last executing test programs:

55.452124351s ago: executing program 2 (id=9991):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)={0x0})

54.655778736s ago: executing program 2 (id=10002):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
symlinkat(0x0, 0xffffffffffffffff, 0x0)

54.474304837s ago: executing program 2 (id=10003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@broadcast, @link_local, @val={@val={0x88a8, 0x6, 0x1, 0x4}, {0x8100, 0x0, 0x0, 0x3}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x4}}}}}}, 0x0)

52.294717868s ago: executing program 2 (id=10023):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x557, &(0x7f0000000280)="$eJzs3c9qG8cfAPDvynb+Ob9fHAih7aEYcmhKGjm2+yeFHtJjaUMDfYBU2BsTLEfBkkPsBpocmksvJRRKaaD0AXrvMfQF+hSBNhBKMO2hF5eVV7FiS5ZsK7FSfT6w9szuyrOj2e94RiOhAAbWePajEPFqRHyTRBxrOjYc+cHx9fNWn9yaybYk1tY++zOJJN/XOD/Jf4/mmVci4tevIs4UtpZbXV6ZL5XL6WKen6gtXJ+oLq+cvbpQmkvn0mtT09Pn35meev+9d3tW1zcv/f39pw8+Ov/1qdXvfn50/F4SF+Jofqy5HntwuzkzHuP5czISFzadONmDwvpJst8XwK4M5XE+ElkfcCyG8qgH/vu+jIg1YEAl4h8GVGMc0Jjb92ge/NJ4/OH6BGhr/ZP110biUH1udGQ1eWZmlM13x3pQflbGL3/cv5dt0bvXIQA6un0nIs4ND7fv/3bvXBfnbC5D/wcvzoNs/PNWq/FP4en4J1qMf0ZbxO5udI7/wqMeFNNWNv77oOX49+mi1dhQnvtffcw3kly5Wk6zvu3/EXE6Rg5m+e3Wc86vPlxrd6x5/JdtWfmNsWB+HY+GDz77mNlSrbSXOjd7fCfitQ7j36RF+2fPx6UuyziZ3n+93bHN9T+8p9rs3NpPEW+0bP+NFa1k+/XJifr9MNG4K7b66+7J39qV37n9n6+s/Y9sX/+xpHm9tpp3CDvw46F/0nbHxpN80XQH93/z3PVAvu9mqVZbnIw4kHwSW/ZPbTy2kW+cn9X/9Knt+79W9392n37eZf3vnrjb9tR+aP/ZHbX/zhMPP/7ih3bld9f/vV1Pnc73dNP/dXuBe3nuAAAAAAAAoN8UIuJoJIXi03ShUCyuv7/jRBwplCvV2pkrlaVrs1H/rOxYjBQaK92jTe+HmMzfD9vIT23KT0fE8Yj4duhwPV+cqZRn97vyAAAAAAAAAAAAAAAAAAAA0CdGNz7/PxRNn//P/D60zxcHPH++8hsGV8f478U3PQF9yf9/GFziHwaX+IfBJf5hcIl/GFziHwaX+IfBJf4BAAAAAAAAAAAAAAAAAAAAAAAAAACgpy5dvJhta6tPbs1k+dkby0vzlRtnZ9PqfHFhaaY4U1m8XpyrVObKaXGmstDp75UrleuTU7F0c6KWVmsT1eWVywuVpWu1y1cXSnPp5XTkhdQKAAAAAAAAAAAAAAAAAAAAXi7V5ZX5UrmcLkpI7Cox3B+XIdHjxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw4d8AAAD//0gqNi0=")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0xd4)
getdents64(r0, &(0x7f0000000000)=""/41, 0x29)
getdents64(r0, 0xfffffffffffffffe, 0x29)

52.155864829s ago: executing program 2 (id=10028):
lseek(0xffffffffffffffff, 0x0, 0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
getresuid(&(0x7f0000000200), &(0x7f0000000300), &(0x7f0000000380))

51.728043872s ago: executing program 2 (id=10031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000141007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
ustat(0x2, &(0x7f0000000380))

51.703891911s ago: executing program 32 (id=10031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000141007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
ustat(0x2, &(0x7f0000000380))

50.236093039s ago: executing program 1 (id=10059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)

50.204259079s ago: executing program 1 (id=10067):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setgroups(0x0, 0x0)

50.13190194s ago: executing program 1 (id=10069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000380)={r2, 0x0, 0x20000000}, 0x20)

50.13162267s ago: executing program 1 (id=10071):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

49.939584361s ago: executing program 1 (id=10077):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x9e2}, 0x10)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\t'], 0x28)
close(r0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

49.738587482s ago: executing program 1 (id=10081):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1810714, &(0x7f0000000100)={[{@jqfmt_vfsold}, {@noblock_validity}, {@usrquota}, {@prjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xa9f}}, {@nodiscard}]}, 0xff, 0x467, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG7LL6EVEQVBqmhs/NHSgsrBi0YTD5qY6AGPtS0EWaihNRFCtBqDR0Pi3Xg08S/w5MmoJxOvejckRIkJ6IU1szvTdpfd0h9blnQ/n2S67+28nXnfvnkzb+btBtCzhrI/ScR9EfF7RAzUs40FhuovN69fmvz3+qXJJKrVt//qr5W7cf3SZFG0+NyOPDOcRqSfJ/lOGs1euHhmolKZPp/nR+fOfjA6e+Hic6fPTpyaPjV9bvz48WNHx158Yfz5jsSZxXdj/8czB/a9/u6VNydPXHnv5++y+u49WF+/NI5OGcoC/7ta07zuyU7vrMtuVRfjTMrdrg0rVYqIrLn6av1/IEqx2HgD8dpnXa0csKGyc/aWFm/nr/NVYBNLots1ALqjuOBn97/FcheHH1137eX6DVAW9818qa8pR5qX6dvA/Q9FxIn5/77Olmh6DrHQPv0bWAEAoOf8kI1/nm01/ktj75Jyu/K5ocGIuD8idkfEAxGxJyIejKiVfSgiHl7l/punhm4ff6ZX1xTYCmXjv5fyua3G8V8x+ovBUp7bWYu/Lzl5ujJ9JP+fDEffliw/1mrjxSZe/e3LdvtfOv7Llmz/xVgw38jVctMDuqmJuYlODUqvfRqxv9wq/mRhJiCJiH0RsX91m95VJE4//e2BdoXuHP8yOjDPVP0m4ql6+89HU/yFZPn5ydGtUZk+MlocFbf75dfLb7Xbf8v4b+1cf2ArlLX/9sbjf2FdqfZ34J9k6XztbKz6huTyH1+0vacsr/H470/eqc3pFjX5aGJu7vxYRH/yRkTz++OLny3yRfks/uHDrfv/7vwzWfyPRER2EB+MiEcj4lDedo9FxOMRcXiZ+H965Yn3261b1/EfsW2F5drK4p9qef5bOP4HG9t/9YnSmR+/X3v8Wfsfq6WG83dq5787aF+drXmJxaMZAAAANru09t34JB1ZSKfpyEj9O/x7YntamZmde+bkzIfnpurfoR+MvrR40jWw5HnoWDKfb7GeH8+fFRfrj+bPjb8qbavlRyZnKlNdjh163Y7G/n+o6P+ZP0vdrh2w4fxeC3pXc/9Pu1QP4O5z/Yfepf9D79L/oXe16v+fNOXNBcDm5PoPvUv/h96l/0Pv0v+hJ63nd/0blSgv8+t9iXslEek9UQ2JFonsgr5lnb2722cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvg/AAD//7K/8i4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x80)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @desc2}})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)

49.738301942s ago: executing program 33 (id=10081):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1810714, &(0x7f0000000100)={[{@jqfmt_vfsold}, {@noblock_validity}, {@usrquota}, {@prjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xa9f}}, {@nodiscard}]}, 0xff, 0x467, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG7LL6EVEQVBqmhs/NHSgsrBi0YTD5qY6AGPtS0EWaihNRFCtBqDR0Pi3Xg08S/w5MmoJxOvejckRIkJ6IU1szvTdpfd0h9blnQ/n2S67+28nXnfvnkzb+btBtCzhrI/ScR9EfF7RAzUs40FhuovN69fmvz3+qXJJKrVt//qr5W7cf3SZFG0+NyOPDOcRqSfJ/lOGs1euHhmolKZPp/nR+fOfjA6e+Hic6fPTpyaPjV9bvz48WNHx158Yfz5jsSZxXdj/8czB/a9/u6VNydPXHnv5++y+u49WF+/NI5OGcoC/7ta07zuyU7vrMtuVRfjTMrdrg0rVYqIrLn6av1/IEqx2HgD8dpnXa0csKGyc/aWFm/nr/NVYBNLots1ALqjuOBn97/FcheHH1137eX6DVAW9818qa8pR5qX6dvA/Q9FxIn5/77Olmh6DrHQPv0bWAEAoOf8kI1/nm01/ktj75Jyu/K5ocGIuD8idkfEAxGxJyIejKiVfSgiHl7l/punhm4ff6ZX1xTYCmXjv5fyua3G8V8x+ovBUp7bWYu/Lzl5ujJ9JP+fDEffliw/1mrjxSZe/e3LdvtfOv7Llmz/xVgw38jVctMDuqmJuYlODUqvfRqxv9wq/mRhJiCJiH0RsX91m95VJE4//e2BdoXuHP8yOjDPVP0m4ql6+89HU/yFZPn5ydGtUZk+MlocFbf75dfLb7Xbf8v4b+1cf2ArlLX/9sbjf2FdqfZ34J9k6XztbKz6huTyH1+0vacsr/H470/eqc3pFjX5aGJu7vxYRH/yRkTz++OLny3yRfks/uHDrfv/7vwzWfyPRER2EB+MiEcj4lDedo9FxOMRcXiZ+H965Yn3261b1/EfsW2F5drK4p9qef5bOP4HG9t/9YnSmR+/X3v8Wfsfq6WG83dq5787aF+drXmJxaMZAAAANru09t34JB1ZSKfpyEj9O/x7YntamZmde+bkzIfnpurfoR+MvrR40jWw5HnoWDKfb7GeH8+fFRfrj+bPjb8qbavlRyZnKlNdjh163Y7G/n+o6P+ZP0vdrh2w4fxeC3pXc/9Pu1QP4O5z/Yfepf9D79L/oXe16v+fNOXNBcDm5PoPvUv/h96l/0Pv0v+hJ63nd/0blSgv8+t9iXslEek9UQ2JFonsgr5lnb2722cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvg/AAD//7K/8i4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x80)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x401c5820, &(0x7f0000000080)={@desc={0xd32780, 0x0, @desc2}})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)

4.601824876s ago: executing program 3 (id=10783):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000082505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000feff00000006241a00000809058103400000ff000904010000020d00000904010102020d00000905a0020002000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x20, 0x80, 0x1c, {0x0, 0x0, 0x1000, 0x0, 0xffff, 0x2, 0xffff, 0x6fff, 0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1.95479278s ago: executing program 3 (id=10828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000a00)=ANY=[@ANYBLOB="61155000000000006113500000000000bfa000000000000014000000630000002d03010000000000a4000000000000006916000000000000bf67000000000000350307000fff07206706000030000000160300000ee60060bf050000000000005f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe018547332b9d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b55520282da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f02000000001a2d2ac05c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b185c8ac86d8a297dff0445a15f219ce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8e97a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddcfded41f6e2520a211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994b6cd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f313ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6f803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d167a183f064b060aaec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7add248155733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da20000d9eb418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e04b6f0275866d1a1d1cfa70e46829dcab474178da43aacd93bdb91972dba18c8115e61529cd7c42304523c8db521d17330f8a14490f568391524419cb539c26657c38bde412ee11d52bba48cf455509e25b0a3f3877737120ab9c1ed5952c136ec1dea66a6aad694f7702c393c61e38f188a59eb808f555e4baf0c6d148823b39581dc5a50bcd42b2e0e3aecd10ec236b8e3cdc03f92c1f5bb1292873d47615be54b2c7e1a287fd9ac89ccc595f1cc04d427513aa5f54218ed298af0db5c29645b630669aedbbc63e697738cee6746c55363d0e3914e38d8d75821b2c00000000000000000000bd26abd49d5bb854a383cc0175711d430e31417fb9f48a1646ee956b144234bcb968285a343f027dfb4509e8eb3c9b1ff37ae1d3e7d523f1c4bf059dcafb35915cf27b5177c82446fb76f1a349089ca5aaa6643894f40a045331afb36db842b5a0c0ad5f589eac656cc39be8bab6c3cef09399978c04ca6673caaf16798a3a8c30e6c276e338c6113a8fa3e3251f10541cd9710c58556220c069ba1c20b38326dbbe649350011ea3cdac2d161dff6a70c26c87d32fdf8fe336698b509cfc99777238e694cf533dab5c5730f95fa284f0bc252354cd529f18fc834bb8d9a1473086004d3899154599a78e1fd53417331edddd7a4984d2545cc199878f3f66b0c600ed17c3000000000092f3feae5f53c8ab009d42d91ba40e10ea01446ee2ae169801b0819d60314d9ee168c1f98cdc49eb0ac540f4d17345fd1c82b80296337b6bfaca9c0a71db115619c50442945fcbf1828e40fe52d72620460caad4b03a595c9ca9aabbffc5036f56f21000"/2086], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
fcntl$getown(r0, 0x9)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r0, 0x0, 0x25, 0x0, @void}, 0x10)

1.83342421s ago: executing program 3 (id=10829):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x5, 0x9f, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb000833ecfb020000000000000000000000000000fe80"], 0x0)

1.555713571s ago: executing program 3 (id=10834):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='tlb_flush\x00', r0}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

1.511372952s ago: executing program 3 (id=10838):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

1.202701553s ago: executing program 4 (id=10858):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18050000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)

1.188552584s ago: executing program 4 (id=10859):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
sendmsg$netlink(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0)

1.173249824s ago: executing program 4 (id=10861):
fsopen(&(0x7f0000000000)='fuseblk\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x81e4605a8de9a89c, 0xc, &(0x7f0000000e00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x400000, 0xd8, 0x6, 0x280a0, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0x0, @value, @void, @void, @value}, 0x50)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000700)=@mangle={'mangle\x00', 0x64, 0x6, 0x690, 0x0, 0x300, 0x448, 0x0, 0x0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6f0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
r8 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @private}, &(0x7f0000000040)=0x10)
ioctl$FIOCLEX(r8, 0x5451)
syz_clone3(&(0x7f0000000780)={0x9104900, 0x0, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.160226474s ago: executing program 5 (id=10862):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

1.131726194s ago: executing program 5 (id=10874):
fsopen(&(0x7f0000000000)='fuseblk\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x81e4605a8de9a89c, 0xc, &(0x7f0000000e00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x400000, 0xd8, 0x6, 0x280a0, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0x0, @value, @void, @void, @value}, 0x50)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000700)=@mangle={'mangle\x00', 0x64, 0x6, 0x690, 0x0, 0x300, 0x448, 0x0, 0x0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6f0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
r8 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @private}, &(0x7f0000000040)=0x10)
ioctl$FIOCLEX(r8, 0x5451)
syz_clone3(&(0x7f0000000780)={0x9104900, 0x0, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58)

762.821526ms ago: executing program 6 (id=10864):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = gettid()
tkill(r1, 0x16)

608.740267ms ago: executing program 3 (id=10865):
fsopen(&(0x7f0000000000)='fuseblk\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x81e4605a8de9a89c, 0xc, &(0x7f0000000e00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x400000, 0xd8, 0x6, 0x280a0, 0xffffffffffffffff, 0xfffffff7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0x0, @value, @void, @void, @value}, 0x50)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000700)=@mangle={'mangle\x00', 0x64, 0x6, 0x690, 0x0, 0x300, 0x448, 0x0, 0x0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x5c0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6f0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, 0x0, &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
r8 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @private}, 0x0)
ioctl$FIOCLEX(r8, 0x5451)
syz_clone3(&(0x7f0000000780)={0x9104900, 0x0, 0x0, 0x0, {0x5}, 0x0, 0x0, 0x0, 0x0}, 0x58)

598.195427ms ago: executing program 6 (id=10866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x5, 0x9f, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb000833ecfb020000000000000000000000000000fe80"], 0x0)

587.591777ms ago: executing program 6 (id=10867):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
setresuid(0x0, 0x0, 0x0)

576.636357ms ago: executing program 6 (id=10869):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001401)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
close(r0)

552.455167ms ago: executing program 0 (id=10871):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

530.002107ms ago: executing program 6 (id=10872):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$incfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./bus\x00', 0x0, 0x1160422, &(0x7f0000000b40)={[], [{@subj_type={'subj_type', 0x3d, '/)&)'}}]})

499.446507ms ago: executing program 0 (id=10873):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
tgkill(0x0, 0x0, 0x4)

416.870237ms ago: executing program 6 (id=10875):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
symlink(0x0, &(0x7f0000002140)='./file0\x00')

393.280317ms ago: executing program 0 (id=10876):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d3, &(0x7f0000000a00)="$eJzs3c9rHG8ZAPBnJtn+zNfkqx5qwbbYSlq0u0lj2+ChVhB7KljrvcZkE0I22ZDdtE0okuJdQUQFT568CP4BgvRPEKGgd6miiLZ68KCu7OxsbeNuE+l2pyafD0znfefd3ed5G3Zm3pmXnQAOrXMRcTMiRiLiUkSM59vTfLnVbr/Ted2L54/m20sSrdbdPyeR5Nu6n5Xk65MRsRMRxyLiq7civpH8d9zG1vbKXK1W3cjrlebqeqWxtX15eXVuqbpUXZuZmb42e3326uzUQPo5ERE3vvT773/nJ1++8YvPPvjtvT9e/GY7rbG8/dV+DFKn66Xs/6JrNCI23kWwAozk61Kf9m+PDDEZAAD21D7H/2hEfCo7/x+PkezsFAAAADhIWl8Yi38kES0AAADgwEqzObBJWs7nAoxFmpbLnTm8H48Taa3eaH5msb65ttCZKzsRpXRxuVadyucKT0Qpaden8zm23fqVXfWZiPgwIr43fjyrl+frtYWiL34AAADAIXFy1/j/b+PZ+P9o0XkBAAAAAzZRdAIAAADAO2f8DwAAAAef8T8AAAAcaF+5fbu9tLrPv164v7W5Ur9/eaHaWCmvbs6X5+sb6+Wlen0p+82+1b0+r1avr38u1jYfVprVRrPS2Nq+t1rfXGveW37tEdgAAADAEH149slvkojY+fzxbGk7UnRSwFAke7RnDwl5lld+N4SEgKEZKToBoDCjRScAFKZUdAJA4fa6DtB38s4vB58LAADwbkx+ov/9f9cG4GBLi04AABg69//h8Cq9PgPwanGZAEX5yB7tb3//v9X6nxICAAAGbixbkrSc3wscizQtlyM+yB4LUEoWl2vVqXx88Ovx0tF2fTp7Z7LnnGEAAAAAAAAAAAAAAAAAAAAAAAAAoKPVSqIFAAAAHGgR6R+S7Nf8IybHL4ztvj5wJPn7eLaOiAc/uvuDh3PN5sZ0e/tfXm5v/jDffqWIKxgAAADAbt1xenccDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACD9OL5o/nuMsy4f/piREz0jH/2WLY6FqWIOPHXJEZfeV8SESMDiL/zOCJO9YqftNOKiehk0Sv+8QLjpxFxcgDx4TB70t7/3Oz1/UvjXLbu/f0bzZe31X//l0Z3/zfSZ//zwT5jnH76s0rf+I8jTo/23v904yd94p/fZ/yvf217O+JIz7bWjyMmex5/ktdiVZqr65XG1vbl5dW5pepSdW1mZvra7PXZq7NTlcXlWjX/t2eM737y5/96U/9P9Ik/sUf/L+yz//98+vD5xzrFUq/4F8/3Pv6e6hM/zY99n87L7fbJbnmnU37VmZ/+6syb+r/Qp/8v//49DrTtmBf32f9Ld771bJ8vBQCGoLG1vTJXq1U3/h8LabwXaSgMpHD0/UhDoVMoes8EAAAM2n9O+ovOBAAAAAAAAAAAAAAAAAAAAA6vYfyc2O6YO8V0FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf4dAAD//8wn2YA=")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x240801, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x1)

370.151628ms ago: executing program 0 (id=10877):
r0 = socket(0x1e, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
connect$tipc(r0, &(0x7f0000000040)=@id, 0x10)
shutdown(r0, 0x2)

304.049548ms ago: executing program 4 (id=10878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0xd0eb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

228.180488ms ago: executing program 5 (id=10879):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0xb, 0x4, 0x0, 0x10, 0x38, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast, {[@timestamp_addr={0x44, 0x14, 0xb, 0x1, 0x0, [{@loopback}, {@remote}]}, @rr={0x7, 0x3, 0xe5}]}}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

151.709319ms ago: executing program 0 (id=10880):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
setresuid(0x0, 0x0, 0x0)

151.407129ms ago: executing program 5 (id=10881):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)

104.540269ms ago: executing program 4 (id=10882):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e5277b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
time(0x0)

12.098109ms ago: executing program 5 (id=10883):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg1\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x20, r1, 0x1, 0xfffffffd, 0x0, {}, [@ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0)

11.79437ms ago: executing program 4 (id=10884):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

10.95377ms ago: executing program 0 (id=10893):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x42210e0, &(0x7f00000005c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debugee,tz=UTC,flush,nodots,\x00\x00\x00\x00\x00\x00\x00'], 0xfd, 0x1c4, &(0x7f0000000380)="$eJzs3U+LEnEYB/BHs3XsEHsLomCgS6elegULsUGwEBQe6lSwddmJoL1MXXZfRi+wFxCevE1MMzr5B1JBR+zzufiM3/np8wMdvfj4/sHny4svV59+3vsRSdKJ7mmcxrgTx9GNiZsAAA7JuCjiV1FpuxcAYDf+8fl/3UJLAMCWvXn7rhcRZ6/TNIkY3eTDfFjdVvmLl+dnT9I/jptVozwf3prmT9P57w5lfjvu1Pmzan06mx/F40dVXmbPX52X+d0m78fF9rcPAAAAAAAAAAAAAAAAAAAAAACteBjpxNL5Picn8/mgzqujv+YDzc336cX9Xn3YjAcqDBQEAAAAAAAAAAAAAAAAAACARVffvl9+yLKPX5uiHxGz96xTdOoH3nD5rotu7EUbirIYLH9Brl+ke7GdLNvwXXAUEdtqbFwUxUonN9eIflsXJwAAAAAAAAAAAAAAAAAA+M80P/pdzJI2GgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAFjT//79BcR0RK5w8fbJBq1sFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADggP0OAAD//wxbMqQ=")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="c40000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00"], 0xc4}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001400674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a"], 0xb8}}, 0x0)

0s ago: executing program 5 (id=10885):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_UNFREEZE(r0, 0x3302)

kernel console output (not intermixed with test programs):

20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1511.432741][   T30] audit: type=1400 audit(2000001314.075:6677): avc:  denied  { name_bind } for  pid=28782 comm="syz.0.9437" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1511.471216][T28781] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1511.480420][T28781] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 1511.489804][T28781] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[ 1511.500692][T28781] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.9426: inode #15: comm syz.2.9426: iget: illegal inode #
[ 1511.513382][T28781] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.9426: couldn't read orphan inode 15 (err -117)
[ 1511.526815][T28781] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1511.527899][   T30] audit: type=1400 audit(2000001314.185:6678): avc:  denied  { read } for  pid=28791 comm="syz.0.9443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1511.579764][T28796] loop0: detected capacity change from 0 to 256
[ 1511.610157][   T30] audit: type=1326 audit(2000001314.255:6679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28798 comm="syz.4.9434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1511.636642][   T30] audit: type=1326 audit(2000001314.255:6680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28798 comm="syz.4.9434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1511.668638][   T30] audit: type=1326 audit(2000001314.255:6681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28798 comm="syz.4.9434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1511.731350][   T30] audit: type=1400 audit(2000001314.375:6682): avc:  denied  { append } for  pid=28808 comm="syz.2.9435" name="ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1511.788764][   T30] audit: type=1326 audit(2000001314.445:6683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28820 comm="syz.1.9447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1511.822465][T28824] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 1511.841080][   T30] audit: type=1326 audit(2000001314.445:6684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28820 comm="syz.1.9447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1511.884378][T28827] kvm [28826]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled wrmsr: 0x40000012 data 0x0
[ 1512.140555][T28858] binfmt_misc: register: failed to install interpreter file ./file0
[ 1512.151755][T28860] bpf_get_probe_write_proto: 14 callbacks suppressed
[ 1512.151777][T28860] syz.4.9466[28860] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.159181][T28860] syz.4.9466[28860] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.220420][T28870] device vlan0 entered promiscuous mode
[ 1512.341228][T28879] syz.0.9469[28879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.341332][T28879] syz.0.9469[28879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.366920][T28879] syz.0.9469[28879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.378241][T28879] syz.0.9469[28879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1512.899184][ T9744] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1513.129310][T28921] input: syz0 as /devices/virtual/input/input61
[ 1513.149101][ T9744] usb 3-1: Using ep0 maxpacket: 32
[ 1513.250865][T28945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9505'.
[ 1513.303304][T28949] syz.1.9500[28949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.303400][T28949] syz.1.9500[28949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.317911][T28949] syz.1.9500[28949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.329423][T28949] syz.1.9500[28949] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1513.460212][ T9744] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1513.479343][ T9744] usb 3-1: config 0 has no interface number 0
[ 1513.485365][ T9744] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1513.496196][ T9744] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1513.505812][ T9744] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1513.514710][ T9744] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1513.523233][ T9744] usb 3-1: config 0 descriptor??
[ 1514.119518][T28971] loop0: detected capacity change from 0 to 256
[ 1514.150536][T28971] exfat: Deprecated parameter 'namecase'
[ 1514.157797][T28971] exfat: Deprecated parameter 'namecase'
[ 1514.177320][T28971] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d)
[ 1514.219415][ T9744] uclogic 0003:28BD:0094.0057: pen parameters not found
[ 1514.233236][ T9744] uclogic 0003:28BD:0094.0057: interface is invalid, ignoring
[ 1514.350725][T28978] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9518'.
[ 1514.422340][   T26] usb 3-1: USB disconnect, device number 56
[ 1514.533537][T29005] loop0: detected capacity change from 0 to 512
[ 1514.548694][T29005] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[ 1514.548694][T29005] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 1514.548694][T29005] 
[ 1514.573466][T29005] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #3: comm syz.0.9530: corrupted inode contents
[ 1514.585314][T29005] EXT4-fs (loop0): Remounting filesystem read-only
[ 1514.591799][T29005] EXT4-fs error (device loop0): ext4_dirty_inode:6038: inode #3: comm syz.0.9530: mark_inode_dirty error
[ 1514.603722][T29005] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #3: comm syz.0.9530: corrupted inode contents
[ 1514.615584][T29005] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #3: comm syz.0.9530: mark_inode_dirty error
[ 1514.628070][T29005] EXT4-fs error (device loop0): ext4_acquire_dquot:6187: comm syz.0.9530: Failed to acquire dquot type 0
[ 1514.640160][T29005] EXT4-fs (loop0): 1 truncate cleaned up
[ 1514.645618][T29005] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nouser_xattr,nouid32,max_batch_time=0x0000000000000003,. Quota mode: writeback.
[ 1514.662096][T29005] ext4 filesystem being mounted at /1845/file1 supports timestamps until 2038 (0x7fffffff)
[ 1514.682701][T29005] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.9530: inode #59392: comm syz.0.9530: iget: illegal inode #
[ 1514.696388][T29005] EXT4-fs (loop0): Remounting filesystem read-only
[ 1514.703186][T29005] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.9530: error while reading EA inode 59392 err=-117
[ 1514.716156][T29005] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.9530: inode #59392: comm syz.0.9530: iget: illegal inode #
[ 1514.729884][T29005] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.9530: error while reading EA inode 59392 err=-117
[ 1514.755683][ T9964] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1514.773237][ T9964] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1514.792722][ T9964] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1514.803985][ T9964] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1514.814346][ T9964] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1515.014610][T29058] loop2: detected capacity change from 0 to 512
[ 1515.029616][T29058] EXT4-fs error (device loop2): __ext4_iget:4903: inode #15: block 1803188595: comm syz.2.9553: invalid block
[ 1515.041912][T29058] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.9553: couldn't read orphan inode 15 (err -117)
[ 1515.054013][T29058] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000000967,debug_want_extra_isize=0x000000000000005c,usrquota,nombcache,stripe=0x0000000000000008,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1515.114518][T29064] loop0: detected capacity change from 0 to 128
[ 1515.146534][T29064] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1515.174893][T29064] ext4 filesystem being mounted at /1848/mnt supports timestamps until 2038 (0x7fffffff)
[ 1515.211814][T29071] loop2: detected capacity change from 0 to 128
[ 1515.249123][  T691] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1515.294836][T29071] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1515.305631][T29071] ext4 filesystem being mounted at /1924/mnt supports timestamps until 2038 (0x7fffffff)
[ 1515.390723][T29090] loop0: detected capacity change from 0 to 512
[ 1515.467399][T29090] EXT4-fs error (device loop0): __ext4_iget:4903: inode #15: block 1803188595: comm syz.0.9565: invalid block
[ 1515.479386][T29090] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.9565: couldn't read orphan inode 15 (err -117)
[ 1515.491948][T29090] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000000967,debug_want_extra_isize=0x000000000000005c,usrquota,nombcache,stripe=0x0000000000000008,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1515.532922][T29099] loop2: detected capacity change from 0 to 512
[ 1515.596725][T29099] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1515.607880][T29099] ext4 filesystem being mounted at /1931/file0 supports timestamps until 2038 (0x7fffffff)
[ 1515.646772][T29109] loop0: detected capacity change from 0 to 4096
[ 1515.659190][  T691] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1515.669524][  T691] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1515.688035][T29109] EXT4-fs (loop0): Ignoring removed orlov option
[ 1515.694458][T29109] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1515.700168][  T691] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1515.711650][T29111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9575'.
[ 1515.711648][  T691] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1515.711688][  T691] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[ 1515.741072][T29109] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsdgroups,grpquota,init_itable,orlov,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[ 1515.754542][  T691] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1515.763729][T29109] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #15: comm syz.0.9574: corrupted inode contents
[ 1515.778259][T29109] EXT4-fs error (device loop0): ext4_dirty_inode:6038: inode #15: comm syz.0.9574: mark_inode_dirty error
[ 1515.778327][  T691] usb 2-1: config 0 descriptor??
[ 1515.795434][T29109] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #15: comm syz.0.9574: corrupted inode contents
[ 1515.807567][T29109] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.9574: mark_inode_dirty error
[ 1515.819609][T29109] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #15: comm syz.0.9574: corrupted inode contents
[ 1515.832046][T29109] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #15: comm syz.0.9574: mark_inode_dirty error
[ 1515.843485][T29109] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #15: comm syz.0.9574: corrupted inode contents
[ 1515.855553][T29109] EXT4-fs error (device loop0): ext4_truncate:4303: inode #15: comm syz.0.9574: mark_inode_dirty error
[ 1515.867472][T29109] EXT4-fs error (device loop0) in ext4_setattr:5606: Corrupt filesystem
[ 1515.876189][T29115] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #15: comm syz.0.9574: corrupted inode contents
[ 1515.894612][T29115] EXT4-fs warning (device loop0): swap_inode_boot_loader:219: couldn't mark inode #15 dirty (err -117)
[ 1516.220841][T29167] binder: 29166:29167 ioctl c018620c 20000000 returned -1
[ 1516.290230][  T691] zeroplus 0003:0C12:0005.0058: item fetching failed at offset 1/5
[ 1516.298237][  T691] zeroplus 0003:0C12:0005.0058: parse failed
[ 1516.304592][  T691] zeroplus: probe of 0003:0C12:0005.0058 failed with error -22
[ 1516.492582][  T691] usb 2-1: USB disconnect, device number 54
[ 1517.001814][   T30] kauditd_printk_skb: 2837 callbacks suppressed
[ 1517.001832][   T30] audit: type=1326 audit(2000001319.665:9509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.100791][   T30] audit: type=1326 audit(2000001319.665:9510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.364237][   T30] audit: type=1326 audit(2000001319.665:9511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.434818][   T30] audit: type=1326 audit(2000001319.695:9512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.460061][   T30] audit: type=1326 audit(2000001319.705:9513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.487020][T29196] loop0: detected capacity change from 0 to 128
[ 1517.493447][   T30] audit: type=1400 audit(2000001319.755:9514): avc:  denied  { ioctl } for  pid=29174 comm="syz.4.9605" path="socket:[108773]" dev="sockfs" ino=108773 ioctlcmd=0x89a2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1517.519621][T29195] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9612'.
[ 1517.529539][T29195] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9612'.
[ 1517.538773][   T30] audit: type=1326 audit(2000001319.825:9515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.563141][   T30] audit: type=1326 audit(2000001319.835:9516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.592597][   T30] audit: type=1326 audit(2000001319.835:9517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.616200][   T30] audit: type=1326 audit(2000001319.845:9518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29176 comm="syz.1.9606" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1517.617476][T29196] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1517.652270][T29196] ext4 filesystem being mounted at /1879/file0 supports timestamps until 2038 (0x7fffffff)
[ 1517.736644][ T6060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1517.754687][ T6060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1517.761621][ T6060] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1517.773501][T29220] netlink: 'syz.1.9625': attribute type 1 has an invalid length.
[ 1517.791206][T29222] loop2: detected capacity change from 0 to 256
[ 1517.872088][T29222] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1518.221230][T29263] cgroup: No subsys list or none specified
[ 1518.475628][T29274] loop0: detected capacity change from 0 to 1024
[ 1518.520973][T29274] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1518.531983][T29274] ext4 filesystem being mounted at /1889/file1 supports timestamps until 2038 (0x7fffffff)
[ 1518.603789][T29293] usb usb8: usbfs: process 29293 (syz.0.9654) did not claim interface 0 before use
[ 1518.786965][T29312] bpf_get_probe_write_proto: 6 callbacks suppressed
[ 1518.787009][T29312] syz.1.9663[29312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1518.794022][T29312] syz.1.9663[29312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1518.816979][T29312] syz.1.9663[29312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1518.828774][T29312] syz.1.9663[29312] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1519.037760][T29315] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9666'.
[ 1519.173551][T29324] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9669'.
[ 1520.145538][T29344] syz.0.9674[29344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.145634][T29344] syz.0.9674[29344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.170002][T29344] syz.0.9674[29344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.181388][T29344] syz.0.9674[29344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.269097][ T5381] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1520.659099][ T5381] usb 3-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 1520.675231][ T5381] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1520.715210][ T5381] usb 3-1: config 0 descriptor??
[ 1520.744578][T29398] syz.1.9700[29398] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.745003][T29398] syz.1.9700[29398] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1520.814587][ T5381] ums-usbat 3-1:0.0: USB Mass Storage device detected
[ 1521.077619][ T5381] ums-usbat 3-1:0.0: Quirks match for vid 0781 pid 0005: 1
[ 1521.090182][ T5381] ums-usbat 3-1:0.0: This device (0781,0005,0005 S 06 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 5.15.167-syzkaller-00002-g3bfe08931bff)
[ 1521.090182][ T5381]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[ 1521.191448][ T5381] usb 3-1: USB disconnect, device number 57
[ 1521.613603][T29401] loop0: detected capacity change from 0 to 40427
[ 1521.649537][T29441] input: syz1 as /devices/virtual/input/input62
[ 1521.707861][T29401] F2FS-fs (loop0): invalid crc value
[ 1521.762104][T29401] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1521.783315][T29451] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[ 1521.909607][T29459] loop2: detected capacity change from 0 to 512
[ 1521.938238][T29401] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1522.712155][   T30] kauditd_printk_skb: 40 callbacks suppressed
[ 1522.712173][   T30] audit: type=1400 audit(2000001325.375:9559): avc:  denied  { write } for  pid=29400 comm="syz.0.9703" path="/1901/bus/file0" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1522.795338][  T287] attempt to access beyond end of device
[ 1522.795338][  T287] loop0: rw=2049, want=45104, limit=40427
[ 1522.815748][   T30] audit: type=1326 audit(2000001325.455:9560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1522.846857][T29472] netlink: 'syz.4.9733': attribute type 1 has an invalid length.
[ 1522.849783][   T30] audit: type=1400 audit(2000001325.455:9561): avc:  denied  { relabelfrom } for  pid=29466 comm="syz.3.9731" name="" dev="pipefs" ino=110392 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1522.890743][T29475] netlink: 'syz.2.9734': attribute type 25 has an invalid length.
[ 1522.899437][   T30] audit: type=1326 audit(2000001325.465:9562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1522.923891][T29475] netlink: 'syz.2.9734': attribute type 7 has an invalid length.
[ 1522.942680][T29477] netlink: 52 bytes leftover after parsing attributes in process `syz.4.9736'.
[ 1522.955033][   T30] audit: type=1400 audit(2000001325.475:9564): avc:  denied  { connect } for  pid=29468 comm="syz.2.9732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1523.032603][   T30] audit: type=1326 audit(2000001325.465:9563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1523.094562][   T30] audit: type=1326 audit(2000001325.485:9565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1523.130556][   T30] audit: type=1326 audit(2000001325.545:9566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1523.209179][   T30] audit: type=1326 audit(2000001325.545:9567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1523.253636][   T30] audit: type=1326 audit(2000001325.605:9568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29464 comm="syz.1.9730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1523.494106][T29499] loop2: detected capacity change from 0 to 40427
[ 1523.526310][T29499] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[ 1523.543489][T29499] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1523.554296][T29499] F2FS-fs (loop2): invalid crc value
[ 1523.563539][T29528] device batadv_slave_0 entered promiscuous mode
[ 1523.577833][T29499] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1523.680929][T29499] F2FS-fs (loop2): Start checkpoint disabled!
[ 1523.692314][T29499] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1523.700542][T29499] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1523.961143][ T7676] attempt to access beyond end of device
[ 1523.961143][ T7676] loop2: rw=2049, want=40992, limit=40427
[ 1524.120993][T29566] loop2: detected capacity change from 0 to 16
[ 1524.133626][T29566] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1524.213061][T29580] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9780'.
[ 1524.299474][ T9224] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1525.051711][T29623] bpf_get_probe_write_proto: 6 callbacks suppressed
[ 1525.051733][T29623] syz.3.9799[29623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.058246][T29623] syz.3.9799[29623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.071475][T29623] syz.3.9799[29623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.082938][T29623] syz.3.9799[29623] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.095851][T29626] syz.2.9800[29626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.107845][T29626] syz.2.9800[29626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.138436][T29626] syz.2.9800[29626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.149789][T29626] syz.2.9800[29626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.389319][ T9224] usb 2-1: Using ep0 maxpacket: 16
[ 1525.499985][ T9964] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1525.512185][T29636] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1525.529187][ T9224] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1525.540344][ T9224] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1525.550320][ T9224] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1525.618736][T29643] syz.2.9805[29643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.619173][T29643] syz.2.9805[29643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1525.932698][ T9224] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1525.952895][ T9224] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1525.961926][ T9224] usb 2-1: config 0 descriptor??
[ 1526.329227][  T691] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1526.444792][T29695] netlink: 'syz.0.9831': attribute type 1 has an invalid length.
[ 1526.454178][ T9224] microsoft 0003:045E:07DA.0059: unknown main item tag 0x0
[ 1526.479488][ T9224] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0059/input/input63
[ 1526.504722][ T9224] microsoft 0003:045E:07DA.0059: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1526.555248][T29710] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9838'.
[ 1526.635214][T29720] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1526.655194][ T5381] usb 2-1: USB disconnect, device number 55
[ 1526.683976][T29724] netlink: 48 bytes leftover after parsing attributes in process `syz.2.9845'.
[ 1526.709182][  T691] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[ 1526.718301][  T691] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.736851][  T691] usb 4-1: config 0 descriptor??
[ 1526.800773][T29734] loop2: detected capacity change from 0 to 1024
[ 1526.852799][T29734] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1526.943627][T29742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9853'.
[ 1526.989334][T29748] loop2: detected capacity change from 0 to 1024
[ 1527.060504][T29748] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,abort,,errors=continue. Quota mode: none.
[ 1527.551598][  T691] playstation 0003:054C:0DF2.005A: unknown main item tag 0x0
[ 1527.559338][  T691] playstation 0003:054C:0DF2.005A: unknown main item tag 0x0
[ 1527.566511][  T691] playstation 0003:054C:0DF2.005A: unknown main item tag 0x0
[ 1527.574043][  T691] playstation 0003:054C:0DF2.005A: unknown main item tag 0x0
[ 1527.581638][  T691] playstation 0003:054C:0DF2.005A: unknown main item tag 0x0
[ 1527.594308][ T9224] Bluetooth: hci0: command 0x1003 tx timeout
[ 1527.600192][T28712] Bluetooth: hci0: sending frame failed (-49)
[ 1527.606262][  T691] playstation 0003:054C:0DF2.005A: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.3-1/input0
[ 1527.635465][T29770] loop0: detected capacity change from 0 to 512
[ 1527.729503][T29770] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1527.739851][T29770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.9864: inode #1: comm syz.0.9864: iget: illegal inode #
[ 1527.753202][T29770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.9864: error while reading EA inode 1 err=-117
[ 1527.766619][T29770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.9864: inode #1: comm syz.0.9864: iget: illegal inode #
[ 1527.780326][T29770] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.9864: error while reading EA inode 1 err=-117
[ 1527.793178][T29770] EXT4-fs (loop0): 1 orphan inode deleted
[ 1527.798914][T29770] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000004c,minixdf,resgid=0x0000000000000000,nomblk_io_submit,usrjquota=,,errors=continue. Quota mode: none.
[ 1527.833417][   T30] kauditd_printk_skb: 93 callbacks suppressed
[ 1527.833435][   T30] audit: type=1400 audit(2000001330.495:9662): avc:  denied  { rename } for  pid=29769 comm="syz.0.9864" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1527.899884][T29779] loop0: detected capacity change from 0 to 256
[ 1527.939291][  T691] playstation 0003:054C:0DF2.005A: Failed to retrieve feature with reportID 32: -71
[ 1527.949334][  T691] playstation 0003:054C:0DF2.005A: Failed to retrieve DualSense firmware info: -71
[ 1527.958625][  T691] playstation 0003:054C:0DF2.005A: Failed to get firmware info from DualSense
[ 1527.967822][  T691] playstation 0003:054C:0DF2.005A: Failed to create dualsense.
[ 1528.031972][  T691] playstation: probe of 0003:054C:0DF2.005A failed with error -71
[ 1528.038014][T29779] FAT-fs (loop0): Directory bread(block 64) failed
[ 1528.067478][  T691] usb 4-1: USB disconnect, device number 59
[ 1528.102151][T29779] FAT-fs (loop0): Directory bread(block 65) failed
[ 1528.132674][T29779] FAT-fs (loop0): Directory bread(block 66) failed
[ 1528.164156][T29779] FAT-fs (loop0): Directory bread(block 67) failed
[ 1528.197261][T29779] FAT-fs (loop0): Directory bread(block 68) failed
[ 1528.204830][T29779] FAT-fs (loop0): Directory bread(block 69) failed
[ 1528.226910][T29779] FAT-fs (loop0): Directory bread(block 70) failed
[ 1528.238690][T29779] FAT-fs (loop0): Directory bread(block 71) failed
[ 1528.246304][T29779] FAT-fs (loop0): Directory bread(block 72) failed
[ 1528.259594][T29779] FAT-fs (loop0): Directory bread(block 73) failed
[ 1528.279769][   T30] audit: type=1400 audit(2000001330.945:9663): avc:  denied  { mount } for  pid=29778 comm="syz.0.9868" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1528.860354][T29790] loop2: detected capacity change from 0 to 40427
[ 1528.884069][   T30] audit: type=1400 audit(2000001331.545:9664): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1528.889334][T29790] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[ 1528.911474][T29790] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1528.921574][ T1763] attempt to access beyond end of device
[ 1528.921574][ T1763] loop0: rw=1, want=1832, limit=256
[ 1528.934639][ T1763] attempt to access beyond end of device
[ 1528.934639][ T1763] loop0: rw=1, want=3912, limit=256
[ 1528.946364][T29810] netlink: 47 bytes leftover after parsing attributes in process `syz.1.9881'.
[ 1528.957774][T29790] F2FS-fs (loop2): invalid crc value
[ 1528.965055][ T1763] attempt to access beyond end of device
[ 1528.965055][ T1763] loop0: rw=1, want=5960, limit=256
[ 1528.980853][ T1763] attempt to access beyond end of device
[ 1528.980853][ T1763] loop0: rw=1, want=8008, limit=256
[ 1528.991911][T29790] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1529.021198][ T1763] attempt to access beyond end of device
[ 1529.021198][ T1763] loop0: rw=1, want=10056, limit=256
[ 1529.044653][ T1763] attempt to access beyond end of device
[ 1529.044653][ T1763] loop0: rw=1, want=12104, limit=256
[ 1529.068688][ T1763] attempt to access beyond end of device
[ 1529.068688][ T1763] loop0: rw=1, want=14152, limit=256
[ 1529.080543][T29790] F2FS-fs (loop2): Start checkpoint disabled!
[ 1529.089761][ T1763] attempt to access beyond end of device
[ 1529.089761][ T1763] loop0: rw=1, want=16264, limit=256
[ 1529.101921][ T1763] attempt to access beyond end of device
[ 1529.101921][ T1763] loop0: rw=1, want=17296, limit=256
[ 1529.113598][T29790] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1529.120732][T29790] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1529.139547][   T30] audit: type=1326 audit(2000001331.805:9665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.178709][  T287] attempt to access beyond end of device
[ 1529.178709][  T287] loop0: rw=2051, want=33800, limit=256
[ 1529.199705][   T30] audit: type=1326 audit(2000001331.835:9666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.223788][   T30] audit: type=1326 audit(2000001331.865:9667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.263145][   T30] audit: type=1326 audit(2000001331.865:9668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.296423][   T30] audit: type=1326 audit(2000001331.915:9669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.320935][   T30] audit: type=1326 audit(2000001331.915:9670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.347167][   T30] audit: type=1326 audit(2000001331.915:9671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29819 comm="syz.1.9885" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1529.911300][  T691] Bluetooth: hci0: command 0x1001 tx timeout
[ 1529.917187][T28712] Bluetooth: hci0: sending frame failed (-49)
[ 1530.058396][T29839] loop2: detected capacity change from 0 to 40427
[ 1530.141356][T29839] F2FS-fs (loop2): fault_injection options not supported
[ 1530.160143][T29839] F2FS-fs (loop2): invalid crc value
[ 1530.179940][T29839] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1530.289939][T29839] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1530.292667][T29851] loop0: detected capacity change from 0 to 512
[ 1530.427107][T29851] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[ 1530.459681][T29851] ext4 filesystem being mounted at /1927/bus supports timestamps until 2038 (0x7fffffff)
[ 1530.578381][T29858] loop0: detected capacity change from 0 to 256
[ 1530.601025][T29858] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1530.733466][T29862] bpf_get_probe_write_proto: 12 callbacks suppressed
[ 1530.733499][T29862] syz.2.9896[29862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1530.740529][T29862] syz.2.9896[29862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1531.509439][T29890] loop0: detected capacity change from 0 to 512
[ 1531.610178][T29890] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1531.617346][T29890] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1531.686891][T29890] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[ 1531.719081][T29890] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[ 1531.745734][T29890] EXT4-fs (loop0): 1 truncate cleaned up
[ 1531.779044][T29890] EXT4-fs (loop0): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback.
[ 1531.843624][T29892] loop2: detected capacity change from 0 to 40427
[ 1531.872055][T29890] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 4: comm syz.0.9908: lblock 0 mapped to illegal pblock 4 (length 1)
[ 1531.893096][T29892] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1531.906583][T29892] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1531.922815][T29890] EXT4-fs (loop0): Remounting filesystem read-only
[ 1531.933518][T29907] EXT4-fs error (device loop0): ext4_remount:5845: comm syz.0.9908: Abort forced by user
[ 1531.945237][T29892] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1531.979836][T29907] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: writeback.
[ 1531.989235][  T691] Bluetooth: hci0: command 0x1009 tx timeout
[ 1532.022343][T29892] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1532.039166][T29892] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1532.384238][T29924] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1532.401069][T29924] overlayfs: overlapping lowerdir path
[ 1532.427810][T29928] 9p: Unknown access argument ?k
[ 1532.748946][T29966] syz.3.9942[29966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1532.749383][T29966] syz.3.9942[29966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1532.774523][T29966] syz.3.9942[29966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1532.786893][T29966] syz.3.9942[29966] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1533.225170][T29944] loop2: detected capacity change from 0 to 40427
[ 1533.329660][T29944] F2FS-fs (loop2): fault_type options not supported
[ 1533.337627][T29944] F2FS-fs (loop2): invalid crc value
[ 1533.338461][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1533.338478][   T30] audit: type=1326 audit(2000001335.995:9684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.345479][T29944] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1533.383777][   T30] audit: type=1326 audit(2000001335.995:9685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.418619][T29944] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1533.451658][   T30] audit: type=1326 audit(2000001336.015:9686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.487760][   T30] audit: type=1326 audit(2000001336.075:9687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.527202][   T30] audit: type=1326 audit(2000001336.095:9688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.554429][   T30] audit: type=1326 audit(2000001336.105:9689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.562603][T29985] input: syz0 as /devices/virtual/input/input64
[ 1533.597705][   T30] audit: type=1326 audit(2000001336.105:9690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.621620][   T30] audit: type=1326 audit(2000001336.105:9691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.645299][   T30] audit: type=1326 audit(2000001336.105:9692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.675120][T26177] udevd[26177]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory
[ 1533.696002][   T30] audit: type=1326 audit(2000001336.105:9693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29975 comm="syz.1.9947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20e5dd5719 code=0x7ffc0000
[ 1533.727002][T29972] loop0: detected capacity change from 0 to 40427
[ 1533.756875][T29994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9955'.
[ 1533.869037][ T4213] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1533.993508][T30012] syz.0.9960[30012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1533.993942][T30012] syz.0.9960[30012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1534.017119][T30012] syz.0.9960[30012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1534.028824][T30012] syz.0.9960[30012] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1534.109079][ T5381] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1534.179395][ T4213] usb 2-1: Using ep0 maxpacket: 16
[ 1534.299127][ T4213] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[ 1534.309105][ T4213] usb 2-1: config 0 has no interface number 0
[ 1534.321151][ T4213] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1534.340051][ T4213] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1534.360202][ T4213] usb 2-1: config 0 interface 41 has no altsetting 0
[ 1534.379058][ T5381] usb 3-1: Using ep0 maxpacket: 16
[ 1534.499087][ T5381] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1534.516620][ T5381] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1534.529084][ T4213] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 1534.541211][ T4213] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1534.552293][ T5381] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1534.570330][ T4213] usb 2-1: Product: syz
[ 1534.579801][ T4213] usb 2-1: Manufacturer: syz
[ 1534.587331][ T5381] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1534.597274][ T4213] usb 2-1: SerialNumber: syz
[ 1534.607188][ T4213] usb 2-1: config 0 descriptor??
[ 1534.615072][ T5381] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1534.632682][ T5381] usb 3-1: config 0 descriptor??
[ 1534.639206][T29987] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1534.646639][T29987] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1534.777254][T30019] netlink: 1 bytes leftover after parsing attributes in process `syz.3.9965'.
[ 1534.823597][T30029] tun0: tun_chr_ioctl cmd 1074025677
[ 1534.828767][T30029] tun0: linktype set to 804
[ 1534.860140][T29987] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1534.867281][T29987] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 1534.951180][T30052] loop0: detected capacity change from 0 to 256
[ 1535.046174][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.061010][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.067706][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.074695][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.082157][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.088944][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.096336][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.103726][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.110791][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.117359][T30052] FAT-fs (loop0): Directory bread(block 1285) failed
[ 1535.130103][ T5381] microsoft 0003:045E:07DA.005B: unknown main item tag 0x0
[ 1535.141582][ T5381] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.005B/input/input65
[ 1535.220131][ T5381] microsoft 0003:045E:07DA.005B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1535.332472][  T691] usb 3-1: USB disconnect, device number 58
[ 1535.516988][T30070] tun0: tun_chr_ioctl cmd 1074025675
[ 1535.522806][T30070] tun0: persist enabled
[ 1535.527024][T30070] tun0: tun_chr_ioctl cmd 1074025675
[ 1535.532283][T30070] tun0: persist enabled
[ 1535.539143][ T4213] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[ 1535.569221][ T4213] CoreChips: probe of 2-1:0.41 failed with error -71
[ 1535.576846][ T4213] usb 2-1: USB disconnect, device number 56
[ 1535.819120][   T26] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1535.851738][T30074] loop2: detected capacity change from 0 to 128
[ 1535.919272][T30074] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1535.931356][T30074] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1536.002437][T30078] xt_hashlimit: size too large, truncated to 1048576
[ 1536.069198][   T26] usb 4-1: Using ep0 maxpacket: 8
[ 1536.186922][T30085] bpf_get_probe_write_proto: 2 callbacks suppressed
[ 1536.186955][T30085] syz.1.9995[30085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.194474][T30085] syz.1.9995[30085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.217732][T30085] syz.1.9995[30085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.229780][T30085] syz.1.9995[30085] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.559179][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1536.581671][   T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1536.591317][   T26] usb 4-1: New USB device found, idVendor=046d, idProduct=c71c, bcdDevice= 0.00
[ 1536.600302][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1536.612769][   T26] usb 4-1: config 0 descriptor??
[ 1536.687284][ T9964] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1536.786665][T30102] syz.4.10001[30102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.786764][T30102] syz.4.10001[30102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.826665][T30102] syz.4.10001[30102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1536.838300][T30102] syz.4.10001[30102] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1537.239110][  T691] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 1537.294426][ T4213] usb 4-1: USB disconnect, device number 60
[ 1537.499188][  T691] usb 3-1: Using ep0 maxpacket: 16
[ 1537.612057][T30109] netlink: 'syz.4.10004': attribute type 1 has an invalid length.
[ 1537.715527][T30119] syz.1.10014[30119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1537.715943][T30119] syz.1.10014[30119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1538.189451][  T691] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1538.210109][  T691] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1538.218158][  T691] usb 3-1: Product: syz
[ 1538.222525][  T691] usb 3-1: Manufacturer: syz
[ 1538.227192][  T691] usb 3-1: SerialNumber: syz
[ 1538.237375][  T691] r8152-cfgselector 3-1: config 0 descriptor??
[ 1538.509188][  T691] r8152-cfgselector 3-1: Unknown version 0x0000
[ 1538.521485][   T30] kauditd_printk_skb: 60 callbacks suppressed
[ 1538.521532][   T30] audit: type=1400 audit(2000001341.185:9754): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1538.522620][T30140] loop0: detected capacity change from 0 to 1024
[ 1538.556019][  T691] r8152-cfgselector 3-1: Unknown version 0x0000
[ 1538.602258][   T30] audit: type=1400 audit(2000001341.215:9755): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1538.626277][  T691] r8152-cfgselector 3-1: bad CDC descriptors
[ 1538.653240][T30140] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1538.654404][   T30] audit: type=1400 audit(2000001341.215:9756): avc:  denied  { open } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=13 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1538.684124][   T30] audit: type=1400 audit(2000001341.215:9757): avc:  denied  { getattr } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=13 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1538.709280][  T691] r8152-cfgselector 3-1: Unknown version 0x0000
[ 1538.722389][  T691] r8152-cfgselector 3-1: USB disconnect, device number 59
[ 1538.736960][   T30] audit: type=1400 audit(2000001341.225:9758): avc:  denied  { create } for  pid=30141 comm="syz.1.10019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1538.768760][T30140] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,mblk_io_submit,data_err=abort,sysvgroups,,errors=continue. Quota mode: writeback.
[ 1538.869168][   T30] audit: type=1400 audit(2000001341.295:9759): avc:  denied  { mounton } for  pid=30139 comm="syz.0.10018" path="/1955/file0" dev="tmpfs" ino=10430 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1538.893353][   T30] audit: type=1400 audit(2000001341.295:9760): avc:  denied  { connect } for  pid=30141 comm="syz.1.10019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1539.062112][   T30] audit: type=1400 audit(2000001341.535:9761): avc:  denied  { mount } for  pid=30139 comm="syz.0.10018" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1539.067533][T30153] loop2: detected capacity change from 0 to 1024
[ 1539.129959][   T30] audit: type=1400 audit(2000001341.605:9762): avc:  denied  { write } for  pid=30139 comm="syz.0.10018" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1539.158627][T30153] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1539.187887][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.209397][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.229340][   T30] audit: type=1400 audit(2000001341.605:9763): avc:  denied  { add_name } for  pid=30139 comm="syz.0.10018" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1539.288740][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.325207][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.373136][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.411232][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.429385][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.449307][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.469046][ T5381] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1539.469865][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.501447][  T291] EXT4-fs warning (device loop2): ext4_empty_dir:3154: inode #11: comm syz-executor: directory missing '..'
[ 1539.662363][ T6060] tipc: Disabling bearer <eth:bridge0>
[ 1539.679376][ T6060] tipc: Disabling bearer <udp:syz2>
[ 1539.684705][ T6060] tipc: Left network mode
[ 1539.759132][ T5381] usb 4-1: device descriptor read/64, error -71
[ 1539.779361][T30175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1539.786207][T30175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1539.809740][T30175] device bridge_slave_0 entered promiscuous mode
[ 1539.829093][T30175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1539.836124][T30175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1539.844283][T30175] device bridge_slave_1 entered promiscuous mode
[ 1539.934737][T30175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1539.941641][T30175] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1539.948768][T30175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1539.955645][T30175] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1540.003181][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1540.012113][ T9964] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.026421][ T9964] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.179115][ T5381] usb 4-1: device descriptor read/64, error -71
[ 1540.406223][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1540.420357][ T9964] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.427242][ T9964] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1540.449073][ T5381] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1540.457690][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1540.468907][ T9964] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.475873][ T9964] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1540.499429][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1540.516521][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1540.543764][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1540.557620][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1540.567044][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1540.574763][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1540.587065][T30175] device veth0_vlan entered promiscuous mode
[ 1540.601735][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1540.612208][ T6060] device bridge_slave_1 left promiscuous mode
[ 1540.628605][ T6060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.635954][ T6060] device bridge_slave_0 left promiscuous mode
[ 1540.649127][ T6060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.657355][ T6060] device veth1_macvtap left promiscuous mode
[ 1540.729089][ T5381] usb 4-1: device descriptor read/64, error -71
[ 1540.824435][T30175] device veth1_macvtap entered promiscuous mode
[ 1540.841279][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1540.852320][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1540.880505][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1540.905555][ T9964] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1540.905799][T30205] input: syz1 as /devices/virtual/input/input66
[ 1541.119038][ T5381] usb 4-1: device descriptor read/64, error -71
[ 1541.223789][T30262] loop1: detected capacity change from 0 to 512
[ 1541.239134][ T5381] usb usb4-port1: attempt power cycle
[ 1541.310329][T30262] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1541.325119][T30262] EXT4-fs (loop1): 1 truncate cleaned up
[ 1541.329748][T30268] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10074'.
[ 1541.331224][T30262] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[ 1541.659268][ T5381] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1541.769614][T30290] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.777368][T30290] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1541.799889][T30290] device bridge_slave_0 entered promiscuous mode
[ 1541.826911][T30290] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.837054][T30290] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1541.839292][ T5381] usb 4-1: device descriptor read/8, error -71
[ 1541.845333][T30290] device bridge_slave_1 entered promiscuous mode
[ 1541.859684][T30311] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1541.868836][ T9964] tipc: Left network mode
[ 1542.050874][T30318] bpf_get_probe_write_proto: 14 callbacks suppressed
[ 1542.050916][T30318] syz.5.10096[30318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.057563][T30318] syz.5.10096[30318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.071951][T30318] syz.5.10096[30318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.083423][T30318] syz.5.10096[30318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.342733][T30316] syz.4.10095[30316] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.354535][T30316] syz.4.10095[30316] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1542.559740][ T5381] usb 4-1: device descriptor read/8, error -71
[ 1542.622663][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1542.630373][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1542.648527][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1542.657139][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1542.673530][ T7676] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1542.680539][ T7676] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1542.709178][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1542.723981][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1542.744502][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1542.759447][ T7676] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1542.766417][ T7676] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1542.800955][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1542.811525][T30335] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1542.831068][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1542.857894][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1542.874588][T30290] device veth0_vlan entered promiscuous mode
[ 1542.882299][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1542.916435][T30344] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1542.944651][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1542.952569][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1542.968700][T30290] device veth1_macvtap entered promiscuous mode
[ 1542.975513][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1542.984141][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1542.992883][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1543.024346][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1543.032980][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1543.046343][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1543.059521][ T7676] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1543.072386][ T9964] device bridge_slave_1 left promiscuous mode
[ 1543.078360][ T9964] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1543.086098][ T9964] device bridge_slave_0 left promiscuous mode
[ 1543.092092][ T9964] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1543.100726][ T9964] device veth1_macvtap left promiscuous mode
[ 1543.106570][ T9964] device veth0_vlan left promiscuous mode
[ 1543.359274][T30358] overlayfs: failed to clone upperpath
[ 1543.452086][T30366] syz.3.10113[30366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1543.452189][T30366] syz.3.10113[30366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1543.600804][   T30] kauditd_printk_skb: 129 callbacks suppressed
[ 1543.600876][   T30] audit: type=1400 audit(2000001346.265:9893): avc:  denied  { ioctl } for  pid=30374 comm="syz.0.10120" path="socket:[114708]" dev="sockfs" ino=114708 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1543.609563][T30375] wireguard: wg1: Could not create IPv4 socket
[ 1543.652694][T30376] syz.6.10119[30376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1543.652901][T30376] syz.6.10119[30376] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1543.757261][T30379] netlink: 'syz.0.10121': attribute type 1 has an invalid length.
[ 1543.864789][   T30] audit: type=1400 audit(2000001346.525:9894): avc:  denied  { ioctl } for  pid=30380 comm="syz.0.10122" path="socket:[114716]" dev="sockfs" ino=114716 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1543.880007][T30381] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[ 1544.019766][T30385] loop0: detected capacity change from 0 to 512
[ 1544.098465][T30385] EXT4-fs error (device loop0): __ext4_iget:4903: inode #15: block 1803188595: comm syz.0.10124: invalid block
[ 1544.110963][T30385] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.10124: couldn't read orphan inode 15 (err -117)
[ 1544.123915][T30385] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000000967,debug_want_extra_isize=0x000000000000005c,usrquota,nombcache,stripe=0x0000000000000008,usrjquota=,,errors=continue. Quota mode: writeback.
[ 1544.167125][   T30] audit: type=1400 audit(2000001346.825:9895): avc:  denied  { setattr } for  pid=30384 comm="syz.0.10124" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1544.389144][   T30] audit: type=1400 audit(2000001347.035:9896): avc:  denied  { read } for  pid=30395 comm="syz.3.10130" name="rtc0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1544.415682][   T30] audit: type=1400 audit(2000001347.035:9897): avc:  denied  { open } for  pid=30395 comm="syz.3.10130" path="/dev/rtc0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1544.454196][T30400] loop0: detected capacity change from 0 to 512
[ 1544.506224][T30400] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.10126: inode #1: comm syz.0.10126: iget: illegal inode #
[ 1544.519824][T30400] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.10126: error while reading EA inode 1 err=-117
[ 1544.532489][T30400] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.10126: inode #1: comm syz.0.10126: iget: illegal inode #
[ 1544.545918][T30400] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.10126: error while reading EA inode 1 err=-117
[ 1544.558914][T30400] EXT4-fs (loop0): 1 orphan inode deleted
[ 1544.564733][T30400] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback.
[ 1544.598325][   T30] audit: type=1400 audit(2000001347.255:9898): avc:  denied  { link } for  pid=30399 comm="syz.0.10126" name="file1" dev="loop0" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[ 1544.691470][T30415] device batadv_slave_0 entered promiscuous mode
[ 1545.956258][T30426] wireguard: wg1: Could not create IPv4 socket
[ 1546.086556][T30429] loop0: detected capacity change from 0 to 40427
[ 1546.162731][T30429] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[ 1546.170255][T30429] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1546.180163][T30429] F2FS-fs (loop0): invalid crc value
[ 1546.186701][T30429] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1546.218655][T30429] F2FS-fs (loop0): Start checkpoint disabled!
[ 1546.225702][T30429] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 1546.232626][T30429] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1546.250459][   T30] audit: type=1400 audit(2000001348.915:9899): avc:  denied  { write open } for  pid=30427 comm="syz.0.10140" path="/1970/file2/file0" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1546.274397][   T30] audit: type=1400 audit(2000001348.915:9900): avc:  denied  { setattr } for  pid=30427 comm="syz.0.10140" name="file0" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1546.291356][ T7676] handle_bad_sector: 3 callbacks suppressed
[ 1546.291431][ T7676] attempt to access beyond end of device
[ 1546.291431][ T7676] loop0: rw=2049, want=45104, limit=40427
[ 1546.357002][T30436] netlink: 'syz.3.10141': attribute type 1 has an invalid length.
[ 1546.786802][   T30] audit: type=1400 audit(2000001349.445:9901): avc:  denied  { bind } for  pid=30452 comm="syz.4.10147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1546.955902][   T30] audit: type=1400 audit(2000001349.615:9902): avc:  denied  { wake_alarm } for  pid=30470 comm="syz.0.10158" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1547.282541][T30493] bpf_get_probe_write_proto: 10 callbacks suppressed
[ 1547.282574][T30493] syz.0.10166[30493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1547.289607][T30493] syz.0.10166[30493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1547.312115][T30493] syz.0.10166[30493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1547.323962][T30493] syz.0.10166[30493] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1548.032477][T30518] syz.6.10178[30518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1548.044031][T30518] syz.6.10178[30518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1548.058814][T30518] syz.6.10178[30518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1548.070970][T30518] syz.6.10178[30518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1549.012658][T30523] syz.5.10179[30523] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1549.024697][T30523] syz.5.10179[30523] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1549.222271][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1549.222289][   T30] audit: type=1326 audit(2000001351.885:9905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.319514][   T30] audit: type=1326 audit(2000001351.935:9906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.345324][   T30] audit: type=1326 audit(2000001351.935:9907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.382173][   T30] audit: type=1326 audit(2000001351.935:9908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.689126][   T30] audit: type=1326 audit(2000001351.935:9909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.732970][   T30] audit: type=1326 audit(2000001351.935:9910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7c4c20e6e7 code=0x7ffc0000
[ 1549.759047][   T30] audit: type=1326 audit(2000001351.935:9911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7c4c1b3099 code=0x7ffc0000
[ 1549.782599][   T30] audit: type=1326 audit(2000001351.935:9912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f7c4c217719 code=0x7ffc0000
[ 1549.806193][   T30] audit: type=1326 audit(2000001351.935:9913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7c4c20e6e7 code=0x7ffc0000
[ 1549.829992][   T30] audit: type=1326 audit(2000001351.935:9914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30528 comm="syz.4.10177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7c4c1b3099 code=0x7ffc0000
[ 1550.239050][  T691] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1550.619615][  T691] usb 4-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 1550.635818][  T691] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1550.668401][  T691] usb 4-1: config 0 descriptor??
[ 1550.721155][  T691] ums-usbat 4-1:0.0: USB Mass Storage device detected
[ 1550.744660][  T691] ums-usbat 4-1:0.0: Quirks match for vid 0781 pid 0005: 1
[ 1550.770033][  T691] ums-usbat 4-1:0.0: This device (0781,0005,0005 S 06 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel 5.15.167-syzkaller-00002-g3bfe08931bff)
[ 1550.770033][  T691]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[ 1550.922319][  T691] usb 4-1: USB disconnect, device number 65
[ 1551.869130][  T297] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1552.204184][  T297] usb 4-1: Using ep0 maxpacket: 32
[ 1552.329167][  T297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1552.340037][  T297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1552.349529][  T297] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1552.358492][  T297] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1552.367341][  T297] usb 4-1: config 0 descriptor??
[ 1552.409756][  T297] hub 4-1:0.0: USB hub found
[ 1552.709209][  T297] hub 4-1:0.0: config failed, can't read hub descriptor (err -90)
[ 1552.776367][T30659] bpf_get_probe_write_proto: 8 callbacks suppressed
[ 1552.776390][T30659] syz.4.10235[30659] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1552.783276][T30659] syz.4.10235[30659] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1553.009217][  T297] usbhid 4-1:0.0: can't add hid device: -71
[ 1553.026646][  T297] usbhid: probe of 4-1:0.0 failed with error -71
[ 1553.059817][  T297] usb 4-1: USB disconnect, device number 66
[ 1553.570887][T30669] netlink: 'syz.6.10239': attribute type 1 has an invalid length.
[ 1553.602710][T30672] loop0: detected capacity change from 0 to 128
[ 1553.639520][T30676] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10241'.
[ 1553.665348][T30672] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1553.676054][T30672] ext4 filesystem being mounted at /2000/mnt supports timestamps until 2038 (0x7fffffff)
[ 1553.726128][T30685] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10245'.
[ 1554.328859][T30710] syz.4.10254[30710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.328956][T30710] syz.4.10254[30710] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.343472][T30713] syz.0.10255[30713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.354909][T30713] syz.0.10255[30713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.368549][T30713] syz.0.10255[30713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.380152][T30713] syz.0.10255[30713] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1554.739429][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 1554.739446][   T30] audit: type=1400 audit(2000001613.406:9972): avc:  denied  { connect } for  pid=30717 comm="syz.3.10261" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1554.795348][T30728] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10264'.
[ 1555.474938][T30758] syz.6.10276[30758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1555.475091][T30758] syz.6.10276[30758] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1555.872354][   T30] audit: type=1400 audit(2000001870.535:9973): avc:  denied  { read } for  pid=30768 comm="syz.4.10281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1555.945347][   T30] audit: type=1326 audit(2000001870.595:9974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1555.988186][T30782] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=30782 comm=syz.6.10287
[ 1556.010896][   T30] audit: type=1326 audit(2000001870.595:9975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.037859][   T30] audit: type=1326 audit(2000001870.595:9976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.063281][   T30] audit: type=1326 audit(2000001870.595:9977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.087509][   T30] audit: type=1326 audit(2000001870.595:9978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.117122][   T30] audit: type=1326 audit(2000001870.595:9979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.141853][   T30] audit: type=1326 audit(2000001870.595:9980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1556.166024][   T30] audit: type=1326 audit(2000001870.595:9981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30774 comm="syz.6.10284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1557.569040][   T26] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1557.819152][   T26] usb 4-1: Using ep0 maxpacket: 16
[ 1557.916642][T30850] bpf_get_probe_write_proto: 8 callbacks suppressed
[ 1557.916679][T30850] syz.5.10314[30850] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1557.923742][T30850] syz.5.10314[30850] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1558.264262][   T26] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[ 1558.289317][   T26] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1558.300375][   T26] usb 4-1: config 0 has no interface number 0
[ 1558.306614][   T26] usb 4-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1558.439208][   T26] usb 4-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88
[ 1558.448171][   T26] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1558.456278][   T26] usb 4-1: Product: syz
[ 1558.460328][   T26] usb 4-1: SerialNumber: syz
[ 1558.465513][   T26] usb 4-1: config 0 descriptor??
[ 1558.684214][T30866] 9p: Unknown access argument ?k
[ 1558.739091][T30873] loop0: detected capacity change from 0 to 512
[ 1558.749626][   T26] snd-usb-audio: probe of 4-1:0.2 failed with error -2
[ 1558.757275][   T26] usb 4-1: USB disconnect, device number 67
[ 1558.770488][T30873] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1558.811087][T30873] EXT4-fs (loop0): 1 orphan inode deleted
[ 1558.816816][T30873] EXT4-fs (loop0): 1 truncate cleaned up
[ 1558.822629][T30873] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,data=journal,data_err=ignore,inode_readahead_blks=0x0000000000000020,resuid=0x0000000000000000,block_validity,. Quota mode: none.
[ 1558.861074][T30873] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1558.875933][T30873] EXT4-fs (loop0): Remounting filesystem read-only
[ 1559.100150][T30887] syz.0.10330[30887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1559.100555][T30887] syz.0.10330[30887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1559.848459][T30904] loop0: detected capacity change from 0 to 512
[ 1559.866067][T30906] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1559.866217][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1559.866234][   T30] audit: type=1400 audit(2000001874.525:9992): avc:  denied  { unlink } for  pid=30905 comm="syz.3.10340" name="#12b" dev="tmpfs" ino=11221 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1559.910204][T30906] overlayfs: overlapping lowerdir path
[ 1559.931165][T30904] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[ 1559.947101][T30904] ext4 filesystem being mounted at /2018/bus supports timestamps until 2038 (0x7fffffff)
[ 1559.966596][T30904] EXT4-fs error (device loop0): ext4_find_dest_de:2113: inode #12: block 32: comm syz.0.10338: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[ 1559.986737][T30904] incfs: Can't find or create .index dir in ./file0
[ 1559.993297][T30904] incfs: mount failed -117
[ 1560.026205][   T30] audit: type=1400 audit(2000001874.685:9993): avc:  denied  { remount } for  pid=30911 comm="syz.3.10343" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1560.062066][T30914] loop0: detected capacity change from 0 to 256
[ 1560.080956][   T30] audit: type=1400 audit(2000001874.745:9994): avc:  denied  { mount } for  pid=30913 comm="syz.0.10341" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1560.108304][   T30] audit: type=1400 audit(2000001874.765:9995): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[ 1560.501376][T30918] loop0: detected capacity change from 0 to 131072
[ 1560.592395][T30918] F2FS-fs (loop0): invalid crc value
[ 1560.619993][T30918] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1560.637999][   T30] audit: type=1326 audit(2000001875.295:9996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1560.696513][   T30] audit: type=1326 audit(2000001875.335:9997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1560.721048][   T30] audit: type=1326 audit(2000001875.335:9998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1560.721223][T30934] ip_tunnel: non-ECT from 0.0.0.224 with TOS=0x3
[ 1560.744971][   T30] audit: type=1326 audit(2000001875.335:9999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1560.813088][T30918] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1560.829574][T30940] syz.6.10350[30940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1560.829962][T30940] syz.6.10350[30940] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1561.149154][   T30] audit: type=1326 audit(2000001875.345:10000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1561.185362][   T30] audit: type=1326 audit(2000001875.345:10001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30927 comm="syz.3.10356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f997f5e4719 code=0x7ffc0000
[ 1561.333359][T30956] syz.5.10358[30956] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1561.333464][T30956] syz.5.10358[30956] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1561.509749][ T4213] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1561.685739][T30970] loop0: detected capacity change from 0 to 40427
[ 1561.874983][T30972] loop0: detected capacity change from 0 to 16
[ 1561.899149][ T4213] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1561.909829][ T4213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1561.923098][ T4213] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1561.924506][T30972] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1561.933751][ T4213] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1562.029144][ T4213] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1562.038187][ T4213] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1562.046308][ T4213] usb 4-1: Manufacturer: syz
[ 1562.052072][ T4213] usb 4-1: config 0 descriptor??
[ 1562.530248][ T4213] appleir 0003:05AC:8243.005D: unknown main item tag 0x0
[ 1562.537327][ T4213] appleir 0003:05AC:8243.005D: No inputs registered, leaving
[ 1562.546408][ T4213] appleir 0003:05AC:8243.005D: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[ 1562.799925][  T691] usb 4-1: USB disconnect, device number 68
[ 1564.188320][T30982] ip_tunnel: non-ECT from 0.0.0.224 with TOS=0x3
[ 1564.621638][T30998] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10376'.
[ 1565.042422][T31019] xt_hashlimit: size too large, truncated to 1048576
[ 1565.087903][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1565.087921][   T30] audit: type=1400 audit(2000001879.745:10007): avc:  denied  { read write } for  pid=31024 comm="syz.6.10390" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1565.137748][   T30] audit: type=1400 audit(2000001879.775:10008): avc:  denied  { open } for  pid=31024 comm="syz.6.10390" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1565.191054][T31034] syz.3.10394[31034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1565.191143][T31034] syz.3.10394[31034] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1565.199053][   T30] audit: type=1400 audit(2000001879.825:10009): avc:  denied  { unmount } for  pid=30290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1565.234743][T31034] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31034 comm=syz.3.10394
[ 1565.261579][   T30] audit: type=1400 audit(2000001879.925:10010): avc:  denied  { mount } for  pid=31036 comm="syz.6.10395" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1565.354478][T31045] syz.5.10396[31045] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1565.354855][T31045] syz.5.10396[31045] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1566.152990][   T30] audit: type=1326 audit(2000001880.815:10011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.5.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5c213719 code=0x7ffc0000
[ 1566.188504][   T30] audit: type=1326 audit(2000001880.815:10012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.5.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5c213719 code=0x7ffc0000
[ 1566.189093][  T691] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1566.219726][   T30] audit: type=1326 audit(2000001880.835:10013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.5.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f8c5c213719 code=0x7ffc0000
[ 1566.244330][   T30] audit: type=1326 audit(2000001880.835:10014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.5.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5c213719 code=0x7ffc0000
[ 1566.271886][   T30] audit: type=1326 audit(2000001880.835:10015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31065 comm="syz.5.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c5c213719 code=0x7ffc0000
[ 1566.316711][   T30] audit: type=1400 audit(2000001880.975:10016): avc:  denied  { unmount } for  pid=30175 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1566.603548][T31084] syz.6.10416[31084] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1566.603817][T31084] syz.6.10416[31084] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1567.059125][  T691] usb 4-1: config index 0 descriptor too short (expected 45, got 36)
[ 1567.078343][  T691] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1567.089320][  T691] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1567.100526][  T691] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1567.113518][  T691] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1567.122613][  T691] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1567.131960][  T691] usb 4-1: config 0 descriptor??
[ 1567.149148][T31057] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 1567.355084][T31096] input: syz1 as /devices/virtual/input/input67
[ 1567.412014][T31108] TCP: tcp_parse_options: Illegal window scaling value 112 > 14 received
[ 1567.489331][T31125] 9pnet: p9_errstr2errno: server reported unknown error 
[ 1567.576886][T31130] syz.6.10432[31130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1567.577297][T31130] syz.6.10432[31130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1567.820862][T31134] incfs: Can't find or create .index dir in ./file0
[ 1567.836986][  T691] plantronics 0003:047F:FFFF.005E: unknown main item tag 0xd
[ 1567.841701][T31134] incfs: mount failed -30
[ 1567.850935][  T691] plantronics 0003:047F:FFFF.005E: No inputs registered, leaving
[ 1567.851936][T31134] incfs: Can't find or create .index dir in ./file0
[ 1567.867277][T31134] incfs: mount failed -30
[ 1567.869919][  T691] plantronics 0003:047F:FFFF.005E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1567.949329][  T297] usb 4-1: USB disconnect, device number 69
[ 1568.561129][T31159] syz.4.10449[31159] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1568.561220][T31159] syz.4.10449[31159] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1568.749013][  T297] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1568.995500][T31197] loop0: detected capacity change from 0 to 256
[ 1569.009733][  T297] usb 4-1: Using ep0 maxpacket: 16
[ 1569.149073][  T297] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1569.161402][T31216] overlayfs: missing 'lowerdir'
[ 1569.162415][  T297] usb 4-1: config 0 has no interfaces?
[ 1569.359149][  T297] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1569.368097][  T297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1569.375881][  T297] usb 4-1: Product: syz
[ 1569.379887][  T297] usb 4-1: Manufacturer: syz
[ 1569.384230][  T297] usb 4-1: SerialNumber: syz
[ 1569.390315][  T297] usb 4-1: config 0 descriptor??
[ 1569.631818][  T691] usb 4-1: USB disconnect, device number 70
[ 1570.103788][   T30] kauditd_printk_skb: 72 callbacks suppressed
[ 1570.103807][   T30] audit: type=1400 audit(2000001884.765:10089): avc:  denied  { create } for  pid=31239 comm="syz.0.10487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1570.130168][   T30] audit: type=1400 audit(2000001884.765:10090): avc:  denied  { write } for  pid=31239 comm="syz.0.10487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1570.242266][   T30] audit: type=1400 audit(2000001884.905:10091): avc:  denied  { create } for  pid=31245 comm="syz.3.10490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1570.635678][   T30] audit: type=1400 audit(2000001885.295:10092): avc:  denied  { create } for  pid=31255 comm="syz.3.10495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1570.658019][   T30] audit: type=1400 audit(2000001885.325:10093): avc:  denied  { write } for  pid=31255 comm="syz.3.10495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1570.697270][   T30] audit: type=1400 audit(2000001885.355:10094): avc:  denied  { name_bind } for  pid=31259 comm="syz.3.10497" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1570.721486][   T30] audit: type=1400 audit(2000001885.355:10095): avc:  denied  { node_bind } for  pid=31259 comm="syz.3.10497" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 1571.705975][T31271] syz.3.10501[31271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1571.706309][T31271] syz.3.10501[31271] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1571.734630][   T30] audit: type=1400 audit(2000001886.365:10096): avc:  denied  { integrity } for  pid=31268 comm="syz.3.10501" lockdown_reason="use of bpf to write user RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[ 1571.774087][   T30] audit: type=1400 audit(2000001886.385:10097): avc:  denied  { module_request } for  pid=31268 comm="syz.3.10501" kmod="ip6t_SNPT" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1572.223230][T31274] syz.6.10502[31274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1572.223297][T31274] syz.6.10502[31274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.521228][T31295] syz.4.10508[31295] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.533056][T31295] syz.4.10508[31295] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1573.684031][   T30] audit: type=1400 audit(2000001888.345:10098): avc:  denied  { mount } for  pid=31306 comm="syz.6.10516" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1573.929847][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.945489][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.953942][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.963637][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.971682][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.979604][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.986919][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1573.994604][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.008751][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.020367][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.032216][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.039884][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.050878][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.058283][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.065945][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.076096][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.090417][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.098332][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.105997][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.115125][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.122936][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.131480][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.138751][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.152701][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.161576][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.169409][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.176945][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.184656][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.192201][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.199765][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.207426][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.214678][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.221898][ T5381] hid-generic 0000:0000:0000.005F: unknown main item tag 0x0
[ 1574.236741][ T5381] hid-generic 0000:0000:0000.005F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1574.418562][T31388] syz.3.10558[31388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.419021][T31388] syz.3.10558[31388] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.703722][T31391] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31391 comm=syz.6.10564
[ 1574.853134][T31416] syz.4.10556[31416] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1574.853234][T31416] syz.4.10556[31416] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1575.145263][T31432] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31432 comm=syz.0.10570
[ 1575.281207][T31444] loop0: detected capacity change from 0 to 512
[ 1575.373654][T31444] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1575.388643][T31444] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.10579: inode #1: comm syz.0.10579: iget: illegal inode #
[ 1575.401986][T31444] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.10579: error while reading EA inode 1 err=-117
[ 1575.414707][T31444] EXT4-fs (loop0): 1 orphan inode deleted
[ 1575.420723][T31444] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback.
[ 1575.446525][   T30] kauditd_printk_skb: 40 callbacks suppressed
[ 1575.446540][   T30] audit: type=1400 audit(2000001890.105:10139): avc:  denied  { mount } for  pid=31443 comm="syz.0.10579" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1575.474395][   T26] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1575.489138][   T30] audit: type=1400 audit(2000001890.155:10140): avc:  denied  { unmount } for  pid=287 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1575.603827][T31450] loop0: detected capacity change from 0 to 1024
[ 1575.640549][T31450] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1575.653748][   T30] audit: type=1400 audit(2000001890.315:10141): avc:  denied  { write } for  pid=31449 comm="syz.0.10590" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1575.676111][   T30] audit: type=1400 audit(2000001890.315:10142): avc:  denied  { add_name } for  pid=31449 comm="syz.0.10590" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1575.678249][T31450] EXT4-fs (loop0): shut down requested (0)
[ 1575.697273][   T30] audit: type=1400 audit(2000001890.315:10143): avc:  denied  { create } for  pid=31449 comm="syz.0.10590" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1575.697313][   T30] audit: type=1400 audit(2000001890.335:10144): avc:  denied  { read write open } for  pid=31449 comm="syz.0.10590" path="/2059/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1575.746920][   T30] audit: type=1400 audit(2000001890.335:10145): avc:  denied  { append } for  pid=31449 comm="syz.0.10590" path="/2059/file1/blkio.bfq.dequeue" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1575.749121][   T26] usb 4-1: Using ep0 maxpacket: 16
[ 1575.771384][   T30] audit: type=1400 audit(2000001890.335:10146): avc:  denied  { ioctl } for  pid=31449 comm="syz.0.10590" path="/2059/file1/blkio.bfq.dequeue" dev="loop0" ino=19 ioctlcmd=0x587d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1575.837362][   T30] audit: type=1326 audit(2000001890.495:10147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31454 comm="syz.0.10581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb88d3c9719 code=0x7ffc0000
[ 1575.861327][   T30] audit: type=1326 audit(2000001890.495:10148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31454 comm="syz.0.10581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb88d3c9719 code=0x7ffc0000
[ 1575.899816][   T26] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[ 1575.907833][   T26] usb 4-1: config 0 has no interface number 0
[ 1575.913916][   T26] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1575.924074][   T26] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1576.329193][   T26] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1576.338140][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1576.345993][   T26] usb 4-1: Product: syz
[ 1576.350058][   T26] usb 4-1: Manufacturer: syz
[ 1576.354363][   T26] usb 4-1: SerialNumber: syz
[ 1576.359813][   T26] usb 4-1: config 0 descriptor??
[ 1576.379190][T31434] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1576.386157][T31434] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1576.602825][T31434] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1576.609961][T31434] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 1576.859350][   T26] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1576.870767][   T26] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[ 1576.880675][   T26] asix: probe of 4-1:0.251 failed with error -5
[ 1576.891010][   T26] usb 4-1: USB disconnect, device number 71
[ 1577.420478][T31480] loop0: detected capacity change from 0 to 128
[ 1577.466564][T31480] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1577.477836][T31480] ext4 filesystem being mounted at /2064/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[ 1578.215936][T31510] netlink: 116 bytes leftover after parsing attributes in process `syz.4.10604'.
[ 1578.492414][T31540] netlink: 116 bytes leftover after parsing attributes in process `syz.0.10618'.
[ 1578.573142][T31552] loop0: detected capacity change from 0 to 256
[ 1578.717733][T31568] loop0: detected capacity change from 0 to 512
[ 1578.750717][T31568] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.10628: invalid indirect mapped block 256 (level 2)
[ 1578.770693][T31568] EXT4-fs (loop0): Remounting filesystem read-only
[ 1578.778552][T31568] EXT4-fs (loop0): 2 truncates cleaned up
[ 1578.796500][T31568] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,debug_want_extra_isize=0x0000000000000008,data_err=ignore,. Quota mode: writeback.
[ 1578.819145][ T9744] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1578.863192][T31568] EXT4-fs error (device loop0): ext4_check_dx_root:2264: inode #2: comm syz.0.10628: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[ 1578.880035][T31568] EXT4-fs (loop0): Remounting filesystem read-only
[ 1578.966493][T31579] bpf_get_probe_write_proto: 4 callbacks suppressed
[ 1578.966525][T31579] syz.4.10634[31579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1578.973450][T31579] syz.4.10634[31579] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.079139][ T9744] usb 4-1: Using ep0 maxpacket: 16
[ 1579.290092][T31582] loop0: detected capacity change from 0 to 1024
[ 1579.301075][T31584] kvm: apic: phys broadcast and lowest prio
[ 1579.358064][T31582] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 1579.369068][ T9744] usb 4-1: device descriptor read/all, error -61
[ 1579.529161][ T9744] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1579.652058][T31612] syz.0.10644[31612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.652151][T31612] syz.0.10644[31612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.665522][T31612] syz.0.10644[31612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.677052][T31612] syz.0.10644[31612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.799137][ T9744] usb 4-1: device descriptor read/64, error -71
[ 1579.994472][T31626] syz.5.10654[31626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1579.994748][T31626] syz.5.10654[31626] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1580.595102][T31630] syz.5.10655[31630] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1580.606646][T31630] syz.5.10655[31630] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1580.664939][T31633] loop0: detected capacity change from 0 to 128
[ 1580.689036][ T9744] usb 4-1: device descriptor read/64, error -71
[ 1580.708061][T31633] EXT4-fs (loop0): Ignoring removed nobh option
[ 1580.720484][T31633] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[ 1580.735673][T31633] ext4 filesystem being mounted at /2078/mnt supports timestamps until 2038 (0x7fffffff)
[ 1580.787181][   T30] kauditd_printk_skb: 108 callbacks suppressed
[ 1580.787226][   T30] audit: type=1400 audit(2000001895.445:10257): avc:  denied  { read } for  pid=31632 comm="syz.0.10656" dev="nsfs" ino=4026532287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1580.815586][ T9744] usb usb4-port1: attempt power cycle
[ 1580.821829][   T30] audit: type=1400 audit(2000001895.445:10258): avc:  denied  { open } for  pid=31632 comm="syz.0.10656" path="net:[4026532287]" dev="nsfs" ino=4026532287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1580.847102][   T30] audit: type=1400 audit(2000001895.445:10259): avc:  denied  { create } for  pid=31632 comm="syz.0.10656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1580.868136][   T30] audit: type=1400 audit(2000001895.445:10260): avc:  denied  { setopt } for  pid=31632 comm="syz.0.10656" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1581.015087][T31641] loop0: detected capacity change from 0 to 1024
[ 1581.015662][   T30] audit: type=1400 audit(2000001895.575:10261): avc:  denied  { read write } for  pid=31636 comm="syz.0.10657" name="uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1581.047218][   T30] audit: type=1400 audit(2000001895.575:10262): avc:  denied  { open } for  pid=31636 comm="syz.0.10657" path="/dev/uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1581.101732][T31641] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 1581.116011][   T30] audit: type=1400 audit(2000001895.785:10263): avc:  denied  { create } for  pid=31640 comm="syz.0.10659" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1581.167043][   T30] audit: type=1400 audit(2000001895.825:10264): avc:  denied  { read } for  pid=31651 comm="syz.5.10665" name="ptp0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1581.190196][   T30] audit: type=1400 audit(2000001895.825:10265): avc:  denied  { open } for  pid=31651 comm="syz.5.10665" path="/dev/ptp0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1581.214548][   T30] audit: type=1400 audit(2000001895.825:10266): avc:  denied  { ioctl } for  pid=31651 comm="syz.5.10665" path="/dev/ptp0" dev="devtmpfs" ino=256 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1581.284385][T31660] loop0: detected capacity change from 0 to 512
[ 1581.299142][ T9744] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1581.320145][T31660] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1581.327398][T31660] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1581.350941][T31660] EXT4-fs (loop0): 1 truncate cleaned up
[ 1581.356423][T31660] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,mblk_io_submit,debug_want_extra_isize=0x000000000000002e,auto_da_alloc,block_validity,quota,,errors=continue. Quota mode: writeback.
[ 1581.469159][ T9744] usb 4-1: device descriptor read/8, error -71
[ 1581.689213][ T9744] usb 4-1: device descriptor read/8, error -71
[ 1582.981488][T31717] loop0: detected capacity change from 0 to 256
[ 1583.023120][T31717] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[ 1583.105636][T31734] overlayfs: failed to resolve './file1': -2
[ 1583.437122][T31781] incfs: Error accessing: ./file0.
[ 1583.442831][T31781] incfs: mount failed -20
[ 1583.710468][T31794] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31794 comm=syz.6.10728
[ 1584.315104][T31800] loop0: detected capacity change from 0 to 1024
[ 1584.354497][T31800] EXT4-fs (loop0): Ignoring removed orlov option
[ 1584.361555][T31800] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[ 1584.398097][T31800] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 1584.446172][T31800] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #14: comm syz.0.10739: attempt to clear invalid blocks 1886221359 len 1
[ 1584.618640][T31820] bpf_get_probe_write_proto: 6 callbacks suppressed
[ 1584.618662][T31820] syz.6.10735[31820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.625839][T31820] syz.6.10735[31820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.637675][T31821] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31821 comm=syz.0.10746
[ 1584.956464][T31849] syz.6.10749[31849] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1584.956807][T31849] syz.6.10749[31849] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.360191][T31868] syz.5.10750[31868] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.371633][T31868] syz.5.10750[31868] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.662520][T31876] syz.3.10759[31876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.674733][T31876] syz.3.10759[31876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.695727][T31876] syz.3.10759[31876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.707262][T31876] syz.3.10759[31876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1585.765233][T31878] xt_hashlimit: size too large, truncated to 1048576
[ 1586.209228][   T30] kauditd_printk_skb: 88 callbacks suppressed
[ 1586.209799][   T30] audit: type=1400 audit(2000001900.865:10355): avc:  denied  { create } for  pid=31883 comm="syz.4.10762" dev="anon_inodefs" ino=120388 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1586.419077][   T30] audit: type=1400 audit(2000001901.065:10356): avc:  denied  { ioctl } for  pid=31893 comm="syz.4.10766" path="socket:[121007]" dev="sockfs" ino=121007 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1586.541211][T31905] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=31905 comm=syz.4.10771
[ 1586.605982][   T30] audit: type=1326 audit(2000001901.265:10357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.643820][   T30] audit: type=1326 audit(2000001901.265:10358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.678539][   T30] audit: type=1326 audit(2000001901.265:10359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.705236][   T30] audit: type=1326 audit(2000001901.265:10360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.734057][   T30] audit: type=1326 audit(2000001901.295:10361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.758523][   T30] audit: type=1326 audit(2000001901.295:10362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.787460][   T30] audit: type=1326 audit(2000001901.305:10363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1586.812350][   T30] audit: type=1326 audit(2000001901.305:10364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31914 comm="syz.6.10777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1eb3a1b719 code=0x7ffc0000
[ 1587.059087][ T9744] usb 4-1: new full-speed USB device number 76 using dummy_hcd
[ 1587.459214][ T9744] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1587.470186][ T9744] usb 4-1: config 1 interface 1 altsetting 1 has an invalid endpoint with address 0xA0, skipping
[ 1587.480607][ T9744] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[ 1587.711371][ T9744] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1587.714068][T31949] xt_hashlimit: size too large, truncated to 1048576
[ 1587.720429][ T9744] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1587.735278][ T9744] usb 4-1: Product: syz
[ 1587.739876][ T9744] usb 4-1: Manufacturer: syz
[ 1587.744364][ T9744] usb 4-1: SerialNumber: syz
[ 1587.990505][T31928] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 1588.000955][T31928] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 1588.033668][T31975] tmpfs: Unknown parameter 'mpo'
[ 1588.063617][T31981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10805'.
[ 1588.649383][T31928] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 1588.656340][T31928] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[ 1588.879140][ T9744] cdc_ncm 4-1:1.0: bind() failure
[ 1588.899135][ T9744] cdc_ncm: probe of 4-1:1.1 failed with error -71
[ 1588.919104][ T9744] cdc_mbim: probe of 4-1:1.1 failed with error -71
[ 1588.928868][ T9744] usb 4-1: USB disconnect, device number 76
[ 1589.051065][T32012] tmpfs: Unknown parameter 'mpo'
[ 1589.071399][T32017] incfs: Error accessing: ./file0.
[ 1589.076443][T32017] incfs: mount failed -20
[ 1589.082380][T32019] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10820'.
[ 1589.304232][T32027] xt_hashlimit: size too large, truncated to 1048576
[ 1590.058053][T32086] incfs: Options parsing error. -22
[ 1590.064745][T32086] incfs: mount failed -22
[ 1590.144998][T32102] incfs: Options parsing error. -22
[ 1590.150501][T32102] incfs: mount failed -22
[ 1590.276555][T32117] bpf_get_probe_write_proto: 10 callbacks suppressed
[ 1590.276577][T32117] syz.4.10861[32117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.283642][T32117] syz.4.10861[32117] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.406579][T32119] syz.5.10874[32119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.418068][T32119] syz.5.10874[32119] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.843201][T32137] syz.3.10865[32137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.854917][T32137] syz.3.10865[32137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.869154][T32137] syz.3.10865[32137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.880628][T32137] syz.3.10865[32137] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1590.925288][T30290] ------------[ cut here ]------------
[ 1590.942863][T30290] WARNING: CPU: 1 PID: 30290 at fs/inode.c:307 drop_nlink+0xc1/0x110
[ 1590.950947][T30290] Modules linked in:
[ 1590.954970][T30290] CPU: 1 PID: 30290 Comm: syz-executor Tainted: G        W         5.15.167-syzkaller-00002-g3bfe08931bff #0
[ 1590.966759][T30290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1590.976978][T30290] RIP: 0010:drop_nlink+0xc1/0x110
[ 1590.982050][T30290] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 67 f5 f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 af 9a ae ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c
[ 1591.003858][T30290] RSP: 0018:ffffc90000977c88 EFLAGS: 00010293
[ 1591.085322][T30290] RAX: ffffffff81c1bcd1 RBX: 0000000000000000 RCX: ffff888111962780
[ 1591.113534][T30290] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1591.122731][T30290] RBP: ffffc90000977cb0 R08: ffffffff81c1bc54 R09: 0000000000000003
[ 1591.131544][T30290] R10: fffff5200012ef80 R11: dffffc0000000001 R12: dffffc0000000000
[ 1591.141004][T30290] R13: 1ffff11023cd327d R14: ffff88811e6993a0 R15: ffff88811e6993e8
[ 1591.148936][T30290] FS:  0000555593e28500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1591.200771][T30290] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1591.208322][T30290] CR2: 000000002007b030 CR3: 000000010e9d0000 CR4: 00000000003506a0
[ 1591.222794][T30290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1591.271750][T30290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1591.281223][T30290] Call Trace:
[ 1591.284420][T30290]  <TASK>
[ 1591.287194][T30290]  ? show_regs+0x58/0x60
[ 1591.292162][T30290]  ? __warn+0x160/0x2f0
[ 1591.302803][T30290]  ? drop_nlink+0xc1/0x110
[ 1591.307181][T30290]  ? report_bug+0x3d9/0x5b0
[ 1591.336085][T30290]  ? drop_nlink+0xc1/0x110
[ 1591.341285][T30290]  ? handle_bug+0x41/0x70
[ 1591.345707][T30290]  ? exc_invalid_op+0x1b/0x50
[ 1591.353885][T30290]  ? asm_exc_invalid_op+0x1b/0x20
[ 1591.356194][T32163] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10893'.
[ 1591.376925][T32163] netlink: 104 bytes leftover after parsing attributes in process `syz.0.10893'.
[ 1591.378124][T30290]  ? drop_nlink+0x44/0x110
[ 1591.411701][T30290]  ? drop_nlink+0xc1/0x110
[ 1591.416059][T30290]  ? drop_nlink+0xc1/0x110
[ 1591.421183][T30290]  ? drop_nlink+0xc1/0x110
[ 1591.425536][T30290]  shmem_rmdir+0x59/0x90
[ 1591.430741][T30290]  vfs_rmdir+0x324/0x470
[ 1591.434965][T30290]  incfs_kill_sb+0x113/0x230
[ 1591.439501][T30290]  deactivate_locked_super+0xad/0x110
[ 1591.444817][T30290]  deactivate_super+0xbe/0xf0
[ 1591.449807][T30290]  cleanup_mnt+0x45c/0x510
[ 1591.454114][T30290]  __cleanup_mnt+0x19/0x20
[ 1591.458347][T30290]  task_work_run+0x129/0x190
[ 1591.462840][T30290]  exit_to_user_mode_loop+0xc4/0xe0
[ 1591.467937][T30290]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1591.473682][T30290]  syscall_exit_to_user_mode+0x26/0x160
[ 1591.479223][T30290]  do_syscall_64+0x47/0xb0
[ 1591.483566][T30290]  ? clear_bhb_loop+0x35/0x90
[ 1591.488250][T30290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1591.494158][T30290] RIP: 0033:0x7f1eb3a1ca47
[ 1591.498661][T30290] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1591.519023][T30290] RSP: 002b:00007ffd432e9db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1591.527372][T30290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f1eb3a1ca47
[ 1591.535463][T30290] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd432e9e70
[ 1591.543736][T30290] RBP: 00007ffd432e9e70 R08: 0000000000000000 R09: 0000000000000000
[ 1591.551801][T30290] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd432eaef0
[ 1591.559742][T30290] R13: 00007f1eb3a8e5fc R14: 0000000000184614 R15: 00007ffd432eaf30
[ 1591.567985][T30290]  </TASK>
[ 1591.570869][T30290] ---[ end trace 7a4ef4962ec9c0af ]---
[ 1591.589134][T30290] ==================================================================
[ 1591.597027][T30290] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60
[ 1591.603116][T30290] Write of size 4 at addr 0000000000000170 by task syz-executor/30290
[ 1591.611086][T30290] 
[ 1591.613256][T30290] CPU: 1 PID: 30290 Comm: syz-executor Tainted: G        W         5.15.167-syzkaller-00002-g3bfe08931bff #0
[ 1591.624834][T30290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1591.634697][T30290] Call Trace:
[ 1591.637820][T30290]  <TASK>
[ 1591.640601][T30290]  dump_stack_lvl+0x151/0x1c0
[ 1591.645115][T30290]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1591.650576][T30290]  ? _raw_spin_lock+0xa4/0x1b0
[ 1591.655181][T30290]  ? _raw_spin_trylock_bh+0x190/0x190
[ 1591.660437][T30290]  kasan_report+0x16f/0x1c0
[ 1591.664722][T30290]  ? ihold+0x20/0x60
[ 1591.668453][T30290]  ? ihold+0x20/0x60
[ 1591.672186][T30290]  kasan_check_range+0x293/0x2a0
[ 1591.676963][T30290]  __kasan_check_write+0x14/0x20
[ 1591.681750][T30290]  ihold+0x20/0x60
[ 1591.685296][T30290]  vfs_rmdir+0x201/0x470
[ 1591.689390][T30290]  incfs_kill_sb+0x113/0x230
[ 1591.693804][T30290]  deactivate_locked_super+0xad/0x110
[ 1591.699019][T30290]  deactivate_super+0xbe/0xf0
[ 1591.703527][T30290]  cleanup_mnt+0x45c/0x510
[ 1591.707775][T30290]  __cleanup_mnt+0x19/0x20
[ 1591.712025][T30290]  task_work_run+0x129/0x190
[ 1591.716470][T30290]  exit_to_user_mode_loop+0xc4/0xe0
[ 1591.721491][T30290]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1591.726784][T30290]  syscall_exit_to_user_mode+0x26/0x160
[ 1591.732166][T30290]  do_syscall_64+0x47/0xb0
[ 1591.736410][T30290]  ? clear_bhb_loop+0x35/0x90
[ 1591.740930][T30290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1591.746651][T30290] RIP: 0033:0x7f1eb3a1ca47
[ 1591.751003][T30290] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1591.770354][T30290] RSP: 002b:00007ffd432e9db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1591.778590][T30290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f1eb3a1ca47
[ 1591.786403][T30290] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd432e9e70
[ 1591.794217][T30290] RBP: 00007ffd432e9e70 R08: 0000000000000000 R09: 0000000000000000
[ 1591.802029][T30290] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd432eaef0
[ 1591.809837][T30290] R13: 00007f1eb3a8e5fc R14: 0000000000184614 R15: 00007ffd432eaf30
[ 1591.817663][T30290]  </TASK>
[ 1591.820530][T30290] ==================================================================
[ 1591.828418][T30290] Disabling lock debugging due to kernel taint
[ 1591.836202][T30290] BUG: kernel NULL pointer dereference, address: 0000000000000170
[ 1591.844375][T30290] #PF: supervisor write access in kernel mode
[ 1591.850292][T30290] #PF: error_code(0x0002) - not-present page
[ 1591.856265][T30290] PGD 123ed9067 P4D 123ed9067 PUD 0 
[ 1591.861542][T30290] Oops: 0002 [#1] PREEMPT SMP KASAN
[ 1591.866573][T30290] CPU: 1 PID: 30290 Comm: syz-executor Tainted: G    B   W         5.15.167-syzkaller-00002-g3bfe08931bff #0
[ 1591.877947][T30290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1591.887929][T30290] RIP: 0010:ihold+0x25/0x60
[ 1591.892541][T30290] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 92 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 50 ed f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 96 ae
[ 1591.913450][T30290] RSP: 0018:ffffc90000977cc8 EFLAGS: 00010246
[ 1591.919345][T30290] RAX: ffff888111962700 RBX: 0000000000000001 RCX: ffff888111962780
[ 1591.927158][T30290] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[ 1591.935147][T30290] RBP: ffffc90000977cd8 R08: ffffffff8141997b R09: 0000000000000003
[ 1591.943217][T30290] R10: fffffbfff0e9a24c R11: dffffc0000000001 R12: dffffc0000000000
[ 1591.951590][T30290] R13: ffff888126665770 R14: 0000000000000000 R15: 1ffff11024cccaf4
[ 1591.959663][T30290] FS:  0000555593e28500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1591.968514][T30290] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1591.975414][T30290] CR2: 0000000000000170 CR3: 000000010e9d0000 CR4: 00000000003506a0
[ 1591.983323][T30290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1591.991264][T30290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1591.999476][T30290] Call Trace:
[ 1592.002599][T30290]  <TASK>
[ 1592.005375][T30290]  ? __die_body+0x62/0xb0
[ 1592.009648][T30290]  ? __die+0x7e/0x90
[ 1592.013643][T30290]  ? page_fault_oops+0x7f9/0xa90
[ 1592.018501][T30290]  ? __kasan_check_write+0x14/0x20
[ 1592.024007][T30290]  ? kernelmode_fixup_or_oops+0xd0/0xd0
[ 1592.029467][T30290]  ? __schedule+0xcd4/0x1590
[ 1592.033907][T30290]  ? exc_page_fault+0x510/0x7f0
[ 1592.038702][T30290]  ? asm_exc_page_fault+0x27/0x30
[ 1592.043684][T30290]  ? check_panic_on_warn+0x5b/0xb0
[ 1592.048621][T30290]  ? ihold+0x25/0x60
[ 1592.052442][T30290]  ? ihold+0x20/0x60
[ 1592.056171][T30290]  vfs_rmdir+0x201/0x470
[ 1592.060254][T30290]  incfs_kill_sb+0x113/0x230
[ 1592.064690][T30290]  deactivate_locked_super+0xad/0x110
[ 1592.069885][T30290]  deactivate_super+0xbe/0xf0
[ 1592.074523][T30290]  cleanup_mnt+0x45c/0x510
[ 1592.078785][T30290]  __cleanup_mnt+0x19/0x20
[ 1592.083454][T30290]  task_work_run+0x129/0x190
[ 1592.087877][T30290]  exit_to_user_mode_loop+0xc4/0xe0
[ 1592.092911][T30290]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1592.098211][T30290]  syscall_exit_to_user_mode+0x26/0x160
[ 1592.103669][T30290]  do_syscall_64+0x47/0xb0
[ 1592.107925][T30290]  ? clear_bhb_loop+0x35/0x90
[ 1592.112436][T30290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 1592.118164][T30290] RIP: 0033:0x7f1eb3a1ca47
[ 1592.122419][T30290] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1592.141859][T30290] RSP: 002b:00007ffd432e9db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1592.150108][T30290] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f1eb3a1ca47
[ 1592.158008][T30290] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd432e9e70
[ 1592.165822][T30290] RBP: 00007ffd432e9e70 R08: 0000000000000000 R09: 0000000000000000
[ 1592.173625][T30290] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd432eaef0
[ 1592.181575][T30290] R13: 00007f1eb3a8e5fc R14: 0000000000184614 R15: 00007ffd432eaf30
[ 1592.189480][T30290]  </TASK>
[ 1592.192333][T30290] Modules linked in:
[ 1592.196086][T30290] CR2: 0000000000000170
[ 1592.200589][T30290] ---[ end trace 7a4ef4962ec9c0b0 ]---
[ 1592.205879][T30290] RIP: 0010:ihold+0x25/0x60
[ 1592.210227][T30290] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 92 ae ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 50 ed f0 ff bb 01 00 00 00 <f0> 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 96 ae
[ 1592.230378][T30290] RSP: 0018:ffffc90000977cc8 EFLAGS: 00010246
[ 1592.236447][T30290] RAX: ffff888111962700 RBX: 0000000000000001 RCX: ffff888111962780
[ 1592.244260][T30290] RDX: 0000000000000000 RSI: 0000000000000286 RDI: 00000000ffffffff
[ 1592.252157][T30290] RBP: ffffc90000977cd8 R08: ffffffff8141997b R09: 0000000000000003
[ 1592.260510][T30290] R10: fffffbfff0e9a24c R11: dffffc0000000001 R12: dffffc0000000000
[ 1592.268429][T30290] R13: ffff888126665770 R14: 0000000000000000 R15: 1ffff11024cccaf4
[ 1592.276238][T30290] FS:  0000555593e28500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1592.285009][T30290] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1592.291432][T30290] CR2: 0000000000000170 CR3: 000000010e9d0000 CR4: 00000000003506a0
[ 1592.299365][T30290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1592.307167][T30290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1592.315085][T30290] Kernel panic - not syncing: Fatal exception
[ 1592.321258][T30290] Kernel Offset: disabled
[ 1592.325397][T30290] Rebooting in 86400 seconds..