last executing test programs:

14.977802621s ago: executing program 3 (id=3760):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, 0x0)

14.922640382s ago: executing program 3 (id=3761):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000080), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f00000000c0), 0x12)

14.899876112s ago: executing program 3 (id=3762):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230000)
ioctl$TUNSETOFFLOAD(r0, 0x40047459, 0xf0ff1f00000000)

14.764359744s ago: executing program 3 (id=3770):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/../file0\x00', 0x89901)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x810082, &(0x7f0000000040)=ANY=[@ANYBLOB="756e695f786c6174653d312c726f6469722c757466383d302c73686f72746e616d653d77696e6e742c757466383d302c757466383d312c756e695f786c6174653d302c696f636861727365743d63703433372c756e695f786c6174653d302c6572726f72733d72656d6f756e742d726f2c757466383d312c757466383d312c73686f72746e616d653d77696e39352c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d312c73686f72746e616d653d77696e39352c646973636172642c004338cb8631b26441e86414f461975e105d02960776fcb7ddfd80b96c1b2ffd13d5cc37784797dbc9e26b7c39310b49940995ce6e6ce1c218890b59506de99e2dd234abcde0be50d3de656741fee78f74e94ee73bd6d7162f0d2a8275e0a6125615ce223c21fe303d561d81b2681dce1c0b7061c5a347b2040e7b6c9210507527467dad005f3e38c47d4daa9d76c69f51ffeb2f81123fe54df14c6c02413e51ba63c35f11"], 0x0, 0x2c3, &(0x7f0000000740)="$eJzs3T9rc1UcB/DfTdObqEMyu3hBB6eHp4KTS6r0gUczKRnUQR5sC9IUoYWCfzDt5Ori6CsQBDcHF1+Ai4O74Cq42aFw5d7cm6RtGhNsKvb5fJb8es753nPuyW1Kh56+GhG7Weyfff5btNtJNHrRi/MkutGI2mlc0vsqAID/s/M8jz/zPG+umEsior2mNQEA61X//C8sFfh+7UsCANbsnXffe2u73995O8va8ejwy5NB8Zt98Tru396Pj2IYe/EwOnERkU+M60d5no+aWaEbLx2OTgZF8vCDn6vrb/8RUea3ohPdsuly/nF/Zysbm8mPinU8W83fG07Xe23+x/2dV+bkY5DGyy/OrP9BdOKXD+PjGMZueZ1p/outLHsj//qvz94vZijyyehk0CrHzcy8cVfvCQAAAAAAAAAAAAAAAAAAAAAA99+D6uycVpTn9xRN1fk7GxfFF5uR1bqXz+cZ55P6QlfOBxrl8U19vs7DLMvyauA034znm7HqscMAAAAAAAAAAAAAAAAAAABwLx1/8unBk+Fw76gs3syrYtKyWlGfBtCMSIvXpVK//jgOzXT1JmOaRy/E4ngrJvFGVS6YNDbqMUnEwoUVN/HvdmPp4pmb1vztd6tesP3PYzanc0W32oxbvq/66Tp4kszfw1bULe36ff9hdkwaS86V3tSVL/v4lUU6t6uz8r2nz5XFaMGYSBYt7LXfxztXtVTfUKeTMWm5q3Pjm1UxE7/ybKz0PF//rEiSW//4AQAAAAAAAAAAAAAAAAAAZkz/6HdO59nCaCNvrW1ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnpv//f1I0r7VcLUZVeNzy0+sLBqdxdPwf3yIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPgb8DAAD//+j1VZQ=")

14.590845686s ago: executing program 3 (id=3781):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xc, 0x7}, {}, {0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0xef}]}}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x50)

14.534764178s ago: executing program 3 (id=3784):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r1, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000580)='./cgroup/syz1\x00', 0x200002, 0x0)
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f00000001c0), 0x4)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, 0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0xd9, 0x0, &(0x7f0000000700)=""/217, 0x1, 0x0, 0x7a, 0x12, &(0x7f0000000140)="93a2045b9666e05d148fb37f40cf682e9d214b57b4e1b8cd14a95b8c4f8f98fc231aba6ade10dd6d6bf89ff39af1ad730a0b80965cf90968dfd3c8406b799808fdb01ca106a52890046cbf8e2a1b52f842547ccf358541f6e59d24cd77fdda936122b783d9cd1c7dd85a4828e604fdae584786df76d33d3e4799", &(0x7f0000000300)="03cc82222baf1e93e959a2957e0c7718f14a", 0x5, 0x0, 0xe40}, 0x50)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f050a8819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c008fc6da4fb2e98e5083aa3c0ad0d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0x2f9, 0xffffa888, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632c77fbac141442e0000601be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

14.218334502s ago: executing program 32 (id=3784):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r1, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000580)='./cgroup/syz1\x00', 0x200002, 0x0)
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f00000001c0), 0x4)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000340)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, 0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0xd9, 0x0, &(0x7f0000000700)=""/217, 0x1, 0x0, 0x7a, 0x12, &(0x7f0000000140)="93a2045b9666e05d148fb37f40cf682e9d214b57b4e1b8cd14a95b8c4f8f98fc231aba6ade10dd6d6bf89ff39af1ad730a0b80965cf90968dfd3c8406b799808fdb01ca106a52890046cbf8e2a1b52f842547ccf358541f6e59d24cd77fdda936122b783d9cd1c7dd85a4828e604fdae584786df76d33d3e4799", &(0x7f0000000300)="03cc82222baf1e93e959a2957e0c7718f14a", 0x5, 0x0, 0xe40}, 0x50)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f050a8819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19e9b5381791cbf0ceb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c008fc6da4fb2e98e5083aa3c0ad0d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0x2f9, 0xffffa888, &(0x7f0000000040)="b90103600040f000009e0ff008001fffffe100004000632c77fbac141442e0000601be3e7d2a182fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0xfeb9, &(0x7f0000000400)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea01f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7"}, 0x28)

9.431403772s ago: executing program 5 (id=3877):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
recvmmsg(r0, &(0x7f0000001840)=[{{0x0, 0x0, 0x0}, 0x1ff}], 0x1, 0x40002000, 0x0)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)

9.378713533s ago: executing program 5 (id=3878):
syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f00000001c0)='./file0\x00', 0x2a10700, &(0x7f0000000380), 0x0, 0x44a, &(0x7f0000000880)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
pivot_root(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00', 0x0)

9.229361305s ago: executing program 5 (id=3883):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, 0x0, 0x0)
dup(0xffffffffffffffff)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x16, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
syz_pidfd_open(0x0, 0x0)
setns(0xffffffffffffffff, 0x4000000)
dup3(r2, 0xffffffffffffffff, 0x80000)
ioctl$PPPIOCGFLAGS1(r2, 0x8004745a, 0x0)

9.189178905s ago: executing program 5 (id=3887):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000540), 0x0, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

9.140373006s ago: executing program 5 (id=3890):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x101b02, 0x84)
write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0x7)

9.105775077s ago: executing program 5 (id=3891):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r2, &(0x7f0000000400)=[{&(0x7f0000000440)=""/257, 0x101}], 0x1, 0x20001, 0xc)

9.081453577s ago: executing program 33 (id=3891):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = gettid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r2, &(0x7f0000000400)=[{&(0x7f0000000440)=""/257, 0x101}], 0x1, 0x20001, 0xc)

4.10641259s ago: executing program 6 (id=4029):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x18)
recvmmsg(r0, &(0x7f0000005680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=""/167, 0xa7}, 0x5}], 0x1, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

3.927893542s ago: executing program 6 (id=4033):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x9, 0x0, 0x1, 0x400}, 0x36, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9f1, 0x0, 0xfffffffe, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x40000, 0x687, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2, 0x51, 0xfffffffc, 0xfffffff8, 0x0, 0x0, 0x1, 0x0, 0x80, 0x0, 0x4, 0x3, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x6], [0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000, 0xffffffcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0xfffffffd, 0x2000000, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1008000, 0x0, 0x3, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x40, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0xbd8f, 0x0, 0x4, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x0, 0x7fe, 0xa, 0x0, 0x0, 0x800000, 0x40000, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffe, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x7ff, 0x0, 0x0, 0x4, 0x2000000, 0x0, 0x4], [0x4, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7df, 0x273b6948, 0x5, 0x0, 0x0, 0x0, 0x80, 0x4, 0x0, 0x3, 0x0, 0x0, 0x8f3]}, 0x45c)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
open(0x0, 0x5dd401, 0x0)

3.731234655s ago: executing program 4 (id=4035):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000c60009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

3.697392835s ago: executing program 6 (id=4039):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00), 0x3, 0x5f5, &(0x7f0000001040)="$eJzs3c9vVNUeAPDvnU5LS8nrQF7ee7zFo8nLCyRPWlrANMYFbA1p8Efc6MJKCyIFGlqjRRNKghsT48YYE1cuxP9CiWxZ6cqFG1eGhKhhaeKYO3MvdNqZ/u5cwv18kmHuPWduz7m03znnnjnnTgClNZz+U4k4GBFzScRQsvQorxpZ5nDzdQ9//+Bc+kiiXn/51ySSLC1/fZI9D2YH90fE998lcaBndbnzi9cvTc3OzlzL9kcXLs+Nzi9eP3rx8tSFmQszV8afHZ84eeLkxNixLZ3XjTZpZ269/e7QR5OvffXFH8nY1z9NJnEqXsheuPw8dspwDDf+T5LVWYMTO11YQXqyv5N6vV7P05JqsXVi4/LfX29E/DOGoice//KG4sMXC60csKvqSfO9GyijRPxDSeX9gPzafuV1cKWQXgnQDQ9ONwfsVsd/tTk2GP2NsYG9D5NYPqyTRMTWRuZa7YuIe3cnb52/O3krdmkcDmhv6WZE/Ktd/CeN+K9Ff9Qa8V9pif+0X3A2e07TX9pi+SuHisU/dE8z/vvXjP9YFv/59UD6/Eb6fKMZw29usfza4823Blrif2A7pwUAAAAAAACldOd0RDzT7vP/yqP5P9Fm/s9gRJzagfKHV+yv/vy/cn8HigHaeHA64vm2838r+af9tZ5lS1hr0Zucvzg7cywi/hYRR6J3T7o/tkYZRz8+8HmnvOFs/l/+SMu/l80FzOpxv7qn9ZjpqYWpbZwykHlwM+Lf1c7z/9L2P2nT/qfvDHMbLOPA/26f7ZS3fvwDu6X+ZcThtu3/47tWJGvfn2O00R8YzXsFq/3n/U++6VT+VuPfLSZg+9L2f+/a8V9Llt+vZ37zZRxfrNY75W21/9+XvNK4q1Bflvbe1MLCtbGIvuRMT5rakj6++TrD0yiPhzxe0vg/8t+1x//a9f8HImJpxc9OfmtdU5z7x5+DP3eqj/4/FCeN/+lNtf+b3xi/Xfu2U/kba/9PNNr6I1mK8T9o+iwP077W9DbhWG2X1e36AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDToBIR+yKpjDzarlRGRiIGI+Lvsbcye3V+4f/nr75zZTrNa3z/fyX/pt+h5n6Sf/9/bdn++Ir94xGxPyI+7Rlo7I+cuzo7XfTJAwAAAAAAAAAAAAAAAAAAwBNisMP6/9QvPUXXDth11aIrABSmTfz/UEQ9gO7T/kN5iX8oL/EP5SX+obzEP5TX2vH/+kTXKgJ0nfYfykv8AwAAAADAU2X/oTs/JhGx9NxA45Hqy/J6C60ZsNsqRVcAKIxb/EB5mfoD5eUaH0jWye/veNB6R65l7tw2DgYAAAAAAAAAAACA0jl80Pp/KCvr/6G8rP+H8srX/x8quB5A97nGB2Kdlfxt1/+vexQAAAAAAAAAAAAAsJPmF69fmpqdnblm49Unoxrd3KjX6zfSv4InpT47v5FkM9S7Umg+Fb77Z9q3kRPM1/pt7CcX954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0+isAAP//TGQlgg==")
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080)={0x80}, 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @aes128, 0x0, @desc3})

3.615180327s ago: executing program 6 (id=4043):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)

3.461049939s ago: executing program 6 (id=4051):
r0 = socket$inet6(0xa, 0x803, 0x6)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000180)={0xa, 0x0, 0x0, @mcast2, 0x2000}, 0x1c, 0x0}}], 0x2, 0x80)

3.367364081s ago: executing program 6 (id=4052):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x4000008, {0x0, 0x0, 0x0, 0x0, 0x5040}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5, 0x17, 0x1}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0xf15a}, @IFLA_PROMISCUITY={0x8, 0x1e, 0xaeec}]}, 0x4c}}, 0x4000)

3.367276661s ago: executing program 34 (id=4052):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x4000008, {0x0, 0x0, 0x0, 0x0, 0x5040}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_SNOOPING={0x5, 0x17, 0x1}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0xf15a}, @IFLA_PROMISCUITY={0x8, 0x1e, 0xaeec}]}, 0x4c}}, 0x4000)

2.655221821s ago: executing program 0 (id=4071):
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa4, 0x2, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x4}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_ID={0x8}, @CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x84}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x10}]}, @CTA_TUPLE_ORIG={0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}, @CTA_FILTER={0x34, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x400}, @CTA_FILTER_ORIG_FLAGS={0x8}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x40}]}]}, 0xa4}}, 0x4)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r0, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)

2.655108541s ago: executing program 0 (id=4072):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000000)={[{@errors_continue}]}, 0x1, 0x4be, &(0x7f0000000a00)="$eJzs3c9vG1UeAPCv7SZN0uz2x+5h28O22lbqQtW4TdQkQr30hIRUQO2BYxUSNypx4ih2ShPlkEoc4I6gEifEoX8Agis9cewVeoIzUgUhJUKikpHHdppfLgbSWMp8PtLUb+ZN/X0v1vdp5o3HE0Bqnar9k4noj4iHEXG4vrp5h1P1l7WVpfHakolq9fqPmWS/1ZWl8eauzf93KCKWI6InIq69GvF2Znvc8sLi1FixWJhrrOcr07P58sLi+VvTY5OFycLM0MjgyOjw8MjopV3r63t3rrzx0S9X3v/sm/vfvZP54kytWf2Nuo392E31rnfF0Q3bDkTE5RcRrANyjf70droh/CW1z+9fEXE6yf/DkUs+TSANqtVq9Wn1YKvq5Sqwb2WTY+BMdiAi6uVsdmCgfgz/7+jLFkvlyrmbpfmZifqx8pHoyt68VSxcaJwrHImuTG39YlJ+tj64ZX0oIjkG/jDXm6wPjJeKE3s71AFbHNqS/09y9fwHUsIpP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q/pJf8hveQ/pJf8h/SS/5BKb169Wluqa4373yduL8xPlW6fnyiUpwam58cHxktzswOTpdJkcs/O9B+9X7FUmh2Kmfk7+UqhXMmXFxZvTJfmZyo3kvv6bxS69qRXQDuOnnzwKBMRy6/0JktNd6NOrsL+Vq1motP3IAOdkev0AAR0jKk/SC/n+MAOP9G7SU+ritndbwuwN7LPii1THNifzh53/Q/Syvw/pJf5f0gvx/iA+X9In2ynGwB0TH+L53/9Y8Ozuy5ExD8j4ttc18Hms76A/SD7Q6bVPOCZiO7Mr8klgu6IePeT6x/fGatU5i7Wtv+0vr1yr7F9sP2o3bvWfqBdzTxt5jEAkF6rK0vjzWUv4z6+Uj/5qMVdayz1mgONucme5Bpl32pm0zlKy3OWP2n5bkT8J+LJytJ4c2lGqD/vvH7lo281ty3+scZrpv4WSXsPJM9Nj7a/Tv134h/fEP+/G+Kf2IW/C6TBg9r4c2H7+HewkdOxnn+bx5/+XfruRHP8W9s2/mXXx79ci/HvZJsxLuffWm0Z/27EiR3jN+P1JLG2xq+17Wyb8b/+4OeHreqqn9bfZ6f4TbVSvjI9my8vLJ5PfkdusjAzNDI4Mjo8PDJ6KZ/MUeebM9XbPfrf06+e1/++FvF36n/3hja91Gb/f7v35blTz4n//9M7f/7Hdojf1BsRL7cZ/7XPv7/Wqq4Wf6JF/7Mt4mcilmvbhtqMf/3+49fb3BUA2APlhcWpsWKxMKegoKCwXuj0yAS8aM+SvtMtAQAAAAAAAAAAANq1F18n7nQfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD2g98DAAD//3wG2HA=")
quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0xee01, &(0x7f0000000180)={0x20, 0x9, 0x4, 0x3})

2.642623001s ago: executing program 0 (id=4073):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x4f32, 0x4)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000040)=0x92c, 0x4)
recvfrom(r0, 0x0, 0x0, 0x2, 0x0, 0x0)

1.831579143s ago: executing program 4 (id=4091):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @empty}, {0x2, 0x0, @empty}, 0x2a0, 0x0, 0x0, 0x0, 0x20})
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0xfffe, @multicast1}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x9, 0x7})

1.797380554s ago: executing program 4 (id=4092):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000b80), 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x107041, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f00000003c0)={0x3920e, r0, 0x0, 0x0, 0x3, 0x1003})

1.797057934s ago: executing program 0 (id=4093):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x208, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000280)='i2c_write\x00', r1}, 0x18)

1.743333354s ago: executing program 0 (id=4094):
r0 = socket(0x11, 0x3, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080))
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r2, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, 0x0, 0x0)
r3 = dup3(r0, r2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, 0x0)

1.715140204s ago: executing program 4 (id=4095):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001800)='cpuacct.usage_all\x00', 0x275a, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xec)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001840)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000680)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

1.540048037s ago: executing program 4 (id=4096):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x105042, 0x1f9)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

1.404286679s ago: executing program 4 (id=4098):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000c60009040002010300010009210000000122f80409058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)

1.094886294s ago: executing program 7 (id=4105):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)

936.467506ms ago: executing program 0 (id=4107):
syz_usb_connect(0x0, 0x36, &(0x7f0000000480)={{0x12, 0x1, 0x250, 0x20, 0x8d, 0xd7, 0x8, 0x1b3d, 0x10d, 0x3765, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x74, 0x5, 0xe0, 0x86, [{{0x9, 0x4, 0x83, 0x7, 0x2, 0x1b, 0x54, 0x73, 0x7, [], [{{0x9, 0x5, 0x2, 0x10, 0x40, 0x5, 0x5, 0xf5}}, {{0x9, 0x5, 0xd, 0x10, 0x0, 0x28, 0x8, 0x1}}]}}]}}]}}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0})

266.661515ms ago: executing program 2 (id=4145):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x14, 0x34, 0x9, 0x0, 0x4000, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x4841}, 0x4000010)

229.173466ms ago: executing program 1 (id=4147):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000009440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, r1, 0xf691975171ad3b89, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x50)

210.190497ms ago: executing program 1 (id=4148):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000540), 0x0, 0x10140, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

209.506896ms ago: executing program 7 (id=4149):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x2b, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x5, 0x0, 0x0, 0x80, 0x6, {0x5, 0x4, 0x1, 0x6, 0xa, 0x67, 0x7f, 0x1, 0xff, 0x3b0, @empty, @empty}}}}}}, 0x0)

155.347698ms ago: executing program 2 (id=4150):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040051}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, @echo={0x8, 0x0, 0x0, 0x9, 0x9}}}}}, 0x0)

155.170878ms ago: executing program 7 (id=4151):
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x24000000)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x3f}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

154.942588ms ago: executing program 2 (id=4152):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
unlink(&(0x7f0000000080)='./file1\x00')

154.717137ms ago: executing program 1 (id=4153):
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

154.607218ms ago: executing program 7 (id=4154):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000000150000010001c0"])

152.228928ms ago: executing program 1 (id=4155):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)={0x58, r0, 0x801, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x30, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee339084eeef16f162471f4"}, @NL80211_KEY_TYPE={0x8}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}]}, 0x58}}, 0x0)

140.381338ms ago: executing program 2 (id=4156):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00')
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
socket(0x8, 0x4, 0x1)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route(r1, 0x0, 0x0)
bind$inet6(r0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

138.139388ms ago: executing program 1 (id=4157):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB], 0x3c}}, 0x40000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)

51.353879ms ago: executing program 2 (id=4158):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}}, 0x4000)

51.060089ms ago: executing program 1 (id=4159):
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4e, @dev={0xfe, 0x80, '\x00', 0x19}, @empty, 0x20, 0x7, 0xffffff84, 0x80008}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r1, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

49.880839ms ago: executing program 2 (id=4160):
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x900)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)

15.258539ms ago: executing program 7 (id=4161):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x6)
syz_emit_ethernet(0x3a, &(0x7f0000000200)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local, {[@timestamp_prespec={0x44, 0x4, 0x55, 0x3, 0xf}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

0s ago: executing program 7 (id=4162):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x40)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000020ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

 error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1660.087706][T17484] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1660.097938][T17483] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1660.113596][T17484] device bridge_slave_0 entered promiscuous mode
[ 1660.138325][T17484] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1660.145080][T17483] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3184: Failed to acquire dquot type 1
[ 1660.156954][T17483] EXT4-fs (loop4): 1 truncate cleaned up
[ 1660.162534][T17484] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1660.169626][T17483] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1660.186939][T17484] device bridge_slave_1 entered promiscuous mode
[ 1660.194151][T14085] device bridge_slave_1 left promiscuous mode
[ 1660.200588][T14085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1660.222112][T14085] device bridge_slave_0 left promiscuous mode
[ 1660.228280][T14085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1660.236817][T14085] device veth1_macvtap left promiscuous mode
[ 1660.254686][T14085] device veth0_vlan left promiscuous mode
[ 1660.390914][T17474] EXT4-fs error (device loop2): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1660.405906][T17474] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1660.418164][T17474] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1660.418164][T17474] 
[ 1660.427633][T17474] EXT4-fs (loop2): Total free blocks count 0
[ 1660.433621][T17474] EXT4-fs (loop2): Free/Dirty block details
[ 1660.439337][T17474] EXT4-fs (loop2): free_blocks=68451041280
[ 1660.445022][T17474] EXT4-fs (loop2): dirty_blocks=32
[ 1660.449924][T17474] EXT4-fs (loop2): Block reservation details
[ 1660.456222][T17474] EXT4-fs (loop2): i_reserved_data_blocks=2
[ 1661.741596][T17504] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3192'.
[ 1661.750407][T17504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3192'.
[ 1662.013171][T17502] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1662.021730][T17502] Quota error (device loop3): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1662.031270][T17502] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1662.040597][T17502] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3192: Failed to acquire dquot type 1
[ 1662.056529][T17502] EXT4-fs (loop3): 1 truncate cleaned up
[ 1662.064066][T17502] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1662.221695][T17505] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1662.231165][T17505] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1662.240672][T17505] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1662.249923][T17505] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3193: Failed to acquire dquot type 1
[ 1662.475161][T17505] EXT4-fs (loop2): 1 truncate cleaned up
[ 1662.481120][T17505] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1663.054260][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1663.061749][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1663.070066][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1663.078459][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1663.094462][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1663.101360][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1663.113960][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1663.152602][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1663.191891][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1663.198784][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1663.206692][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1663.251653][T17484] device veth0_vlan entered promiscuous mode
[ 1663.266850][T17484] device veth1_macvtap entered promiscuous mode
[ 1663.302035][T17513] F2FS-fs (loop0): fault_injection options not supported
[ 1663.316528][T17513] F2FS-fs (loop0): invalid crc value
[ 1663.325249][T17513] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1663.767622][T17529] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3196'.
[ 1663.776426][T17529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3196'.
[ 1663.789535][T17528] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3189'.
[ 1663.798329][T17528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3189'.
[ 1664.662444][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1664.671523][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1664.680190][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1664.688555][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1664.696721][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1664.699367][T17513] F2FS-fs (loop0): Start checkpoint disabled!
[ 1664.942799][T17518] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1664.951133][T17518] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1664.960655][T17518] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1664.969931][T17518] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3195: Failed to acquire dquot type 1
[ 1664.982685][T17518] EXT4-fs (loop4): 1 truncate cleaned up
[ 1664.988623][T17518] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1665.015045][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1665.025186][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1665.035055][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1665.045832][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1665.307123][T17528] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1665.315910][T17528] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1665.325578][T17528] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1665.335621][T17528] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3189: Failed to acquire dquot type 1
[ 1665.396190][T17528] EXT4-fs (loop1): 1 truncate cleaned up
[ 1665.402536][T17528] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1665.596672][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1665.635445][T17529] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1665.691598][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1665.699268][T17529] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1665.709028][T17529] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1665.718609][T17529] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3196: Failed to acquire dquot type 1
[ 1665.731611][T17529] EXT4-fs (loop2): 1 truncate cleaned up
[ 1665.743012][T17529] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1665.781439][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1665.790398][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1665.799816][T17513] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1665.810226][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1666.068807][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1666.130921][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1666.226649][T17539] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1666.235330][T17539] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3197: Failed to acquire dquot type 1
[ 1666.248775][T17539] EXT4-fs (loop3): 1 truncate cleaned up
[ 1666.254622][T17539] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1666.330176][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1666.959798][T17543] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1666.976690][T17543] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1666.991728][T17543] device bridge_slave_0 entered promiscuous mode
[ 1667.009113][T17543] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1667.022194][T17543] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1667.029596][T17543] device bridge_slave_1 entered promiscuous mode
[ 1667.095708][T17543] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1667.102581][T17543] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1667.109689][T17543] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1667.116571][T17543] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1667.184814][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1667.201645][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1667.210117][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1667.219230][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1667.227482][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1667.249835][T17543] device veth0_vlan entered promiscuous mode
[ 1667.255981][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1667.265136][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1667.274286][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1667.282873][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1667.292470][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1667.300568][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1667.358943][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1667.369260][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1667.386134][T17543] device veth1_macvtap entered promiscuous mode
[ 1667.414117][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1667.425835][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1667.511952][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1667.761181][T17553] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1667.769596][T17553] __quota_error: 2 callbacks suppressed
[ 1667.769622][T17553] Quota error (device loop3): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1667.784557][T17553] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1667.793786][T17553] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3199: Failed to acquire dquot type 1
[ 1667.806870][T17553] EXT4-fs (loop3): 1 truncate cleaned up
[ 1667.821337][T17553] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1667.921593][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1668.614692][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1668.850466][T17562] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1668.859010][T17562] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1668.868509][T17562] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1668.877921][T17562] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3201: Failed to acquire dquot type 1
[ 1668.891167][T17562] EXT4-fs (loop4): 1 truncate cleaned up
[ 1668.904221][T17562] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1669.237116][T17559] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1669.465953][T17551] F2FS-fs (loop2): fault_injection options not supported
[ 1669.474103][T17551] F2FS-fs (loop2): invalid crc value
[ 1669.492196][T17551] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1669.564103][T17556] EXT4-fs error (device loop1): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1669.579057][T17556] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1669.591153][T17556] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1669.591153][T17556] 
[ 1669.600611][T17556] EXT4-fs (loop1): Total free blocks count 0
[ 1669.606508][T17556] EXT4-fs (loop1): Free/Dirty block details
[ 1669.612241][T17556] EXT4-fs (loop1): free_blocks=68451041280
[ 1669.617859][T17556] EXT4-fs (loop1): dirty_blocks=32
[ 1669.622834][T17556] EXT4-fs (loop1): Block reservation details
[ 1669.628630][T17556] EXT4-fs (loop1): i_reserved_data_blocks=2
[ 1669.721476][T17551] F2FS-fs (loop2): Start checkpoint disabled!
[ 1669.744098][T17551] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1669.833361][T17574] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1669.840086][T17574] Quota error (device loop0): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1669.849452][T17574] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[ 1669.858590][T17574] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3198: Failed to acquire dquot type 1
[ 1669.870497][T17574] EXT4-fs (loop0): 1 truncate cleaned up
[ 1669.876114][T17574] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1670.511913][T17579] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1670.518935][T17579] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1670.526230][T16580] attempt to access beyond end of device
[ 1670.526230][T16580] loop2: rw=2049, want=40968, limit=40427
[ 1670.531566][T17579] device bridge_slave_0 entered promiscuous mode
[ 1670.546330][T16580] attempt to access beyond end of device
[ 1670.546330][T16580] loop2: rw=2049, want=40984, limit=40427
[ 1670.562041][T17579] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1670.569137][T17579] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.577251][T17579] device bridge_slave_1 entered promiscuous mode
[ 1670.628575][T17579] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1670.635444][T17579] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1670.642559][T17579] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1670.649307][T17579] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1670.668152][T16580] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1670.675305][T16580] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.683902][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1670.691148][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1670.699451][T14085] device bridge_slave_1 left promiscuous mode
[ 1670.705507][T14085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.712702][T14085] device bridge_slave_0 left promiscuous mode
[ 1670.718616][T14085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1670.726891][T14085] device veth1_macvtap left promiscuous mode
[ 1670.732883][T14085] device veth0_vlan left promiscuous mode
[ 1670.907537][T17591] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1671.035493][T17596] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3206'.
[ 1671.073132][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1671.089842][ T1960] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1671.096770][ T1960] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1671.137447][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1671.156118][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1671.171428][ T1960] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1671.178358][ T1960] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1671.334968][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1671.396956][T17587] F2FS-fs (loop0): fault_injection options not supported
[ 1671.413917][T17604] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1671.423899][T17604] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1671.433525][T17604] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1671.442789][T17604] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3208: Failed to acquire dquot type 1
[ 1671.456389][T17604] EXT4-fs (loop2): 1 truncate cleaned up
[ 1671.462247][T17604] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1671.556487][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1671.581659][T17587] F2FS-fs (loop0): invalid crc value
[ 1671.644942][T17589] EXT4-fs error (device loop4): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1671.660173][T17589] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1671.672502][T17589] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1671.672502][T17589] 
[ 1671.681978][T17589] EXT4-fs (loop4): Total free blocks count 0
[ 1671.687804][T17589] EXT4-fs (loop4): Free/Dirty block details
[ 1671.693534][T17589] EXT4-fs (loop4): free_blocks=68451041280
[ 1671.699144][T17589] EXT4-fs (loop4): dirty_blocks=32
[ 1671.704114][T17589] EXT4-fs (loop4): Block reservation details
[ 1671.709908][T17589] EXT4-fs (loop4): i_reserved_data_blocks=2
[ 1671.839631][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1671.886373][T17587] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1672.404729][ T1960] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1672.438534][T17587] F2FS-fs (loop0): Start checkpoint disabled!
[ 1672.560681][T17587] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1672.578797][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1672.587258][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1672.600254][T17579] device veth0_vlan entered promiscuous mode
[ 1672.607048][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1672.615096][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1672.692826][T17579] device veth1_macvtap entered promiscuous mode
[ 1672.972973][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1673.000122][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1673.007841][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1673.027777][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1673.036415][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1673.047200][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1673.149630][T17622] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3210'.
[ 1673.158487][T17622] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3210'.
[ 1674.712352][T17622] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1674.720702][T17622] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1674.730190][T17622] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1674.739438][T17622] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3210: Failed to acquire dquot type 1
[ 1674.754117][T17622] EXT4-fs (loop2): 1 truncate cleaned up
[ 1674.759971][T17622] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1674.821513][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1674.904487][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1674.926279][ T7552] attempt to access beyond end of device
[ 1674.926279][ T7552] loop0: rw=2049, want=40968, limit=40427
[ 1675.026702][T16580] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1675.035135][ T7552] attempt to access beyond end of device
[ 1675.035135][ T7552] loop0: rw=2049, want=40992, limit=40427
[ 1675.366560][T17630] F2FS-fs (loop0): fault_injection options not supported
[ 1675.397629][T17630] F2FS-fs (loop0): invalid crc value
[ 1675.410854][T17630] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1675.438339][T17625] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1675.489017][T17630] F2FS-fs (loop0): Start checkpoint disabled!
[ 1675.495765][T17630] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1675.652779][T17633] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1675.741285][T17641] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1675.802171][T17641] EXT4-fs (loop4): dax option not supported
[ 1675.859350][T17642] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1675.866355][T17642] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1677.016231][T17642] device bridge_slave_0 entered promiscuous mode
[ 1677.425994][T17642] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1677.435361][T17642] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1677.442949][T17632] EXT4-fs error (device loop3): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1677.444924][T17642] device bridge_slave_1 entered promiscuous mode
[ 1677.457737][T17632] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1677.475810][T17632] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1677.475810][T17632] 
[ 1677.485311][T17632] EXT4-fs (loop3): Total free blocks count 0
[ 1677.491079][T17632] EXT4-fs (loop3): Free/Dirty block details
[ 1677.496855][T17632] EXT4-fs (loop3): free_blocks=68451041280
[ 1677.502461][T17632] EXT4-fs (loop3): dirty_blocks=32
[ 1677.507389][T17632] EXT4-fs (loop3): Block reservation details
[ 1677.513227][T17632] EXT4-fs (loop3): i_reserved_data_blocks=2
[ 1677.548687][T17641] exfat: Deprecated parameter 'namecase'
[ 1677.564494][T17641] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[ 1677.564689][ T7552] attempt to access beyond end of device
[ 1677.564689][ T7552] loop0: rw=2049, want=40968, limit=40427
[ 1677.611532][ T7552] attempt to access beyond end of device
[ 1677.611532][ T7552] loop0: rw=2049, want=40984, limit=40427
[ 1677.726302][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1677.733763][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1677.762232][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1677.770398][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1677.779264][ T7552] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1677.786265][ T7552] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1677.794767][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1677.804024][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1677.815014][ T7552] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1677.821853][ T7552] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1677.832699][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1677.877990][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1678.045508][T17642] device veth0_vlan entered promiscuous mode
[ 1678.060904][T17642] device veth1_macvtap entered promiscuous mode
[ 1678.135384][T17668] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3218'.
[ 1678.144299][T17668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3218'.
[ 1678.476006][T17668] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1678.484291][T17668] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1678.493802][T17668] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1678.503084][T17668] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3218: Failed to acquire dquot type 1
[ 1678.516055][T17668] EXT4-fs (loop1): 1 truncate cleaned up
[ 1678.522047][T17668] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1678.578764][T17664] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1678.834359][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1678.855337][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1679.733906][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1679.849697][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1679.864988][T17663] EXT4-fs error (device loop3): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1679.879615][T17663] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1679.891492][T17663] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1679.891492][T17663] 
[ 1679.901169][T17663] EXT4-fs (loop3): Total free blocks count 0
[ 1679.906993][T17663] EXT4-fs (loop3): Free/Dirty block details
[ 1679.912723][T17663] EXT4-fs (loop3): free_blocks=68451041280
[ 1679.918331][T17663] EXT4-fs (loop3): dirty_blocks=16
[ 1679.923297][T17663] EXT4-fs (loop3): Block reservation details
[ 1679.929095][T17663] EXT4-fs (loop3): i_reserved_data_blocks=1
[ 1680.273227][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1680.290684][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1680.311332][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1680.324526][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1680.339663][T17685] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3216'.
[ 1680.532850][T17675] F2FS-fs (loop4): fault_injection options not supported
[ 1680.563219][T17675] F2FS-fs (loop4): invalid crc value
[ 1680.652654][T17675] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1682.458764][T17675] F2FS-fs (loop4): Start checkpoint disabled!
[ 1682.505017][T17702] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1682.513524][T17702] Quota error (device loop0): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1682.523048][T17702] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[ 1682.532763][T17702] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3221: Failed to acquire dquot type 1
[ 1682.548482][T17702] EXT4-fs (loop0): 1 truncate cleaned up
[ 1682.554588][T17702] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1683.342789][T17699] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1683.349766][T17699] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1683.360143][T17699] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1683.369654][T17699] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3222: Failed to acquire dquot type 1
[ 1683.389750][T17699] EXT4-fs (loop1): 1 truncate cleaned up
[ 1683.398008][T17699] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1683.440898][T14085] device bridge_slave_1 left promiscuous mode
[ 1683.449728][T14085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1683.457441][T14085] device bridge_slave_0 left promiscuous mode
[ 1683.463706][T14085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1683.472253][T14085] device bridge_slave_1 left promiscuous mode
[ 1683.478257][T14085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1683.496165][T14085] device bridge_slave_0 left promiscuous mode
[ 1683.502332][T14085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1683.513480][T14085] device veth1_macvtap left promiscuous mode
[ 1683.519386][T14085] device veth0_vlan left promiscuous mode
[ 1683.543440][T14085] device veth1_macvtap left promiscuous mode
[ 1683.679844][T14085] device veth0_vlan left promiscuous mode
[ 1683.951015][T17714] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1683.959425][T17714] Quota error (device loop0): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1683.968958][T17714] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[ 1683.978231][T17714] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3223: Failed to acquire dquot type 1
[ 1683.992030][T17714] EXT4-fs (loop0): 1 truncate cleaned up
[ 1683.997903][T17714] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1685.070709][T17725] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1685.079013][T17725] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1685.088505][T17725] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1685.097958][T17725] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3225: Failed to acquire dquot type 1
[ 1685.112394][T17725] EXT4-fs (loop1): 1 truncate cleaned up
[ 1685.118223][T17725] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1685.786975][T17729] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1685.838233][T17729] EXT4-fs (loop3): 1 truncate cleaned up
[ 1685.856747][T17729] EXT4-fs (loop3): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,inlinecrypt,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[ 1686.262153][  T348] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1687.213351][T17737] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[ 1687.220683][T17737] EXT4-fs (loop4): dax option not supported
[ 1687.265360][T17745] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1687.273951][T17745] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1687.283469][T17745] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1687.292719][T17745] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3228: Failed to acquire dquot type 1
[ 1687.305865][T17745] EXT4-fs (loop1): 1 truncate cleaned up
[ 1687.313897][T17745] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1688.235358][  T348] usb 4-1: Using ep0 maxpacket: 16
[ 1688.378279][T17756] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1688.388893][T17756] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1688.398620][T17756] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1688.408014][T17756] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3231: Failed to acquire dquot type 1
[ 1688.422417][T17756] EXT4-fs (loop2): 1 truncate cleaned up
[ 1688.428345][T17756] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1688.732237][  T348] usb 4-1: device descriptor read/all, error -71
[ 1689.201574][T17737] exfat: Deprecated parameter 'namecase'
[ 1689.283449][T17760] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1689.294789][T17737] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[ 1689.309871][T17760] EXT4-fs (loop1): 1 truncate cleaned up
[ 1689.316566][T17760] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,inlinecrypt,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[ 1689.474259][T17765] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1689.570118][T17777] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3236'.
[ 1689.579449][T17777] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3236'.
[ 1689.702275][T13578] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1689.889834][T17777] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1689.899021][T17777] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1689.908588][T17777] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1689.917871][T17777] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3236: Failed to acquire dquot type 1
[ 1689.933046][T17777] EXT4-fs (loop4): 1 truncate cleaned up
[ 1689.939355][T17777] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1690.451220][T17764] EXT4-fs error (device loop3): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1690.465975][T17764] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1690.478075][T17764] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1690.478075][T17764] 
[ 1690.487514][T17764] EXT4-fs (loop3): Total free blocks count 0
[ 1690.493397][T17764] EXT4-fs (loop3): Free/Dirty block details
[ 1690.499120][T17764] EXT4-fs (loop3): free_blocks=68451041280
[ 1690.504788][T17764] EXT4-fs (loop3): dirty_blocks=32
[ 1690.509696][T17764] EXT4-fs (loop3): Block reservation details
[ 1690.515541][T17764] EXT4-fs (loop3): i_reserved_data_blocks=2
[ 1690.612151][T13578] usb 2-1: Using ep0 maxpacket: 16
[ 1690.686204][T17783] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue
[ 1690.772346][T13578] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1690.783605][T14085] device bridge_slave_1 left promiscuous mode
[ 1690.789585][T14085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1690.801926][T14085] device bridge_slave_0 left promiscuous mode
[ 1690.808023][T14085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1690.816450][T14085] device veth1_macvtap left promiscuous mode
[ 1690.822354][T14085] device veth0_vlan left promiscuous mode
[ 1690.852472][T13578] usb 2-1: config 5 has an invalid interface number: 29 but max is 0
[ 1690.861227][T13578] usb 2-1: config 5 has no interface number 0
[ 1690.969260][T17786] F2FS-fs (loop2): fault_injection options not supported
[ 1691.324586][T13578] usb 2-1: config 5 interface 29 has no altsetting 0
[ 1691.331589][T17786] F2FS-fs (loop2): invalid crc value
[ 1691.450381][T17797] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1691.466482][T17786] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1691.474428][T13578] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice= 0.00
[ 1691.484507][T17797] Quota error (device loop3): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1691.494560][T17797] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1691.503869][T17797] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3238: Failed to acquire dquot type 1
[ 1691.527332][T17782] EXT4-fs error (device loop0): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1691.541929][T17782] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1691.554004][T17782] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1691.554004][T17782] 
[ 1691.563393][T17782] EXT4-fs (loop0): Total free blocks count 0
[ 1691.569179][T17782] EXT4-fs (loop0): Free/Dirty block details
[ 1691.574931][T17782] EXT4-fs (loop0): free_blocks=68451041280
[ 1691.580550][T17782] EXT4-fs (loop0): dirty_blocks=32
[ 1691.585680][T17782] EXT4-fs (loop0): Block reservation details
[ 1691.592021][T17782] EXT4-fs (loop0): i_reserved_data_blocks=2
[ 1691.643881][T17797] EXT4-fs (loop3): 1 truncate cleaned up
[ 1691.667219][T13578] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1691.744783][T13578] usb 2-1: SerialNumber: syz
[ 1691.838705][T17797] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1691.907745][T17786] F2FS-fs (loop2): Start checkpoint disabled!
[ 1691.992335][T13578] usb 2-1: can't set config #5, error -71
[ 1692.104786][T13578] usb 2-1: USB disconnect, device number 49
[ 1692.111975][T17786] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1692.775832][ T7552] attempt to access beyond end of device
[ 1692.775832][ T7552] loop2: rw=2049, want=40968, limit=40427
[ 1692.787646][ T7552] attempt to access beyond end of device
[ 1692.787646][ T7552] loop2: rw=2049, want=40992, limit=40427
[ 1692.834381][T17808] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1692.911182][T17808] EXT4-fs (loop4): 1 truncate cleaned up
[ 1692.916738][T17808] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,inlinecrypt,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue
[ 1692.936298][T17812] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1693.951874][T17811] EXT4-fs error (device loop1): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1693.966626][T17811] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1693.978923][T17811] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1693.978923][T17811] 
[ 1693.988385][T17811] EXT4-fs (loop1): Total free blocks count 0
[ 1693.994189][T17811] EXT4-fs (loop1): Free/Dirty block details
[ 1693.999916][T17811] EXT4-fs (loop1): free_blocks=68451041280
[ 1694.005575][T17811] EXT4-fs (loop1): dirty_blocks=32
[ 1694.010489][T17811] EXT4-fs (loop1): Block reservation details
[ 1694.016322][T17811] EXT4-fs (loop1): i_reserved_data_blocks=2
[ 1694.174152][T17832] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1694.184835][T17832] Quota error (device loop2): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1694.194356][T17832] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[ 1694.203614][T17832] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3244: Failed to acquire dquot type 1
[ 1694.217923][T17832] EXT4-fs (loop2): 1 truncate cleaned up
[ 1694.223836][T17832] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1696.434458][T17842] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1696.447957][T17842] Quota error (device loop3): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1696.457480][T17842] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1696.466742][T17842] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3245: Failed to acquire dquot type 1
[ 1696.481009][T17842] EXT4-fs (loop3): 1 truncate cleaned up
[ 1696.486925][T17842] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1696.534229][T17841] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1696.543596][T17841] Quota error (device loop1): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1696.553217][T17841] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[ 1696.562487][T17841] EXT4-fs error (device loop1): ext4_acquire_dquot:6219: comm syz.1.3246: Failed to acquire dquot type 1
[ 1696.577809][T17841] EXT4-fs (loop1): 1 truncate cleaned up
[ 1696.584619][T17841] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1697.134366][T17823] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 1697.548776][T17853] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1697.715570][T17858] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1697.725230][T17858] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1697.734806][T17858] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1697.744065][T17858] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3248: Failed to acquire dquot type 1
[ 1697.758228][T17858] EXT4-fs (loop4): 1 truncate cleaned up
[ 1697.764311][T17858] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1697.788719][T17853] EXT4-fs (loop0): dax option not supported
[ 1698.094537][T17850] F2FS-fs (loop2): fault_injection options not supported
[ 1698.543970][T17850] F2FS-fs (loop2): invalid crc value
[ 1698.554458][T17850] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1698.638526][T17850] F2FS-fs (loop2): Start checkpoint disabled!
[ 1698.654779][T17850] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1698.873516][T17863] F2FS-fs (loop1): fault_injection options not supported
[ 1698.936675][T17874] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3252'.
[ 1698.945600][T17874] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3252'.
[ 1698.995237][T17868] F2FS-fs (loop3): fault_injection options not supported
[ 1699.029159][T17863] F2FS-fs (loop1): invalid crc value
[ 1699.038257][T17868] F2FS-fs (loop3): invalid crc value
[ 1699.049062][T17863] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1699.060075][T17868] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1699.194436][T17853] exfat: Deprecated parameter 'namecase'
[ 1699.336497][T17874] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1699.344985][T17874] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1699.354504][T17874] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1699.363782][T17874] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3252: Failed to acquire dquot type 1
[ 1699.376968][T17874] EXT4-fs (loop4): 1 truncate cleaned up
[ 1699.382863][T17874] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1699.498521][T17853] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[ 1700.189539][T17863] F2FS-fs (loop1): Start checkpoint disabled!
[ 1700.195949][T17868] F2FS-fs (loop3): Start checkpoint disabled!
[ 1700.216350][T17863] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[ 1700.224459][T17868] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1701.440374][T17891] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1701.448537][T17891] Quota error (device loop4): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1701.458019][T17891] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[ 1701.467280][T17891] EXT4-fs error (device loop4): ext4_acquire_dquot:6219: comm syz.4.3253: Failed to acquire dquot type 1
[ 1701.481628][T17891] EXT4-fs (loop4): 1 truncate cleaned up
[ 1701.487514][T17891] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1701.794672][ T1960] attempt to access beyond end of device
[ 1701.794672][ T1960] loop1: rw=2049, want=40968, limit=40427
[ 1701.819815][ T1960] attempt to access beyond end of device
[ 1701.819815][ T1960] loop1: rw=2049, want=40992, limit=40427
[ 1702.164245][T17900] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3254'.
[ 1702.173042][T17900] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3254'.
[ 1702.333791][T17900] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1702.375124][T17900] Quota error (device loop0): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1702.384593][T17900] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[ 1702.393859][T17900] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3254: Failed to acquire dquot type 1
[ 1702.408034][T17900] EXT4-fs (loop0): 1 truncate cleaned up
[ 1702.416432][T17900] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1702.850500][   T24] audit: type=1400 audit(1744115621.270:169): avc:  denied  { setopt } for  pid=17905 comm="syz.4.3257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1703.419593][T17909] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1703.428049][T17909] Quota error (device loop3): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1703.437540][T17909] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[ 1703.446806][T17909] EXT4-fs error (device loop3): ext4_acquire_dquot:6219: comm syz.3.3256: Failed to acquire dquot type 1
[ 1703.461732][T17909] EXT4-fs (loop3): 1 truncate cleaned up
[ 1703.467620][T17909] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1704.398022][   T24] audit: type=1400 audit(1744115622.820:170): avc:  denied  { write } for  pid=17926 comm="syz.0.3261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1704.499438][ T1960] attempt to access beyond end of device
[ 1704.499438][ T1960] loop2: rw=2049, want=40968, limit=40427
[ 1704.556449][ T1960] attempt to access beyond end of device
[ 1704.556449][ T1960] loop2: rw=2049, want=41000, limit=40427
[ 1704.600857][T17934] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3255'.
[ 1704.655498][   T24] audit: type=1400 audit(1744115623.080:171): avc:  denied  { ioctl } for  pid=17929 comm="syz.3.3262" path="socket:[71370]" dev="sockfs" ino=71370 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1704.831276][   T24] audit: type=1400 audit(1744115623.250:172): avc:  denied  { read write } for  pid=17938 comm="syz.4.3265" name="fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1704.857344][   T24] audit: type=1400 audit(1744115623.250:173): avc:  denied  { open } for  pid=17938 comm="syz.4.3265" path="/dev/fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1704.890492][   T24] audit: type=1400 audit(1744115623.270:174): avc:  denied  { unmount } for  pid=17444 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1704.911154][   T24] audit: type=1400 audit(1744115623.310:175): avc:  denied  { relabelfrom } for  pid=17940 comm="syz.4.3266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 1704.934839][   T24] audit: type=1400 audit(1744115623.310:176): avc:  denied  { relabelto } for  pid=17940 comm="syz.4.3266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 1704.954418][   T24] audit: type=1400 audit(1744115623.360:177): avc:  denied  { unmount } for  pid=17642 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1705.127826][   T24] audit: type=1400 audit(1744115623.550:178): avc:  denied  { append } for  pid=17954 comm="syz.2.3271" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1705.559776][T17960] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1705.680008][T17973] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3274'.
[ 1705.688901][T17973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3274'.
[ 1706.670768][T17959] EXT4-fs error (device loop1): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1706.685383][T17959] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[ 1706.697369][T17959] EXT4-fs (loop1): This should not happen!! Data will be lost
[ 1706.697369][T17959] 
[ 1706.706834][T17959] EXT4-fs (loop1): Total free blocks count 0
[ 1706.712631][T17959] EXT4-fs (loop1): Free/Dirty block details
[ 1706.718348][T17959] EXT4-fs (loop1): free_blocks=68451041280
[ 1706.724112][T17959] EXT4-fs (loop1): dirty_blocks=32
[ 1706.729107][T17959] EXT4-fs (loop1): Block reservation details
[ 1706.734947][T17959] EXT4-fs (loop1): i_reserved_data_blocks=2
[ 1706.833979][T17973] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1706.842913][T17973] Quota error (device loop0): find_tree_dqentry: Getting block too big (196613 >= 6)
[ 1706.852867][T17973] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3274: Failed to acquire dquot type 1
[ 1706.868347][T17973] EXT4-fs (loop0): 1 truncate cleaned up
[ 1706.875202][T17973] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,nodiscard,,errors=continue
[ 1707.828428][T17965] F2FS-fs (loop2): fault_injection options not supported
[ 1707.851334][T17965] F2FS-fs (loop2): invalid crc value
[ 1707.882789][T18011] xt_hashlimit: size too large, truncated to 1048576
[ 1707.883845][T17965] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1707.898552][T18013] tmpfs: Unknown parameter 'nolazytime‡Þ/8”Y`<–V•Ãæ»#Ž$d…³94–¤¦ñª)‹`f¿$ªü+Éí_å‚N½-A�£b×ü]6�Õ+Š9ø¨ç9évRÀÛ§~g¿Ä¨f°¥éوݓwˆ%'
[ 1707.960666][T17965] F2FS-fs (loop2): Start checkpoint disabled!
[ 1707.992418][T17965] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1708.048415][T18016] Alternate GPT is invalid, using primary GPT.
[ 1708.061109][T18016]  loop4: p2 p3 p7
[ 1708.155681][T18016] overlayfs: './file2' not a directory
[ 1708.348176][T18024] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3293'.
[ 1708.451157][T18026] EXT4-fs (loop1): 1 orphan inode deleted
[ 1708.456907][T18026] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue
[ 1708.474510][T18026] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1708.795016][T18045] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,
[ 1708.819167][T18045] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1708.898812][ T1960] attempt to access beyond end of device
[ 1708.898812][ T1960] loop2: rw=2049, want=40968, limit=40427
[ 1708.910125][ T1960] attempt to access beyond end of device
[ 1708.910125][ T1960] loop2: rw=2049, want=40984, limit=40427
[ 1708.911998][T18045] mmap: syz.1.3300 (18045): VmData 29085696 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[ 1709.203467][T18079] overlayfs: failed to resolve './file0': -2
[ 1709.279221][T18085] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[ 1709.365926][T18098] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[ 1709.386570][T14085] attempt to access beyond end of device
[ 1709.386570][T14085] loop1: rw=1, want=1041, limit=128
[ 1709.428603][   T24] kauditd_printk_skb: 48 callbacks suppressed
[ 1709.428618][   T24] audit: type=1400 audit(1744115627.850:226): avc:  denied  { name_bind } for  pid=18099 comm="syz.4.3322" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1709.524926][T18107] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3326'.
[ 1709.700117][T18114] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1709.718918][T18114] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.3327: bg 0: block 248: padding at end of block bitmap is not set
[ 1709.743302][T18114] Quota error (device loop0): write_blk: dquota write failed
[ 1709.750937][T18114] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[ 1709.767367][   T24] audit: type=1326 audit(1744115628.190:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18123 comm="syz.4.3332" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a9194e169 code=0x0
[ 1709.824955][T18114] EXT4-fs error (device loop0): ext4_acquire_dquot:6219: comm syz.0.3327: Failed to acquire dquot type 1
[ 1709.850776][T18114] EXT4-fs (loop0): 1 truncate cleaned up
[ 1709.860518][T18114] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,block_validity,nobarrier,auto_da_alloc,noload,nodiscard,,errors=continue
[ 1709.963601][   T24] audit: type=1400 audit(1744115628.390:228): avc:  denied  { read write } for  pid=18133 comm="syz.0.3334" name="loop-control" dev="devtmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1709.988288][   T24] audit: type=1400 audit(1744115628.390:229): avc:  denied  { open } for  pid=18133 comm="syz.0.3334" path="/dev/loop-control" dev="devtmpfs" ino=110 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1710.015967][   T24] audit: type=1400 audit(1744115628.390:230): avc:  denied  { ioctl } for  pid=18133 comm="syz.0.3334" path="/dev/loop-control" dev="devtmpfs" ino=110 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1710.064992][   T24] audit: type=1326 audit(1744115628.490:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.3.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dd1577169 code=0x7fc00000
[ 1710.124898][   T24] audit: type=1326 audit(1744115628.550:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.3.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dd1577169 code=0x7fc00000
[ 1710.184818][   T24] audit: type=1326 audit(1744115628.610:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.3.3336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dd1577169 code=0x7fc00000
[ 1710.439341][T18146] bridge0: port 3(vlan2) entered blocking state
[ 1710.445556][T18146] bridge0: port 3(vlan2) entered disabled state
[ 1710.737938][T18157] device wireguard0 entered promiscuous mode
[ 1711.176009][T18188] syz.3.3357[18188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1711.176072][T18188] syz.3.3357[18188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1711.264595][T18189] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[ 1711.292871][T18189] EXT4-fs (loop2): barriers disabled
[ 1711.298054][T18189] JBD2: no valid journal superblock found
[ 1711.314857][T18196] sch_tbf: burst 3936 is lower than device lo mtu (65550) !
[ 1711.322181][T18189] EXT4-fs (loop2): error loading journal
[ 1711.533371][T18203] Alternate GPT is invalid, using primary GPT.
[ 1711.541655][T18203]  loop3: p1 p2 p3
[ 1711.786802][T10909] udevd[10909]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[ 1711.796888][T10908] udevd[10908]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1711.800382][ T9955] udevd[9955]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[ 1711.858516][T18227] fuse: Unknown parameter '0000000000000000000018446744073709551615'
[ 1711.924280][T18239] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1712.016102][T18252] tmpfs: Unknown parameter 'r'
[ 1712.076363][T18252] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1712.086191][T18252] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.3381: bg 0: block 248: padding at end of block bitmap is not set
[ 1712.102138][T18252] EXT4-fs error (device loop2): ext4_acquire_dquot:6219: comm syz.2.3381: Failed to acquire dquot type 1
[ 1712.113916][T18252] EXT4-fs (loop2): 1 truncate cleaned up
[ 1712.119696][T18252] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1712.141119][T18252] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[ 1712.168052][T18252] EXT4-fs (loop2): re-mounted. Opts: (null)
[ 1712.179138][T16580] attempt to access beyond end of device
[ 1712.179138][T16580] loop4: rw=1, want=1041, limit=128
[ 1712.376054][T18289] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1712.504114][T18299] xt_bpf: check failed: parse error
[ 1712.703929][T18309] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1712.722625][T18309] ext4 filesystem being mounted at /37/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1712.835384][T18330] Illegal XDP return value 4294967274, expect packet loss!
[ 1713.014979][T18348] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[ 1713.134424][T18367] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.3431: inode #1: comm syz.3.3431: iget: illegal inode #
[ 1713.177162][T18367] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.3431: error while reading EA inode 1 err=-117
[ 1713.313411][T18367] EXT4-fs (loop3): 1 orphan inode deleted
[ 1713.319165][T18367] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,journal_dev=0x0000000000008000,debug_want_extra_isize=0x0000000000000040,nouid32,resgid=0x0000000000000000,bsdgroups,usrjquota=,,errors=continue
[ 1713.524252][T18401] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1713.562216][T18401] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1713.600065][T18401] cgroup: No subsys list or none specified
[ 1713.658886][T18413] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3452'.
[ 1713.751623][T18416]  loop3: p1 p3 < > p4 < p5 >
[ 1713.761973][T18416] loop3: partition table partially beyond EOD, truncated
[ 1713.773371][T18416] loop3: p1 size 33024 extends beyond EOD, truncated
[ 1713.783500][T18416] loop3: p3 start 4284289 is beyond EOD, truncated
[ 1713.790670][T18416] loop3: p5 size 33024 extends beyond EOD, truncated
[ 1713.800886][T18416] bridge: RTM_NEWNEIGH with invalid ether address
[ 1713.864856][T10908] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1713.868491][T10909] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1713.877766][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1713.896706][T10909] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1713.898793][T17579] __loop_clr_fd: partition scan of loop3 failed (rc=-16)
[ 1713.910682][T10909] Buffer I/O error on dev loop3p5, logical block 8, async page read
[ 1713.927137][T10908] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1713.934984][T10909] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1713.948809][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1713.948829][ T9954] Buffer I/O error on dev loop3p1, logical block 8, async page read
[ 1713.970318][T10908] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1713.983770][ T9954] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1713.997600][ T9954] Buffer I/O error on dev loop3p1, logical block 9, async page read
[ 1714.005589][ T9954] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1714.014197][T10909] Buffer I/O error on dev loop3p5, logical block 9, async page read
[ 1714.017295][ T9954] Buffer I/O error on dev loop3p1, logical block 10, async page read
[ 1714.026001][T10909] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1714.033774][ T9954] Buffer I/O error on dev loop3p1, logical block 11, async page read
[ 1714.051804][ T9954] Buffer I/O error on dev loop3p1, logical block 12, async page read
[ 1714.060480][ T9954] Buffer I/O error on dev loop3p1, logical block 13, async page read
[ 1714.069372][ T9954] Buffer I/O error on dev loop3p1, logical block 14, async page read
[ 1714.098150][T18437] FAT-fs (loop4): Directory bread(block 64) failed
[ 1714.105562][T18437] FAT-fs (loop4): Directory bread(block 65) failed
[ 1714.111982][T18437] FAT-fs (loop4): Directory bread(block 66) failed
[ 1714.118649][T18437] FAT-fs (loop4): Directory bread(block 67) failed
[ 1714.128233][T18437] FAT-fs (loop4): Directory bread(block 68) failed
[ 1714.134717][T18437] FAT-fs (loop4): Directory bread(block 69) failed
[ 1714.141144][T18437] FAT-fs (loop4): Directory bread(block 70) failed
[ 1714.147539][T18437] FAT-fs (loop4): Directory bread(block 71) failed
[ 1714.153953][T18437] FAT-fs (loop4): Directory bread(block 72) failed
[ 1714.160267][T18437] FAT-fs (loop4): Directory bread(block 73) failed
[ 1714.368270][T18460] EXT4-fs (loop4): Ignoring removed bh option
[ 1714.395214][T18460] EXT4-fs (loop4): mounted filesystem without journal. Opts: abort,nodioread_nolock,bh,max_batch_time=0x0000000000000002,,errors=continue
[ 1714.562509][T18419] 9pnet: p9_fd_create_tcp (18419): problem connecting socket to 127.0.0.1
[ 1714.781695][T18486] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1714.799264][T18486] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,
[ 1714.839676][T18486] ext2 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1715.179940][T18502] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1715.212279][   T24] kauditd_printk_skb: 154 callbacks suppressed
[ 1715.212322][   T24] audit: type=1400 audit(1744115633.630:386): avc:  denied  { write } for  pid=18501 comm="syz.2.3489" name="file1" dev="loop2" ino=1049585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1715.248691][T18502] exFAT-fs (loop2): hint_cluster is invalid (17)
[ 1715.271191][T18502] exFAT-fs (loop2): error, broken FAT chain.
[ 1715.277538][T18502] exFAT-fs (loop2): Filesystem has been set read-only
[ 1715.285060][T18502] exFAT-fs (loop2): error, failed to bmap (inode : ffff88811bb421d0 iblock : 8, err : -5)
[ 1715.328428][   T24] audit: type=1400 audit(1744115633.670:387): avc:  denied  { open } for  pid=18501 comm="syz.2.3489" name="file1" dev="loop2" ino=1049585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1715.351110][   T24] audit: type=1400 audit(1744115633.680:388): avc:  denied  { read } for  pid=18501 comm="syz.2.3489" name="file1" dev="loop2" ino=1049585 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1715.596737][   T24] audit: type=1400 audit(1744115634.020:389): avc:  denied  { mount } for  pid=18533 comm="syz.1.3502" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1715.695768][   T24] audit: type=1400 audit(1744115634.120:390): avc:  denied  { read } for  pid=18545 comm="syz.0.3507" name="usbmon1" dev="devtmpfs" ino=151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1715.721776][   T24] audit: type=1400 audit(1744115634.140:391): avc:  denied  { open } for  pid=18545 comm="syz.0.3507" path="/dev/usbmon1" dev="devtmpfs" ino=151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1715.747318][T18549] capability: warning: `syz.1.3508' uses deprecated v2 capabilities in a way that may be insecure
[ 1715.775094][T18552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3509'.
[ 1715.804462][   T24] audit: type=1326 audit(1744115634.230:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18553 comm="syz.1.3510" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f413576e169 code=0x0
[ 1715.866258][   T24] audit: type=1400 audit(1744115634.280:393): avc:  denied  { read } for  pid=18556 comm="syz.3.3511" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1715.896384][   T24] audit: type=1400 audit(1744115634.280:394): avc:  denied  { open } for  pid=18556 comm="syz.3.3511" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1715.922992][T18559] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1715.967335][T18559] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #17: comm syz.3.3512: iget: bad i_size value: -6917529027641081756
[ 1715.981677][T18559] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.3512: couldn't read orphan inode 17 (err -117)
[ 1715.993982][T18559] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue
[ 1716.017579][T18559] EXT4-fs error (device loop3): ext4_readdir:260: inode #12: block 13: comm syz.3.3512: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=12, rec_len=0, size=4096 fake=0
[ 1716.128335][   T24] audit: type=1400 audit(1744115634.550:395): avc:  denied  { create } for  pid=18588 comm="syz.4.3522" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1716.793494][T18607] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[ 1716.816255][T18607] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0002]
[ 1716.830444][T18607] System zones: 1-12
[ 1716.835290][T18607] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1716.841529][T18607] EXT4-fs error (device loop4): ext4_read_inode_bitmap:168: comm syz.4.3527: Inode bitmap for bg 0 marked uninitialized
[ 1716.862189][T18607] EXT4-fs (loop4): Remounting filesystem read-only
[ 1716.870100][T18607] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,
[ 1721.593300][T18641] netlink: 272 bytes leftover after parsing attributes in process `syz.0.3539'.
[ 1721.616852][T18641] netlink: 272 bytes leftover after parsing attributes in process `syz.0.3539'.
[ 1721.649362][T18646] VFS: Non-string source
[ 1721.697823][   T24] kauditd_printk_skb: 1 callbacks suppressed
[ 1721.697836][   T24] audit: type=1400 audit(1744115640.120:397): avc:  denied  { create } for  pid=18647 comm="syz.4.3541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1721.729993][T18648] kvm: pic: non byte read
[ 1721.740639][T18648] kvm: pic: non byte read
[ 1721.819513][T18668] EXT4-fs (loop2): Ignoring removed nobh option
[ 1721.839858][T18668] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier=0x0000000000000004,bsddf,nobh,init_itable=0x0000000000000003,data_err=ignore,,errors=continue
[ 1721.884129][T18685] VFS: Non-string source
[ 1721.950557][T18696] netlink: 'syz.4.3563': attribute type 4 has an invalid length.
[ 1721.991175][   T24] audit: type=1400 audit(1744115640.410:398): avc:  denied  { connect } for  pid=18705 comm="syz.1.3568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1722.013367][T18699] erofs: (device loop2): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300)
[ 1722.043866][ T9954] print_req_error: 150 callbacks suppressed
[ 1722.043883][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1722.079538][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.090618][ T9954] buffer_io_error: 126 callbacks suppressed
[ 1722.090629][ T9954] Buffer I/O error on dev loop3p1, logical block 8, async page read
[ 1722.108671][T18720] VFS: Non-string source
[ 1722.116094][ T9954] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.129231][ T9954] Buffer I/O error on dev loop3p1, logical block 9, async page read
[ 1722.140308][ T9954] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.142106][   T24] audit: type=1400 audit(1744115640.560:399): avc:  denied  { read write } for  pid=18722 comm="syz.0.3577" name="rtc0" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1722.151106][ T9954] Buffer I/O error on dev loop3p1, logical block 10, async page read
[ 1722.182386][ T9954] blk_update_request: I/O error, dev loop3, sector 14 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.193284][ T9954] Buffer I/O error on dev loop3p1, logical block 11, async page read
[ 1722.202156][ T9954] blk_update_request: I/O error, dev loop3, sector 15 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.213080][ T9954] Buffer I/O error on dev loop3p1, logical block 12, async page read
[ 1722.221020][ T9954] blk_update_request: I/O error, dev loop3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.234674][T18699] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1722.240841][   T24] audit: type=1400 audit(1744115640.560:400): avc:  denied  { open } for  pid=18722 comm="syz.0.3577" path="/dev/rtc0" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1722.269783][   T24] audit: type=1400 audit(1744115640.560:401): avc:  denied  { ioctl } for  pid=18722 comm="syz.0.3577" path="/dev/rtc0" dev="devtmpfs" ino=254 ioctlcmd=0x700a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1722.294636][ T9954] Buffer I/O error on dev loop3p1, logical block 13, async page read
[ 1722.302626][ T9954] blk_update_request: I/O error, dev loop3, sector 17 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.313494][ T9954] Buffer I/O error on dev loop3p1, logical block 14, async page read
[ 1722.321449][ T9954] blk_update_request: I/O error, dev loop3, sector 18 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1722.332192][ T9954] Buffer I/O error on dev loop3p1, logical block 15, async page read
[ 1722.347800][T18738] netlink: 'syz.0.3584': attribute type 1 has an invalid length.
[ 1722.349143][T18718] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1722.364687][T10908] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1722.381182][   T24] audit: type=1400 audit(1744115640.800:402): avc:  denied  { read } for  pid=18698 comm="syz.2.3562" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1722.386615][ T9954] Buffer I/O error on dev loop3p5, logical block 8, async page read
[ 1722.411809][ T9954] Buffer I/O error on dev loop3p5, logical block 9, async page read
[ 1722.429615][T18718] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1722.436548][T18718] EXT4-fs error (device loop4): mb_free_blocks:1524: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[ 1722.455057][T18718] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27
[ 1722.463971][T18718] EXT4-fs error (device loop4): ext4_dirty_inode:6110: inode #11: comm syz.4.3569: mark_inode_dirty error
[ 1722.477081][T18718] EXT4-fs error (device loop4): ext4_free_branches:1026: inode #11: comm syz.4.3569: invalid indirect mapped block 1 (level 1)
[ 1722.491036][T18718] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27
[ 1722.499948][T18718] EXT4-fs error (device loop4) in ext4_orphan_del:3292: error 27
[ 1722.506349][   T24] audit: type=1400 audit(1744115640.800:403): avc:  denied  { open } for  pid=18698 comm="syz.2.3562" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1722.508163][T18718] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27
[ 1722.539492][T18718] EXT4-fs error (device loop4): ext4_truncate:4389: inode #11: comm syz.4.3569: mark_inode_dirty error
[ 1722.551130][T18718] EXT4-fs error (device loop4) in ext4_orphan_cleanup:3108: error 27
[ 1722.560349][T18718] EXT4-fs (loop4): 1 truncate cleaned up
[ 1722.566169][T18718] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1722.601020][   T24] audit: type=1400 audit(1744115640.890:404): avc:  denied  { write } for  pid=18698 comm="syz.2.3562" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1722.623060][   T24] audit: type=1400 audit(1744115640.890:405): avc:  denied  { add_name } for  pid=18698 comm="syz.2.3562" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1722.665074][   T24] audit: type=1400 audit(1744115640.890:406): avc:  denied  { associate } for  pid=18698 comm="syz.2.3562" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1723.464923][T18777] 9pnet: Insufficient options for proto=fd
[ 1723.498923][T18773] SELinux: failed to load policy
[ 1723.508970][T18770] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier=0x0000000000000000,resuid=0x0000000000000000,noblock_validity,errors=remount-ro,
[ 1723.706468][T18810] erofs: (device loop4): mounted with root inode @ nid 36.
[ 1723.713634][T14332] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1723.816930][   T42] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.839558][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.858380][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.877066][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.895284][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.913293][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1723.931216][T18835] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[ 1724.213298][T14332] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1724.442375][T14332] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1724.465189][T14332] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1724.486541][T14332] usb 4-1: Product: syz
[ 1724.499018][T14332] usb 4-1: Manufacturer: syz
[ 1724.509864][T14332] usb 4-1: SerialNumber: syz
[ 1724.788235][T18860] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3630'.
[ 1724.964910][T18881] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3640'.
[ 1724.992220][ T1048] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 1725.242241][T14332] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS
[ 1725.248239][T14332] cdc_ncm 4-1:1.0: bind() failure
[ 1725.257560][T14332] cdc_ncm 4-1:1.1: bind() failure
[ 1725.273933][T14332] usb 4-1: USB disconnect, device number 66
[ 1725.358698][T18894] VFS: Non-string source
[ 1725.413386][ T1048] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1725.426013][ T1048] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1725.436270][ T1048] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1725.446086][ T1048] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1725.460474][ T1048] usb 5-1: config 0 descriptor??
[ 1725.777046][T18906] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 198)
[ 1725.873869][T18909] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1725.893900][T18909] FAT-fs (loop3): error, corrupted file size (i_pos 548, 512)
[ 1725.901211][T18909] FAT-fs (loop3): Filesystem has been set read-only
[ 1726.075687][T18915] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue
[ 1726.096317][T18915] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1726.153754][ T1048] hid-led: probe of 0003:27B8:01ED.0001 failed with error -71
[ 1726.179911][ T1048] usb 5-1: USB disconnect, device number 51
[ 1726.196730][T18922] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1726.214989][T18922] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[ 1726.224414][T18922] System zones: 1-12
[ 1726.228775][T18922] EXT4-fs (loop3): 1 truncate cleaned up
[ 1726.242680][T18922] EXT4-fs (loop3): mounted filesystem without journal. Opts: nolazytime,init_itable=0x000000007fffffff,debug,lazytime,nombcache,noload,,errors=continue
[ 1726.268317][T18922] EXT4-fs (loop3): shut down requested (2)
[ 1726.274928][T18922] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[ 1726.283904][T18922] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[ 1726.296338][T18922] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[ 1726.367075][T18932] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1726.554972][T18945] netlink: 452 bytes leftover after parsing attributes in process `syz.1.3667'.
[ 1726.682139][ T1874] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1726.693928][T18949] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1726.703156][T18949] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1726.712507][T18949] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[ 1726.721419][T18949] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[ 1726.729421][T18949] System zones: 0-2, 18-18, 34-34
[ 1726.735091][T18949] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1047: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1726.749925][T18949] EXT4-fs (loop4): 1 truncate cleaned up
[ 1726.755468][T18949] EXT4-fs (loop4): mounted filesystem without journal. Opts: min_batch_time=0x000000000000a04d,errors=continue,,errors=continue
[ 1726.892964][T18960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3672'.
[ 1726.942097][ T1874] usb 1-1: Using ep0 maxpacket: 16
[ 1727.053050][T18971] EXT4-fs (loop4): Unrecognized mount option "mb_optimize_scan=0x0000000000000001" or missing value
[ 1727.145414][   T24] kauditd_printk_skb: 22 callbacks suppressed
[ 1727.145429][   T24] audit: type=1400 audit(1744115645.570:429): avc:  denied  { read } for  pid=18983 comm="syz.4.3682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1727.265696][ T9954] print_req_error: 205 callbacks suppressed
[ 1727.265714][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1727.286594][T10908] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1727.298333][T10908] blk_update_request: I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.299818][T10909] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[ 1727.309417][ T9954] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.320259][ T1874] usb 1-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[ 1727.331033][T10908] buffer_io_error: 173 callbacks suppressed
[ 1727.331046][T10908] Buffer I/O error on dev loop3p4, logical block 0, async page read
[ 1727.349566][ T1874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1727.367986][ T9954] Buffer I/O error on dev loop3p1, logical block 8, async page read
[ 1727.376478][ T1874] usb 1-1: Product: syz
[ 1727.378799][ T9954] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.381435][ T1874] usb 1-1: Manufacturer: syz
[ 1727.392728][T10909] blk_update_request: I/O error, dev loop3, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.406182][ T1874] usb 1-1: SerialNumber: syz
[ 1727.413903][ T1874] usb 1-1: config 0 descriptor??
[ 1727.426325][ T9954] Buffer I/O error on dev loop3p1, logical block 9, async page read
[ 1727.437584][T10909] Buffer I/O error on dev loop3p5, logical block 8, async page read
[ 1727.450051][ T9954] blk_update_request: I/O error, dev loop3, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.462166][T10909] blk_update_request: I/O error, dev loop3, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.478937][ T9954] Buffer I/O error on dev loop3p1, logical block 10, async page read
[ 1727.486964][T10909] Buffer I/O error on dev loop3p5, logical block 9, async page read
[ 1727.494901][ T9954] blk_update_request: I/O error, dev loop3, sector 14 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1727.512595][T10909] Buffer I/O error on dev loop3p5, logical block 10, async page read
[ 1727.520600][ T9954] Buffer I/O error on dev loop3p1, logical block 11, async page read
[ 1727.528506][T10909] Buffer I/O error on dev loop3p5, logical block 11, async page read
[ 1727.536787][ T9954] Buffer I/O error on dev loop3p1, logical block 12, async page read
[ 1727.678639][ T1048] usb 1-1: USB disconnect, device number 60
[ 1727.955542][   T24] audit: type=1400 audit(1744115646.380:430): avc:  denied  { read } for  pid=19012 comm="syz.2.3695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1728.107561][   T24] audit: type=1326 audit(1744115646.530:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19015 comm="syz.2.3696" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbaefb02169 code=0x0
[ 1728.168056][   T24] audit: type=1400 audit(1744115646.590:432): avc:  denied  { ioctl } for  pid=19034 comm="syz.4.3705" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1728.198110][T19036] binder: 19034:19036 ioctl c018620c 200000000080 returned -22
[ 1728.229196][   T24] audit: type=1400 audit(1744115646.590:433): avc:  denied  { set_context_mgr } for  pid=19034 comm="syz.4.3705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[ 1728.290346][   T24] audit: type=1400 audit(1744115646.650:434): avc:  denied  { ioctl } for  pid=19044 comm="syz.4.3710" path="socket:[76365]" dev="sockfs" ino=76365 ioctlcmd=0x48ca scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1728.677243][   T24] audit: type=1400 audit(1744115647.100:435): avc:  denied  { write } for  pid=19093 comm="syz.4.3733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1728.797684][T19111] cgroup: syz.0.3741 (19111) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future.
[ 1728.814302][T19111] cgroup: "memory" requires setting use_hierarchy to 1 on the root
[ 1729.033408][T19128] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue
[ 1729.035073][T19134] device syzkaller0 entered promiscuous mode
[ 1729.051375][T19134] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[ 1729.055504][T19128] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1729.801093][   T24] audit: type=1326 audit(1744115648.220:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19154 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dd1577169 code=0x7ffc0000
[ 1729.851786][   T24] audit: type=1326 audit(1744115648.220:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19154 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5dd1577169 code=0x7ffc0000
[ 1729.923177][   T24] audit: type=1326 audit(1744115648.220:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19154 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5dd1577169 code=0x7ffc0000
[ 1730.101283][T19173] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[ 1730.135715][T19173] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1730.160605][T19173] ext2 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1730.289122][T19205] tmpfs: Unknown parameter 'r'
[ 1730.838285][T19217] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1730.859205][T19217] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1730.875691][T19217] device bridge_slave_0 entered promiscuous mode
[ 1730.889398][T19217] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1730.896989][T19217] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1730.904737][T19217] device bridge_slave_1 entered promiscuous mode
[ 1730.943047][T19235] tmpfs: Unknown parameter 'r'
[ 1730.996495][T19217] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1731.003384][T19217] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1731.010492][T19217] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1731.017306][T19217] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1731.063616][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1731.071988][T14649] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1731.079640][T14649] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1731.101283][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1731.115210][T14649] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1731.122094][T14649] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1731.132768][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1731.141978][T14649] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1731.148861][T14649] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1731.172799][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1731.182954][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1731.200753][T19217] device veth0_vlan entered promiscuous mode
[ 1731.202205][ T3833] usb 5-1: new full-speed USB device number 52 using dummy_hcd
[ 1731.208985][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1731.223705][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1731.231970][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1731.239875][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1731.259865][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1731.269758][T19217] device veth1_macvtap entered promiscuous mode
[ 1731.281147][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1731.297670][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1731.452452][T19271] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000009,minixdf,nolazytime,stripe=0x0000000000008000,,errors=continue
[ 1731.489477][T19271] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1731.572544][ T3833] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[ 1731.583262][ T1960] device bridge_slave_1 left promiscuous mode
[ 1731.584009][ T3833] usb 5-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[ 1731.589307][ T1960] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1731.607031][ T1960] device bridge_slave_0 left promiscuous mode
[ 1731.621634][ T1960] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1731.638599][ T3833] usb 5-1: config 179 has no interface number 0
[ 1731.645751][ T1960] device veth1_macvtap left promiscuous mode
[ 1731.651864][ T3833] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid wMaxPacketSize 0
[ 1731.655049][ T1960] device veth0_vlan left promiscuous mode
[ 1731.671476][ T3833] usb 5-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[ 1731.698596][ T3833] usb 5-1: config 179 interface 65 has no altsetting 0
[ 1731.782184][ T3833] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1731.794401][ T3833] usb 5-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[ 1731.811065][ T3833] usb 5-1: Manufacturer: syz
[ 1732.065728][ T1048] usb 5-1: USB disconnect, device number 52
[ 1732.450643][   T24] kauditd_printk_skb: 84 callbacks suppressed
[ 1732.450657][   T24] audit: type=1400 audit(1744115650.870:523): avc:  denied  { write } for  pid=19303 comm="syz.1.3821" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1732.556594][T19316] erofs: (device loop5): mounted with root inode @ nid 36.
[ 1732.565620][   T24] audit: type=1400 audit(1744115650.990:524): avc:  denied  { read } for  pid=19315 comm="syz.5.3825" name="file2" dev="loop5" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1732.571705][T19316] erofs: (device loop5): z_erofs_readahead: readahead error at page 1 @ nid 89
[ 1732.596421][T19316] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 89
[ 1732.622151][ T3833] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1732.799668][   T24] audit: type=1400 audit(1744115651.220:525): avc:  denied  { name_bind } for  pid=19320 comm="syz.4.3827" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 1732.846981][   T24] audit: type=1400 audit(1744115651.270:526): avc:  denied  { getopt } for  pid=19325 comm="syz.4.3829" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1732.895022][T19326] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1732.932152][T14332] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1732.958340][   T24] audit: type=1400 audit(1744115651.380:527): avc:  denied  { read } for  pid=19328 comm="syz.4.3830" name="rtc0" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1732.982209][   T24] audit: type=1400 audit(1744115651.380:528): avc:  denied  { open } for  pid=19328 comm="syz.4.3830" path="/dev/rtc0" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1733.006781][ T3833] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1733.019716][   T24] audit: type=1400 audit(1744115651.380:529): avc:  denied  { ioctl } for  pid=19328 comm="syz.4.3830" path="/dev/rtc0" dev="devtmpfs" ino=254 ioctlcmd=0x7007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1733.069740][   T24] audit: type=1400 audit(1744115651.480:530): avc:  denied  { name_bind } for  pid=19331 comm="syz.4.3831" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1733.092820][ T3833] usb 1-1: config 1 has no interface number 0
[ 1733.102044][   T24] audit: type=1400 audit(1744115651.480:531): avc:  denied  { node_bind } for  pid=19331 comm="syz.4.3831" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 1733.104755][ T3833] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1733.133877][ T3833] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[ 1733.143221][ T3833] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 27106, setting to 1024
[ 1733.155896][ T3833] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[ 1733.212140][T14332] usb 6-1: Using ep0 maxpacket: 32
[ 1733.226327][T19343] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x00949fb8, utbl_chksum : 0x7319d30d)
[ 1733.270672][   T24] audit: type=1400 audit(1744115651.690:532): avc:  denied  { ioctl } for  pid=19357 comm="syz.1.3844" path="socket:[78123]" dev="sockfs" ino=78123 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1733.332306][ T3833] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1733.341601][ T3833] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.349607][ T3833] usb 1-1: Product: syz
[ 1733.353755][T14332] usb 6-1: config 2 has an invalid interface number: 82 but max is 3
[ 1733.361645][T14332] usb 6-1: config 2 has an invalid interface number: 156 but max is 3
[ 1733.369961][ T3833] usb 1-1: Manufacturer: syz
[ 1733.374510][ T3833] usb 1-1: SerialNumber: syz
[ 1733.379926][T14332] usb 6-1: config 2 has an invalid interface number: 156 but max is 3
[ 1733.388737][T14332] usb 6-1: config 2 has an invalid interface number: 161 but max is 3
[ 1733.397321][T14332] usb 6-1: config 2 has an invalid interface number: 145 but max is 3
[ 1733.405793][T14332] usb 6-1: config 2 has no interface number 0
[ 1733.411792][T14332] usb 6-1: config 2 has no interface number 1
[ 1733.418037][T14332] usb 6-1: config 2 has no interface number 2
[ 1733.431835][T14332] usb 6-1: config 2 has no interface number 3
[ 1733.440599][T14332] usb 6-1: config 2 interface 82 altsetting 16 endpoint 0xF has an invalid bInterval 185, changing to 11
[ 1733.451712][T14332] usb 6-1: config 2 interface 82 altsetting 16 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[ 1733.462502][T14332] usb 6-1: config 2 interface 82 altsetting 16 has 3 endpoint descriptors, different from the interface descriptor's value: 5
[ 1733.475421][T14332] usb 6-1: too many endpoints for config 2 interface 156 altsetting 232: 193, using maximum allowed: 30
[ 1733.486458][T14332] usb 6-1: config 2 interface 156 altsetting 232 has a duplicate endpoint with address 0x7, skipping
[ 1733.497356][T19371] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1733.506406][T19371] EXT4-fs (loop4): 1 orphan inode deleted
[ 1733.507295][T14332] usb 6-1: config 2 interface 156 altsetting 232 has 2 endpoint descriptors, different from the interface descriptor's value: 193
[ 1733.513105][T19371] EXT4-fs (loop4): 1 truncate cleaned up
[ 1733.526146][T14332] usb 6-1: config 2 interface 161 altsetting 218 has an invalid endpoint with address 0x2F, skipping
[ 1733.532000][T19371] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,max_dir_size_kb=0x0000000000000001,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,jqfmt=vfsold,noload,sysvgroups,init_itable,debug_want_extra_isize=0x0000000000000006,
[ 1733.570752][T14332] usb 6-1: config 2 interface 82 has no altsetting 0
[ 1733.577582][T14332] usb 6-1: config 2 interface 156 has no altsetting 0
[ 1733.584308][T14332] usb 6-1: config 2 interface 156 has no altsetting 1
[ 1733.590986][T14332] usb 6-1: config 2 interface 161 has no altsetting 0
[ 1733.597857][T14332] usb 6-1: config 2 interface 145 has no altsetting 0
[ 1733.641302][T19311] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1733.762396][T14332] usb 6-1: New USB device found, idVendor=0733, idProduct=3281, bcdDevice=6f.74
[ 1733.771514][T14332] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.790942][T14332] usb 6-1: Product: syz
[ 1733.795163][T14332] usb 6-1: Manufacturer: syz
[ 1733.799634][T14332] usb 6-1: SerialNumber: syz
[ 1733.985425][T19386] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3853'.
[ 1734.115805][T19393] device sit0 entered promiscuous mode
[ 1734.126160][T19393] netlink: 'syz.2.3857': attribute type 1 has an invalid length.
[ 1734.134970][T19393] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3857'.
[ 1734.174123][T19395] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1734.183188][T19395] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1734.198869][T19395] EXT4-fs (loop4): 1 truncate cleaned up
[ 1734.209441][T19395] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,journal_ioprio=0x0000000000000006,inode_readahead_blks=0x0000000000040000,,errors=continue
[ 1734.256053][T14332] usb 6-1: USB disconnect, device number 2
[ 1734.303255][T19311] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1734.324971][ T3833] cdc_ncm 1-1:1.1: bind() failure
[ 1734.345242][T19406] netlink: 'syz.2.3862': attribute type 16 has an invalid length.
[ 1734.356358][T19406] netlink: 'syz.2.3862': attribute type 17 has an invalid length.
[ 1734.454270][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[ 1734.477572][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1734.497886][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[ 1734.517545][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1734.532301][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1734.541428][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1734.549051][ T1048] usb 1-1: USB disconnect, device number 61
[ 1734.556644][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1734.583334][T14085] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1734.736117][T19416] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[ 1735.355227][T19441] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1735.365986][T19441] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1735.376983][T19441] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1735.592141][T14332] usb 1-1: new full-speed USB device number 62 using dummy_hcd
[ 1735.599817][T19447] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[ 1735.617295][T19456] SELinux:  Context system_u:object_r:gpg_exec_t:s0 is not valid (left unmapped).
[ 1735.715297][T19466] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue
[ 1735.814288][T19475] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 1735.830424][T19475] EXT4-fs (loop4): 1 orphan inode deleted
[ 1735.836319][T19475] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,max_batch_time=0x0000000000005314,usrquota,jqfmt=vfsv1,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000000100,debug_want_extra_isize=0x000000000000005c,i_version,,errors=continue
[ 1735.880756][T19475] EXT4-fs error (device loop4): htree_dirblock_to_tree:1063: inode #2: comm syz.4.3892: Directory hole found for htree leaf block 0
[ 1735.894673][T19479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1735.901522][T19479] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1735.909845][T19479] device bridge_slave_0 entered promiscuous mode
[ 1735.918889][T19479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1735.926098][T19479] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1735.933542][T19479] device bridge_slave_1 entered promiscuous mode
[ 1735.952190][T14332] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1735.964849][T14332] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1736.022908][T19479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1736.029825][T19479] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1736.036924][T19479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1736.043774][T19479] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1736.057187][T19492] FAT-fs (loop4): bogus number of FAT sectors
[ 1736.064420][T19492] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1736.076295][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1736.083829][T14649] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1736.090976][T14649] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1736.100501][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1736.109111][T14649] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1736.115995][T14649] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1736.127456][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1736.135750][T14649] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1736.142848][T14649] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1736.150442][T14332] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1736.159701][T14332] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1736.177011][T14332] usb 1-1: Product: syz
[ 1736.181007][T14332] usb 1-1: Manufacturer: syz
[ 1736.185934][T14332] usb 1-1: SerialNumber: syz
[ 1736.197535][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1736.205486][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1736.226170][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1736.228328][T19500] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1736.250018][T19479] device veth0_vlan entered promiscuous mode
[ 1736.256948][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1736.264665][T19500] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1736.265212][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1736.281687][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1736.299957][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1736.310885][T19479] device veth1_macvtap entered promiscuous mode
[ 1736.321543][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1736.335269][T14649] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1736.387813][ T7552] device bridge_slave_1 left promiscuous mode
[ 1736.393930][ T7552] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1736.401363][ T7552] device bridge_slave_0 left promiscuous mode
[ 1736.408120][ T7552] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1736.414329][T19507] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1736.427069][ T7552] device veth1_macvtap left promiscuous mode
[ 1736.428243][T19507] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1736.433431][ T7552] device veth0_vlan left promiscuous mode
[ 1736.449358][T19507] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1736.596467][T19520] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1736.607942][T19520] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 1736.618667][T19520] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1736.648941][T19516] EXT4-fs (loop4): mounted filesystem without journal. Opts: commit=0x0000000000000005,,errors=continue
[ 1736.702250][T14332] usb 1-1: 0:2 : does not exist
[ 1736.707754][T14332] usb 1-1: unit 4 not found!
[ 1736.714742][T14332] usb 1-1: USB disconnect, device number 62
[ 1736.825877][T19527] erofs: (device loop6): mounted with root inode @ nid 36.
[ 1736.845232][T19527] erofs: (device loop6): find_target_block_classic: corrupted dir block 0 @ nid 36
[ 1736.854848][T19527] erofs: (device loop6): find_target_block_classic: corrupted dir block 0 @ nid 36
[ 1736.889044][T19537] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1736.912841][ T9954] udevd[9954]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1736.995267][T19532]  loop4: p1 < > p3
[ 1737.000065][T19532] loop4: p3 size 134217728 extends beyond EOD, truncated
[ 1737.181393][T10908] udevd[10908]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1737.197211][ T9954] udevd[9954]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1737.262233][  T752] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1737.313598][T19562] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1737.436988][T19570] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,
[ 1737.447719][T19570] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1737.512178][  T752] usb 7-1: Using ep0 maxpacket: 32
[ 1737.585175][T19574] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1737.642181][  T752] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1737.651084][  T752] usb 7-1: config 1 has no interface number 1
[ 1737.657309][  T752] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1737.677176][T19577] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1737.758075][T19583] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1737.768924][T19583] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1737.780213][T19583] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 1737.871624][T19596] EXT4-fs error (device loop4): ext4_orphan_get:1395: inode #15: comm syz.4.3936: casefold flag without casefold feature
[ 1737.884345][  T752] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1737.894049][T19596] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz.4.3936: missing EA_INODE flag
[ 1737.905538][  T752] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1737.913677][  T752] usb 7-1: Product: syz
[ 1737.917895][T19596] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.3936: error while reading EA inode 12 err=-117
[ 1737.930083][  T752] usb 7-1: Manufacturer: syz
[ 1737.934590][  T752] usb 7-1: SerialNumber: syz
[ 1737.942484][T19596] EXT4-fs (loop4): 1 orphan inode deleted
[ 1737.948184][T19596] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,,errors=continue
[ 1737.971286][T19596] syz.4.3936 (pid 19596) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 1737.984922][T19596] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload
[ 1738.005277][T19606] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1738.050268][   T24] kauditd_printk_skb: 42 callbacks suppressed
[ 1738.050282][   T24] audit: type=1400 audit(1744115656.470:575): avc:  denied  { setopt } for  pid=19614 comm="syz.1.3944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1738.120530][T19609] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1738.130655][T19609] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1738.142885][T19609] EXT4-fs (loop4): 1 truncate cleaned up
[ 1738.148370][T19609] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,usrquota,max_dir_size_kb=0x000000000000148a,,errors=continue
[ 1738.168168][T19609] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)"
[ 1738.178531][   T24] audit: type=1400 audit(1744115656.600:576): avc:  denied  { create } for  pid=19607 comm="syz.4.3941" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1738.178954][T19609] EXT4-fs error (device loop4): ext4_find_dest_de:2079: inode #2: block 13: comm syz.4.3941: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1738.290030][   T24] audit: type=1400 audit(1744115656.710:577): avc:  denied  { setopt } for  pid=19640 comm="syz.0.3956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1738.332237][  T752] usb 7-1: 2:1 : unknown format tag 0x2 is detected.  processed as MPEG.
[ 1738.342577][T19643] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1738.349677][  T752] usb 7-1: found format II with max.bitrate = 0, frame size=32768
[ 1738.368831][T19643] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1738.391127][  T752] usb 7-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1738.436050][  T752] usb 7-1: USB disconnect, device number 2
[ 1738.491781][   T24] audit: type=1400 audit(1744115656.910:578): avc:  denied  { bind } for  pid=19656 comm="syz.2.3962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1738.493635][T19659] netlink: 160 bytes leftover after parsing attributes in process `syz.0.3963'.
[ 1738.511678][   T24] audit: type=1400 audit(1744115656.920:579): avc:  denied  { nlmsg_read } for  pid=19658 comm="syz.0.3963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1738.580105][T19654] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1738.604756][   T24] audit: type=1400 audit(1744115657.030:580): avc:  denied  { nlmsg_read } for  pid=19673 comm="syz.0.3969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1738.639437][   T24] audit: type=1400 audit(1744115657.060:581): avc:  denied  { bind } for  pid=19677 comm="syz.0.3972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1738.679793][   T24] audit: type=1400 audit(1744115657.060:582): avc:  denied  { setopt } for  pid=19677 comm="syz.0.3972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1738.702025][   T24] audit: type=1400 audit(1744115657.090:583): avc:  denied  { read } for  pid=19678 comm="syz.2.3973" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1738.702608][T19687] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3974'.
[ 1738.758455][T19682] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000001,nodiscard,quota,,errors=continue
[ 1738.782206][T19682] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1738.822106][   T24] audit: type=1400 audit(1744115657.240:584): avc:  denied  { ioctl } for  pid=19703 comm="syz.0.3982" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1738.858750][T19682] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27
[ 1738.898184][T19682] EXT4-fs error (device loop4): ext4_dirty_inode:6110: inode #2: comm syz.4.3971: mark_inode_dirty error
[ 1738.937646][T19682] EXT4-fs error (device loop4) in ext4_do_update_inode:5303: error 27
[ 1738.966319][T19682] EXT4-fs error (device loop4): __ext4_ext_dirty:182: inode #2: comm syz.4.3971: mark_inode_dirty error
[ 1738.992493][T19732] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3996'.
[ 1739.181172][T19749] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4002'.
[ 1739.242153][  T752] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1739.521859][  T752] usb 7-1: Using ep0 maxpacket: 8
[ 1739.642260][  T752] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1739.650635][  T752] usb 7-1: config 179 has no interface number 0
[ 1739.662476][  T752] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1739.674477][  T752] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1739.686567][  T752] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1739.697225][  T752] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1739.711292][  T752] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1739.721701][  T752] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1739.762278][T19729] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1739.990102][  T688] usb 7-1: USB disconnect, device number 3
[ 1740.055603][T19784] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=continue,,errors=continue
[ 1740.069952][T19784] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1740.129319][T19784] EXT4-fs (loop4): shut down requested (0)
[ 1740.514586][T19806] EXT4-fs (loop4): Ignoring removed nobh option
[ 1740.558832][T19806] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue
[ 1740.569409][T19806] ext4 filesystem being mounted at /169/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1740.618405][T19810] FAT-fs (loop6): Unrecognized mount option "shortname=winÄ" or missing value
[ 1741.193760][T19838] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4037'.
[ 1741.217696][T19840] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue
[ 1741.241073][T19840] EXT4-fs warning (device loop6): empty_inline_dir:1839: bad inline directory (dir #12) - no `..'
[ 1741.343584][T19859] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1741.372122][T19859] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[ 1741.384418][T19859] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1741.432155][    T5] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1741.645033][T19875] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1741.651896][T19875] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.660581][T19875] device bridge_slave_0 entered promiscuous mode
[ 1741.667550][T19884] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4058'.
[ 1741.672252][    T5] usb 5-1: Using ep0 maxpacket: 16
[ 1741.689782][T19875] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1741.700629][T19875] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.711234][T19875] device bridge_slave_1 entered promiscuous mode
[ 1741.792178][    T5] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1741.803084][    T5] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1741.813177][    T5] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1741.819956][    T5] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1741.828930][    T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1741.843679][    T5] usb 5-1: config 0 descriptor??
[ 1741.899420][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1741.907170][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1741.922388][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1741.930652][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1741.938965][ T7552] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1741.945859][ T7552] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1741.953974][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1741.962403][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1741.971213][ T7552] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1741.978086][ T7552] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1742.004650][T19875] device veth0_vlan entered promiscuous mode
[ 1742.023469][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1742.031943][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1742.040759][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1742.048266][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1742.056255][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1742.063979][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1742.071904][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1742.089823][T19875] device veth1_macvtap entered promiscuous mode
[ 1742.102385][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1742.114581][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1742.124900][T19903] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1742.139679][ T7552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1742.191210][T19917] SELinux: ebitmap start bit (-304378041) is not a multiple of the map unit size (64)
[ 1742.200838][T19917] SELinux: failed to load policy
[ 1742.206386][ T1960] device bridge_slave_1 left promiscuous mode
[ 1742.213063][ T1960] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1742.220548][ T1960] device bridge_slave_0 left promiscuous mode
[ 1742.226977][ T1960] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1742.235304][ T1960] device veth1_macvtap left promiscuous mode
[ 1742.241182][ T1960] device veth0_vlan left promiscuous mode
[ 1742.325326][    T5] hid (null): global environment stack underflow
[ 1742.333975][    T5] hid (null): unknown global tag 0xc
[ 1742.339164][    T5] hid (null): unknown global tag 0xc
[ 1742.344470][    T5] hid (null): unknown global tag 0xe7
[ 1742.452224][ T1048] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1742.531766][ T1874] usb 5-1: USB disconnect, device number 53
[ 1742.842581][ T1048] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1742.852595][ T1048] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1742.942204][ T1048] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1742.951153][ T1048] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1742.959669][ T1048] usb 8-1: SerialNumber: syz
[ 1743.104137][T19959] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue
[ 1743.113064][T19959] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1743.127674][   T24] kauditd_printk_skb: 35 callbacks suppressed
[ 1743.127689][   T24] audit: type=1400 audit(1744115661.550:619): avc:  denied  { ioctl } for  pid=19958 comm="syz.4.4092" path="/173/file1/file2" dev="loop4" ino=16 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1743.258892][T19972] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1743.271700][ T1048] usb 8-1: 0:2 : does not exist
[ 1743.279892][ T1048] usb 8-1: USB disconnect, device number 2
[ 1743.280104][   T24] audit: type=1400 audit(1744115661.700:620): avc:  denied  { write open } for  pid=19971 comm="syz.4.4095" path="/174/file2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=1049607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1743.331260][   T24] audit: type=1400 audit(1744115661.720:621): avc:  denied  { read append } for  pid=19971 comm="syz.4.4095" path="/174/file2/blkio.bfq.time_recursive" dev="loop4" ino=1049609 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1743.423199][T19975] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1743.432094][T19975] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue
[ 1743.503618][ T9954] udevd[9954]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1743.830045][T13578] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1744.054775][T20011] netlink: 25 bytes leftover after parsing attributes in process `syz.1.4112'.
[ 1744.122196][T13578] usb 5-1: Using ep0 maxpacket: 16
[ 1744.252209][T13578] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1744.263117][T13578] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1744.272859][ T1874] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1744.280451][T13578] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1744.287254][T13578] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1744.296662][T13578] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1744.305774][T13578] usb 5-1: config 0 descriptor??
[ 1744.396148][T20050] netlink: 'syz.2.4130': attribute type 16 has an invalid length.
[ 1744.403950][T20050] netlink: 'syz.2.4130': attribute type 17 has an invalid length.
[ 1744.459715][   T24] audit: type=1400 audit(1744115662.880:622): avc:  denied  { create } for  pid=20055 comm="syz.2.4133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1744.522104][ T1874] usb 1-1: Using ep0 maxpacket: 8
[ 1744.601494][   T24] audit: type=1400 audit(1744115663.020:623): avc:  denied  { create } for  pid=20079 comm="syz.2.4145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1744.742968][ T1874] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1744.753941][   T24] audit: type=1400 audit(1744115663.180:624): avc:  denied  { create } for  pid=20102 comm="syz.1.4157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1744.774697][T13578] hid (null): report_id 0 is invalid
[ 1744.803447][   T24] audit: type=1400 audit(1744115663.180:625): avc:  denied  { create } for  pid=20104 comm="syz.2.4156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[ 1744.842231][ T1874] usb 1-1: config 116 has an invalid interface number: 131 but max is 0
[ 1744.850480][ T1874] usb 1-1: config 116 has no interface number 0
[ 1744.856623][ T1874] usb 1-1: config 116 interface 131 altsetting 7 endpoint 0xD has invalid wMaxPacketSize 0
[ 1744.883158][   T24] audit: type=1400 audit(1744115663.310:626): avc:  denied  { setopt } for  pid=20114 comm="syz.7.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1744.884248][T20116] ==================================================================
[ 1744.910260][T20116] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[ 1744.912132][ T1874] usb 1-1: config 116 interface 131 has no altsetting 0
[ 1744.919262][T20116] Read of size 1 at addr ffff88811b46d3d8 by task syz.7.4162/20116
[ 1744.919266][T20116] 
[ 1744.919282][T20116] CPU: 1 PID: 20116 Comm: syz.7.4162 Not tainted 5.10.234-syzkaller-00152-g2afb6720c0dc #0
[ 1744.919300][T20116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1744.955639][T20116] Call Trace:
[ 1744.958770][T20116]  dump_stack_lvl+0x1e2/0x24b
[ 1744.963275][T20116]  ? printk+0xd1/0x111
[ 1744.967175][T20116]  ? bfq_pos_tree_add_move+0x43b/0x43b
[ 1744.972567][T20116]  ? wake_up_klogd+0xb8/0xf0
[ 1744.976984][T20116]  ? panic+0x812/0x812
[ 1744.980896][T20116]  print_address_description+0x81/0x3b0
[ 1744.986275][T20116]  ? stack_trace_save+0x113/0x1c0
[ 1744.991148][T20116]  kasan_report+0x179/0x1c0
[ 1744.995479][T20116]  ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[ 1745.001824][T20116]  ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[ 1745.008160][T20116]  __asan_report_load1_noabort+0x14/0x20
[ 1745.013619][T20116]  xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[ 1745.019782][T20116]  ? ____kasan_kmalloc+0xed/0x110
[ 1745.024640][T20116]  ? ____kasan_kmalloc+0xdb/0x110
[ 1745.029499][T20116]  ? xfrm_policy_addr_delta+0x20b/0x330
[ 1745.034884][T20116]  xfrm_policy_inexact_insert_node+0x917/0xb00
[ 1745.040874][T20116]  ? xfrm_policy_inexact_alloc_bin+0x5ad/0x13f0
[ 1745.046947][T20116]  xfrm_policy_inexact_alloc_chain+0x4ec/0xaf0
[ 1745.052941][T20116]  xfrm_policy_inexact_insert+0x6a/0x1160
[ 1745.056108][   T24] audit: type=1400 audit(1744115663.480:627): avc:  denied  { write } for  pid=77 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1745.058494][T20116]  ? __kasan_check_write+0x14/0x20
[ 1745.058516][T20116]  ? _raw_spin_lock_bh+0xa4/0x1b0
[ 1745.085310][   T24] audit: type=1400 audit(1744115663.480:628): avc:  denied  { remove_name } for  pid=77 comm="syslogd" name="messages" dev="tmpfs" ino=16 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1745.089305][T20116]  ? policy_hash_bysel+0x137/0x700
[ 1745.111976][ T1874] usb 1-1: New USB device found, idVendor=1b3d, idProduct=010d, bcdDevice=37.65
[ 1745.116464][T20116]  xfrm_policy_insert+0xe7/0x940
[ 1745.116479][T20116]  xfrm_add_policy+0x4f2/0x980
[ 1745.116503][T20116]  ? cap_capable+0x1ce/0x270
[ 1745.126068][ T1874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1745.130528][T20116]  ? xfrm_dump_sa_done+0xc0/0xc0
[ 1745.142168][ T1874] usb 1-1: Product: syz
[ 1745.147369][T20116]  xfrm_user_rcv_msg+0x4e7/0x7c0
[ 1745.147390][T20116]  ? xfrm_netlink_rcv+0x90/0x90
[ 1745.159824][ T1874] usb 1-1: Manufacturer: syz
[ 1745.160910][T20116]  ? stack_trace_save+0x113/0x1c0
[ 1745.174913][T20116]  ? avc_has_perm_noaudit+0x240/0x240
[ 1745.176136][ T1874] usb 1-1: SerialNumber: syz
[ 1745.180086][T20116]  ? iov_iter_advance+0x258/0xb20
[ 1745.180110][T20116]  netlink_rcv_skb+0x1cf/0x410
[ 1745.193979][T20116]  ? xfrm_netlink_rcv+0x90/0x90
[ 1745.198656][T20116]  ? netlink_ack+0xb30/0xb30
[ 1745.203076][T20116]  ? mutex_trylock+0xa0/0xa0
[ 1745.207501][T20116]  ? __netlink_lookup+0x37b/0x3a0
[ 1745.212359][T20116]  xfrm_netlink_rcv+0x72/0x90
[ 1745.216885][T20116]  netlink_unicast+0x8df/0xac0
[ 1745.221473][T20116]  ? netlink_detachskb+0x90/0x90
[ 1745.226250][T20116]  ? security_netlink_send+0x7b/0xa0
[ 1745.231371][T20116]  netlink_sendmsg+0xa46/0xd00
[ 1745.235978][T20116]  ? netlink_getsockopt+0x5c0/0x5c0
[ 1745.241005][T20116]  ? security_socket_sendmsg+0x82/0xb0
[ 1745.246298][T20116]  ? netlink_getsockopt+0x5c0/0x5c0
[ 1745.251331][T20116]  ____sys_sendmsg+0x59e/0x8f0
[ 1745.256207][T20116]  ? __sys_sendmsg_sock+0x40/0x40
[ 1745.261055][T20116]  ? import_iovec+0xe5/0x120
[ 1745.265480][T20116]  ___sys_sendmsg+0x252/0x2e0
[ 1745.269994][T20116]  ? __sys_sendmsg+0x280/0x280
[ 1745.274594][T20116]  ? percpu_counter_add_batch+0x13d/0x160
[ 1745.280156][T20116]  ? __fdget+0x1bc/0x240
[ 1745.284226][T20116]  __se_sys_sendmsg+0x1b1/0x280
[ 1745.288918][T20116]  ? __x64_sys_sendmsg+0x90/0x90
[ 1745.293690][T20116]  ? fpu__clear_all+0x20/0x20
[ 1745.298204][T20116]  ? __kasan_check_read+0x11/0x20
[ 1745.303060][T20116]  __x64_sys_sendmsg+0x7b/0x90
[ 1745.307662][T20116]  do_syscall_64+0x34/0x70
[ 1745.311913][T20116]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1745.317641][T20116] RIP: 0033:0x7f72b93b4169
[ 1745.321894][T20116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1745.341339][T20116] RSP: 002b:00007f72b7a1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1745.349593][T20116] RAX: ffffffffffffffda RBX: 00007f72b95ccfa0 RCX: 00007f72b93b4169
[ 1745.357395][T20116] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005
[ 1745.365200][T20116] RBP: 00007f72b94352a0 R08: 0000000000000000 R09: 0000000000000000
[ 1745.373010][T20116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1745.380838][T20116] R13: 0000000000000000 R14: 00007f72b95ccfa0 R15: 00007ffff7cfd7f8
[ 1745.388645][T20116] 
[ 1745.390806][T20116] Allocated by task 20116:
[ 1745.395067][T20116]  ____kasan_kmalloc+0xdb/0x110
[ 1745.399843][T20116]  __kasan_kmalloc+0x9/0x10
[ 1745.404182][T20116]  __kmalloc+0x1aa/0x330
[ 1745.408273][T20116]  sk_prot_alloc+0xbe/0x370
[ 1745.412775][T20116]  sk_alloc+0x38/0x4d0
[ 1745.416688][T20116]  pfkey_create+0x12c/0x620
[ 1745.421369][T20116]  __sock_create+0x3a6/0x760
[ 1745.425794][T20116]  __sys_socket+0x132/0x370
[ 1745.430132][T20116]  __x64_sys_socket+0x7a/0x90
[ 1745.434651][T20116]  do_syscall_64+0x34/0x70
[ 1745.438956][T20116]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1745.444627][T20116] 
[ 1745.446790][T20116] Last potentially related work creation:
[ 1745.452356][T20116]  kasan_save_stack+0x3b/0x60
[ 1745.456890][T20116]  __kasan_record_aux_stack+0xd3/0x100
[ 1745.462163][T20116]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1745.467820][T20116]  call_rcu+0x135/0x11f0
[ 1745.471881][T20116]  in6_dev_finish_destroy+0x144/0x180
[ 1745.477091][T20116]  addrconf_ifdown+0x186d/0x1a60
[ 1745.481862][T20116]  addrconf_notify+0x378/0xe90
[ 1745.486463][T20116]  raw_notifier_call_chain+0x8c/0xf0
[ 1745.491584][T20116]  unregister_netdevice_many+0xde7/0x17d0
[ 1745.497140][T20116]  ip_tunnel_delete_nets+0x33b/0x380
[ 1745.502257][T20116]  erspan_exit_batch_net+0x22/0x30
[ 1745.507206][T20116]  cleanup_net+0x6e9/0xcb0
[ 1745.511458][T20116]  process_one_work+0x6dc/0xbd0
[ 1745.516144][T20116]  worker_thread+0xaea/0x1510
[ 1745.520659][T20116]  kthread+0x34b/0x3d0
[ 1745.524566][T20116]  ret_from_fork+0x1f/0x30
[ 1745.528817][T20116] 
[ 1745.530997][T20116] Second to last potentially related work creation:
[ 1745.537426][T20116]  kasan_save_stack+0x3b/0x60
[ 1745.541927][T20116]  __kasan_record_aux_stack+0xd3/0x100
[ 1745.547218][T20116]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1745.552862][T20116]  kvfree_call_rcu+0x136/0x650
[ 1745.557463][T20116]  drop_sysctl_table+0x311/0x450
[ 1745.562237][T20116]  unregister_sysctl_table+0x76/0x120
[ 1745.567549][T20116]  unregister_net_sysctl_table+0x15/0x20
[ 1745.572997][T20116]  neigh_sysctl_unregister+0x78/0x90
[ 1745.578145][T20116]  inetdev_event+0x7c1/0x1040
[ 1745.582631][T20116]  raw_notifier_call_chain+0x8c/0xf0
[ 1745.587867][T20116]  unregister_netdevice_many+0xde7/0x17d0
[ 1745.593423][T20116]  ip_tunnel_delete_nets+0x33b/0x380
[ 1745.598542][T20116]  ipgre_exit_batch_net+0x22/0x30
[ 1745.603487][T20116]  cleanup_net+0x6e9/0xcb0
[ 1745.607742][T20116]  process_one_work+0x6dc/0xbd0
[ 1745.612463][T20116]  worker_thread+0xaea/0x1510
[ 1745.616967][T20116]  kthread+0x34b/0x3d0
[ 1745.620849][T20116]  ret_from_fork+0x1f/0x30
[ 1745.625097][T20116] 
[ 1745.627271][T20116] The buggy address belongs to the object at ffff88811b46d000
[ 1745.627271][T20116]  which belongs to the cache kmalloc-1k of size 1024
[ 1745.641158][T20116] The buggy address is located 984 bytes inside of
[ 1745.641158][T20116]  1024-byte region [ffff88811b46d000, ffff88811b46d400)
[ 1745.654350][T20116] The buggy address belongs to the page:
[ 1745.659949][T20116] page:ffffea00046d1a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11b468
[ 1745.669998][T20116] head:ffffea00046d1a00 order:3 compound_mapcount:0 compound_pincount:0
[ 1745.678151][T20116] flags: 0x4000000000010200(slab|head)
[ 1745.683447][T20116] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00
[ 1745.691872][T20116] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 1745.700280][T20116] page dumped because: kasan: bad access detected
[ 1745.706625][T20116] page_owner tracks the page as allocated
[ 1745.712224][T20116] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1f2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_MEMALLOC|__GFP_HARDWALL), pid 282, ts 468197178664, free_ts 468196678718
[ 1745.733371][T20116]  prep_new_page+0x166/0x180
[ 1745.737778][T20116]  get_page_from_freelist+0x2d8c/0x2f30
[ 1745.743156][T20116]  __alloc_pages_nodemask+0x435/0xaf0
[ 1745.748364][T20116]  new_slab+0x80/0x400
[ 1745.752274][T20116]  ___slab_alloc+0x302/0x4b0
[ 1745.756697][T20116]  __slab_alloc+0x63/0xa0
[ 1745.760864][T20116]  __kmalloc_track_caller+0x1f8/0x320
[ 1745.766071][T20116]  __alloc_skb+0xbc/0x510
[ 1745.770238][T20116]  __napi_alloc_skb+0x15d/0x2e0
[ 1745.774921][T20116]  page_to_skb+0x3d/0x900
[ 1745.779090][T20116]  receive_buf+0xe79/0x53d0
[ 1745.783429][T20116]  virtnet_poll+0x5df/0x1240
[ 1745.787854][T20116]  net_rx_action+0x516/0x10d0
[ 1745.792372][T20116]  __do_softirq+0x268/0x5bb
[ 1745.796788][T20116] page last free stack trace:
[ 1745.801312][T20116]  __free_pages_ok+0x82c/0x850
[ 1745.805911][T20116]  free_the_page+0x76/0x370
[ 1745.810248][T20116]  __free_pages+0x67/0xc0
[ 1745.814525][T20116]  __free_slab+0xcf/0x190
[ 1745.818680][T20116]  unfreeze_partials+0x15e/0x190
[ 1745.823452][T20116]  put_cpu_partial+0xbf/0x180
[ 1745.827962][T20116]  __slab_free+0x2c8/0x3a0
[ 1745.832217][T20116]  ___cache_free+0x111/0x130
[ 1745.836647][T20116]  qlink_free+0x50/0x90
[ 1745.840640][T20116]  qlist_free_all+0x47/0xb0
[ 1745.844981][T20116]  kasan_quarantine_reduce+0x15a/0x170
[ 1745.850272][T20116]  __kasan_slab_alloc+0x2f/0xe0
[ 1745.854959][T20116]  slab_post_alloc_hook+0x61/0x2f0
[ 1745.859908][T20116]  kmem_cache_alloc_trace+0x163/0x2e0
[ 1745.865146][T20116]  kset_create_and_add+0x5c/0x2b0
[ 1745.869978][T20116]  netdev_register_kobject+0x1a6/0x320
[ 1745.875264][T20116] 
[ 1745.877429][T20116] Memory state around the buggy address:
[ 1745.882908][T20116]  ffff88811b46d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1745.890805][T20116]  ffff88811b46d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1745.898703][T20116] >ffff88811b46d380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1745.906864][T20116]                                                     ^
[ 1745.913631][T20116]  ffff88811b46d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1745.921533][T20116]  ffff88811b46d480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1745.929423][T20116] ==================================================================
[ 1745.937322][T20116] Disabling lock debugging due to kernel taint
[ 1745.959658][ T3833] usb 5-1: USB disconnect, device number 54
[ 1746.032542][ T1874] ftdi_sio 1-1:116.131: FTDI USB Serial Device converter detected
[ 1746.040630][ T1874] usb 1-1: Detected FT-X
[ 1746.044787][ T1874] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 13
[ 1746.062211][ T1874] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1746.082176][ T1874] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1746.102191][ T1874] ftdi_sio 1-1:116.131: GPIO initialisation failed: -71
[ 1746.109921][ T1874] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1746.121271][ T1874] usb 1-1: USB disconnect, device number 63
[ 1746.128101][ T1874] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1746.137860][ T1874] ftdi_sio 1-1:116.131: device disconnected