2FS-fs (loop3): Found nat_bits in checkpoint
[   92.409461][ T2229] loop2: detected capacity change from 0 to 512
[   92.471800][ T2229] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   92.589132][ T2229] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #3: comm syz-executor.2: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[   92.644090][ T2190] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   92.651537][ T2229] EXT4-fs error (device loop2): ext4_quota_enable:6946: comm syz-executor.2: Bad quota inode: 3, type: 0
[   92.669120][ T2229] EXT4-fs warning (device loop2): ext4_enable_quotas:6987: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   92.674844][ T2190] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   92.746646][ T2229] EXT4-fs (loop2): mount failed
[   92.910150][ T2234] loop0: detected capacity change from 0 to 256
[   92.937602][ T2234] exfat: Bad value for 'allow_utime'
[   93.025628][ T2234] kvm [2233]: vcpu0, guest rIP: 0xfff0 unimplemented MMIO_CONF_BASE wrmsr: 0x30303030303d6b73
[   93.236192][ T2243] overlayfs: failed to resolve './file0': -2
[   93.754562][   T28] audit: type=1400 audit(1851817167.268:812): avc:  denied  { mounton } for  pid=2186 comm="syz-executor.3" path="/root/syzkaller-testdir3581307062/syzkaller.FXDsHv/158/bus/bus" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.782020][   T28] audit: type=1400 audit(1851817167.288:813): avc:  denied  { setattr } for  pid=2186 comm="syz-executor.3" name="work" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.805026][   T28] audit: type=1400 audit(1851817167.308:814): avc:  denied  { remove_name } for  pid=2186 comm="syz-executor.3" name="#2f" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   93.827560][   T28] audit: type=1400 audit(1851817167.308:815): avc:  denied  { rename } for  pid=2186 comm="syz-executor.3" name="#2f" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   93.849861][   T28] audit: type=1400 audit(1851817167.338:816): avc:  denied  { unlink } for  pid=2186 comm="syz-executor.3" name="#2f" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   93.879849][   T28] audit: type=1400 audit(1851817167.358:817): avc:  denied  { unlink } for  pid=2186 comm="syz-executor.3" name="#30" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.029781][ T2248] loop1: detected capacity change from 0 to 512
[   94.074290][ T2248] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   94.090644][   T28] audit: type=1400 audit(1851817168.238:818): avc:  denied  { relabelfrom } for  pid=2249 comm="syz-executor.2" name="" dev="pipefs" ino=22045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   94.141822][ T2248] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[   94.196470][ T2248] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz-executor.1: invalid indirect mapped block 2683928664 (level 1)
[   94.248217][ T2248] EXT4-fs (loop1): Remounting filesystem read-only
[   94.266730][ T2248] EXT4-fs (loop1): 1 truncate cleaned up
[   94.286814][ T2248] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   94.315863][   T28] audit: type=1400 audit(1851817168.468:819): avc:  denied  { mount } for  pid=2247 comm="syz-executor.1" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   94.476532][   T28] audit: type=1400 audit(1851817168.628:820): avc:  denied  { mounton } for  pid=2247 comm="syz-executor.1" path="/root/syzkaller-testdir550169471/syzkaller.dSsl86/35/file0/file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   94.588909][   T28] audit: type=1400 audit(1851817168.738:821): avc:  denied  { unmount } for  pid=1684 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   94.589147][ T1684] EXT4-fs error (device loop1): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor.1: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   95.002791][ T1684] EXT4-fs (loop1): Remounting filesystem read-only
[   95.100088][ T1684] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr
[   95.323850][ T1684] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr
[   95.700080][ T1684] EXT4-fs (loop1): unmounting filesystem.
[   96.747546][ T2298] 9pnet_fd: Insufficient options for proto=fd
[   96.895931][   T10] device bridge_slave_1 left promiscuous mode
[   96.903197][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.921066][   T10] device bridge_slave_0 left promiscuous mode
[   96.933913][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.956737][   T10] device veth1_macvtap left promiscuous mode
[   96.968292][   T10] device veth0_vlan left promiscuous mode
[   97.144243][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   97.524220][   T24] usb 1-1: Using ep0 maxpacket: 32
[   98.065145][   T24] usb 1-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   98.102606][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.415543][   T24] usb 1-1: Product: syz
[   98.419702][   T24] usb 1-1: Manufacturer: syz
[   98.424161][   T24] usb 1-1: SerialNumber: syz
[   98.430111][   T24] usb 1-1: config 0 descriptor??
[   98.457526][    T6] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   98.537355][ T2309] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.551588][ T2309] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.567842][ T2309] device bridge_slave_0 entered promiscuous mode
[   98.585876][ T2309] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.596219][ T2309] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.625962][ T2309] device bridge_slave_1 entered promiscuous mode
[   98.963147][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   98.973874][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   98.984384][    T6] usb 3-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[   98.998128][    T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.000059][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   99.013873][    T6] usb 3-1: Product: syz
[   99.022553][    T6] usb 3-1: Manufacturer: syz
[   99.022689][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   99.032779][    T6] usb 3-1: SerialNumber: syz
[   99.044646][    T6] usb 3-1: config 0 descriptor??
[   99.048086][ T2268] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.056426][ T2268] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.064387][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   99.073134][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   99.081680][ T2268] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.088638][ T2268] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.105379][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   99.114307][   T24] (unnamed net_device) (uninitialized): Assigned a random MAC address: de:4c:8a:9e:9e:2b
[   99.149420][   T24] rtl8150 1-1:0.0: eth1: rtl8150 is detected
[   99.170282][   T24] usb 1-1: USB disconnect, device number 4
[   99.198110][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   99.215402][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   99.223780][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   99.233675][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   99.256135][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   99.265619][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   99.278852][ T2309] device veth0_vlan entered promiscuous mode
[   99.288815][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   99.297767][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   99.314307][    T6] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   99.318759][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   99.332216][    T6] asix: probe of 3-1:0.0 failed with error -71
[   99.332472][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   99.355340][ T2309] device veth1_macvtap entered promiscuous mode
[   99.356322][    T6] usb 3-1: USB disconnect, device number 5
[   99.364257][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   99.375899][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   99.385638][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   99.405274][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   99.414617][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   99.423878][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   99.445818][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   99.748359][ T2343] tipc: MTU too low for tipc bearer
[   99.759247][ T2345] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   99.784277][ T2345] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   99.828621][ T2347] syz-executor.0[2347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.828775][ T2347] syz-executor.0[2347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.963204][   T28] kauditd_printk_skb: 1 callbacks suppressed
[   99.963238][   T28] audit: type=1400 audit(1851817174.108:823): avc:  denied  { create } for  pid=2357 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  100.050164][   T28] audit: type=1400 audit(1851817174.158:824): avc:  denied  { bind } for  pid=2357 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  100.100206][   T28] audit: type=1400 audit(1851817174.158:825): avc:  denied  { read } for  pid=2357 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  100.148953][   T28] audit: type=1400 audit(1851817174.218:826): avc:  denied  { write } for  pid=2357 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  100.461230][ T2378] syz-executor.1[2378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.461388][ T2378] syz-executor.1[2378] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.525502][ T2382] syz-executor.0[2382] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.537919][ T2382] syz-executor.0[2382] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.724173][ T2268] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  101.981026][ T2413] syz-executor.1[2413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.981188][ T2413] syz-executor.1[2413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.994317][ T2268] usb 3-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  102.014283][   T19] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  102.032179][ T2268] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.040899][ T2268] usb 3-1: Product: syz
[  102.053158][ T2268] usb 3-1: Manufacturer: syz
[  102.062582][ T2268] usb 3-1: SerialNumber: syz
[  102.069545][ T2268] usb 3-1: config 0 descriptor??
[  102.173660][ T2421] loop3: detected capacity change from 0 to 256
[  102.344403][ T2268] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  102.365539][ T2268] asix: probe of 3-1:0.0 failed with error -71
[  102.374264][   T19] usb 1-1: config 0 has no interfaces?
[  102.379864][   T19] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  102.382868][ T2268] usb 3-1: USB disconnect, device number 6
[  102.398836][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.422567][   T19] usb 1-1: config 0 descriptor??
[  102.568149][   T28] audit: type=1400 audit(1851817176.718:827): avc:  denied  { unmount } for  pid=314 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  102.597807][   T28] audit: type=1400 audit(1851817176.738:828): avc:  denied  { remove_name } for  pid=314 comm="syz-executor.4" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  102.621909][   T28] audit: type=1400 audit(1851817176.738:829): avc:  denied  { unlink } for  pid=314 comm="syz-executor.4" name="file0" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  102.681949][    T6] usb 1-1: USB disconnect, device number 5
[  102.694521][  T314] EXT4-fs (loop4): unmounting filesystem.
[  102.708470][ T2427] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.716390][ T2427] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.742583][ T2427] device bridge_slave_0 entered promiscuous mode
[  102.764332][ T2427] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.774827][ T2427] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.783304][ T2427] device bridge_slave_1 entered promiscuous mode
[  102.920506][ T2433] loop2: detected capacity change from 0 to 256
[  103.002759][ T2433] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1768846636 (3537693272 ns) > initial count (1927074542 ns). Using initial count to start timer.
[  103.022815][   T10] device bridge_slave_1 left promiscuous mode
[  103.029345][ T2433] Disabled LAPIC found during irq injection
[  103.035572][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.048741][   T10] device bridge_slave_0 left promiscuous mode
[  103.056455][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.067272][   T10] device veth1_macvtap left promiscuous mode
[  103.073812][   T10] device veth0_vlan left promiscuous mode
[  103.266107][   T28] audit: type=1400 audit(1851817177.418:830): avc:  denied  { map } for  pid=2440 comm="syz-executor.0" path="socket:[23472]" dev="sockfs" ino=23472 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  103.298143][   T28] audit: type=1400 audit(1851817177.418:831): avc:  denied  { read } for  pid=2440 comm="syz-executor.0" path="socket:[23472]" dev="sockfs" ino=23472 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  103.399240][ T2447] syz-executor.3[2447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.399414][ T2447] syz-executor.3[2447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  103.634223][  T339] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  103.780046][ T2427] device veth0_vlan entered promiscuous mode
[  103.809609][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  103.827651][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  103.856626][ T2461] loop3: detected capacity change from 0 to 2048
[  103.869057][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  103.878486][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  103.887218][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.888471][ T2461] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  103.894338][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.894615][  T339] usb 1-1: Using ep0 maxpacket: 16
[  103.903159][ T2461] ext4 filesystem being mounted at /root/syzkaller-testdir3581307062/syzkaller.FXDsHv/188/file0 supports timestamps until 2038 (0x7fffffff)
[  103.910220][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  103.933728][ T2461] fs-verity: sha256 using implementation "sha256-avx2"
[  103.937826][   T28] audit: type=1400 audit(1851817178.078:832): avc:  denied  { read } for  pid=2460 comm="syz-executor.3" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  103.938856][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  103.949818][ T2461] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 288: padding at end of block bitmap is not set
[  104.300659][ T2461] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117
[  104.673390][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.680451][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  104.688203][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  104.698092][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  104.706604][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  104.718765][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  104.732895][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  104.746318][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  104.755159][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  104.763736][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  104.801217][  T315] EXT4-fs (loop3): unmounting filesystem.
[  104.818474][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  104.826446][  T339] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  104.844272][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  104.853050][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  104.874754][ T2427] device veth1_macvtap entered promiscuous mode
[  104.881941][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  104.890960][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  104.904845][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  104.956968][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  104.966812][ T2480] syz-executor.3[2480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.967060][ T2480] syz-executor.3[2480] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.968654][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  105.002114][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  105.010904][  T339] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.021798][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  105.032117][  T339] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.041499][  T339] usb 1-1: Product: syz
[  105.045768][  T339] usb 1-1: Manufacturer: syz
[  105.050319][  T339] usb 1-1: SerialNumber: syz
[  105.058312][ T2437] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.066069][ T2437] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.075747][ T2437] device bridge_slave_0 entered promiscuous mode
[  105.105545][  T339] cdc_ether: probe of 1-1:1.0 failed with error -22
[  105.114404][ T2437] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.123892][ T2437] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.137119][ T2268] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  105.138515][ T2437] device bridge_slave_1 entered promiscuous mode
[  105.315623][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  105.315657][   T28] audit: type=1400 audit(1851817179.468:836): avc:  denied  { getopt } for  pid=2491 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  105.322442][  T320] usb 1-1: USB disconnect, device number 6
[  105.646875][ T2437] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.654616][ T2437] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.661936][ T2437] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.668905][ T2437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.682219][ T2268] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.694380][ T2268] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.704551][ T2268] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  105.714506][ T2268] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.724498][ T2268] usb 3-1: config 0 descriptor??
[  106.203702][   T10] device bridge_slave_1 left promiscuous mode
[  106.249196][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.493997][ T2486] loop3: detected capacity change from 0 to 40427
[  106.509020][ T2472] loop2: detected capacity change from 0 to 1024
[  106.515839][   T10] device bridge_slave_0 left promiscuous mode
[  106.528412][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.538718][   T10] device veth1_macvtap left promiscuous mode
[  106.545484][   T10] device veth0_vlan left promiscuous mode
[  106.555238][ T2486] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  106.576866][ T2486] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  106.610583][ T2486] F2FS-fs (loop3): Found nat_bits in checkpoint
[  106.630539][ T2472] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  106.640275][ T2472] EXT4-fs (loop2): orphan cleanup on readonly fs
[  106.650169][ T2472] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 10: padding at end of block bitmap is not set
[  106.669336][ T2472] Quota error (device loop2): write_blk: dquota write failed
[  106.677103][ T2472] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  106.687190][ T2472] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  106.697786][ T2472] EXT4-fs error (device loop2): ext4_free_blocks:6197: comm syz-executor.2: Freeing blocks not in datazone - block = 0, count = 4096
[  106.712235][ T2472] EXT4-fs (loop2): 1 truncate cleaned up
[  106.724755][ T2472] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  106.739787][ T2472] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  106.769118][ T2486] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  106.776385][ T2486] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  107.009134][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  107.018694][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  107.032139][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  107.039955][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  107.094588][ T2268] usbhid 3-1:0.0: can't add hid device: -71
[  107.101015][ T2268] usbhid: probe of 3-1:0.0 failed with error -71
[  107.203176][ T2268] usb 3-1: USB disconnect, device number 7
[  107.218162][ T2508] overlayfs: failed to resolve './file0': -2
[  107.274230][   T28] audit: type=1400 audit(1851817181.318:837): avc:  denied  { unlink } for  pid=2485 comm="syz-executor.3" name="#33" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[  108.335246][ T2472] syz-executor.2 (2472) used greatest stack depth: 19240 bytes left
[  108.370807][  T317] EXT4-fs (loop2): unmounting filesystem.
[  108.444833][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  108.458308][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  108.494867][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  108.503972][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  108.546548][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  108.555934][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  108.570885][ T2437] device veth0_vlan entered promiscuous mode
[  108.578831][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  108.588797][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  108.615822][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  108.624692][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  108.632922][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  108.642440][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  108.652245][ T2437] device veth1_macvtap entered promiscuous mode
[  108.669408][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  108.678200][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  108.686955][ T2268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  108.704908][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  108.713614][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.050873][   T28] audit: type=1400 audit(1851817186.198:838): avc:  denied  { setattr } for  pid=2514 comm="syz-executor.3" name="PPPOL2TP" dev="sockfs" ino=24810 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  112.149295][ T2518] device veth1 entered promiscuous mode
[  114.074109][    C0] sched: RT throttling activated
[  115.450301][ T2515] device veth1 left promiscuous mode
[  115.689712][ T2547] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  115.747343][ T2547] loop0: detected capacity change from 0 to 512
[  115.778125][ T2547] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz-executor.0: casefold flag without casefold feature
[  115.794229][  T320] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  115.802831][ T2547] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.0: missing EA_INODE flag
[  115.824463][ T2547] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 12 err=-117
[  115.841949][ T2547] EXT4-fs (loop0): 1 orphan inode deleted
[  115.852320][ T2547] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  115.923188][  T318] EXT4-fs (loop0): unmounting filesystem.
[  116.029090][   T28] audit: type=1400 audit(1851817190.178:839): avc:  denied  { mounton } for  pid=2577 comm="syz-executor.3" path="/root/syzkaller-testdir3581307062/syzkaller.FXDsHv/201/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  116.060496][ T2578] loop3: detected capacity change from 0 to 1024
[  116.067301][  T320] usb 5-1: Using ep0 maxpacket: 16
[  116.075332][ T2578] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  116.086733][ T2578] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  116.100276][ T2578] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz-executor.3: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  116.120594][ T2578] EXT4-fs (loop3): no journal found
[  116.233037][ T2561] loop1: detected capacity change from 0 to 40427
[  116.267715][ T2561] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  116.275635][ T2561] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  116.284275][  T320] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  116.299089][ T2561] F2FS-fs (loop1): invalid crc value
[  116.470445][ T2561] F2FS-fs (loop1): Found nat_bits in checkpoint
[  116.470705][ T2589] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.3'.
[  116.574461][  T320] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  116.583580][  T320] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.616881][  T320] usb 5-1: Product: syz
[  116.621009][  T320] usb 5-1: Manufacturer: syz
[  116.626551][  T320] usb 5-1: SerialNumber: syz
[  116.675174][  T320] cdc_ether: probe of 5-1:1.0 failed with error -22
[  116.710927][ T2561] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  116.718381][ T2561] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  116.831467][   T28] audit: type=1400 audit(1851817190.978:840): avc:  denied  { setattr } for  pid=2560 comm="syz-executor.1" name="file1" dev="overlay" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  116.884341][ T2459] usb 5-1: USB disconnect, device number 7
[  116.890307][ T2597] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  116.915622][   T28] audit: type=1400 audit(1851817191.008:841): avc:  denied  { link } for  pid=2560 comm="syz-executor.1" name="#17" dev="loop1" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  116.976751][   T28] audit: type=1400 audit(1851817191.128:842): avc:  denied  { rmdir } for  pid=2427 comm="syz-executor.1" name="work" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  116.982497][ T2597] loop0: detected capacity change from 0 to 512
[  117.051493][ T2597] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #15: comm syz-executor.0: casefold flag without casefold feature
[  117.074257][ T2618] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  117.100339][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.0: missing EA_INODE flag
[  117.148278][ T2597] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 12 err=-117
[  117.186881][ T2597] EXT4-fs (loop0): 1 orphan inode deleted
[  117.192576][ T2597] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  117.323169][   T28] audit: type=1326 audit(1851817191.468:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2623 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4b0947cf69 code=0x0
[  117.356937][  T318] EXT4-fs (loop0): unmounting filesystem.
[  117.412942][ T2613] loop3: detected capacity change from 0 to 40427
[  117.434250][ T2613] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  117.448566][ T2613] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  117.503651][ T2613] F2FS-fs (loop3): Found nat_bits in checkpoint
[  117.657402][ T2613] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  117.664821][ T2613] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  118.656294][ T2654] overlayfs: failed to resolve './file0': -2
[  118.806941][ T2665] syz-executor.0[2665] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.807093][ T2665] syz-executor.0[2665] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.841898][   T28] audit: type=1400 audit(1851817192.988:844): avc:  denied  { audit_read } for  pid=2666 comm="syz-executor.1" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  118.903009][ T2665] loop0: detected capacity change from 0 to 1024
[  118.925431][ T2665] EXT4-fs: Ignoring removed orlov option
[  118.942162][ T2665] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.961618][ T2665] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  119.255409][  T318] EXT4-fs (loop0): unmounting filesystem.
[  119.323445][ T2694] syz-executor.0[2694] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.334608][ T2694] syz-executor.0[2694] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.446459][ T2703] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  119.469160][ T2699] syz-executor.1[2699] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.469314][ T2699] syz-executor.1[2699] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  119.613399][   T28] audit: type=1326 audit(1851817193.758:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.670122][   T28] audit: type=1326 audit(1851817193.808:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.702883][   T28] audit: type=1326 audit(1851817193.818:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.733114][   T28] audit: type=1326 audit(1851817193.818:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.769941][   T28] audit: type=1326 audit(1851817193.818:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.801988][   T28] audit: type=1326 audit(1851817193.818:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.883753][   T28] audit: type=1326 audit(1851817193.848:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x7ffc0000
[  119.913225][ T2710] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.914810][   T28] audit: type=1326 audit(1851817193.848:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  119.945334][ T2710] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.961627][ T2710] device bridge_slave_0 entered promiscuous mode
[  119.984313][ T2710] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.991985][ T2710] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.002016][ T2710] device bridge_slave_1 entered promiscuous mode
[  120.114790][ T2730] device wireguard0 entered promiscuous mode
[  120.163563][ T2742] syz-executor.4[2742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.163780][ T2742] syz-executor.4[2742] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.178776][  T571] device bridge_slave_1 left promiscuous mode
[  120.190610][ T2742] loop4: detected capacity change from 0 to 1024
[  120.205911][ T2742] EXT4-fs: Ignoring removed orlov option
[  120.206047][  T571] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.211780][ T2742] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.228396][  T571] device bridge_slave_0 left promiscuous mode
[  120.249684][  T571] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.265308][ T2742] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  120.276341][  T571] device veth1_macvtap left promiscuous mode
[  120.287838][  T571] device veth0_vlan left promiscuous mode
[  120.631733][ T2437] EXT4-fs (loop4): unmounting filesystem.
[  120.661502][ T2734] loop0: detected capacity change from 0 to 40427
[  120.679809][ T2734] request_module fs- succeeded, but still no fs?
[  120.821004][ T2757] loop4: detected capacity change from 0 to 256
[  121.175791][ T2769] syz-executor.3[2769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.175951][ T2769] syz-executor.3[2769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.229351][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  121.339149][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  122.120748][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  122.141206][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  122.156827][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.164052][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.196823][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  122.213609][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  122.223264][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.230268][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.231565][ T2751] loop1: detected capacity change from 0 to 40427
[  122.246933][ T2751] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  122.256459][ T2751] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  122.273090][ T2751] F2FS-fs (loop1): Found nat_bits in checkpoint
[  122.281556][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  122.290075][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  122.301316][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  122.309879][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  122.319689][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  122.417845][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  122.445468][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  122.489161][ T2751] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  122.501072][ T2710] device veth0_vlan entered promiscuous mode
[  122.509647][ T2751] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  122.518228][ T2787] loop3: detected capacity change from 0 to 512
[  122.533382][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  122.542268][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  122.551534][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  122.559656][ T2787] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  122.560958][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  122.577773][ T2787] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  122.583025][ T2783] device pim6reg1 entered promiscuous mode
[  122.585666][ T2787] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  122.640998][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  122.641030][   T28] audit: type=1400 audit(1851817196.788:859): avc:  denied  { remount } for  pid=2786 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  122.670701][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  122.680131][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  122.691767][ T2710] device veth1_macvtap entered promiscuous mode
[  122.710901][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  122.719695][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  122.728330][ T2787] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  122.735933][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  122.757781][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  122.767233][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  122.788041][  T315] EXT4-fs (loop3): unmounting filesystem.
[  123.570004][ T2794] overlayfs: failed to resolve './file0': -2
[  123.775316][ T2810] loop3: detected capacity change from 0 to 512
[  123.795623][ T2810] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[  123.836806][ T2810] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[  123.866620][ T2810] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  123.950371][ T2810] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[  124.035918][  T315] EXT4-fs (loop3): unmounting filesystem.
[  124.072815][ T2822] device pim6reg1 entered promiscuous mode
[  124.078728][ T2268] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  124.345036][ T2808] loop4: detected capacity change from 0 to 40427
[  124.352870][ T2808] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  124.366399][ T2808] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  124.394632][ T2808] F2FS-fs (loop4): invalid crc value
[  124.420243][ T2808] F2FS-fs (loop4): Found nat_bits in checkpoint
[  124.440071][   T28] audit: type=1400 audit(1851817198.588:860): avc:  denied  { read } for  pid=2839 comm="syz-executor.1" path="socket:[25695]" dev="sockfs" ino=25695 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  124.465762][ T2268] usb 3-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  124.478174][ T2268] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.498420][ T2268] usb 3-1: config 0 descriptor??
[  124.703539][ T2268] usb 3-1: bad CDC descriptors
[  124.796232][ T2808] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  124.803185][ T2808] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  124.909122][ T2268] usb 3-1: USB disconnect, device number 8
[  125.952021][ T2854] syz-executor.1[2854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.952179][ T2854] syz-executor.1[2854] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.983342][ T2829] loop0: detected capacity change from 0 to 40427
[  126.005034][ T2829] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  126.012862][ T2829] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  126.135359][  T822] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  126.146888][ T2829] F2FS-fs (loop0): Found nat_bits in checkpoint
[  126.164873][  T822] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  126.189807][ T2867] overlayfs: missing 'lowerdir'
[  126.216992][ T2863] device pim6reg1 entered promiscuous mode
[  126.356782][ T2872] can0: slcan on ptm0.
[  126.378138][ T2829] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  126.404506][ T2829] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  126.444359][ T2871] can0 (unregistered): slcan off ptm0.
[  126.521121][   T28] audit: type=1400 audit(1851817200.668:861): avc:  denied  { create } for  pid=2880 comm="syz-executor.2" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[  126.542478][ T2879] loop3: detected capacity change from 0 to 1024
[  126.571035][   T28] audit: type=1400 audit(1851817200.678:862): avc:  denied  { write } for  pid=2880 comm="syz-executor.2" name="bus" dev="sda1" ino=1969 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[  126.576605][ T2879] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  126.653149][   T28] audit: type=1400 audit(1851817200.678:863): avc:  denied  { open } for  pid=2880 comm="syz-executor.2" path="/root/syzkaller-testdir2384348752/syzkaller.3CEy3d/6/bus" dev="sda1" ino=1969 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[  128.287931][ T2829] overlayfs: failed to resolve './file0': -2
[  128.630640][  T315] EXT4-fs (loop3): unmounting filesystem.
[  128.684272][    T6] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  128.889509][ T2909] xt_TCPMSS: Only works on TCP SYN packets
[  129.114312][  T345] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  129.124288][    T6] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  129.136721][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  129.165278][    T6] usb 3-1: SerialNumber: syz
[  129.215091][    T6] cdc_ether 3-1:1.0: skipping garbage
[  129.220376][    T6] usb 3-1: bad CDC descriptors
[  129.374202][  T345] usb 2-1: Using ep0 maxpacket: 16
[  129.383510][ T2901] loop3: detected capacity change from 0 to 40427
[  129.403412][ T2926] loop4: detected capacity change from 0 to 512
[  129.404288][ T2901] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  129.411615][ T2926] ext4: Unknown parameter 'subj_type'
[  129.420244][    T6] usb 3-1: USB disconnect, device number 9
[  129.429846][ T2901] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  129.441244][ T2901] F2FS-fs (loop3): invalid crc value
[  129.450016][ T2901] F2FS-fs (loop3): Found nat_bits in checkpoint
[  129.584248][  T345] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  129.610540][ T2901] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  129.617861][ T2901] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  129.873670][  T345] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  129.883446][  T345] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.893428][  T345] usb 2-1: Product: syz
[  129.897562][  T345] usb 2-1: Manufacturer: syz
[  129.902142][  T345] usb 2-1: SerialNumber: syz
[  129.948558][  T345] cdc_ether: probe of 2-1:1.0 failed with error -22
[  130.676162][  T345] usb 2-1: USB disconnect, device number 5
[  130.714257][ T2948] loop4: detected capacity change from 0 to 1024
[  130.728845][ T2948] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  130.796907][ T2952] EXT4-fs error (device loop4) in ext4_setattr:5613: Out of memory
[  130.831635][ T2952] EXT4-fs (loop4): Remounting filesystem read-only
[  130.898767][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  130.918302][   T10] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  130.931668][ T2437] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.4: lblock 0 mapped to illegal pblock 16 (length 1)
[  130.978024][ T2437] EXT4-fs (loop4): unmounting filesystem.
[  131.421394][ T2959] device pim6reg1 entered promiscuous mode
[  131.489599][   T28] audit: type=1400 audit(1851817205.638:864): avc:  denied  { getopt } for  pid=2963 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  131.696653][   T10] device bridge_slave_1 left promiscuous mode
[  131.703136][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.713864][   T10] device bridge_slave_0 left promiscuous mode
[  131.721506][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.738497][   T10] device veth1_macvtap left promiscuous mode
[  131.754934][   T10] device veth0_vlan left promiscuous mode
[  131.784321][ T2459] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  132.025053][ T3006] binder: 3005:3006 ioctl c0306201 20000580 returned -14
[  132.224536][ T2459] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  132.233491][ T2459] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  132.267986][ T2459] usb 1-1: SerialNumber: syz
[  132.325504][ T2459] cdc_ether 1-1:1.0: skipping garbage
[  132.331077][ T2459] usb 1-1: bad CDC descriptors
[  132.415294][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.423130][ T2979] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.431911][ T2979] device bridge_slave_0 entered promiscuous mode
[  132.441821][ T3027] device veth0_vlan left promiscuous mode
[  132.469380][ T2979] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.476583][ T2979] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.485768][ T2979] device bridge_slave_1 entered promiscuous mode
[  132.532263][   T24] usb 1-1: USB disconnect, device number 7
[  132.623989][ T3034] binder: 3033:3034 ioctl c0306201 20000580 returned -14
[  132.731082][   T28] audit: type=1326 audit(1851817206.878:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.792192][   T28] audit: type=1326 audit(1851817206.878:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.833611][   T28] audit: type=1326 audit(1851817206.918:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.866858][   T28] audit: type=1326 audit(1851817206.918:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.893328][   T28] audit: type=1326 audit(1851817206.918:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.946408][   T28] audit: type=1326 audit(1851817206.918:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.955480][ T2979] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.973355][   T28] audit: type=1326 audit(1851817206.918:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc23e47cf69 code=0x7ffc0000
[  132.978422][ T2979] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.978651][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.978694][ T2979] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.003655][   T28] audit: type=1326 audit(1851817206.918:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc23e47a6e7 code=0x7ffc0000
[  133.050880][   T28] audit: type=1326 audit(1851817206.918:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3041 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc23e4403b9 code=0x7ffc0000
[  133.134941][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.154981][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.247170][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  133.260503][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  133.287748][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  133.297654][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  133.318236][ T2459] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.325217][ T2459] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.334270][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  133.343654][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  133.364684][ T2459] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.372065][ T2459] bridge0: port 2(bridge_slave_1) entered forwarding state
[  133.419505][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  133.430551][ T2459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  133.463867][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  133.475129][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  133.498747][    T6] kernel write not supported for file bpf-prog (pid: 6 comm: kworker/0:0)
[  133.556821][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  133.566322][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  133.567589][ T3069] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  133.609322][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  133.618528][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  133.648381][ T2979] device veth0_vlan entered promiscuous mode
[  133.665455][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  133.674043][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  133.717742][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  133.734957][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  133.747170][ T2979] device veth1_macvtap entered promiscuous mode
[  133.787558][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  133.806507][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  133.826985][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  133.865624][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  133.875008][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  133.955974][ T3051] loop2: detected capacity change from 0 to 40427
[  133.982081][ T3051] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  134.005036][ T3051] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  134.033994][ T3093] bridge0: port 3(syz_tun) entered blocking state
[  134.053225][ T3093] bridge0: port 3(syz_tun) entered disabled state
[  134.062942][ T3051] F2FS-fs (loop2): Found nat_bits in checkpoint
[  134.069141][ T3093] device syz_tun entered promiscuous mode
[  134.080850][ T3093] bridge0: port 3(syz_tun) entered blocking state
[  134.087582][ T3093] bridge0: port 3(syz_tun) entered forwarding state
[  134.124551][ T3101] binder: 3100:3101 ioctl c0306201 20000580 returned -14
[  134.273442][ T3051] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  134.280969][ T3051] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.324182][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  134.584285][  T345] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  134.598409][ T3004] loop1: detected capacity change from 0 to 131072
[  134.606735][ T3004] F2FS-fs (loop1): Invalid log sectorsize (67108873)
[  134.613706][ T3004] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  134.644409][ T3004] F2FS-fs (loop1): invalid crc value
[  134.754400][   T24] usb 4-1: device descriptor read/64, error -71
[  135.320970][ T3120] overlayfs: failed to resolve './file0': -2
[  135.344533][ T3004] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  135.424647][  T345] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  135.544470][  T345] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.555336][  T345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  135.563697][  T345] usb 1-1: SerialNumber: syz
[  135.594383][   T24] usb 4-1: device descriptor read/64, error -71
[  135.867208][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  136.154202][   T24] usb 4-1: device descriptor read/64, error -71
[  136.239254][  T345] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42
[  136.453429][  T345] usb 1-1: USB disconnect, device number 8
[  136.475643][  T345] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device
[  136.515151][   T10] device bridge_slave_1 left promiscuous mode
[  136.521503][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.538259][   T10] device bridge_slave_0 left promiscuous mode
[  136.545106][   T24] usb 4-1: device descriptor read/64, error -71
[  136.558701][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.577885][   T10] device veth1_macvtap left promiscuous mode
[  136.666798][   T24] usb usb4-port1: attempt power cycle
[  136.944163][ T3143] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.951150][ T3143] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.976693][ T3143] device bridge_slave_0 entered promiscuous mode
[  137.002691][ T3143] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.030282][ T3143] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.048700][ T3143] device bridge_slave_1 entered promiscuous mode
[  137.094148][   T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  137.249790][ T3161] bridge0: port 3(syz_tun) entered blocking state
[  137.264010][ T3161] bridge0: port 3(syz_tun) entered disabled state
[  137.285186][ T3161] device syz_tun entered promiscuous mode
[  137.303234][ T3161] bridge0: port 3(syz_tun) entered blocking state
[  137.309609][ T3161] bridge0: port 3(syz_tun) entered forwarding state
[  137.605548][   T24] usb 4-1: device not accepting address 6, error -71
[  137.699519][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  137.724868][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.746787][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  137.764854][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.773221][   T19] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.780342][   T19] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.802933][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  137.819632][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.837151][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.844129][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.885795][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  137.893747][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.914943][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  137.939739][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  137.962026][ T3143] device veth0_vlan entered promiscuous mode
[  137.972683][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  137.994616][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  138.003381][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  138.031670][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  138.042487][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  138.057618][ T3143] device veth1_macvtap entered promiscuous mode
[  138.078256][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  138.086864][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  138.096040][  T345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  138.116820][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  138.127177][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  138.277397][ T3189] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.287042][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  138.352867][ T3192] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.372509][   T28] kauditd_printk_skb: 31 callbacks suppressed
[  138.372549][   T28] audit: type=1400 audit(1851817212.518:905): avc:  denied  { nlmsg_read } for  pid=3191 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.451597][ T3194] tun0: tun_chr_ioctl cmd 1074025675
[  138.461160][ T3196] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'.
[  138.463829][ T3194] tun0: persist enabled
[  138.524313][   T24] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  138.561616][ T3194] tun0: tun_chr_ioctl cmd 1074025675
[  138.567294][ T3194] tun0: persist enabled
[  138.627673][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  138.646545][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  138.662314][   T24] usb 4-1: SerialNumber: syz
[  138.800055][ T3145] loop1: detected capacity change from 0 to 131072
[  138.808815][ T3145] F2FS-fs (loop1): Invalid log sectorsize (67108873)
[  138.815707][ T3145] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  138.825300][ T3145] F2FS-fs (loop1): invalid crc value
[  138.833720][ T3145] F2FS-fs (loop1): Found nat_bits in checkpoint
[  138.844222][   T19] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  138.946396][ T3145] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  138.953537][ T3145] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  139.010678][ T3145] F2FS-fs (loop1): lookup inode (7) has corrupted xattr
[  139.019711][ T3145] F2FS-fs (loop1): list inode (7) has corrupted xattr
[  139.094152][   T19] usb 5-1: Using ep0 maxpacket: 8
[  139.126425][ T3204] loop0: detected capacity change from 0 to 40427
[  139.135800][ T3204] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  139.143743][ T3204] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  139.153411][ T3204] F2FS-fs (loop0): invalid crc value
[  139.162480][ T3204] F2FS-fs (loop0): Found nat_bits in checkpoint
[  139.216251][   T19] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.293350][ T3204] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  139.301866][ T3204] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  139.314303][   T19] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  139.323342][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  139.344333][   T19] usb 5-1: SerialNumber: syz
[  139.357571][   T19] usb 5-1: config 0 descriptor??
[  139.390709][   T24] cdc_ether 4-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42
[  139.405830][   T19] usb 5-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  139.413374][   T19] uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized!
[  139.436678][   T19] usb 5-1: Failed to create links for entity 255
[  139.448902][   T19] usb 5-1: Failed to register entities (-22).
[  139.473678][  T318] syz-executor.0: attempt to access beyond end of device
[  139.473678][  T318] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  139.608010][  T345] usb 4-1: USB disconnect, device number 7
[  139.615390][  T345] cdc_ether 4-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device
[  139.635897][  T320] usb 5-1: USB disconnect, device number 8
[  139.893617][ T3233] loop0: detected capacity change from 0 to 256
[  139.905583][ T3233] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  140.040772][ T3247] loop0: detected capacity change from 0 to 512
[  140.048604][ T3247] ext2: Unknown parameter 'subj_user'
[  140.272178][   T28] audit: type=1400 audit(1851817214.418:906): avc:  denied  { create } for  pid=3252 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  140.421764][ T3264] loop0: detected capacity change from 0 to 512
[  140.507137][ T3264] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  140.677262][ T3264] EXT4-fs (loop0): 1 orphan inode deleted
[  140.682949][ T3264] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  140.693914][ T3264] ext4 filesystem being mounted at /root/syzkaller-testdir2860424016/syzkaller.5gP1VP/246/file1 supports timestamps until 2038 (0x7fffffff)
[  141.082681][  T571] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  141.183256][  T318] EXT4-fs (loop0): unmounting filesystem.
[  141.219463][ T3262] tipc: Failed to remove unknown binding: 66,1,1/0:3167941031/3167941033
[  141.254413][ T3262] tipc: Failed to remove unknown binding: 66,1,1/0:3167941031/3167941033
[  141.285643][ T3262] tipc: Failed to remove unknown binding: 66,1,1/0:3167941031/3167941033
[  141.337560][   T28] audit: type=1326 audit(1851817215.488:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3282 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4b0c7cf69 code=0x0
[  141.382709][   T28] audit: type=1400 audit(1851817215.528:908): avc:  denied  { call } for  pid=3291 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  141.417705][   T28] audit: type=1400 audit(1851817215.528:909): avc:  denied  { transfer } for  pid=3291 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  141.457286][ T3294] loop3: detected capacity change from 0 to 1024
[  141.467719][ T3294] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  141.477337][ T3294] EXT4-fs (loop3): orphan cleanup on readonly fs
[  141.484312][ T3294] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 2, max 0(0), depth 0(0)
[  141.506653][ T3294] EXT4-fs error (device loop3): ext4_quota_enable:6946: comm syz-executor.3: Bad quota inode: 3, type: 0
[  141.518549][ T3294] EXT4-fs warning (device loop3): ext4_enable_quotas:6987: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  141.533275][ T3294] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  141.540572][ T3294] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  141.554179][   T41] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  141.573007][  T315] EXT4-fs (loop3): unmounting filesystem.
[  141.704512][ T3308] loop2: detected capacity change from 0 to 512
[  141.711771][ T3308] ext2: Unknown parameter 'subj_user'
[  141.903744][ T3296] loop4: detected capacity change from 0 to 40427
[  141.912056][ T3296] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  141.919837][ T3296] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  141.934152][   T41] usb 1-1: Using ep0 maxpacket: 8
[  141.954897][ T3296] F2FS-fs (loop4): Found nat_bits in checkpoint
[  142.117179][ T3316] loop2: detected capacity change from 0 to 512
[  142.164555][   T41] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.323290][ T3316] EXT4-fs (loop2): 1 orphan inode deleted
[  142.329087][ T3316] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  142.340863][ T3316] ext4 filesystem being mounted at /root/syzkaller-testdir387849341/syzkaller.4t4W3m/19/file1 supports timestamps until 2038 (0x7fffffff)
[  142.545183][   T41] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  142.595713][   T41] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  142.874445][  T822] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  142.885055][   T41] usb 1-1: SerialNumber: syz
[  142.913159][ T3296] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  142.932557][ T3296] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  142.978142][   T41] usb 1-1: config 0 descriptor??
[  142.981738][ T3143] EXT4-fs (loop2): unmounting filesystem.
[  143.015569][   T41] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  143.022454][   T41] uvcvideo 1-1:0.0: Entity type for entity Output 255 was not initialized!
[  143.050678][   T41] usb 1-1: Failed to create links for entity 255
[  143.066264][ T3296] syz-executor.4: attempt to access beyond end of device
[  143.066264][ T3296] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  143.084985][   T41] usb 1-1: Failed to register entities (-22).
[  143.254866][   T41] usb 1-1: USB disconnect, device number 9
[  143.393683][ T2979] syz-executor.4: attempt to access beyond end of device
[  143.393683][ T2979] loop4: rw=2051, sector=49152, nr_sectors = 4096 limit=40427
[  143.414677][ T2979] syz-executor.4: attempt to access beyond end of device
[  143.414677][ T2979] loop4: rw=2051, sector=45096, nr_sectors = 8 limit=40427
[  143.444414][ T2979] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5
[  143.444530][ T2979] F2FS-fs (loop4): Issue discard(5637, 5637, 1) failed, ret: -5
[  143.875966][   T28] audit: type=1326 audit(1851817218.028:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  143.928071][   T28] audit: type=1326 audit(1851817218.028:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  143.994249][ T3328] tmpfs: Unknown parameter '”'
[  144.014759][   T28] audit: type=1326 audit(1851817218.028:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.073396][   T28] audit: type=1326 audit(1851817218.028:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.131175][   T28] audit: type=1326 audit(1851817218.028:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.204169][   T28] audit: type=1326 audit(1851817218.028:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.267338][   T28] audit: type=1326 audit(1851817218.028:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.329715][ T3326] loop2: detected capacity change from 0 to 40427
[  144.344179][   T28] audit: type=1326 audit(1851817218.028:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.389772][   T28] audit: type=1326 audit(1851817218.028:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.417258][ T3326] F2FS-fs (loop2): Found nat_bits in checkpoint
[  144.457845][   T28] audit: type=1326 audit(1851817218.028:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3329 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2db27cf69 code=0x50000
[  144.648932][ T3326] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  144.703650][ T3350] f2fs_ckpt-7:2: attempt to access beyond end of device
[  144.703650][ T3350] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  144.748984][ T3370] tmpfs: Unknown parameter '”'
[  144.755642][ T3367] loop4: detected capacity change from 0 to 512
[  144.773986][ T3367] EXT4-fs (loop4): Test dummy encryption mode enabled
[  144.796998][ T3367] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz-executor.4: invalid block
[  144.812242][ T3367] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 11 (err -117)
[  144.832491][ T3367] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  144.850637][ T3367] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  144.985267][ T3367] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  146.036814][ T2979] EXT4-fs (loop4): unmounting filesystem.
[  146.247253][ T3397] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'.
[  146.385771][ T3405] syz-executor.2[3405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.385940][ T3405] syz-executor.2[3405] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.559040][ T3417] loop4: detected capacity change from 0 to 512
[  146.592385][ T3417] EXT4-fs (loop4): Test dummy encryption mode enabled
[  146.625067][ T3417] EXT4-fs error (device loop4): __ext4_iget:5046: inode #11: block 1: comm syz-executor.4: invalid block
[  146.643659][ T3417] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz-executor.4: couldn't read orphan inode 11 (err -117)
[  146.661670][ T3417] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  146.766625][ T2979] EXT4-fs (loop4): unmounting filesystem.
[  146.814217][   T41] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  146.837774][ T3427] loop4: detected capacity change from 0 to 512
[  146.855007][ T3427] ext2: Unknown parameter 'subj_user'
[  147.184303][   T41] usb 4-1: Using ep0 maxpacket: 8
[  147.248582][ T3444] loop4: detected capacity change from 0 to 512
[  147.359061][   T41] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.382669][ T3444] EXT4-fs (loop4): 1 orphan inode deleted
[  147.388438][ T3444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  147.399700][ T3444] ext4 filesystem being mounted at /root/syzkaller-testdir3560530188/syzkaller.BwvdX7/29/file1 supports timestamps until 2038 (0x7fffffff)
[  147.626014][   T41] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  147.637198][   T41] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  147.998174][   T41] usb 4-1: SerialNumber: syz
[  148.004338][   T41] usb 4-1: config 0 descriptor??
[  148.048803][   T41] usb 4-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  148.056036][   T41] uvcvideo 4-1:0.0: Entity type for entity Output 255 was not initialized!
[  148.064735][   T41] usb 4-1: Failed to create links for entity 255
[  148.071181][   T41] usb 4-1: Failed to register entities (-22).
[  148.095273][ T2979] EXT4-fs (loop4): unmounting filesystem.
[  150.024944][ T3454] overlayfs: conflicting lowerdir path
[  150.033462][   T28] kauditd_printk_skb: 2584 callbacks suppressed
[  150.033497][   T28] audit: type=1326 audit(1851817224.158:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  150.064313][   T19] usb 4-1: USB disconnect, device number 8
[  150.071997][   T28] audit: type=1326 audit(1851817224.158:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4b0c403b9 code=0x7ffc0000
[  150.128072][   T28] audit: type=1326 audit(1851817224.158:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  150.169688][   T28] audit: type=1326 audit(1851817224.158:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4b0c403b9 code=0x7ffc0000
[  150.210191][   T28] audit: type=1326 audit(1851817224.158:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  150.238780][   T28] audit: type=1326 audit(1851817224.158:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4b0c403b9 code=0x7ffc0000
[  150.274834][   T28] audit: type=1326 audit(1851817224.158:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  150.310134][ T3472] loop2: detected capacity change from 0 to 256
[  150.316943][   T28] audit: type=1326 audit(1851817224.158:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4b0c403b9 code=0x7ffc0000
[  150.360323][ T3472] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  150.374436][   T28] audit: type=1326 audit(1851817224.158:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa4b0c7a6e7 code=0x7ffc0000
[  150.404103][   T28] audit: type=1326 audit(1851817224.168:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3457 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa4b0c403b9 code=0x7ffc0000
[  150.611804][ T3490] loop1: detected capacity change from 0 to 256
[  150.691774][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.717797][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.725653][ T3495] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  150.731484][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.752316][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.772250][ T3500] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.813412][ T3500] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.821216][ T3500] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.830166][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.837170][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.853513][ T3490] FAT-fs (loop1): Directory bread(block 1285) failed
[  150.976198][ T3504] 9pnet_fd: Insufficient options for proto=fd
[  151.119768][ T3510] loop1: detected capacity change from 0 to 256
[  151.169177][ T3510] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  151.310355][ T3527] loop3: detected capacity change from 0 to 256
[  151.474403][ T3535] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  151.601533][ T3544] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  151.815908][ T3554] loop1: detected capacity change from 0 to 256
[  152.059483][ T3556] loop3: detected capacity change from 0 to 256
[  152.090986][ T3556] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  152.159279][ T3570] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  152.604214][  T355] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  152.893268][ T3608] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  152.924151][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  152.964288][  T355] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  153.064288][  T355] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.073327][  T355] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  153.103351][  T355] usb 5-1: SerialNumber: syz
[  153.164304][   T24] usb 3-1: Using ep0 maxpacket: 32
[  153.284333][   T24] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  153.301457][   T24] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  153.319911][   T24] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  153.342201][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  153.354240][   T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  153.366894][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  153.376996][   T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  153.394778][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  153.411588][   T24] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  153.430157][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.443244][   T24] usb 3-1: config 0 descriptor??
[  153.617404][ T3631] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  153.725738][   T24] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  153.752835][   T24] usb 3-1: USB disconnect, device number 11
[  153.768391][   T24] usblp0: removed
[  153.819241][   T19] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  153.827401][  T355] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  154.021593][  T355] usb 5-1: USB disconnect, device number 9
[  154.031992][  T355] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  154.074204][   T19] usb 2-1: Using ep0 maxpacket: 16
[  154.354497][   T19] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  154.363546][   T19] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.384737][   T19] usb 2-1: Product: syz
[  154.388998][   T19] usb 2-1: Manufacturer: syz
[  154.393505][   T19] usb 2-1: SerialNumber: syz
[  154.415675][   T19] r8152-cfgselector 2-1: config 0 descriptor??
[  154.495205][ T3639] incfs: Can't find or create .index dir in ./file0
[  154.517151][ T3639] incfs: mount failed -14
[  154.954287][   T19] r8152-cfgselector 2-1: Unknown version 0x0000
[  154.969008][   T19] r8152-cfgselector 2-1: USB disconnect, device number 6
[  155.071105][ T3666] incfs: Can't find or create .index dir in ./file0
[  155.077942][ T3666] incfs: mount failed -14
[  155.264889][ T3667] overlayfs: failed to resolve './file1': -2
[  156.259595][ T3685] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  156.568695][ T3690] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)"
[  157.386338][ T3701] loop3: detected capacity change from 0 to 2048
[  157.481397][ T3701] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  157.504310][ T3701] ext4 filesystem being mounted at /root/syzkaller-testdir3581307062/syzkaller.FXDsHv/318/bus supports timestamps until 2038 (0x7fffffff)
[  157.672747][ T3709] overlayfs: failed to resolve './file1': -2
[  158.251013][ T3712] SELinux:  Context Ü is not valid (left unmapped).
[  158.339712][  T315] EXT4-fs (loop3): unmounting filesystem.
[  158.516833][ T3722] Zero length message leads to an empty skb
[  158.539218][ T3722] binder_alloc: binder_alloc_mmap_handler: 3721 20ffc000-20ffd000 already mapped failed -16
[  158.551679][ T3729] loop4: detected capacity change from 0 to 256
[  158.575117][ T3729] exfat: Unknown parameter ''
[  158.702712][   T28] kauditd_printk_skb: 59 callbacks suppressed
[  158.702745][   T28] audit: type=1400 audit(1851817232.848:3572): avc:  denied  { ioctl } for  pid=3743 comm="syz-executor.3" path="/root/syzkaller-testdir3581307062/syzkaller.FXDsHv/321/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  158.729659][ T3741] loop4: detected capacity change from 0 to 2048
[  158.806857][ T3741] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  158.825486][ T3741] ext4 filesystem being mounted at /root/syzkaller-testdir3560530188/syzkaller.BwvdX7/63/bus supports timestamps until 2038 (0x7fffffff)
[  158.879743][ T2979] EXT4-fs (loop4): unmounting filesystem.
[  158.959184][ T3758] xt_hashlimit: size too large, truncated to 1048576
[  159.058595][ T3764] loop4: detected capacity change from 0 to 256
[  159.105655][ T3764] exfat: Unknown parameter ''
[  159.319895][ T3778] loop4: detected capacity change from 0 to 2048
[  159.380081][ T3778] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  159.406189][ T3778] ext4 filesystem being mounted at /root/syzkaller-testdir3560530188/syzkaller.BwvdX7/68/bus supports timestamps until 2038 (0x7fffffff)
[  159.489971][ T3787] xt_hashlimit: size too large, truncated to 1048576
[  159.526169][ T2979] EXT4-fs (loop4): unmounting filesystem.
[  159.699363][ T3794] binder_alloc: binder_alloc_mmap_handler: 3792 20ffc000-20ffd000 already mapped failed -16
[  159.799527][   T28] audit: type=1400 audit(1851817233.948:3573): avc:  denied  { read } for  pid=3797 comm="syz-executor.3" dev="nsfs" ino=4026532372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  159.866716][   T28] audit: type=1400 audit(1851817233.948:3574): avc:  denied  { open } for  pid=3797 comm="syz-executor.3" path="net:[4026532372]" dev="nsfs" ino=4026532372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  159.876373][ T3800] loop4: detected capacity change from 0 to 256
[  159.944223][   T28] audit: type=1400 audit(1851817233.948:3575): avc:  denied  { create } for  pid=3797 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  159.952911][ T3800] exfat: Unknown parameter ''
[  160.027860][   T28] audit: type=1400 audit(1851817233.978:3576): avc:  denied  { read } for  pid=3797 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  160.578222][ T3745] loop1: detected capacity change from 0 to 40427
[  160.587621][ T3745] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[  160.598678][ T3745] F2FS-fs (loop1): invalid crc value
[  160.620055][ T3745] F2FS-fs (loop1): invalid crc value
[  160.626233][   T28] audit: type=1400 audit(1851817234.778:3577): avc:  denied  { write } for  pid=3837 comm="syz-executor.4" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  160.667382][ T3745] F2FS-fs (loop1): Failed to get valid F2FS checkpoint
[  161.038106][ T3850] loop2: detected capacity change from 0 to 512
[  161.056375][ T3850] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  161.530029][ T3877] loop2: detected capacity change from 0 to 512
[  161.538396][ T3877] EXT4-fs (loop2): Number of reserved GDT blocks insanely large: 2048
[  161.613917][   T28] audit: type=1400 audit(1851817235.758:3578): avc:  denied  { getopt } for  pid=3875 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  161.641100][   T28] audit: type=1400 audit(1851817235.778:3579): avc:  denied  { bind } for  pid=3875 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  161.667109][   T28] audit: type=1400 audit(1851817235.778:3580): avc:  denied  { listen } for  pid=3875 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  163.429414][ T3918] bridge0: port 3(veth1_to_batadv) entered blocking state
[  163.437196][ T3918] bridge0: port 3(veth1_to_batadv) entered disabled state
[  163.460620][ T3918] device veth1_to_batadv entered promiscuous mode
[  163.493297][ T3918] bridge0: port 3(veth1_to_batadv) entered blocking state
[  163.500371][ T3918] bridge0: port 3(veth1_to_batadv) entered forwarding state
[  163.596394][ T3924] loop2: detected capacity change from 0 to 512
[  163.605521][ T3924] EXT4-fs (loop2): Number of reserved GDT blocks insanely large: 2048
[  164.651782][ T3943] device pim6reg1 entered promiscuous mode
[  164.790023][ T3945] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  164.980098][ T3937] loop1: detected capacity change from 0 to 40427
[  164.995468][ T3937] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  165.009722][ T3937] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  165.047226][ T3937] F2FS-fs (loop1): Found nat_bits in checkpoint
[  165.193544][ T3932] loop4: detected capacity change from 0 to 40427
[  165.204298][  T355] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  165.213371][ T3932] F2FS-fs (loop4): Fix alignment : internally, start(4096) end(16896) block(12288)
[  165.223161][ T3937] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  165.230488][ T3937] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  165.246098][ T3932] F2FS-fs (loop4): invalid crc value
[  165.271596][ T3932] F2FS-fs (loop4): invalid crc value
[  165.283769][ T3932] F2FS-fs (loop4): Failed to get valid F2FS checkpoint
[  165.300918][ T2427] syz-executor.1: attempt to access beyond end of device
[  165.300918][ T2427] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  165.444330][  T355] usb 3-1: Using ep0 maxpacket: 32
[  165.564283][  T355] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  165.577488][  T355] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  165.599657][  T355] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  165.622105][  T355] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  165.644234][  T355] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  165.664426][  T355] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  165.685376][  T355] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  165.705296][  T355] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  165.732691][  T355] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  165.752002][  T355] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.770537][  T355] usb 3-1: config 0 descriptor??
[  166.025731][  T355] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  166.050816][  T355] usb 3-1: USB disconnect, device number 12
[  166.074548][  T355] usblp0: removed
[  166.487544][ T3970] syz-executor.4[3970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.487718][ T3970] syz-executor.4[3970] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  166.504542][ T3970] devpts: called with bogus options
[  167.187375][ T3991] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  167.214174][ T3991] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  167.221474][ T3991] IPv6: NLM_F_CREATE should be set when creating new route
[  167.229694][ T3991] IPv6: NLM_F_CREATE should be set when creating new route
[  167.341633][ T3993] device pim6reg1 entered promiscuous mode
[  167.462005][ T3980] loop4: detected capacity change from 0 to 40427
[  167.465559][ T3995] syz-executor.2[3995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.472555][ T3995] syz-executor.2[3995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  167.491386][ T3980] F2FS-fs (loop4): Found nat_bits in checkpoint
[  167.519518][ T3995] devpts: called with bogus options
[  167.666645][ T3980] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  167.741226][ T2979] syz-executor.4: attempt to access beyond end of device
[  167.741226][ T2979] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.118554][ T4016] loop4: detected capacity change from 0 to 512
[  168.173129][ T4016] EXT4-fs (loop4): 1 orphan inode deleted
[  168.178892][ T4016] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  168.192598][ T4016] ext4 filesystem being mounted at /root/syzkaller-testdir3560530188/syzkaller.BwvdX7/104/bus supports timestamps until 2038 (0x7fffffff)
[  168.209128][ T4016] EXT4-fs (loop4): unmounting filesystem.
[  168.658423][ T4050] syz-executor.2[4050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  168.658578][ T4050] syz-executor.2[4050] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  171.680437][ T4101] IPv6: NLM_F_REPLACE set, but no existing node found!
[  171.818888][ T4107] overlayfs: empty lowerdir
[  171.951131][ T4118] loop2: detected capacity change from 0 to 16
[  171.962799][ T4118] erofs: (device loop2): mounted with root inode @ nid 36.
[  171.973353][ T4118] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  171.987912][ T4118] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -38 in[52, 4044] out[1851]
[  172.007064][ T4118] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  172.126274][   T28] audit: type=1400 audit(1851817246.278:3581): avc:  denied  { create } for  pid=4124 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  172.169314][   T28] audit: type=1400 audit(1851817246.298:3582): avc:  denied  { connect } for  pid=4124 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  172.223467][   T28] audit: type=1400 audit(1851817246.298:3583): avc:  denied  { write } for  pid=4124 comm="syz-executor.2" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  172.537828][ T4138] loop2: detected capacity change from 0 to 1024
[  172.688594][ T4138] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  173.399805][ T3143] EXT4-fs (loop2): unmounting filesystem.
[  173.525209][ T4146] input: syz1 as /devices/virtual/input/input13
[  173.536852][   T28] audit: type=1400 audit(1851817247.688:3584): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=504 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  173.545410][ T4148] loop2: detected capacity change from 0 to 16
[  173.560716][   T28] audit: type=1400 audit(1851817247.688:3585): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=504 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  173.599325][   T28] audit: type=1400 audit(1851817247.688:3586): avc:  denied  { ioctl } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=504 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  173.605128][ T4148] erofs: (device loop2): mounted with root inode @ nid 36.
[  173.688303][ T4148] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  173.698139][ T4148] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -38 in[52, 4044] out[1851]
[  173.724047][ T4148] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  173.844226][ T4158] loop2: detected capacity change from 0 to 512
[  173.856237][ T4158] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  173.870823][ T4158] EXT4-fs (loop2): 1 truncate cleaned up
[  173.876817][ T4158] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  174.012136][ T3143] EXT4-fs (loop2): unmounting filesystem.
[  174.582844][ T4175] loop4: detected capacity change from 0 to 256
[  175.297980][ T4175] FAT-fs (loop4): Directory bread(block 64) failed
[  175.312216][ T4175] FAT-fs (loop4): Directory bread(block 65) failed
[  175.384623][ T4175] FAT-fs (loop4): Directory bread(block 66) failed
[  175.391284][ T4175] FAT-fs (loop4): Directory bread(block 67) failed
[  175.400221][  T318] bridge0: port 3(syz_tun) entered disabled state
[  175.406995][ T4175] FAT-fs (loop4): Directory bread(block 68) failed
[  175.418947][ T4175] FAT-fs (loop4): Directory bread(block 69) failed
[  175.426462][  T318] device syz_tun left promiscuous mode
[  175.431792][  T318] bridge0: port 3(syz_tun) entered disabled state
[  175.438338][ T4175] FAT-fs (loop4): Directory bread(block 70) failed
[  175.448400][ T4175] FAT-fs (loop4): Directory bread(block 71) failed
[  175.455015][ T4175] FAT-fs (loop4): Directory bread(block 72) failed
[  175.461601][ T4175] FAT-fs (loop4): Directory bread(block 73) failed
[  175.914635][ T4193] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.921622][ T4193] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.930021][ T4193] device bridge_slave_0 entered promiscuous mode
[  175.937869][ T4193] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.944984][ T4193] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.952935][ T4193] device bridge_slave_1 entered promiscuous mode
[  176.109107][ T4193] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.116217][ T4193] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.123385][ T4193] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.130279][ T4193] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.137529][  T355] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  176.197401][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  176.205775][ T2001] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.213233][ T2001] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.226756][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  176.235158][  T339] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.242066][  T339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  176.257049][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  176.265600][  T339] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.272486][  T339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.295434][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  176.315741][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  176.339318][ T4056] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  176.363105][ T4193] device veth0_vlan entered promiscuous mode
[  176.369894][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  176.379502][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  176.387400][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  176.418124][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  176.429307][ T4193] device veth1_macvtap entered promiscuous mode
[  176.447219][  T339] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  176.465273][ T4056] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  176.473887][ T4056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  176.534421][  T355] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.545921][  T355] usb 3-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  176.555206][  T355] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.566787][  T355] usb 3-1: config 0 descriptor??
[  176.605774][  T355] rndis_host: probe of 3-1:0.0 failed with error -22
[  176.615566][   T28] audit: type=1400 audit(1851817250.768:3587): avc:  denied  { mount } for  pid=4206 comm="syz-executor.4" name="/" dev="ramfs" ino=31790 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  176.638865][  T379] device bridge_slave_1 left promiscuous mode
[  176.645412][  T379] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.653586][  T379] device bridge_slave_0 left promiscuous mode
[  176.659950][  T379] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.670208][  T379] device veth1_macvtap left promiscuous mode
[  176.676238][  T379] device veth0_vlan left promiscuous mode
[  176.683340][   T28] audit: type=1400 audit(1851817250.828:3588): avc:  denied  { unmount } for  pid=2979 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  177.075673][ T4209] loop4: detected capacity change from 0 to 40427
[  177.095311][ T4209] F2FS-fs (loop4): invalid crc value
[  177.121900][ T4209] F2FS-fs (loop4): Found nat_bits in checkpoint
[  177.501859][ T2459] usb 3-1: USB disconnect, device number 13
[  177.945546][ T4209] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  178.007513][   T10] kworker/u4:1: attempt to access beyond end of device
[  178.007513][   T10] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  178.021757][   T28] audit: type=1326 audit(1851817252.158:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.061463][   T28] audit: type=1326 audit(1851817252.158:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.096062][   T28] audit: type=1326 audit(1851817252.158:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.121016][   T28] audit: type=1326 audit(1851817252.158:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.146279][   T28] audit: type=1326 audit(1851817252.158:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.207121][   T28] audit: type=1326 audit(1851817252.158:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.240567][   T28] audit: type=1326 audit(1851817252.158:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.270350][   T28] audit: type=1326 audit(1851817252.158:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.294761][   T28] audit: type=1326 audit(1851817252.158:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  178.320564][   T28] audit: type=1326 audit(1851817252.158:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4222 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1088a7cf69 code=0x7ffc0000
[  179.098654][ T4231] loop2: detected capacity change from 0 to 512
[  179.117052][ T4231] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  179.263177][ T4231] loop2: detected capacity change from 0 to 256
[  179.385050][ T4262] loop2: detected capacity change from 0 to 1024
[  179.395974][ T4262] EXT4-fs: Ignoring removed bh option
[  179.402053][ T4262] EXT4-fs (loop2): Test dummy encryption mode enabled
[  179.414675][ T4262] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  179.723853][ T4279] loop4: detected capacity change from 0 to 256
[  180.130118][ T4285] loop4: detected capacity change from 0 to 8192
[  180.155458][ T4285] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  180.304908][ T3143] EXT4-fs (loop2): unmounting filesystem.
[  180.490857][ T4307] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  181.140660][ T4321] loop4: detected capacity change from 0 to 512
[  181.148880][ T4321] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  181.319030][ T4321] loop4: detected capacity change from 0 to 256
[  181.478296][ T4340] loop4: detected capacity change from 0 to 256
[  181.544883][ T4340] loop4: detected capacity change from 256 to 11
[  181.552629][ T4343] FAT-fs (loop4): unable to read inode block for updating (i_pos 201)
[  181.674816][ T2979] FAT-fs (loop4): Directory bread(block 3) failed
[  181.764277][ T4056] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  182.014217][ T4056] usb 3-1: Using ep0 maxpacket: 32
[  182.134295][ T4056] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  182.148514][ T4056] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  184.164584][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.172586][ T4358] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.181847][ T4358] device bridge_slave_0 entered promiscuous mode
[  184.206111][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.213025][ T4358] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.222351][ T4358] device bridge_slave_1 entered promiscuous mode
[  184.234506][ T4056] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  184.243803][ T4056] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.251871][ T4056] usb 3-1: Product: syz
[  184.256265][ T4056] usb 3-1: Manufacturer: syz
[  184.260772][ T4056] usb 3-1: SerialNumber: syz
[  184.428568][ T4358] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.435528][ T4358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.442803][ T4358] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.449881][ T4358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.517121][ T4056] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  184.547679][ T4056] usb 3-1: USB disconnect, device number 14
[  184.565989][ T4056] usblp0: removed
[  184.570696][ T2001] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.579931][ T2001] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.597859][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  184.614840][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  184.648467][  T320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  184.656645][ T4376] loop2: detected capacity change from 0 to 1024
[  184.663407][  T320] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.665876][ T4376] EXT4-fs: Ignoring removed orlov option
[  184.670629][  T320] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.676309][ T4376] EXT4-fs: Ignoring removed nomblk_io_submit option
[  184.710461][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  184.712509][ T4376] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  184.719440][ T2001] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.733513][ T2001] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.756002][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  184.764720][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  184.784191][   T28] kauditd_printk_skb: 35 callbacks suppressed
[  184.784225][   T28] audit: type=1400 audit(1851817258.928:3634): avc:  denied  { map } for  pid=4375 comm="syz-executor.2" path="/root/syzkaller-testdir387849341/syzkaller.4t4W3m/146/file1/file0/bus" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  184.820496][  T379] device veth1_to_batadv left promiscuous mode
[  184.835365][  T379] bridge0: port 3(veth1_to_batadv) entered disabled state
[  184.840101][ T4376] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  184.856386][  T379] device bridge_slave_1 left promiscuous mode
[  184.856369][ T4376] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  184.875523][  T379] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.885781][   T28] audit: type=1400 audit(1851817259.038:3635): avc:  denied  { rmdir } for  pid=3143 comm="syz-executor.2" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  184.909541][  T379] device bridge_slave_0 left promiscuous mode
[  184.911660][   T28] audit: type=1400 audit(1851817259.058:3636): avc:  denied  { unlink } for  pid=3143 comm="syz-executor.2" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  184.915840][  T379] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.945616][   T28] audit: type=1400 audit(1851817259.058:3637): avc:  denied  { unlink } for  pid=3143 comm="syz-executor.2" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  184.955095][ T3143] ==================================================================
[  184.976403][ T3143] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  184.984214][ T3143] Read of size 4 at addr ffff888138a2f000 by task syz-executor.2/3143
[  184.992203][ T3143] 
[  184.994376][ T3143] CPU: 1 PID: 3143 Comm: syz-executor.2 Not tainted 6.1.78-syzkaller-00141-g3c19f7015ee3 #0
[  185.004261][ T3143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  185.014188][ T3143] Call Trace:
[  185.017281][ T3143]  <TASK>
[  185.020147][ T3143]  dump_stack_lvl+0x151/0x1b7
[  185.024676][ T3143]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  185.029963][ T3143]  ? _printk+0xd1/0x111
[  185.033963][ T3143]  ? __virt_addr_valid+0x242/0x2f0
[  185.038912][ T3143]  print_report+0x158/0x4e0
[  185.043252][ T3143]  ? __virt_addr_valid+0x242/0x2f0
[  185.048206][ T3143]  ? kasan_addr_to_slab+0xd/0x80
[  185.052967][ T3143]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  185.058610][ T3143]  kasan_report+0x13c/0x170
[  185.063046][ T3143]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  185.068613][ T3143]  __asan_report_load4_noabort+0x14/0x20
[  185.074261][ T3143]  ext4_xattr_delete_inode+0xcd0/0xce0
[  185.079565][ T3143]  ? sb_end_intwrite+0x130/0x130
[  185.084333][ T3143]  ? ext4_expand_extra_isize_ea+0x1c40/0x1c40
[  185.090341][ T3143]  ? __kasan_check_read+0x11/0x20
[  185.095368][ T3143]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  185.101095][ T3143]  ? ext4_evict_inode+0xbc2/0x1550
[  185.106060][ T3143]  ext4_evict_inode+0xef9/0x1550
[  185.110820][ T3143]  ? _raw_spin_unlock+0x4c/0x70
[  185.115623][ T3143]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  185.121342][ T3143]  ? _raw_spin_unlock+0x4c/0x70
[  185.126018][ T3143]  ? inode_io_list_del+0x18b/0x1a0
[  185.130966][ T3143]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  185.136929][ T3143]  evict+0x2a3/0x630
[  185.140660][ T3143]  iput+0x642/0x870
[  185.144339][ T3143]  vfs_rmdir+0x3c2/0x500
[  185.148388][ T3143]  do_rmdir+0x3ab/0x630
[  185.152379][ T3143]  ? d_delete_notify+0x160/0x160
[  185.157156][ T3143]  __x64_sys_unlinkat+0xdf/0xf0
[  185.161832][ T3143]  do_syscall_64+0x3d/0xb0
[  185.166090][ T3143]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  185.171817][ T3143] RIP: 0033:0x7f4c7e07c747
[  185.176099][ T3143] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  185.195508][ T3143] RSP: 002b:00007ffc4e2b0458 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  185.204003][ T3143] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f4c7e07c747
[  185.211794][ T3143] RDX: 0000000000000200 RSI: 00007ffc4e2b1600 RDI: 00000000ffffff9c
[  185.219611][ T3143] RBP: 00007f4c7e0d9636 R08: 0000000000000000 R09: 0000000000000000
[  185.227416][ T3143] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffc4e2b1600
[  185.235330][ T3143] R13: 00007f4c7e0d9636 R14: 000000000002d128 R15: 000000000000000b
[  185.243166][ T3143]  </TASK>
[  185.246002][ T3143] 
[  185.248177][ T3143] The buggy address belongs to the physical page:
[  185.254526][ T3143] page:ffffea0004e28bc0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x138a2f
[  185.264591][ T3143] flags: 0x4000000000000000(zone=1)
[  185.269653][ T3143] raw: 4000000000000000 ffffea0004e26088 ffffea0004cc1108 0000000000000000
[  185.278070][ T3143] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  185.286461][ T3143] page dumped because: kasan: bad access detected
[  185.292956][ T3143] page_owner tracks the page as freed
[  185.298139][ T3143] page last allocated via order 0, migratetype Movable, gfp_mask 0x8140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO|__GFP_CMA), pid 4298, tgid 4298 (syz-executor.0), ts 180413052216, free_ts 180423406864
[  185.318140][ T3143]  post_alloc_hook+0x213/0x220
[  185.322736][ T3143]  prep_new_page+0x1b/0x110
[  185.327155][ T3143]  get_page_from_freelist+0x27ea/0x2870
[  185.332538][ T3143]  __alloc_pages+0x3a1/0x780
[  185.336960][ T3143]  __folio_alloc+0x15/0x40
[  185.341219][ T3143]  wp_page_copy+0x23b/0x1690
[  185.345647][ T3143]  do_wp_page+0xc25/0xdf0
[  185.349813][ T3143]  handle_mm_fault+0x15a2/0x2f40
[  185.354587][ T3143]  exc_page_fault+0x3b3/0x700
[  185.359105][ T3143]  asm_exc_page_fault+0x27/0x30
[  185.364077][ T3143] page last free stack trace:
[  185.368570][ T3143]  free_unref_page_prepare+0x83d/0x850
[  185.374325][ T3143]  free_unref_page_list+0xf1/0x7b0
[  185.379356][ T3143]  release_pages+0xf7f/0xfe0
[  185.383925][ T3143]  free_pages_and_swap_cache+0x8a/0xa0
[  185.389479][ T3143]  tlb_finish_mmu+0x1e0/0x3f0
[  185.394089][ T3143]  exit_mmap+0x421/0x940
[  185.398189][ T3143]  __mmput+0x95/0x310
[  185.402235][ T3143]  mmput+0x56/0x170
[  185.405982][ T3143]  do_exit+0xb29/0x2b80
[  185.410212][ T3143]  do_group_exit+0x21a/0x2d0
[  185.414715][ T3143]  get_signal+0x169d/0x1820
[  185.419143][ T3143]  arch_do_signal_or_restart+0xb0/0x16f0
[  185.425070][ T3143]  exit_to_user_mode_loop+0x74/0xa0
[  185.430210][ T3143]  exit_to_user_mode_prepare+0x5a/0xa0
[  185.435590][ T3143]  syscall_exit_to_user_mode+0x26/0x140
[  185.440966][ T3143]  do_syscall_64+0x49/0xb0
[  185.445921][ T3143] 
[  185.448086][ T3143] Memory state around the buggy address:
[  185.453568][ T3143]  ffff888138a2ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2028/09/06 01:40:59 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  185.461466][ T3143]  ffff888138a2ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  185.469555][ T3143] >ffff888138a2f000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  185.477533][ T3143]                    ^
[  185.481439][ T3143]  ffff888138a2f080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  185.489896][ T3143]  ffff888138a2f100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  185.497774][ T3143] ==================================================================
[  185.532759][  T379] device veth1_macvtap left promiscuous mode
[  185.545225][  T379] device veth0_vlan left promiscuous mode
[  185.615132][ T3143] Disabling lock debugging due to kernel taint