last executing test programs:

8.088104805s ago: executing program 3 (id=2265):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6c49a000)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c81, 0xfffffffffffffffc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000002c0)='./file2\x00', &(0x7f0000000340)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)

6.142086604s ago: executing program 3 (id=2272):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)

6.106960067s ago: executing program 3 (id=2274):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8de, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x30}}, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, 0xffffffffffffffff, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r5, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)

5.462972866s ago: executing program 1 (id=2279):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6c49a000)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c81, 0xfffffffffffffffc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000002c0)='./file2\x00', &(0x7f0000000340)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)

5.071060002s ago: executing program 3 (id=2282):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6c49a000)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c81, 0xfffffffffffffffc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000002c0)='./file2\x00', &(0x7f0000000340)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)

4.795476598s ago: executing program 0 (id=2287):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r0, 0x1)

4.650909891s ago: executing program 0 (id=2288):
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x0, 0x8}}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="01020000", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x3, 0x1004, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000e8000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3.811759429s ago: executing program 0 (id=2289):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000040)='./file2\x00', 0x800090, &(0x7f0000000d80)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c726f6469722c636865636b3d7374726963742c726f6469722c757466383d302c696f636861727365743d63703836332c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c7379735f696d6d757461626c652c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d6d616363656c7469632c756e695f786c6174653d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c73686f72746e616d653d6d1f39e3d42c757466383d312c73686f72744c616d653d77696e39352c757466383d302c7365636c6162656c2c00"], 0x6, 0x2d1, &(0x7f00000021c0)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1c, 0xb, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, &(0x7f0000000280)='GPL\x00', 0x200, 0xf7, &(0x7f0000000580)=""/247, 0x40f00, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000780)={0x1, 0x7, 0x5, 0x7}, 0x10, 0x0, r0, 0x5, &(0x7f0000000840)=[0xffffffffffffffff, r1, r1, r1, r1, r1, r1], &(0x7f0000000880)=[{0x3, 0x1, 0xc, 0x4}, {0x0, 0x4, 0x4, 0xc}, {0x1, 0x4, 0x5, 0xc62118b38c852cb9}, {0x2, 0x4, 0x3, 0x7}, {0x3, 0x1, 0xd, 0x7}], 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r6, 0xc0105502, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, 0x453, 0x200, 0x70bd26, 0x25dfdbfd, "01"}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10b100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r8, 0x40505412, &(0x7f0000000040)={0x0, 0x20000006, 0x0, 0x0, 0x7})
ioctl$SNDRV_TIMER_IOCTL_START(r8, 0x54a0)

3.807822639s ago: executing program 1 (id=2290):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000018190000d100", @ANYRES32, @ANYRES8=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = dup(0xffffffffffffffff)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000092000040"])
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r4)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012abd7000fcdbdf251a000000562e01ee080022800400008005009200fe000000040022800500920001000000f1189d15ec42f01ac66aa9831c529d6a443f88acb9dd43102ce93e5175161ec792d62300f352c3740f88a7c69a08e119fd9d62e6331e2f118ef7c21f18dbe826314341140e8c2bf416a5dad1c3b30b0714bd006cebb2ac6717062c0442325a0bdce8a6c23f17c0b5adc9d63faeafa41f2afdfd97d76814c7727f433bcf4803ea7b52fc593d0dd30145461376c3e7e8fe2d213f349f47f3d28cb36a5c527308105ce26db8e74516956cbbfc11f7fe8b3522a97d6e8f1f219e4f1db189b0080dd27b1738bbbaf88d5a5085fd61f5091147349bcf22fdf3d248be1a2afa8ba0ce701e849236146aa5dd"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)={0x10, r6, 0x8, 0x70b526, 0x25dfdbff, {{}, {@void, @void, @void}}, [""]}, 0x3e}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmsg$NL80211_CMD_LEAVE_IBSS(r2, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r6, 0x40c67f723d0ffeb, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040031}, 0x4000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r7}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file1\x00', &(0x7f0000000280)='./file1\x00', &(0x7f0000000040), 0x8000, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = openat$incfs(r8, &(0x7f0000000080)='.log\x00', 0x0, 0x0)
preadv(r9, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000200)=""/54, 0x36}], 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x65, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffdd9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='ext4_da_reserve_space\x00', r10}, 0x10)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r11, &(0x7f0000000000), 0xfea7)

3.803249179s ago: executing program 3 (id=2291):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x3, 0x9)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000080)=0x400000001, 0x4)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@private2, @in6=@mcast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}]}, 0xa0}}, 0x0)
mmap$binder(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x71)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000dc0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r8, 0x2800000002000000, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x600, 0x4000000}, 0x28)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000040))

3.490739638s ago: executing program 2 (id=2294):
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000340)={0x3, &(0x7f00000002c0)=[{0x4, 0x7f, 0x8, 0x10000}, {0xb1, 0x1, 0x6, 0x4c}, {0x4, 0x6, 0xe, 0x7f}]})
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x1, 'vlan1\x00'})
r6 = syz_open_dev$loop(&(0x7f0000000380), 0x0, 0x1)
r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000080)={r7, 0x0, {0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, "4874ef0904271a78949178fd825b775b5e55210c4037a557f88c97b6097ea4e9fdd1d167064e969100ff97aa6b42687995845c8c3ce42e76d6db19d5f4f5f283", "eba9d749fdc2dedff9641c2773c54efce1fa87820dae06070446988b8770438b12e6b80c265fdce83841f0f230d1f4fe7b5ba021316c17fb5112d7d0f278e48a", "c41751ca16a23f839af552fb8500010000000000003203a6c188ec22bd7c4549"}})
ioctl$LOOP_GET_STATUS(r6, 0x4c07, 0x0)
connect$pppl2tp(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x46)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r5, 0x111, 0x4, 0x20000000, 0x4)

2.803144511s ago: executing program 2 (id=2296):
setitimer(0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x2710}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000720000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0x60004007})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000030000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
getrusage(0xffffffffffffffff, &(0x7f0000000180))

2.802577412s ago: executing program 1 (id=2297):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], 0x0, 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x4c, &(0x7f00000005c0)=ANY=[@ANYBLOB="ffffffff52350000000000000008aaaac8aaaaaa86dd6001010002161100fe8080000000000000000000000000bbfe8000000000000000000000000000aa00000e2200169078020200000000889bf4335e43a30e54dffcc3040b8c"], 0x0)

2.727152108s ago: executing program 2 (id=2298):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r0, 0x1)

2.726920518s ago: executing program 2 (id=2299):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000300)='asymmetric\x00', 0x0, &(0x7f0000000380)="1f", 0x1, r5)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0xfe, @initdev={0xac, 0x1e, 0x1, 0x0}}})

2.687459602s ago: executing program 0 (id=2300):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6c49a000)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c81, 0xfffffffffffffffc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000002c0)='./file2\x00', &(0x7f0000000340)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)

2.580406392s ago: executing program 4 (id=2301):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x6c49a000)
lseek(0xffffffffffffffff, 0xfffffffffffffff5, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r5, 0x4c81, 0xfffffffffffffffc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000002c0)='./file2\x00', &(0x7f0000000340)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)

2.553521234s ago: executing program 1 (id=2302):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x21)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
r2 = open$dir(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r4 = getuid()
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x100090, &(0x7f0000002c00)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_user}, {@posixacl}, {@posixacl}, {@access_user}, {@afid={'afid', 0x3d, 0x7fff}}, {@access_user}, {@mmap}, {@loose}], [{@dont_hash}, {@appraise_type}, {@uid_eq={'uid', 0x3d, r4}}, {@audit}]}})
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xa8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000001b80)='./file0\x00', &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x1000)
r7 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000001c40), &(0x7f0000001cc0)=0x60)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000001d00)='/sys/kernel/fscaps', 0x20000, 0x10a)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000001900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x421, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gre={{0x8}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IGNORE_DF={0x5}]}}}]}, 0x3c}}, 0x0)
r10 = socket(0x2, 0x3, 0x9)
bind$inet(r10, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r10, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_addr={0x7, 0x15, 0x15, 0x3, 0x0, [{@local}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}]}]}}}], 0x30}}], 0x2, 0x0)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000001540)=<r11=>0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001dc0)=[{{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000340)=[{&(0x7f00000001c0)="e5728dce6f689cd44710fd82fd6a6b8e5bfc971264e82ec5d20f271e9467dba8f61f1b68ffe52a70f7a77805429f1427bf37daa5f928cda3ff020848b77e38fb420db81ce5d253c6c91317a295d269d56f1781946a03dd54582513a4c7fcb5beac9070e32c38c16de83680196f5ff23c5d70412e81a54dff2b17f01e79c031e075c0edf0c48c5f146b4aed467b1087c12ecc4712b291419b9483c3d05e0dc37b4c4ad97bbedeb616f4945b74d3c907a049fb3ab76bd46f8122de8c5b5ded551ce7627d11f39a376f419298bfce1ebdbfd88e01aa57", 0xd5}, {&(0x7f00000002c0)="8e9636762f93dcde553a4a32bd080c205d898b8be456e92dd11c884d80dbe67f6f4e958786a2a5023c3d19e6073d0b8c21244cc2223807fb7ecbae4b086c2037446047890a45240b1cb8c6fd", 0x4c}], 0x2, &(0x7f0000000380)=[@rights={{0x14, 0x1, 0x1, [r8]}}], 0x18, 0x20008050}}, {{&(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000440)="65139a3558eaa34d001fff955eda161255dff55616db3b4ed1a4efeb155590bded69a58c51fd1bc414fe315bbbbab0c30081c3088213cd4e9233441c44c6c9a6d7c2e38b3887d228f1985bbac74c2ea285f8b84a044acd05", 0x58}, {&(0x7f00000004c0)="0b5e318f1e24cd00a987be32cb8a55b8355b01b4717aaf5e7e9a3fb8e00913cd07a5505122917ff0d1ce70b99f39f5fa7e0cb9b65bb33e9bfbda55212c03e4e7b711acc6c2d7d246e28616eefd42f5527046fcb78c771d459f61b916c55b5529f5bd698cacd6dbd556bebed27f7df61ebb70", 0x72}, {&(0x7f0000000540)="db041aefaa5d5935eebd1dc15031db727b311717ec3fcc7ac9ad789d205b754191dfadd0c22ff772783f7b7f5a7c74da6e3625b4f9bc8e008547ab4730934c99fbaed58ea2696a4f3bd0a91f98b090c9fc899050596f71f5ecd01e968e780037f9c0466bbec3bf70c75b1ed369c3a9392971748bb07459", 0x77}, {&(0x7f00000005c0)="6fa39bf989da1ebf57e81c13066c4b89eb909e5dacbefa117a38c6af21ef293cedb4714c6726259cd725cf8e7f5fb2cc259777c267cc599dc5e53b27b019", 0x3e}, {&(0x7f0000000600)="ab48297849ec38ed13ec682c74b18448d51d80804ca215dd0c92b03a6095d9bb3f927c0e113ad48abe3c367c1aa01ba63d2793ef0bfa6ae3929dd32ebf324e4d390eadd0057fdc6ac7b0d7eb20b97f484008a08e36432e2223414e0a62fb26155f3c31f909a646e8e92a5105296e26cba57074fafdacdbc614823e91d549ee8832f76a30ff917471de16a21339216ce7e9436dc35d84816318b4710be5050750cc89a7df8647ac48f7d685a8d1e750d47812c096dbce4c7ff581423fde6575aee44304b8a08b7a006a821e1cc38aa66f6f743e51ef", 0xd5}, {&(0x7f0000000700)="afd2c061068b4b1f4a6ab570019df068911401fef3931928020a0209548fca292923eb53935ee328e0512785674d1ca647f80875424c0830197212cf4f0cd0c3269bbf901e0c0d3f10214c2206445a60e2565fb632a408e51a71219b32de3b7e127d6e0206705951023fdb046abb59e87ed156b438d20056f28a5fd0618570ad38376a762416b4fe54fabffc4275df29fd79627b0d46e3dd260b03f3d0dcec296e00184f481fc19611a22800711bf27a27cd9903ed2b72e4459b841706db67ca2f9ce9219130402757381ee49f619e700d760ea7faa222c9a0fe65195bb85ec33537a2ff727e5fedf5d4880228ba7c1c412578b5b7", 0xf5}, {&(0x7f0000000800)="0861b7df26d6b12ff927101fa10a35eda002c0d74d9dc44897193c0f9dd7356ab7fafb7e6c8a2d41c10086f7eac3b1afb67a0b390214d536e8ede35b1aef7db791a4fb61afd9c2a756bc51571d80bbaccc13fbedee0f64b8e03aa12bdca7f79dde6ecd0a1d18bf932792784fdf6e91bd5766d848c0cfb6614da0fcceb4d395f0c8c4a6a85d08803e23a5816f774ca7ac9e1b02a9bc9a73849aa164de28a95e891bd47b0b9e5853ebbbaeb4c310e702226fa319142ea466aa65a57c33f064c6febea49233fbdbfe8417fbfc58363c78acf2f36c8a96e3452e7b078809db11788130f7c65428cd84c2b25c8071a220b88106d2f76f", 0xf4}, {&(0x7f0000000900)="48ee873dcc6e9849045e69ce85ae0380909f80b74efea6a614ec7291b7719a488f459b3b4a410df21f310dc61e5ccf00dcfc08252214a42702f35ed981c619d3251747a957de3a982ac27610e6074f94cbb72a2cc1c1909d61fa965d9bec2ad92d2a75d815e1c3f02b200a65ebdba704138aa09ba7b727c7410893decfa80d8051a729906be2f89693c759702dd78bf9df8538f4902c97fb7642f04a0df57aae", 0xa0}, {&(0x7f00000009c0)="1bc4bc7f7dc11eb0eb52b68d5d991f593182ea36e86fab67f78150f9b935421b64e66819cc1c94913e4cf36a", 0x2c}, {&(0x7f0000000a00)="d3a782a349b5c83e9aa9fcef55c47c566eaf342a37926a3752c3cd0f07907e66e67ead1f8f0fcd", 0x27}], 0xa, &(0x7f0000001700)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [r9, r3, r10, r7, r7, r9, r0, r3, 0xffffffffffffffff, r10]}}, @cred={{0x1c, 0x1, 0x2, {r11, r5, r6}}}], 0x80, 0x4080}}, {{&(0x7f0000000bc0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000c40)="35b07f8a3e246f1bb559d1cb8b1120254c75e2acda2cd7f67fd6b68d5aa22047cad4ebbd34b98a6603a1d910504b89bdfbbcca8d5d4279f5a17d25ddb7bde5dd793c47da566b62a8", 0x48}, {&(0x7f0000000cc0)="46223aa4fe42ffd1d3c1f64aee0ba686b27cc00701a4a6d4654096aa000ea676785e1f423fa355d35afe59c9fde207e77112c75758437d35c552aaa781cc9e13868dae36fea771075e4061c063944c36ba6d3c9bca5e002cf741bbbfda117c029245bbb83ddd4ad4f7d02acb807a6da4566ef8b54687688173552c223a20440b22146c7487662b87dd96c811129b86a92ed2248619f65b3149f840fb8de7bf425feca1fedc6bdb08b9c14bda3b8bc99397ce9ca3ca7d974f8c413f0c759f812fdc298ecd42388814d518515a5d1d0ccb545d61a0e3152456", 0xd8}, {&(0x7f0000000dc0)="641c34dea74d43ae06c15eec03e91d74a0f8f14a4f91492b15e8498da5ff72ad381c6f3eb42c37e9fd3ee5e80d111c112e9594ec691b9388e92f9c60", 0x3c}, {&(0x7f0000000e00)="7fc23f621713c7e7e7a24e053058ad0d0149a5f01b33fe767408abc95ba7cea50a0a664e72b4ea22f01c8d1ccb2361fd2c4fd4c230cdc79bdf525130921680e8e297e24020591960", 0x48}, {&(0x7f0000000e80)="158375c0bfd4589e9042a21f43893448c93736232dfe47296bc2f9985c965699bcb5e1dfbb36eac9aac9178222c9e1afa9f7d69f8ec78e0aba26ef6367976f547c909c12f3118993953e7bb7dd9305ca40a43e0071386cdd0f744f605f6ad45362a1bcb2295bdc580210ce096f2a56cf5484ee43555db445ee0d0ce0167d0bbd43486e37a056fab71d7ad2aae861fdbffbd23ab43481d4d5a971d58db5b946cb421a59311193d2849251eb8e580fdf7c159c7667b33d59f9", 0xb8}, {&(0x7f0000000f40)="9ed41eefedd076706d31d13cbdfc2ca4710a60dc43cb2a0d0f6af2dfc3e237f68a6ad81dcea6324042601d625a1282a78715fa1b6cd0c732daa0c83f421c9b77ef023fde95500166d77733d1a289c6d3d6da681ff15ee9e9b5566ad5664407ba003e85c9d89e9c92357cf6fb2a3053340c5fb3ef9a16f17a338962b8b667be50a53159c88921b05516004f2a2256f1e15da00362ce54a987decdb2eb9b1098d0c07396d0e315149b0f", 0xa9}, {&(0x7f0000001000)="e64bb3cabe5814b05cbbe31412de4b95fc9d0d33e376e3b2bcfbdc62850c67704fcb973cde049d960119749167779ce3e2775fdabe4be73e689b048bfcff0ebc609f3c08a3295883c46291a69b701e097206c12d141d265118042a718eb90e9a760536d406ff75010411260842a995ed709ca479e82010223b30cf142b830bebd00e31c83fb580c1665c4c32b3f0993ad199c7aedf7012390055ddd94febcf5ed32e85b60b78ec6e7af66ee8ae56397333b99c8ebbbd7cb7", 0xb8}, {&(0x7f00000010c0)="96f6b7a00fc6827805317547319333466b383f875d4a9ce53d56fc7b410c6539537860d8377ae73586eb8584aaf91c37313ef998316b43b00b427bedbb7851ca6947b326517bddb3b7144aa8de9a1b4b37c80d716624a9444c2754aead6d119dc2cf48c91440c6b59055ad58935cb3d17bf14d9a712b76bbfba37674f21392b6868478012f7920f216b85251b17e0cd904fc346becccd4ef9d670dfdace5651e44cff64d770b82d5cb9d3f73f5a69cf36dc7eb6d5389", 0xb6}, {&(0x7f0000001180)="eb830a33444c805ea898a44d0beb6e4e62491dd01d0d", 0x16}], 0x9}}, {{&(0x7f0000001280)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000001300)="47c31dcc22845607ee4f8f4f9dcb458c8c45c8c853d8248b2967d93ef066db197f93f76f605e0e981b9ac082502fc601e99663f2fd7803700a9316d8c57488cc55a1e270", 0x44}, {&(0x7f0000001380)="535117e811d49814f4409f1b53165e25882a6319fbfb820fa972ca3bba311686e5ab9ade1a613b7fc0b1888c968398b4f69914807c36ad80b4bf099c9677dd50abda4449c45f8bd04c32007f7cff165ac1af76e2b40c09e77c4077bdc81c58189ca6d94246bc19945437639c", 0x6c}, {&(0x7f0000001400)="b28a4e2234c793a8e92e39ed52377f9faef57cbe5967c97931231b8c491519b5b84181f22ff183fe797a2e5bbd1e21c0f01a881a0c4cb9dee8d6447b86c46ac52d994987866b219967835669b981d14a86e8d77dc0ae952751ef625035248e5098742d406793790f59fe9b27bccdfe27df23002b6ceb65f9a985af6d049413da462ea83ed6f052645a4a0dd4667123c6b8b9f0ccf97325f828796590737b377b23dc668b183deeade700c39f724ad9cc699d7498dd", 0xb5}, {&(0x7f0000001580)="6ffeec3e48e01471e20079279b9489625194112660477a89df7af3c805fd322cbd4f13cb71f7a0a011fb7cccc602a42a2b6b048b4979ec2fcc10caa90b6599144ee3c2feefc615a08634d91c63678e7a2d9e02406360d874f4", 0x59}, {&(0x7f0000002000)="7d7febfb06924526969cef43358e716eb294e6836325cddaf7483cda5cb8f959eed7e823e60487e7d6446ceeb040df1412622e3370b96cc4a24129fc79ef03613d8f4c785cee69a855e245b2b53ccf7a29a33c6f3c835d96ff8e82122bf5dab508343973458c67c522fd570b6d0713fb2eb557934593044dd7ce7645fdb0f9da545e5365573a0f499328b9a5aa60b64240e0db3126858251a7bca266aa60e6c374f5f7eee205f71a18167fd41261a291d3e0954836d01680bcf1f675ac96c2e5000000000000", 0xc6}, {&(0x7f0000001640)="e5102f97fa1bcdc3b34c8812f9d4bd54a36d284b6f3b611d8c217de80886650f2d2447", 0x23}, {&(0x7f0000001680)="d040bd91c5d70d2b425f546a81fbe7bbab4f2c1417ff0d462f687db3d091e712d0071f6212a7bf9f11b2a9f4fd947f30003c3788d8cc77a147eeee8af7d5d77b7a6caccb26", 0x45}, {&(0x7f0000000b00)="db7cc95bedaa7b2f3ed269a38cf2b80a41d1c1eab896949bc474b40698690bcba21fc2993b2e55d089427ab52e1f642e5340eb2c9ffefd12d486ef756eb29b6fc918146a02006105a0290dd100d02f9b7d3b802997549be7bdb0c0e4b431fb8617d2e47e7ec35a03715c703af2dcca1c2f75ea65a17b929fc071a8ece69702af52938953c46132d59b015966ed012158be70383dc71fcaac1efe6e68399994002bb51437748ae107f03435d71340cbeaa0b6c7c96550c5d4cbd498", 0xbb}, {&(0x7f00000017c0)="c56e117e4d1cd12e136be4428a975e2e7481c4206fbe4eb261caa0a84483d4e94370a8ef684eab02c847d31f162eebdcd1fc6ab9666c96e253ba4c5575b33d0d1a9fbd979ded3dfb06fce5f5d35d512704b0144b7ab599368b8fa121d2e2ca2886426d9266d21118de0e24a3efa8cf9d673ef85f6fd664ac26f5709a3df681f52209587fabf0b8e878e942a196ba1f7a17358318fcd768f2c776a5275ee6ee6438", 0xa1}, {&(0x7f0000001880)="da826afbb5735bb257776532b0e6821d6529a4145f4a46a6ebe1a8a471b0a0929ab73f99c4ce791c2aa145d56fead33997113a9ba69ec34b41397b0064508b2f29a5016961f4a997ee71ca7628e1788899700e219284f65add8bb958f280267031f06ca1c00157296b98521fb3f164eb3456500ba259f74b08ac94b5c278cf9beee5034b625ba4f50797e92cd622938eff98e6a61e960b876c9e41e5b18e500e268eb8051eb5d8d976f3", 0xaa}], 0xa, 0x0, 0x0, 0x4000850}}, {{&(0x7f0000001a00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000001a80)}, {&(0x7f0000001ac0)}, {&(0x7f0000001b00)="78f0a2536c6ae3dc2632a72316c3f99669f7470aa2c68f64f256ee6dbcdf8a35f3b14d73e981e32206480fcaebd8a66f798fd7959219fe9779e810b8", 0x3c}], 0x3, &(0x7f0000001d40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r6}}}, @rights={{0x2c, 0x1, 0x1, [r7, r8, r9, r10, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50, 0x48050}}], 0x5, 0x4000000)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./bus/file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000640)={{}, {0x1, 0x1}, [{0x2, 0x2}], {0x4, 0x1}, [{0x8, 0x4}, {0x8, 0x4}, {0x8, 0x2, r6}], {0x10, 0x4}, {0x20, 0xd}}, 0x44, 0x2)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @aes256, 0x0, @desc3})
chdir(&(0x7f0000000300)='./bus\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x9c5ade7287405258, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001500)=[0xffffffffffffffff, r1], 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000010140)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r1, 0xf501, 0x0)
fallocate(r1, 0x0, 0x0, 0x2000402)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0)

1.655277007s ago: executing program 2 (id=2303):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001f00), 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
dup3(r1, r0, 0x0)
ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000100))
setsockopt$packet_add_memb(r0, 0x29, 0x11, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
r8 = socket$inet6(0xa, 0x80000, 0x8000000003c)
connect$inet6(r8, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r8, &(0x7f00000000c0)={0x0, 0x952b, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x50, 0x0, 0x1d)
r9 = openat$selinux_member(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$selinux_access(r9, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x1004, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1.645933888s ago: executing program 0 (id=2304):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)

1.645341778s ago: executing program 4 (id=2305):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240), 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r1, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c152bfdf9435e3ffe46", 0x3840, 0xa0c4, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.614934971s ago: executing program 3 (id=2306):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000f13a9860", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095b1403d680945ed919ac34e03ef21fab3eb79ca4a0e9d2d21d1e5b77965d4aefc817b1f18080b42fc4f7357adf698f97335f0296a29fa47a9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_GET(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="030700000000000000000800000068000480040007801300010062726f6164636173742d6c696e6b00001900078008000300000000000800020000000000080003000000000008000200000000000800030000000000040004"], 0x7c}}, 0x0)

1.528157859s ago: executing program 0 (id=2307):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='jbd2_write_superblock\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x102440, 0x20)
fcntl$setlease(r6, 0x400, 0x0)
r7 = syz_io_uring_setup(0x4382, &(0x7f00000022c0)={0x0, 0xc0cb, 0x2, 0x0, 0x0, 0x0, r6}, &(0x7f0000002340), &(0x7f0000002380))
io_uring_register$IORING_REGISTER_PROBE(r7, 0x8, &(0x7f00000023c0), 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = inotify_init1(0x0)
fcntl$setown(r8, 0x8, 0xffffffffffffffff)
fcntl$getownex(r8, 0x10, &(0x7f0000000140)={0x0, <r9=>0x0})
r10 = syz_open_procfs(r9, &(0x7f0000000040)='fd/4\x00')
write$ppp(r10, &(0x7f0000000100)="1ef5c099fbcc786d8185e8a51bd60d4001c4e7f6b20ed4524af3368e", 0x1c)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r10, 0x40086610, &(0x7f0000000180)={@id={0x40000, 0x0, @b}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000005100)={'vxcan1\x00'})

1.419098449s ago: executing program 4 (id=2308):
setitimer(0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x2710}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b70300000000000085000000720000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10)
r1 = epoll_create1(0x0)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x0, &(0x7f0000000200)={{}, {0x0, 0x989680}}, 0x0)
epoll_pwait(r1, &(0x7f00000000c0)=[{}], 0x1, 0x7fffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0x60004007})
getrusage(0xffffffffffffffff, &(0x7f0000000180))

1.322256768s ago: executing program 1 (id=2309):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000018190000d100", @ANYRES32, @ANYRES8=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = dup(0xffffffffffffffff)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000092000040"])
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r4)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00012abd7000fcdbdf251a000000562e01ee080022800400008005009200fe000000040022800500920001000000f1189d15ec42f01ac66aa9831c529d6a443f88acb9dd43102ce93e5175161ec792d62300f352c3740f88a7c69a08e119fd9d62e6331e2f118ef7c21f18dbe826314341140e8c2bf416a5dad1c3b30b0714bd006cebb2ac6717062c0442325a0bdce8a6c23f17c0b5adc9d63faeafa41f2afdfd97d76814c7727f433bcf4803ea7b52fc593d0dd30145461376c3e7e8fe2d213f349f47f3d28cb36a5c527308105ce26db8e74516956cbbfc11f7fe8b3522a97d6e8f1f219e4f1db189b0080dd27b1738bbbaf88d5a5085fd61f5091147349bcf22fdf3d248be1a2afa8ba0ce701e849236146aa5dd"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)={0x10, r6, 0x8, 0x70b526, 0x25dfdbff, {{}, {@void, @void, @void}}, [""]}, 0x3e}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmsg$NL80211_CMD_LEAVE_IBSS(r2, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r6, 0x40c67f723d0ffeb, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040031}, 0x4000004)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r7}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file1\x00', &(0x7f0000000280)='./file1\x00', &(0x7f0000000040), 0x8000, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0)
r9 = openat$incfs(r8, &(0x7f0000000080)='.log\x00', 0x0, 0x0)
preadv(r9, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000200)=""/54, 0x36}], 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x65, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffdd9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r10, &(0x7f0000000000), 0xfea7)

1.123147936s ago: executing program 4 (id=2310):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r0, 0x1)

1.062962172s ago: executing program 4 (id=2311):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000040)='./file2\x00', 0x800090, &(0x7f0000000d80)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d312c726f6469722c636865636b3d7374726963742c726f6469722c757466383d302c696f636861727365743d63703836332c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c7379735f696d6d757461626c652c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d6d616363656c7469632c756e695f786c6174653d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c73686f72746e616d653d6d1f39e3d42c757466383d312c73686f72744c616d653d77696e39352c757466383d302c7365636c6162656c2c00"], 0x6, 0x2d1, &(0x7f00000021c0)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1c, 0xb, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}]}, &(0x7f0000000280)='GPL\x00', 0x200, 0xf7, &(0x7f0000000580)=""/247, 0x40f00, 0x10, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000780)={0x1, 0x7, 0x5, 0x7}, 0x10, 0x0, r0, 0x5, &(0x7f0000000840)=[0xffffffffffffffff, r1, r1, r1, r1, r1, r1], &(0x7f0000000880)=[{0x3, 0x1, 0xc, 0x4}, {0x0, 0x4, 0x4, 0xc}, {0x1, 0x4, 0x5, 0xc62118b38c852cb9}, {0x2, 0x4, 0x3, 0x7}, {0x3, 0x1, 0xd, 0x7}], 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r6, 0xc0105502, 0x0)
r7 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, 0x453, 0x200, 0x70bd26, 0x25dfdbfd, "01"}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000080)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x10b100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r8, 0x40505412, &(0x7f0000000040)={0x0, 0x20000006, 0x0, 0x0, 0x7})
ioctl$SNDRV_TIMER_IOCTL_START(r8, 0x54a0)

52.006415ms ago: executing program 2 (id=2312):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x4c, &(0x7f00000005c0)=ANY=[@ANYBLOB="ffffffff52350000000000000008aaaac8aaaaaa86dd6001010002161100fe8080000000000000000000000000bbfe8000000000000000000000000000aa00000e2200169078020200000000889bf4335e43a30e54dffcc3040b8c"], 0x0)

46.189765ms ago: executing program 4 (id=2313):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x2000004c, &(0x7f0000000a00)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a06160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2f4feb698f5a4f3983ca0adcae0097c2e16969e9000a6a9d85bf9d4ee333cfeb763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773fe8ad33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d00"/229, @ANYRES8=<r0=>0xffffffffffffffff], 0xfe, 0x1528, &(0x7f00000022c0)="$eJzs3AuYjtXaOPB1r7WeMSS9TXIY1r3uhzcNFkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz+dj0mRLkyQhOSXrf+lrb7t/+2vv/f++/+fbe+7fda3rWvfzvPf9rmfuueZdzzPXzLc9R9VrUb92MyIS/yT4W1GSECJWCDFMCHGdECIQQlSKqxR3+XxeBUn/7Juw/58eTrvaK2BXE/c/d+P+527c/9yN+5+7cf9zN+5/7sb9z924/4zlZttmF72eR+4d/4Xn/7/Fz///BfHn/7+RnHKTv9xQ7sZe/0QK9//fUsw/8iIQIon7n7tx/3M37n/uxv3P3bj///5q/cE57n/uxv1nLDf7y7Pgi977/wXPo3n8z46r/f3HGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx3OOev0EKIP8+v9roYY4wxxhhjjDH238fn+d2h7b8/xBhjjDHGGGOMsX9tIKRQQotAxIg8IlbkFfnENSK/uFYUENeJiLhexIkbREFxoygkCosioqiIF8VEcWEECitIhKKEKCmi4iZRStwsEkRpUUaUFU6UE+XFLaKCuFVUFLeJSuJ2UVncIaqIqqKaqC7uFDXEXaKmqCVqi7tFHVFX1BP1xT2igbhXNBT3iUbiftFYPCCaiAdFU/GQaCYeFs3FI6KFeFS0FI+JVqK1aCPainb/T/kvib7iZdFP9BdJYoAYKF4Rg8RgMUQMFcPEq2K4eE2MEK+LZDFSjBJviNHiTTFGvCXGinFivHhbTBATxSQxWUwRU0WKeEdME++KVPGemC5miJlilkgTs8Uc8b6YK+aJ+eIDsUB8KBaKRWKxWCLSxUciQywVmeJjsUx8IrLEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8RusUfsFfvEp2K/+EwcEJ+LbPHFP5l/9v/K7wUCBEiQoEFDDMRALMRCPsgH+SE/FIACEIEIxEEcFISCUAgKQREoAvEQD8WhOCAgEBCUgBIQhSiUglKQAAlQBsqAAwfloTxUgFuhIlSESlAJKkNlqAJVoSpUh+pQA2pATagJtaE21IE6UA/qwT1wD9wLDaEhNIJG0BgaQxNoAk2hKTSDZtAcmkMLaAEtoSW0glbQBtpAO2gH7aE9dIAO0Ak6QWfoDF2gCyRCInSFrtANukF36A49oAf0hJ7QC3pDb3gJXoKX4WXoD3XkABgIA2EQDIIhMBSGwqswHF6D1+B1SIaRMAregDfgTRgDZ2AsjIPxMB5qyIkwCSYDyamQAikwDaZBKqTCdJgBM2AWpMFsmANzYC7Mg3nwASyAD+FDWASLYAmkQzpkwFLIhExYBmchC5bDClgJq2A1rIK1sA7WwgbYCBtgM2yGrbAVtsN22Ak7YTfshr2wFz6FT+Ez+AySIRuy4SAchENwCA7DYciBHDgCR+AoHIVjcAyOw3E4ASfhFJyE03AazsBZOAfn4AJcgIvwQvzXzfeWXp8s5GVaahkjY2SsjJX5ZD6ZX+aXBWQBGZERGSfjZEFZUBaShWQRWUTGy3hZXBaXKFGSDGUJWUJGZVSWkqVkgkyQZWQZ6aST5WV5WUFWkBVlRVlJ3i4ryztkFVlVdnTVZXVZQ3ZyNWUtWVvWlnVkXVlP1pf1ZQPZQDaUDWUj2Ug2lo1lE/mgbCoHwBB4WF7uTAs5ElrKUdBKtpZtZFv5Jjwu28sx0EF2lJ3kk3IcjIUusr1LlM/IrnISdJPPycnwvOwhp0JP+aLsJXvLPvIl2Vd2cP1kfzkdBsiBchYMkoPlEDlUzoW68nLH6snXZbIcKUfJN+QSeFOOkW/JsXKcHC/flhPkRDlJTpZT5FSZIt+R0+S7MlW+J6fLGXKmnCXT5Gw5R74v58p5cr78QC6QH8qFcpFcLJfIdPmRzJBLZab8WC6Tn8gsuVyukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrld7pA75S65W+6Re+U++ancLz+TB+TnMlt+IQ/KP8lD8kt5WH4lc+TX8oj8Rh6V38pj8jt5XH4vT8iT8pT8QZ6WP8oz8qw8J8/LC/IneVH+LC9JL4UCJZVSWgUqRuVRsSqvyqeuUfnVtaqAuk5F1PUqTt2gCqobVSFVWBVRRVW8KqaKK6NQWUUqVCVUSRVVN6lS6maVoEqrMqqscqqcKq9uURXUraqiuk1VUreryuoOVUVVVdVUdXWnqqHuUjVVLVVb3a3qqLqqnqqv7lEN1L2qobpPNVL3q8bqAdVEPaiaqodUM/Wwaq4eUS3Uo6qleky1Uq1VG9VWtVOPq/bqCdVBdVSd1JOqs3pKdVFPq0T1jOqqnlXd1HOqu3pe9VAvqJ7qRdVL9VZ91M/qkvKqn+qvktQANVC9ogapwWqIGqqGqVfVcPWaGqFeV8lqpBql3lCj1ZtqjHpLjVXj1Hj1tpqgJqpJarKaoqaqFPWOmqbeVanqPTVdzVAz1SyVpmarIb9Wmv8P5L/7N/JH/PLuW9U2tV3tUDvVLrVb7VF71T61T+1X+9UBdUBlq2x1UB1Uh9QhdVgdVjkqRx1RR9RRdVQdU8fUcXVcnVAn1Xn1gzqtflRn1Fl1Vp1XF9QFdfHXr4HQoKVWWutAx+g8Olbn1fn0NTq/vlYX0NfpiL5ex+kbdEF9oy6kC+siuqiO18V0cW00aqtJh7qELqmj+iZdSt+sE3RpXUaX1U6X0+X1Lf/l/L+3vna6nW6v2+sOuoPupDvpzrqz7qK76ESdqLvqrrqb7qa76+66h+6he+qeupfupfvoPrqv7qv76X46SSfpgfoVPUgP1kP0UD1Mv6qH6+F6hB6hk3WyHqVH6dF6tB6jx+ixeqwer8frCXqCnqQn6Sl6ik7RKXqanqZTdaqerqfrmXqmTtNpeo6eo+fquXq+nq8X6AV6oV6oF+vFOl2n6wydoTN1pl6ml+ksvVwv1yv1Sr1ar9Zr9Vq9Xq/XG/VGvVlv1ll6m96md+gdepfepffoPXqf3qf36/36gD6gs3W2PqgP6kP6kD6sD+scnaOP6CP6qD6qj+lj+rg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qSvnR52xfIQAY60EFMEBPEBrFBviBfkD/IHxQICgSRIBLEBXFBweDGoFBQOCgSFA3ig2JB8cAEGNiAgjAoEZQMosFNQang5iAhKB2UCcoGLigXlA9uCSoEtwYVg9uCSsHtQeXgjqBKUDWoFlQP7gxqBHcFNYNaQe3g7qBOUPfPv3QK7g0aBvcFjYL7g8bBA0GT4MGgafBQ0Cx4OGgePBK0CB4NWgaPBa2C1kGboG3Q7h+tH9QL6gf3BA3+sL73Zwo/4fqZ/ibJDDADzStmkBlshpihZph51Qw3r5kR5nWTbEaaUeYNM9q8acaYt8xYM86MN2+bCWaimWQmmylmqkkx75hp5l2Tat4z080MM9PMMmlmtplj3jdzzTwz33xgFpgPzUKzyCw2S0y6+chkmKUm03xslplPTJZZblaYlWaVWW3WmLVmnVlvNpiNZpPZbLaYrWab2W52mJ1ml9lt9pi9Zp/51Ow3n5kD5nOTbb4wB82fzCHzpTlsvjI55mtzxHxjjppvzTHznTluvjcnzElzyvxgTpsfzRlz1pwz580F85O5aH42l4y/vLm//PGOGjXGYAzGYizmw3yYH/NjASyAEYxgHMZhQSyIhbAQFsEiGI/xWByL42WEhCWwBEYxiqWwFCZgApbBMujQYXksjxWwAlbEilgJK2FlrIxVsApWw2p4J96Jd+FdWAtr4d14N9bFulgf62MDbIANsSE2wkbYGBtjE2yCTbEpNsNm2BybYwtsgS2xJbbCVtgG22A7bIftsT12wA7YCTthZ+yMXbALJmIidsWu2A27YXfsjj2wB/bEntgLe2Ef7IN9sS/2O98PkzAJB+JAHISDcAgOwWE4DIfjcByBIzAZk3EUjsLROBrH4Bgci+NwPL6NE3AiTsLJOAWnYgqm4DSchqmYitNxOs7EmZiGaTgH5+BcnIvzcT4uwAW4EBfiYlyM6ZiOGZiBmZiJy3AZZmEWrsAVuApX4Rpcg+twHW7ADbgJN+EW3ILbcBvuwB24C3fhHtyD+3Af7sf9eAAPYDZm40E8iIfwEB7Gw5iDOXgEj+BRPIrH8Bgex+N4Ak/gKTyFp/E0nsEzeA7P4QX8CS/iz3gJPcZaKfLZa2x+e60tYK+zsTav/eu4iC1q420xW9waW8gW/k2M1toEW9qWsWWts+VseXvL7+IqtqqtZqvbO20Ne5et+bu4gb3XNrT32Ub2flvf3vObuLF9wDaxj9qm9jHbzLa2zW1b28I+alvax2wr29q2sW1tZ/uU7WKfton2GdvVPvu7OMMutevservBbrT77Wf2nD1vj9pv7QX7k+1n+9th9lU73L5mR9jXbXKjkb+N7Ug73r5tJ9iJdpKdbKfYqb+LZ9pZNs3OtnPs+3aunfe7ON1+ZBfYTLvQLrKL7ZJf4stryrQf22X2E5tll9sVdqVdZVfbNXbtX9a60m62W+xWu89+anfYnXaX3W332L2/xJev44D93GbbL+wR+409ZL+0h+0xm2O//iW+fH3H7Hf2uP3enrAn7Sn7gz1tf7Rn7Nlfrv/ytf9gf7aXrLeCgCQp0hRQDOWhWMpL+egayk/XUgG6jiJ0PcXRDVSQbqRCVJiKUFGKp2JUnAwhWSIKqQSVpCjdRKXoZkqg0lSGypKjclSebqEKdCtVpNuoEt1OlekOqkJVqRpVpzupBt1FNakW1aa7qQ7VpXpUn+6hBnQvNaT7qBHdT43pAWpCD1JTeoia0cPUnB6hFvQotaTHqBW1pjbUltrR49SenqAO1JE60ZPUmZ6iLvQ0JdIz1JWepW70HHWn56kHvUA96UXqRb2pD71Efell6kf9KYkG0EB6hQbRYBpCQ2kYvUrD6TUaQa9TMo2kUfQGjaY3aQy9RWNpHI2nt2kCTaRJNJmm0FRKoXdoGr1LqfQeTacZNJNmURrNpjn0Ps2leTSfPqAF9CEtpEW0mJZQOn1EGbSUMuljWkafUBYtpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR99SvvpMzpAn1M2fUEH6U90iL6kw/QV5dDXdIS+oaP0LR2j7+g4fU8n6CSdoh/oNP1IZ+gsnaPzdIF+oov0M10iTyKEUIYq1GEQxoR5wtgwb5gvvCbMH14bFgivCyPh9WFceENYMLwxLBQWDouERcP4sFhYPDQhhjakMAxLhCXDaHhTWCq8OUwIS4dlwrKhC8uF5cNbwgrhrWHF8LawUnh7WDm8I6wSVg0fvb96eGdYI7wrrBnWCmuHd4d1wrphvbB+eE/YILw3bBjeFzYK7w8rhg+ETcIHw6bhQ2Gz8OGwefhI2CJ8NGwZPha2CluHbcK2Ybvw8bB9+ETYIewYdgqfDDuHT4VdwqfDxPCZsGv47N89nxQOCAeGr4SvhN7fpxZHl0TTox9FM6JLo5nRj6PLop9Es6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo1uiW6Pe188jHDjplNMucDEuj4t1eV0+d43L7651Bdx1LuKud3HuBlfQ3egKucKuiCvq4l0xV9wZh846cqEr4Uq6qLvJlXI3uwRX2pVxZZ1z5Vx519a1c+1ce/eE6+A6uk7uSfeke8o95Z52T7tnXFf3rOvmnnPd3fOuh3vBveBedL1cb9fHveT6upddP9ffJbkkN9ANdIPcIDfEDYn5dQ/mRrgRLtklu1FulBvtRrsxbowb68a68W68m+AmuElukpviprgUl+KmuWku1aW66W66m+lmujSX5ua4OW6um+vmu/luQcICt9AtdIvdYpfu0l2Gy3CZLtMtc8tclstyK9wKt8qtcmvcGrfOrXMb3Aa3yW1yW9wWt81tczvcDrfL7XJ73B63z+1z+91+d8AdcNku2x10B90hd8gddl+5HPe1O+K+cUfdt+6Y+84dd9+7E+6kO+V+cKfdj+6MO+vOufPugvvJXXQ/u0vOu5TIO5FpkXcjqZH3ItMjMyIzI7MiaZHZkTmR9yNzI/Mi8yMfRBZEPowsjCyKLI4siaRHPopkRJZGMiMfR5ZFPolkRZZHVkRWRlZFVke8L7Yj9CV8SR/1N/lS/maf4Ev7Mr6sd76cL+9v8RX8rb6iv81X8rf7yv4OX8VX9dX8Y76Vb+3b+La+nX/ct/dP+A6+o+/kn/Sd/VO+i3/aJ/pnfFf/rO/mn/Pd/fO+h48RPf2Lvpfv7fv4l3xf/7Lv5/v7JD/AD/Sv+EF+sB/ih/ph/lU/3L/mR/jXfbIf6Uf5N/xo/6Yf49/yY/04P96/7Sf4iX6Sn+yn+Kk+xb/jp/l3fap/z0/3M/xMP8un+dl+jn/fz/Xz/Hz/gV/gP/QL/SK/2C/x6f4jn+GX+kz/sV/mP/FZfrlf4Vf6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t9/j9/p9/lO/33/mD/jPfbb/wh/0f/KH/Jf+sP/K5/iv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zp/3F/xP/qL/2V/iv1ljjDHGGPuHpB7+4/MD/sYx+eu4bKAQ4tqdRXP++rwWQmwq9B/zwTK+c0QI8Uz/ng//edSpk5SU9Otrs5QISi4SQkSu5P9yG/JrvFx0Ek+JRNFRVPib6xsse1+gP6gPJ7yP3i5Evr/KiRVX4iv1b/1P6j/+5PiMyuG5uN/Wv/jrfvPy+qOLhEgoeSUnr7gSX6lf8T+pX7j9H60/S4q8X6YI0eGvcvKLK/GV+uXFE+JZkfibVzLGGGOMMcYYY/9hsKzW/Q/vP3+9P4/Xv4S/HM4j/hL/3ftzxhhjjDHGGGOMXX3P9+7z9OOJiR2784QnPOHJXyZX+ycTY4wxxhhj7L/blU3/1V4JY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWe/1P/Duxq32NjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2fwIAAP//tDtDMQ==")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f0000000880)={[{@errors_remount}, {@nodiscard}, {@oldalloc}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff5000/0x1000)=nil, 0x1000, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff0103fdbe4454a9b5c07200000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009588d11dbaf1ea2e673654809c7ebf139bd9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b000000d8000000000400000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000007084efc33eb5cad10000000000003205078bc48e23a0afe1e140bc40a08065b04c7c625e6b6add8405ec628001b4ee4889d58a1c53b28ca1f1fca93faa4a62c428fd5a2f79ad8a77bc5da1"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x7, 0x0, &(0x7f0000000180)=ANY=[@ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000080)=0x4, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$packet(r4, &(0x7f0000000440)='7', 0x1, 0x0, &(0x7f0000000040)={0x11, 0x7, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs={0x1}, 0x6e)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280))

0s ago: executing program 1 (id=2314):
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
close(r0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000003140)='./bus\x00', 0x1008002, &(0x7f00000030c0), 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000400), &(0x7f00000004c0)=r5}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xb0}, [@ldst={0x4}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
shutdown(r1, 0x1)

kernel console output (not intermixed with test programs):

ocks 41-42 which overlap fs metadata
[  524.663377][ T9057] EXT4-fs (loop4): Remounting filesystem read-only
[  524.668374][ T9052] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  524.669933][ T9057] Quota error (device loop4): write_blk: dquota write failed
[  524.676692][ T9052] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  524.683982][ T9057] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  524.702354][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.709674][ T9057] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.1984: Failed to acquire dquot type 0
[  524.720831][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.721349][ T9057] EXT4-fs (loop4): 1 truncate cleaned up
[  524.728093][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.728120][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.728143][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.734434][ T9057] EXT4-fs (loop4): pa ffff88810e300000: logic 1, phys. 41, len 23
[  524.740782][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.747950][ T9057] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4897: group 0, 
[  524.755117][   T26] playstation 0003:054C:0CE6.0018: unknown main item tag 0x0
[  524.762749][ T9057] free 22, pa_free 23
[  524.765014][ T9057] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000005,noblock_validity,usrquota,resgid=0x0000000000000000,nogrpid,errors=remount-ro,noinit_itable,inode_readahead_blks=0x0000000000000001,resuid=0x00000000000000002. Quota mode: writeback.
[  524.837876][   T26] playstation 0003:054C:0CE6.0018: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.1-1/input0
[  524.967521][   T26] playstation 0003:054C:0CE6.0018: Failed to retrieve feature with reportID 9: -32
[  525.028639][   T26] playstation 0003:054C:0CE6.0018: Failed to retrieve DualSense pairing info: -32
[  525.147670][   T26] playstation 0003:054C:0CE6.0018: Failed to get MAC address from DualSense
[  525.204946][   T26] playstation 0003:054C:0CE6.0018: Failed to create dualsense.
[  525.228754][   T26] playstation: probe of 0003:054C:0CE6.0018 failed with error -32
[  525.335106][   T26] usb 2-1: USB disconnect, device number 36
[  526.213662][ T9089] loop1: detected capacity change from 0 to 40427
[  526.233080][ T9089] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  526.240870][ T9089] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  526.250369][ T9089] F2FS-fs (loop1): invalid crc value
[  526.258315][ T9089] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  526.287704][ T9089] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  526.294717][ T9089] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  527.286893][ T9120] loop0: detected capacity change from 0 to 16
[  527.394325][ T9120] erofs: (device loop0): mounted with root inode @ nid 36.
[  527.445032][ T9116] loop4: detected capacity change from 0 to 40427
[  527.452505][ T9121] bridge0: port 1(bridge_slave_0) entered blocking state
[  527.464029][ T9121] bridge0: port 1(bridge_slave_0) entered disabled state
[  527.471984][ T9121] device bridge_slave_0 entered promiscuous mode
[  527.479516][ T9121] bridge0: port 2(bridge_slave_1) entered blocking state
[  527.486451][ T9121] bridge0: port 2(bridge_slave_1) entered disabled state
[  527.494112][ T9121] device bridge_slave_1 entered promiscuous mode
[  527.528867][ T9116] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  527.587247][ T9116] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  527.600518][ T9116] F2FS-fs (loop4): invalid crc value
[  527.608057][ T9116] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  527.643803][ T9116] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  527.650815][ T9116] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  528.755806][   T49] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  528.777133][ T9134] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  529.075190][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  529.084737][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  529.138212][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  529.162055][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  529.181816][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  529.188724][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  529.254630][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  529.293556][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  529.334377][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  529.341261][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  529.357781][   T45] device bridge_slave_1 left promiscuous mode
[  529.363728][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.391128][   T45] device bridge_slave_0 left promiscuous mode
[  529.397107][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.405428][   T45] device veth1_macvtap left promiscuous mode
[  529.411887][   T45] device veth0_vlan left promiscuous mode
[  529.535128][ T9153] loop2: detected capacity change from 0 to 1024
[  529.546766][ T9145] loop0: detected capacity change from 0 to 40427
[  529.588821][ T9145] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  529.596785][ T9145] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  529.606850][ T9145] F2FS-fs (loop0): invalid crc value
[  529.607719][ T9153] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  529.613668][ T9145] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  529.636213][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  529.643820][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  529.652352][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  529.723422][ T9145] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  529.725542][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  529.730595][ T9145] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  529.755639][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  529.773175][ T9121] device veth0_vlan entered promiscuous mode
[  529.780867][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  529.789462][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  529.798326][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  529.824910][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  529.946621][ T9121] device veth1_macvtap entered promiscuous mode
[  530.065046][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  530.073646][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  530.081059][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  530.088466][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  530.096543][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  530.116639][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  530.151218][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  530.479603][ T9172] loop3: detected capacity change from 0 to 128
[  530.498946][ T9172] FAT-fs (loop3): Unrecognized mount option "shortnam�e=winnt" or missing value
[  531.161683][ T9180] loop4: detected capacity change from 0 to 40427
[  531.178728][ T9174] loop2: detected capacity change from 0 to 40427
[  531.212645][ T9175] loop1: detected capacity change from 0 to 40427
[  531.219538][ T9174] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  531.227165][ T9174] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  531.241554][ T9180] F2FS-fs (loop4): invalid crc value
[  531.243378][ T9174] F2FS-fs (loop2): Found nat_bits in checkpoint
[  531.248299][ T9180] F2FS-fs (loop4): Found nat_bits in checkpoint
[  531.904483][ T9175] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  531.918582][ T9175] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  531.942120][ T9193] loop3: detected capacity change from 0 to 256
[  531.948528][ T9174] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  531.954844][ T9175] F2FS-fs (loop1): invalid crc value
[  531.956252][ T9174] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  531.965516][ T9180] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  531.975284][ T9174] syz.2.2009[9174] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  531.975361][ T9174] syz.2.2009[9174] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  531.987742][ T9175] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  532.048423][ T9175] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  532.055458][ T9175] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  532.103186][ T9193] FAT-fs (loop3): Directory bread(block 64) failed
[  532.113568][ T9193] FAT-fs (loop3): Directory bread(block 65) failed
[  532.131095][ T9193] FAT-fs (loop3): Directory bread(block 66) failed
[  533.128001][ T9193] FAT-fs (loop3): Directory bread(block 67) failed
[  533.134416][ T9193] FAT-fs (loop3): Directory bread(block 68) failed
[  533.141638][ T9193] FAT-fs (loop3): Directory bread(block 69) failed
[  533.148323][ T9193] FAT-fs (loop3): Directory bread(block 70) failed
[  533.155018][ T9193] FAT-fs (loop3): Directory bread(block 71) failed
[  533.161548][ T9193] FAT-fs (loop3): Directory bread(block 72) failed
[  533.198341][ T7085] attempt to access beyond end of device
[  533.198341][ T7085] loop4: rw=2049, want=45104, limit=40427
[  533.269708][ T9193] FAT-fs (loop3): Directory bread(block 73) failed
[  533.774822][ T9214] loop0: detected capacity change from 0 to 40427
[  533.804072][ T9218] loop3: detected capacity change from 0 to 16
[  533.807870][ T9214] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  533.824014][ T9214] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  533.832680][ T9218] erofs: (device loop3): mounted with root inode @ nid 36.
[  533.841374][ T9214] F2FS-fs (loop0): invalid crc value
[  533.848753][ T9220] loop1: detected capacity change from 0 to 1024
[  533.868091][ T9214] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  533.903030][ T9214] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  533.910026][ T9214] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  534.060540][ T9225] loop4: detected capacity change from 0 to 40427
[  534.073043][ T9220] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  534.081982][ T9225] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  534.088807][ T9225] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  534.372969][   T49] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  534.386872][ T9225] F2FS-fs (loop4): invalid crc value
[  534.494859][ T9231] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  534.758736][ T9225] F2FS-fs (loop4): Found nat_bits in checkpoint
[  534.796979][ T9225] F2FS-fs (loop4): Start checkpoint disabled!
[  534.808950][ T9225] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  534.815829][ T9225] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  534.870849][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  534.870876][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  534.879251][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  534.897379][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  534.905960][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  534.913614][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  535.011109][ T9241] FAULT_INJECTION: forcing a failure.
[  535.011109][ T9241] name failslab, interval 1, probability 0, space 0, times 0
[  535.030995][ T9241] CPU: 1 PID: 9241 Comm: syz.3.2022 Not tainted 5.15.161-syzkaller-00425-gb92c0d35d015 #0
[  535.040748][ T9241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  535.050755][ T9241] Call Trace:
[  535.053882][ T9241]  <TASK>
[  535.056658][ T9241]  dump_stack_lvl+0x151/0x1c0
[  535.061172][ T9241]  ? io_uring_drop_tctx_refs+0x190/0x190
[  535.066640][ T9241]  dump_stack+0x15/0x20
[  535.070630][ T9241]  should_fail+0x3c6/0x510
[  535.074883][ T9241]  __should_failslab+0xa4/0xe0
[  535.079480][ T9241]  should_failslab+0x9/0x20
[  535.083822][ T9241]  slab_pre_alloc_hook+0x37/0xd0
[  535.088598][ T9241]  ? key_alloc+0x34a/0xe70
[  535.092847][ T9241]  __kmalloc_track_caller+0x6c/0x260
[  535.097967][ T9241]  ? key_alloc+0x34a/0xe70
[  535.102225][ T9241]  kmemdup+0x24/0x50
[  535.105954][ T9241]  key_alloc+0x34a/0xe70
[  535.110037][ T9241]  key_create_or_update+0xa13/0xba0
[  535.115079][ T9241]  ? key_type_put+0x20/0x20
[  535.119408][ T9241]  ? search_process_keyrings_rcu+0x280/0x280
[  535.125315][ T9241]  ? __kasan_check_write+0x14/0x20
[  535.130255][ T9241]  __se_sys_add_key+0x33b/0x480
[  535.134946][ T9241]  ? __x64_sys_add_key+0xd0/0xd0
[  535.139718][ T9241]  ? __kasan_check_read+0x11/0x20
[  535.144579][ T9241]  __x64_sys_add_key+0xbf/0xd0
[  535.149178][ T9241]  x64_sys_call+0x680/0x9a0
[  535.153518][ T9241]  do_syscall_64+0x3b/0xb0
[  535.157781][ T9241]  ? clear_bhb_loop+0x35/0x90
[  535.162283][ T9241]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  535.164536][ T7579] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  535.168007][ T9241] RIP: 0033:0x7fef335d1ef9
[  535.168028][ T9241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.168046][ T9241] RSP: 002b:00007fef32209038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  535.207418][ T9241] RAX: ffffffffffffffda RBX: 00007fef3378a130 RCX: 00007fef335d1ef9
[  535.215223][ T9241] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000020000000
[  535.223040][ T9241] RBP: 00007fef32209090 R08: 000000002a77ae21 R09: 0000000000000000
[  535.230845][ T9241] R10: 0000000000000029 R11: 0000000000000246 R12: 0000000000000002
[  535.238664][ T9241] R13: 0000000000000000 R14: 00007fef3378a130 R15: 00007fff2564b728
[  535.246477][ T9241]  </TASK>
[  535.441035][ T9249] attempt to access beyond end of device
[  535.441035][ T9249] loop4: rw=524288, want=45072, limit=40427
[  535.452852][ T9249] attempt to access beyond end of device
[  535.452852][ T9249] loop4: rw=0, want=45072, limit=40427
[  535.808938][ T9259] loop3: detected capacity change from 0 to 1024
[  535.860171][   T45] attempt to access beyond end of device
[  535.860171][   T45] loop4: rw=2049, want=40992, limit=40427
[  535.928196][ T9259] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  536.070777][ T9269] loop0: detected capacity change from 0 to 16
[  536.161314][ T9269] erofs: (device loop0): mounted with root inode @ nid 36.
[  536.313023][ T9272] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2023'.
[  537.450685][   T48] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  537.652590][ T9283] loop0: detected capacity change from 0 to 512
[  537.683288][ T9283] EXT4-fs (loop0): Test dummy encryption mode enabled
[  537.684681][ T9286] loop2: detected capacity change from 0 to 1024
[  537.701720][ T9283] EXT4-fs error (device loop0): __ext4_iget:4892: inode #11: block 1: comm syz.0.2032: invalid block
[  537.713374][ T9283] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.2032: couldn't read orphan inode 11 (err -117)
[  537.725519][ T9283] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  537.775292][ T9286] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  537.859318][ T9281] loop1: detected capacity change from 0 to 40427
[  538.884900][ T9281] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  538.911344][ T9281] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  538.935947][ T9281] F2FS-fs (loop1): invalid crc value
[  538.952291][ T9281] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  539.013828][ T9281] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  539.021038][ T9306] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  539.030338][ T9281] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  539.449298][ T9318] loop2: detected capacity change from 0 to 1024
[  539.689116][ T9318] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  539.704856][ T9318] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038 (0x7fffffff)
[  539.766758][ T1516] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  539.807648][   T30] audit: type=1400 audit(1727161695.088:1592): avc:  denied  { ioctl } for  pid=9317 comm="syz.2.2041" path="/94/file1/file1" dev="loop2" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  539.829061][ T9316] loop3: detected capacity change from 0 to 40427
[  539.950451][ T9316] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  539.967285][ T9316] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  539.978584][ T9316] F2FS-fs (loop3): Found nat_bits in checkpoint
[  540.067222][ T1516] usb 5-1: Using ep0 maxpacket: 32
[  540.077662][ T9316] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  540.084611][ T9316] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  540.098596][ T9334] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2043'.
[  540.194194][ T9332] loop2: detected capacity change from 0 to 40427
[  540.209955][ T9340] loop1: detected capacity change from 0 to 512
[  540.226349][ T1516] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  540.236840][ T1516] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  540.248804][ T1516] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  540.262047][ T1516] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  540.271144][ T1516] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.282538][ T9332] F2FS-fs (loop2): invalid crc value
[  540.295965][ T1516] usb 5-1: config 0 descriptor??
[  540.302217][ T9340] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  540.313667][ T9340] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038 (0x7fffffff)
[  540.328342][ T9332] F2FS-fs (loop2): Found nat_bits in checkpoint
[  540.398204][ T9332] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  540.487073][ T8773] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  541.701456][ T1516] ntrig 0003:1B96:000A.0019: unknown main item tag 0x0
[  541.709317][ T1516] ntrig 0003:1B96:000A.0019: unknown main item tag 0x0
[  541.717284][ T1516] ntrig 0003:1B96:000A.0019: unknown main item tag 0x0
[  541.724441][ T7579] attempt to access beyond end of device
[  541.724441][ T7579] loop2: rw=2049, want=45112, limit=40427
[  541.736223][ T1516] ntrig 0003:1B96:000A.0019: unknown main item tag 0x0
[  541.742987][ T1516] ntrig 0003:1B96:000A.0019: unknown main item tag 0x0
[  541.752535][ T1516] ntrig 0003:1B96:000A.0019: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  541.787431][ T8773] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[  541.787734][ T9357] loop0: detected capacity change from 0 to 128
[  541.796486][ T8773] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.818392][ T8773] usb 4-1: config 0 descriptor??
[  541.867798][ T8773] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  541.875591][ T8773] usb 4-1: Detected FT-X
[  541.880026][ T9357] FAT-fs (loop0): Unrecognized mount option "shortnam�e=winnt" or missing value
[  541.942631][ T1516] usb 5-1: USB disconnect, device number 28
[  542.008837][ T9364] loop1: detected capacity change from 0 to 512
[  542.042068][ T9364] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  542.070453][ T9364] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038 (0x7fffffff)
[  543.380049][ T9372] FAULT_INJECTION: forcing a failure.
[  543.380049][ T9372] name failslab, interval 1, probability 0, space 0, times 0
[  543.392549][ T9372] CPU: 0 PID: 9372 Comm: syz.1.2052 Not tainted 5.15.161-syzkaller-00425-gb92c0d35d015 #0
[  543.402224][ T9372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  543.412118][ T9372] Call Trace:
[  543.415243][ T9372]  <TASK>
[  543.418019][ T9372]  dump_stack_lvl+0x151/0x1c0
[  543.422541][ T9372]  ? io_uring_drop_tctx_refs+0x190/0x190
[  543.428000][ T9372]  ? __kasan_check_write+0x14/0x20
[  543.432959][ T9372]  ? mutex_unlock+0xb2/0x260
[  543.437376][ T9372]  dump_stack+0x15/0x20
[  543.441373][ T9372]  should_fail+0x3c6/0x510
[  543.445622][ T9372]  __should_failslab+0xa4/0xe0
[  543.450219][ T9372]  ? getname_flags+0xba/0x520
[  543.454735][ T9372]  should_failslab+0x9/0x20
[  543.459072][ T9372]  slab_pre_alloc_hook+0x37/0xd0
[  543.463847][ T9372]  ? getname_flags+0xba/0x520
[  543.468359][ T9372]  kmem_cache_alloc+0x44/0x200
[  543.472978][ T9372]  getname_flags+0xba/0x520
[  543.477302][ T9372]  __x64_sys_mkdirat+0x7c/0xa0
[  543.481922][ T9372]  x64_sys_call+0x6c6/0x9a0
[  543.486247][ T9372]  do_syscall_64+0x3b/0xb0
[  543.490494][ T9372]  ? clear_bhb_loop+0x35/0x90
[  543.495119][ T9372]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  543.501019][ T9372] RIP: 0033:0x7fd8fa663ef9
[  543.505275][ T9372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.524813][ T9372] RSP: 002b:00007fd8f92bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  543.533054][ T9372] RAX: ffffffffffffffda RBX: 00007fd8fa81c058 RCX: 00007fd8fa663ef9
[  543.541302][ T9372] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: ffffffffffffff9c
[  543.549545][ T9372] RBP: 00007fd8f92bc090 R08: 0000000000000000 R09: 0000000000000000
[  543.557356][ T9372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.565167][ T9372] R13: 0000000000000000 R14: 00007fd8fa81c058 R15: 00007ffe7d0a2ab8
[  543.572991][ T9372]  </TASK>
[  543.737308][ T9378] futex_wake_op: syz.2.2053 tries to shift op by -1; fix this program
[  544.295798][ T9387] binder: BINDER_SET_CONTEXT_MGR already set
[  544.301712][ T9387] binder: 9379:9387 ioctl 4018620d 20000040 returned -16
[  544.451709][ T9389] binder: BINDER_SET_CONTEXT_MGR already set
[  544.457694][ T9389] binder: 9384:9389 ioctl 4018620d 20000040 returned -16
[  544.507421][ T8773] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  544.816846][ T9397] loop0: detected capacity change from 0 to 128
[  544.823592][ T8773] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  544.826079][ T9395] loop4: detected capacity change from 0 to 128
[  544.842137][ T9397] FAT-fs (loop0): Unrecognized mount option "shortnam�e=winnt" or missing value
[  544.854988][ T9398] loop1: detected capacity change from 0 to 512
[  544.873596][ T8773] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  544.884000][ T9400] loop2: detected capacity change from 0 to 16
[  544.884558][ T8773] usb 4-1: USB disconnect, device number 30
[  544.891420][ T9395] FAT-fs (loop4): Unrecognized mount option "shortnam�e=winnt" or missing value
[  544.896424][ T8773] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  544.907544][ T9398] EXT4-fs (loop1): Test dummy encryption mode enabled
[  544.914519][ T8773] ftdi_sio 4-1:0.0: device disconnected
[  544.937981][ T9400] erofs: (device loop2): mounted with root inode @ nid 36.
[  544.938910][ T9398] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz.1.2057: invalid block
[  544.958209][ T9398] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.2057: couldn't read orphan inode 11 (err -117)
[  544.970082][ T9398] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  545.078060][ T9405] loop3: detected capacity change from 0 to 512
[  545.727592][   T49] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  545.749147][ T9403] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  545.924036][ T9405] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  545.927829][ T9411] loop0: detected capacity change from 0 to 512
[  545.960996][ T9405] EXT4-fs (loop3): 1 truncate cleaned up
[  545.966526][ T9405] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  546.017783][ T9411] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  546.327586][ T9411] EXT4-fs (loop0): 1 truncate cleaned up
[  546.333072][ T9411] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  546.911249][   T30] audit: type=1326 audit(1727161702.188:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.292409][   T30] audit: type=1326 audit(1727161702.188:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.316021][   T30] audit: type=1326 audit(1727161702.208:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.339369][   T30] audit: type=1326 audit(1727161702.308:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.364205][   T30] audit: type=1326 audit(1727161702.308:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.369473][ T9424] loop4: detected capacity change from 0 to 40427
[  547.387830][   T30] audit: type=1326 audit(1727161702.308:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.417568][   T30] audit: type=1326 audit(1727161702.318:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.441075][   T30] audit: type=1326 audit(1727161702.318:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9431 comm="syz.1.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa663ef9 code=0x7ffc0000
[  547.560659][ T9424] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  547.612053][ T9442] binder: BINDER_SET_CONTEXT_MGR already set
[  547.617936][ T9442] binder: 9438:9442 ioctl 4018620d 20000040 returned -16
[  547.762335][ T9424] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  547.861697][ T9424] F2FS-fs (loop4): invalid crc value
[  547.893109][ T9424] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  547.953217][ T9424] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  547.964270][ T9424] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  547.973889][ T9437] loop0: detected capacity change from 0 to 40427
[  547.995983][ T9437] F2FS-fs (loop0): invalid crc value
[  548.032720][ T9437] F2FS-fs (loop0): Found nat_bits in checkpoint
[  548.128335][ T9444] loop3: detected capacity change from 0 to 40427
[  548.142094][ T9437] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  548.154022][   T30] audit: type=1400 audit(1727161703.428:1601): avc:  denied  { read } for  pid=9436 comm="syz.0.2068" name="bus" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  548.455731][ T9444] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  548.478274][ T9444] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  548.489201][ T9461] loop1: detected capacity change from 0 to 128
[  548.493009][ T9444] F2FS-fs (loop3): invalid crc value
[  548.500661][ T9461] FAT-fs (loop1): Unrecognized mount option "shortnam�e=winnt" or missing value
[  548.506092][ T9444] F2FS-fs (loop3): Found nat_bits in checkpoint
[  548.525009][ T9465] loop2: detected capacity change from 0 to 512
[  548.562129][ T9465] EXT4-fs (loop2): Test dummy encryption mode enabled
[  548.574486][ T9465] EXT4-fs error (device loop2): __ext4_iget:4892: inode #11: block 1: comm syz.2.2072: invalid block
[  548.585355][ T9465] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2072: couldn't read orphan inode 11 (err -117)
[  548.597655][ T9465] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  548.597892][ T9444] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  548.631595][ T9444] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  549.088544][ T9472] loop2: detected capacity change from 0 to 16
[  549.094702][ T9437] attempt to access beyond end of device
[  549.094702][ T9437] loop0: rw=2049, want=45104, limit=40427
[  549.131482][ T9476] loop3: detected capacity change from 0 to 512
[  549.198160][ T9476] EXT4-fs (loop3): Test dummy encryption mode enabled
[  549.205059][ T9472] erofs: (device loop2): mounted with root inode @ nid 36.
[  549.215224][ T9476] EXT4-fs error (device loop3): ext4_fill_super:4831: inode #2: comm syz.3.2075: casefold flag without casefold feature
[  549.301765][   T30] audit: type=1400 audit(1727161704.568:1602): avc:  denied  { map } for  pid=9473 comm="syz.4.2074" path="socket:[44319]" dev="sockfs" ino=44319 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  549.370493][ T9476] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  549.389789][ T9476] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,test_dummy_encryption,,errors=continue. Quota mode: none.
[  549.559201][ T9488] overlayfs: failed to resolve './file1': -2
[  550.653924][ T9507] FAULT_INJECTION: forcing a failure.
[  550.653924][ T9507] name failslab, interval 1, probability 0, space 0, times 0
[  550.737063][ T9508] binder: BINDER_SET_CONTEXT_MGR already set
[  550.742942][ T9508] binder: 9499:9508 ioctl 4018620d 20000040 returned -16
[  550.829105][ T9507] CPU: 1 PID: 9507 Comm: syz.4.2084 Not tainted 5.15.161-syzkaller-00425-gb92c0d35d015 #0
[  550.838843][ T9507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  550.848744][ T9507] Call Trace:
[  550.851862][ T9507]  <TASK>
[  550.854645][ T9507]  dump_stack_lvl+0x151/0x1c0
[  550.859161][ T9507]  ? io_uring_drop_tctx_refs+0x190/0x190
[  550.864624][ T9507]  dump_stack+0x15/0x20
[  550.868611][ T9507]  should_fail+0x3c6/0x510
[  550.872866][ T9507]  __should_failslab+0xa4/0xe0
[  550.877463][ T9507]  ? __build_skb+0x2a/0x300
[  550.881803][ T9507]  should_failslab+0x9/0x20
[  550.886142][ T9507]  slab_pre_alloc_hook+0x37/0xd0
[  550.890927][ T9507]  ? __build_skb+0x2a/0x300
[  550.895255][ T9507]  kmem_cache_alloc+0x44/0x200
[  550.899857][ T9507]  __build_skb+0x2a/0x300
[  550.904021][ T9507]  build_skb+0x25/0x1f0
[  550.908018][ T9507]  tun_get_user+0x1c7e/0x3aa0
[  550.912536][ T9507]  ? __kasan_check_write+0x14/0x20
[  550.917481][ T9507]  ? tun_do_read+0x2010/0x2010
[  550.922072][ T9507]  ? kstrtouint_from_user+0x20a/0x2a0
[  550.927285][ T9507]  ? kstrtol_from_user+0x310/0x310
[  550.932233][ T9507]  ? avc_policy_seqno+0x1b/0x70
[  550.936915][ T9507]  ? selinux_file_permission+0x2c4/0x570
[  550.942389][ T9507]  tun_chr_write_iter+0x1e1/0x2e0
[  550.947245][ T9507]  vfs_write+0xd5d/0x1110
[  550.951429][ T9507]  ? file_end_write+0x1c0/0x1c0
[  550.956102][ T9507]  ? __fdget_pos+0x209/0x3a0
[  550.960535][ T9507]  ? ksys_write+0x77/0x2c0
[  550.964778][ T9507]  ksys_write+0x199/0x2c0
[  550.968944][ T9507]  ? __ia32_sys_read+0x90/0x90
[  550.973548][ T9507]  ? debug_smp_processor_id+0x17/0x20
[  550.978754][ T9507]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  550.984659][ T9507]  __x64_sys_write+0x7b/0x90
[  550.989077][ T9507]  x64_sys_call+0x2f/0x9a0
[  550.993330][ T9507]  do_syscall_64+0x3b/0xb0
[  550.997586][ T9507]  ? clear_bhb_loop+0x35/0x90
[  551.002094][ T9507]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  551.007827][ T9507] RIP: 0033:0x7f6979dc09df
[  551.012080][ T9507] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  551.031516][ T9507] RSP: 002b:00007f6978a3b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  551.039762][ T9507] RAX: ffffffffffffffda RBX: 00007f6979f79f80 RCX: 00007f6979dc09df
[  551.047578][ T9507] RDX: 000000000000003a RSI: 0000000020000580 RDI: 00000000000000c8
[  551.055387][ T9507] RBP: 00007f6978a3b090 R08: 0000000000000000 R09: 0000000000000000
[  551.063198][ T9507] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001
[  551.071009][ T9507] R13: 0000000000000000 R14: 00007f6979f79f80 R15: 00007ffd09f6d3d8
[  551.078826][ T9507]  </TASK>
[  551.118512][ T9511] syz.4.2085[9511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.118609][ T9511] syz.4.2085[9511] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  551.169861][ T9495] loop2: detected capacity change from 0 to 40427
[  551.259589][ T9495] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  551.290017][ T9495] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  551.303271][ T9516] loop4: detected capacity change from 0 to 512
[  551.309967][ T9504] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2081'.
[  551.618608][ T9495] F2FS-fs (loop2): invalid crc value
[  551.632150][ T9520] loop0: detected capacity change from 0 to 128
[  551.640965][ T9516] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  551.656377][ T9516] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038 (0x7fffffff)
[  551.677116][ T9495] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  551.678167][ T9520] FAT-fs (loop0): Unrecognized mount option "shortnam�e=winnt" or missing value
[  551.759467][ T9528] loop3: detected capacity change from 0 to 512
[  551.766779][ T9495] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  551.774024][ T9495] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  551.801911][ T9528] EXT4-fs (loop3): Test dummy encryption mode enabled
[  551.829815][ T9528] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.2088: invalid block
[  552.298907][ T9528] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2088: couldn't read orphan inode 11 (err -117)
[  552.311116][ T9528] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  552.644875][ T9539] loop4: detected capacity change from 0 to 16
[  552.750692][ T9541] loop0: detected capacity change from 0 to 1024
[  552.788014][ T9539] erofs: (device loop4): mounted with root inode @ nid 36.
[  553.353113][ T9549] overlayfs: failed to resolve './file1': -2
[  553.601370][ T9555] loop3: detected capacity change from 0 to 512
[  553.616587][ T9541] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  553.694387][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  553.694404][   T30] audit: type=1400 audit(1727161708.968:1604): avc:  denied  { create } for  pid=9557 comm="syz.1.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  553.736236][ T9561] loop4: detected capacity change from 0 to 16
[  553.748735][ T9561] erofs: (device loop4): mounted with root inode @ nid 36.
[  553.753995][ T9558] loop1: detected capacity change from 0 to 2048
[  553.777142][ T9555] EXT4-fs (loop3): 1 orphan inode deleted
[  554.291073][ T9559] 9pnet: Insufficient options for proto=fd
[  554.308811][   T49] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  554.330881][ T9567] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  554.576958][ T9555] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,noauto_da_alloc,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  554.616925][ T9555] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038 (0x7fffffff)
[  554.627922][ T9558] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  554.695922][ T9573] loop4: detected capacity change from 0 to 512
[  554.782994][ T9573] EXT4-fs (loop4): 1 orphan inode deleted
[  554.788713][ T9573] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,noauto_da_alloc,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  554.817382][ T9573] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038 (0x7fffffff)
[  554.934337][ T9582] syz.3.2094[9582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  554.934758][ T9582] syz.3.2094[9582] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  554.978292][ T9581] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  555.004296][ T9581] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 1 with error 28
[  555.016438][ T9581] EXT4-fs (loop1): This should not happen!! Data will be lost
[  555.016438][ T9581] 
[  555.026040][ T9581] EXT4-fs (loop1): Total free blocks count 0
[  555.031944][ T9581] EXT4-fs (loop1): Free/Dirty block details
[  555.037666][ T9581] EXT4-fs (loop1): free_blocks=2415919104
[  555.043173][ T9581] EXT4-fs (loop1): dirty_blocks=16
[  555.048140][ T9581] EXT4-fs (loop1): Block reservation details
[  555.053939][ T9581] EXT4-fs (loop1): i_reserved_data_blocks=1
[  555.089129][ T9581] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28
[  555.101269][ T9581] EXT4-fs (loop1): This should not happen!! Data will be lost
[  555.101269][ T9581] 
[  555.107287][   T30] audit: type=1400 audit(1727161710.378:1605): avc:  denied  { mount } for  pid=9554 comm="syz.3.2094" name="/" dev="configfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  555.159590][   T30] audit: type=1400 audit(1727161710.378:1606): avc:  denied  { read } for  pid=9554 comm="syz.3.2094" name="/" dev="configfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  555.214776][   T30] audit: type=1400 audit(1727161710.378:1607): avc:  denied  { open } for  pid=9554 comm="syz.3.2094" path="/13/file1/file0" dev="configfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  555.292008][ T9121] EXT4-fs error (device loop3): ext4_lookup:1859: inode #2: comm syz-executor: deleted inode referenced: 16
[  555.301877][   T30] audit: type=1400 audit(1727161710.568:1608): avc:  denied  { unmount } for  pid=9121 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  555.319529][ T9121] EXT4-fs (loop3): Remounting filesystem read-only
[  555.342378][ T9121] EXT4-fs error (device loop3): ext4_lookup:1859: inode #2: comm syz-executor: deleted inode referenced: 16
[  555.390371][ T9583] syz.4.2098[9583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  555.390455][ T9583] syz.4.2098[9583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  555.543540][ T9590] loop0: detected capacity change from 0 to 128
[  555.607067][ T7085] EXT4-fs warning (device loop4): __ext4_unlink:3289: inode #16: comm syz-executor: Deleting file 'file3' with no links
[  555.625201][ T7085] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  555.637649][ T9590] FAT-fs (loop0): Unrecognized mount option "shortnam�e=winnt" or missing value
[  555.657517][ T7085] EXT4-fs (loop4): Remounting filesystem read-only
[  555.663975][ T7085] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #17: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  555.823505][ T9585] loop2: detected capacity change from 0 to 40427
[  555.851136][ T9591] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.858120][ T9591] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.865444][ T9591] device bridge_slave_0 entered promiscuous mode
[  555.872894][ T9591] bridge0: port 2(bridge_slave_1) entered blocking state
[  555.877544][ T9585] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  555.879914][ T9591] bridge0: port 2(bridge_slave_1) entered disabled state
[  555.896872][ T9591] device bridge_slave_1 entered promiscuous mode
[  555.903280][ T9585] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  556.088828][ T9585] F2FS-fs (loop2): invalid crc value
[  556.210631][ T9585] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  556.286930][ T9591] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.293850][ T9591] bridge0: port 2(bridge_slave_1) entered forwarding state
[  556.299114][ T9594] loop1: detected capacity change from 0 to 40427
[  556.300956][ T9591] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.314058][ T9591] bridge0: port 1(bridge_slave_0) entered forwarding state
[  556.321861][ T9585] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  556.328917][ T9585] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  556.341894][  T574] device bridge_slave_1 left promiscuous mode
[  556.349211][  T574] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.352138][ T9594] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  556.366351][ T9594] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  556.409948][ T9594] F2FS-fs (loop1): invalid crc value
[  556.415445][  T574] device bridge_slave_0 left promiscuous mode
[  556.424562][  T574] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.433357][  T574] device veth1_macvtap left promiscuous mode
[  556.439550][  T574] device veth0_vlan left promiscuous mode
[  556.485690][ T9594] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  556.512976][ T9594] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  556.522645][ T9594] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  556.813768][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  556.823047][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  557.041747][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  557.446579][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  557.456937][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  557.464933][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  557.472974][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  557.507532][ T9620] loop2: detected capacity change from 0 to 1024
[  557.519194][ T1523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  557.527503][ T1523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  557.535742][ T1523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  557.543562][ T1523] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  557.556004][ T9591] device veth0_vlan entered promiscuous mode
[  557.560335][ T9620] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  557.570082][ T9591] device veth1_macvtap entered promiscuous mode
[  557.585089][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  557.602016][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  557.615824][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  557.632415][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  557.649911][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  557.722543][ T9625] loop1: detected capacity change from 0 to 2048
[  557.854735][ T9630] 9pnet: Insufficient options for proto=fd
[  557.880436][ T9605] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.983089][ T9625] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  558.001223][ T9605] bridge0: port 1(bridge_slave_0) entered disabled state
[  558.017969][ T9625] ext4 filesystem being mounted at /307/bus supports timestamps until 2038 (0x7fffffff)
[  558.032785][ T9605] device bridge_slave_0 entered promiscuous mode
[  558.045155][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  558.053920][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  558.067102][ T9605] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.074971][ T9605] bridge0: port 2(bridge_slave_1) entered disabled state
[  558.082994][ T9605] device bridge_slave_1 entered promiscuous mode
[  558.091431][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  558.100046][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  558.150015][ T9636] loop3: detected capacity change from 0 to 256
[  559.048966][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  559.056589][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  559.150117][ T9649] binder: BINDER_SET_CONTEXT_MGR already set
[  559.156247][ T9649] binder: 9645:9649 ioctl 4018620d 20000040 returned -16
[  559.369193][ T9652] loop3: detected capacity change from 0 to 512
[  559.379148][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  559.387440][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  559.395517][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.402382][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.409628][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  559.411411][   T30] audit: type=1400 audit(1727161714.688:1609): avc:  denied  { wake_alarm } for  pid=9653 comm="syz.0.2114" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  559.418170][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  559.446817][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.453685][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.469471][ T9652] EXT4-fs (loop3): Test dummy encryption mode enabled
[  559.477935][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  559.485902][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  559.496253][   T30] audit: type=1400 audit(1727161714.768:1610): avc:  denied  { write } for  pid=9653 comm="syz.0.2114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  559.512563][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  559.523877][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  559.524015][ T9652] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.2113: invalid block
[  559.532395][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  559.549562][ T9652] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2113: couldn't read orphan inode 11 (err -117)
[  559.561865][ T9652] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  559.614681][ T9605] device veth0_vlan entered promiscuous mode
[  559.621496][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  559.629945][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  559.638914][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  559.646643][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  559.669967][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  559.677390][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  559.684684][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  559.692988][ T8773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  559.701993][ T9605] device veth1_macvtap entered promiscuous mode
[  559.728871][ T9658] loop2: detected capacity change from 0 to 40427
[  559.747776][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  559.755679][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  559.763750][   T42] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  559.773576][ T9658] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  559.781964][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  559.790287][ T9658] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  559.799652][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  559.808155][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  559.816534][ T9658] F2FS-fs (loop2): invalid crc value
[  559.846526][ T9658] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  559.861126][ T9663] loop4: detected capacity change from 0 to 256
[  559.898004][  T574] device bridge_slave_1 left promiscuous mode
[  559.904277][  T574] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.912183][ T9658] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  559.912418][  T574] device bridge_slave_0 left promiscuous mode
[  559.925265][  T574] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.927193][ T9658] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  559.940361][  T574] device veth1_macvtap left promiscuous mode
[  559.948534][ T9663] FAT-fs (loop4): Unrecognized mount option "0177777777777777777777701777777777777777777777" or missing value
[  559.951441][  T574] device veth0_vlan left promiscuous mode
[  560.036248][ T9660] loop1: detected capacity change from 0 to 40427
[  560.063386][ T9663] loop4: detected capacity change from 0 to 512
[  560.096127][ T9660] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  560.103953][ T9660] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  560.190640][ T9660] F2FS-fs (loop1): invalid crc value
[  560.293545][ T9676] syz.3.2118[9676] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  560.294003][ T9676] syz.3.2118[9676] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  560.617571][   T30] audit: type=1326 audit(1727161715.588:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  560.781779][   T30] audit: type=1326 audit(1727161715.588:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  560.798880][   T42] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  560.826155][   T30] audit: type=1326 audit(1727161715.588:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  560.853492][ T9660] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  560.856907][   T42] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  560.874451][   T42] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  560.883821][   T42] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  560.898035][   T30] audit: type=1326 audit(1727161715.588:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  560.941664][   T30] audit: type=1326 audit(1727161715.588:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  560.986201][   T30] audit: type=1326 audit(1727161715.598:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  561.032235][   T42] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  561.040057][   T30] audit: type=1326 audit(1727161715.598:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  561.044501][ T9660] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  561.084298][   T42] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  561.103266][   T42] usb 1-1: Product: syz
[  561.107470][   T42] usb 1-1: Manufacturer: syz
[  561.109209][   T30] audit: type=1326 audit(1727161715.598:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9669 comm="syz.3.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f4c251ef9 code=0x7ffc0000
[  561.118720][ T9660] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  561.199815][   T42] cdc_wdm 1-1:1.0: skipping garbage
[  561.205639][   T42] cdc_wdm 1-1:1.0: invalid descriptor buffer length
[  561.213553][   T42] cdc_wdm: probe of 1-1:1.0 failed with error -22
[  561.518422][ T9690] loop2: detected capacity change from 0 to 1024
[  561.608046][ T9690] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  561.682668][ T9654] loop0: detected capacity change from 0 to 40427
[  561.768720][ T9654] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  562.012940][ T9654] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  562.025982][ T9698] loop3: detected capacity change from 0 to 512
[  562.039170][ T9699] binder: 9695:9699 ioctl 4018620d 0 returned -22
[  562.073616][ T9654] F2FS-fs (loop0): Found nat_bits in checkpoint
[  562.168582][ T9698] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  562.179797][ T9654] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  562.186650][ T9654] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  562.200574][ T9698] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038 (0x7fffffff)
[  562.214167][ T9707] loop2: detected capacity change from 0 to 1024
[  562.224006][ T9654] attempt to access beyond end of device
[  562.224006][ T9654] loop0: rw=2049, want=78368, limit=40427
[  562.247599][ T9654] attempt to access beyond end of device
[  562.247599][ T9654] loop0: rw=0, want=78368, limit=40427
[  562.260047][ T9654] attempt to access beyond end of device
[  562.260047][ T9654] loop0: rw=0, want=78368, limit=40427
[  562.275800][ T9707] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  562.726308][ T9717] 9pnet: Insufficient options for proto=fd
[  562.834140][ T9723] binder: BINDER_SET_CONTEXT_MGR already set
[  562.840011][ T9723] binder: 9715:9723 ioctl 4018620d 20000040 returned -16
[  563.271486][ T9727] loop2: detected capacity change from 0 to 512
[  563.412363][ T9731] loop1: detected capacity change from 0 to 512
[  563.471753][ T9731] EXT4-fs (loop1): Test dummy encryption mode enabled
[  563.484926][ T9727] EXT4-fs (loop2): dax option not supported
[  563.558266][ T9731] EXT4-fs error (device loop1): __ext4_iget:4892: inode #11: block 1: comm syz.1.2128: invalid block
[  563.569734][ T9731] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.2128: couldn't read orphan inode 11 (err -117)
[  563.583015][ T9731] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  563.840237][ T1523] usb 1-1: USB disconnect, device number 23
[  563.984623][ T8251] attempt to access beyond end of device
[  563.984623][ T8251] loop0: rw=2051, want=81920, limit=40427
[  563.995980][ T8251] F2FS-fs (loop0): Issue discard(9796, 9796, 444) failed, ret: -5
[  564.669163][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  564.669179][   T30] audit: type=1400 audit(1727161719.948:1650): avc:  denied  { write } for  pid=9741 comm="syz.1.2132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  564.702831][ T9735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2127'.
[  564.703600][ T9748] overlayfs: unrecognized mount option "verity=require" or missing value
[  565.510641][   T30] audit: type=1326 audit(1727161720.788:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9755 comm="syz.2.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98ce787ef9 code=0x7ffc0000
[  565.561265][   T30] audit: type=1326 audit(1727161720.838:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9755 comm="syz.2.2135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98ce787ef9 code=0x7ffc0000
[  565.677593][ T9765] loop4: detected capacity change from 0 to 2048
[  565.915926][ T9765] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=ignore,,errors=continue. Quota mode: none.
[  566.009670][ T9753] loop0: detected capacity change from 0 to 40427
[  566.070978][ T9753] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  566.088803][ T9753] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  566.098656][ T9753] F2FS-fs (loop0): invalid crc value
[  566.124195][ T9774] binder: BINDER_SET_CONTEXT_MGR already set
[  566.130310][ T9774] binder: 9768:9774 ioctl 4018620d 20000040 returned -16
[  566.191326][ T9753] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  566.749263][ T9785] loop3: detected capacity change from 0 to 512
[  566.835580][ T9785] EXT4-fs (loop3): Test dummy encryption mode enabled
[  567.039631][ T9785] EXT4-fs error (device loop3): __ext4_iget:4892: inode #11: block 1: comm syz.3.2142: invalid block
[  567.051107][ T9785] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2142: couldn't read orphan inode 11 (err -117)
[  567.064048][ T9785] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  567.119580][ T9791] syz.1.2143[9791] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  567.120611][ T9791] syz.1.2143[9791] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  567.274970][ T9753] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  567.317003][ T9753] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  567.777210][ T8773] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  568.352432][ T9807] loop3: detected capacity change from 0 to 1024
[  568.409356][ T9807] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  570.838016][ T9807] 9pnet: Insufficient options for proto=fd
[  575.077291][ T8773] usb 2-1: device descriptor read/all, error -110
[  575.247236][ T8773] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  580.437217][ T8773] usb 2-1: device descriptor read/64, error -110
[  580.767232][ T8773] usb 2-1: device descriptor read/64, error -32
[  580.887282][ T8773] usb usb2-port1: attempt power cycle
[  581.297238][ T8773] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  581.427232][ T8773] usb 2-1: device descriptor read/8, error -32
[  581.637226][ T8773] usb 2-1: device descriptor read/8, error -32
[  581.907248][ T8773] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  582.017236][ T8773] usb 2-1: device descriptor read/8, error -32
[  582.227277][ T8773] usb 2-1: device descriptor read/8, error -32
[  582.347959][ T8773] usb usb2-port1: unable to enumerate USB device
[  597.107389][ T9818] loop2: detected capacity change from 0 to 1024
[  609.270486][   T30] audit: type=1400 audit(1727161764.548:1653): avc:  denied  { unmount } for  pid=2497 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  609.508600][ T4613] tipc: Left network mode
[  609.605087][ T9871] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.612164][ T9871] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.619449][ T9871] device bridge_slave_0 entered promiscuous mode
[  609.625992][ T9868] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.632932][ T9868] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.640338][ T9868] device bridge_slave_0 entered promiscuous mode
[  609.658465][ T9871] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.665405][ T9871] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.672898][ T9871] device bridge_slave_1 entered promiscuous mode
[  609.679403][ T9868] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.686246][ T9868] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.693609][ T9868] device bridge_slave_1 entered promiscuous mode
[  609.758960][ T9870] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.765818][ T9870] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.773143][ T9870] device bridge_slave_0 entered promiscuous mode
[  609.794104][ T9870] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.800979][ T9870] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.808538][ T9870] device bridge_slave_1 entered promiscuous mode
[  609.823500][ T9872] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.830373][ T9872] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.837623][ T9872] device bridge_slave_0 entered promiscuous mode
[  609.861681][ T9872] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.868997][ T9872] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.876151][ T9872] device bridge_slave_1 entered promiscuous mode
[  609.891688][ T9873] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.898561][ T9873] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.905768][ T9873] device bridge_slave_0 entered promiscuous mode
[  609.912934][ T9873] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.919803][ T9873] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.927066][ T9873] device bridge_slave_1 entered promiscuous mode
[  609.989853][ T4613] bridge0: port 3(erspan0) entered disabled state
[  609.998394][ T4613] device erspan0 left promiscuous mode
[  610.003668][ T4613] bridge0: port 3(erspan0) entered disabled state
[  610.130328][ T9868] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.137284][ T9868] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.144386][ T9868] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.151171][ T9868] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.172962][ T4613] device bridge_slave_1 left promiscuous mode
[  610.178954][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.187797][ T4613] device bridge_slave_0 left promiscuous mode
[  610.193718][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.201582][ T4613] device veth1_macvtap left promiscuous mode
[  610.207425][ T4613] device veth0_vlan left promiscuous mode
[  610.390354][ T9871] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.397241][ T9871] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.404339][ T9871] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.411134][ T9871] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.429519][ T9872] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.436370][ T9872] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.443516][ T9872] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.450289][ T9872] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.467294][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  610.474852][ T1516] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.482854][ T1516] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.490250][ T1516] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.497447][ T1516] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.505434][ T1516] bridge0: port 1(bridge_slave_0) entered disabled state
[  610.513256][ T1516] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.552363][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  610.561276][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  610.569277][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.576113][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.583326][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  610.591538][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  610.599564][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.606401][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.630278][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  610.637776][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  610.644978][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  610.653138][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  610.661098][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.668131][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.675289][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  610.683456][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  610.691392][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  610.698241][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  610.705388][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  610.713301][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  610.721047][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  610.729021][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  610.737366][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  610.745165][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  610.767323][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  610.775212][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  610.805785][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  610.814342][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  610.822135][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  610.839100][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  610.847252][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  610.855195][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.862040][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.869246][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  610.876476][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  610.884137][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  610.891474][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  610.898846][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  610.906917][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  610.915119][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  610.923251][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  610.931366][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  610.938235][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  610.959208][ T9868] device veth0_vlan entered promiscuous mode
[  610.973548][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  610.981246][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  610.989445][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  610.998184][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.005011][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.012240][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  611.020371][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  611.028385][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.035221][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.042457][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  611.050687][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  611.058698][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.065544][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.072837][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  611.080626][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  611.088741][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  611.096379][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.104372][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  611.112583][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  611.120705][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.127591][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[  611.135043][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  611.142642][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  611.150153][  T292] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  611.169639][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.178066][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  611.185767][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  611.193669][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  611.201623][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  611.211310][ T9871] device veth0_vlan entered promiscuous mode
[  611.219017][ T9868] device veth1_macvtap entered promiscuous mode
[  611.237945][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  611.246172][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.263299][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  611.271844][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  611.279225][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  611.293259][ T9871] device veth1_macvtap entered promiscuous mode
[  611.302864][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.311083][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  611.319702][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  611.328035][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  611.336007][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  611.353560][ T9870] device veth0_vlan entered promiscuous mode
[  611.382962][ T9873] device veth0_vlan entered promiscuous mode
[  611.390488][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.398906][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  611.408249][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  611.415780][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.424870][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  611.432415][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  611.440197][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  611.448647][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  611.456798][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  611.465207][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  611.473660][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  611.493407][ T9870] device veth1_macvtap entered promiscuous mode
[  611.502833][ T1516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.516872][ T9873] device veth1_macvtap entered promiscuous mode
[  611.524527][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  611.532510][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  611.546602][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  611.555575][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.564413][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  611.577090][ T9872] device veth0_vlan entered promiscuous mode
[  611.598019][ T9896] fuse: Unknown parameter 'oVe'
[  611.659424][ T9872] device veth1_macvtap entered promiscuous mode
[  611.808991][ T9898] loop4: detected capacity change from 0 to 16
[  611.827609][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  611.835129][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  611.835735][ T9898] erofs: (device loop4): mounted with root inode @ nid 36.
[  611.844755][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  611.858265][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  611.866323][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  611.874049][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  611.889254][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  611.905701][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  611.920996][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  611.936427][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  611.952772][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  611.968108][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  611.978810][   T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  612.017360][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  612.025731][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  612.035112][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  612.043825][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  612.108844][   T48] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  612.129868][ T9904] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  613.142286][ T9910] loop0: detected capacity change from 0 to 16
[  613.198118][ T9910] erofs: (device loop0): mounted with root inode @ nid 36.
[  613.276485][ T9913] loop1: detected capacity change from 0 to 128
[  613.902763][   T49] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  613.924336][ T9916] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  614.171910][ T9913] FAT-fs (loop1): Unrecognized mount option "shortnam�e=winnt" or missing value
[  614.254200][   T30] audit: type=1400 audit(1727161769.528:1654): avc:  denied  { setattr } for  pid=9923 comm="syz.3.2155" path="socket:[47747]" dev="sockfs" ino=47747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  615.055320][ T9929] overlayfs: failed to resolve './file0': -2
[  615.896177][ T9943] loop1: detected capacity change from 0 to 512
[  615.971276][ T9946] loop3: detected capacity change from 0 to 1024
[  615.987789][ T9943] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  615.995880][ T9943] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.2165: bad orphan inode 15
[  616.059085][ T9944] binder: BINDER_SET_CONTEXT_MGR already set
[  616.064915][ T9944] binder: 9918:9944 ioctl 4018620d 20000040 returned -16
[  616.072522][ T9943] ext4_test_bit(bit=14, block=4) = 1
[  616.078078][ T9943] is_bad_inode(inode)=0
[  616.082155][ T9943] NEXT_ORPHAN(inode)=0
[  616.097237][ T9943] max_ino=32
[  616.100396][ T9943] i_nlink=1
[  616.103339][ T9943] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,jqfmt=vfsold,max_dir_size_kb=0x0000000000000003,,errors=continue. Quota mode: writeback.
[  616.161702][ T9946] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  616.200123][ T4613] device bridge_slave_1 left promiscuous mode
[  616.216199][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.223960][ T4613] device bridge_slave_0 left promiscuous mode
[  616.230045][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.238665][ T4613] device bridge_slave_1 left promiscuous mode
[  616.244610][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.252168][ T4613] device bridge_slave_0 left promiscuous mode
[  616.289027][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.294382][ T9941] loop4: detected capacity change from 0 to 40427
[  616.306924][ T9938] loop0: detected capacity change from 0 to 40427
[  616.307619][ T4613] device bridge_slave_1 left promiscuous mode
[  616.319278][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.329000][ T4613] device bridge_slave_0 left promiscuous mode
[  616.334968][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.368259][ T9941] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  616.456811][ T4613] device bridge_slave_1 left promiscuous mode
[  616.485881][ T9938] F2FS-fs (loop0): invalid crc value
[  616.620859][ T9941] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  616.631416][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.647454][ T4613] device bridge_slave_0 left promiscuous mode
[  616.653492][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.666385][ T4613] device veth1_macvtap left promiscuous mode
[  616.675498][ T9938] F2FS-fs (loop0): Found nat_bits in checkpoint
[  616.704656][ T4613] device veth0_vlan left promiscuous mode
[  616.736389][ T4613] device veth1_macvtap left promiscuous mode
[  616.742639][ T4613] device veth0_vlan left promiscuous mode
[  616.749827][ T9941] F2FS-fs (loop4): invalid crc value
[  616.755209][ T4613] device veth1_macvtap left promiscuous mode
[  616.761323][ T4613] device veth0_vlan left promiscuous mode
[  616.767793][ T4613] device veth1_macvtap left promiscuous mode
[  616.774620][ T9941] F2FS-fs (loop4): Found nat_bits in checkpoint
[  616.781949][ T4613] device veth0_vlan left promiscuous mode
[  617.454034][ T9966] loop2: detected capacity change from 0 to 512
[  617.907659][ T9966] EXT4-fs (loop2): Test dummy encryption mode enabled
[  617.919849][ T9938] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1
[  617.932645][ T9970] loop1: detected capacity change from 0 to 512
[  617.947973][ T9966] EXT4-fs error (device loop2): __ext4_iget:4892: inode #11: block 1: comm syz.2.2168: invalid block
[  617.948085][ T9938] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  617.959873][ T9966] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.2168: couldn't read orphan inode 11 (err -117)
[  617.980478][ T9966] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  618.033286][ T9941] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  618.042753][ T9941] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  618.152416][ T9976] loop3: detected capacity change from 0 to 256
[  618.493600][ T9970] EXT4-fs (loop1): 1 orphan inode deleted
[  618.501046][ T9970] EXT4-fs (loop1): mounted filesystem without journal. Opts: resgid=0x0000000000000000,discard,noblock_validity,init_itable,stripe=0x000000000000002e,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback.
[  618.537692][ T9970] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038 (0x7fffffff)
[  618.556628][ T9981] loop2: detected capacity change from 0 to 1024
[  618.639003][ T9981] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  618.732533][   T26] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  618.740245][   T42] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  619.433027][   T42] usb 1-1: Using ep0 maxpacket: 8
[  619.447958][ T9868] attempt to access beyond end of device
[  619.447958][ T9868] loop0: rw=524288, want=45072, limit=40427
[  619.464355][ T9868] attempt to access beyond end of device
[  619.464355][ T9868] loop0: rw=0, want=45072, limit=40427
[  619.507240][   T42] usb 1-1: device descriptor read/all, error -71
[  619.561247][   T30] audit: type=1326 audit(1727161774.838:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9989 comm="syz.2.2174" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcc557ceef9 code=0x0
[  619.589429][  T574] attempt to access beyond end of device
[  619.589429][  T574] loop0: rw=2049, want=45112, limit=40427
[  619.847558][   T26] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  619.856883][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.903972][   T26] usb 4-1: Product: syz
[  619.934919][   T26] usb 4-1: Manufacturer: syz
[  619.959883][   T26] usb 4-1: SerialNumber: syz
[  620.053859][   T26] usb 4-1: config 0 descriptor??
[  620.101213][ T9941] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  620.108282][ T9941] IPv6: NLM_F_CREATE should be set when creating new route
[  620.147930][   T26] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[  620.287528][ T9995] loop4: detected capacity change from 0 to 1024
[  620.385311][ T9995] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  620.398959][T10002] loop2: detected capacity change from 0 to 1024
[  620.489048][T10002] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  621.389912][ T1528] usb 4-1: USB disconnect, device number 31
[  621.404934][T10011] loop1: detected capacity change from 0 to 256
[  621.464901][T10014] loop3: detected capacity change from 0 to 1024
[  621.482785][T10015] loop4: detected capacity change from 0 to 1024
[  621.544990][T10015] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  621.599467][T10014] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  621.652219][   T30] audit: type=1400 audit(1727161776.928:1656): avc:  denied  { mounton } for  pid=10013 comm="syz.3.2182" path="/3/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  621.675104][T10014] incfs: Error accessing: ./file1.
[  621.681094][T10016] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.688092][T10014] incfs: mount failed -20
[  621.692302][T10016] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.708274][T10016] device bridge_slave_0 entered promiscuous mode
[  621.715650][   T45] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  622.068150][T10016] bridge0: port 2(bridge_slave_1) entered blocking state
[  622.075047][T10016] bridge0: port 2(bridge_slave_1) entered disabled state
[  622.205881][T10030] 9pnet: Insufficient options for proto=fd
[  622.249752][T10016] device bridge_slave_1 entered promiscuous mode
[  622.493455][   T45] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  622.510989][   T45] EXT4-fs (loop3): This should not happen!! Data will be lost
[  622.510989][   T45] 
[  622.545621][T10033] loop1: detected capacity change from 0 to 256
[  622.550985][   T45] EXT4-fs (loop3): Total free blocks count 0
[  622.558199][   T45] EXT4-fs (loop3): Free/Dirty block details
[  622.568504][   T45] EXT4-fs (loop3): free_blocks=68451041280
[  622.574339][   T45] EXT4-fs (loop3): dirty_blocks=64
[  622.579997][   T45] EXT4-fs (loop3): Block reservation details
[  622.585809][   T45] EXT4-fs (loop3): i_reserved_data_blocks=4
[  622.602072][   T30] audit: type=1326 audit(1727161777.878:1657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.641701][   T30] audit: type=1326 audit(1727161777.908:1658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.665670][   T30] audit: type=1326 audit(1727161777.908:1659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.694467][   T30] audit: type=1326 audit(1727161777.908:1660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.718023][   T30] audit: type=1326 audit(1727161777.908:1661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.858994][   T30] audit: type=1326 audit(1727161777.908:1662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  622.883302][   T30] audit: type=1326 audit(1727161777.908:1663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  623.868382][T10040] futex_wake_op: syz.4.2188 tries to shift op by 32; fix this program
[  623.877232][   T30] audit: type=1326 audit(1727161777.908:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10034 comm="syz.4.2186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9493f7bef9 code=0x7ffc0000
[  624.592465][T10055] loop1: detected capacity change from 0 to 16
[  624.604878][T10053] loop2: detected capacity change from 0 to 1024
[  624.645037][T10058] binder: 10057:10058 ioctl 4018620d 0 returned -22
[  624.652499][T10053] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  624.652901][T10058] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2191'.
[  624.719149][T10058] device syz_tun entered promiscuous mode
[  624.724727][T10058] device macsec1 entered promiscuous mode
[  624.737552][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  624.744702][T10055] erofs: (device loop1): mounted with root inode @ nid 36.
[  624.752310][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  624.881116][T10061] 9pnet: Insufficient options for proto=fd
[  624.893566][   T26] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  624.964296][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  625.040495][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  625.049584][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  625.056416][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  625.070357][  T394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  625.079663][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  625.092217][T10066] loop4: detected capacity change from 0 to 16
[  625.093398][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  625.110497][ T1528] bridge0: port 2(bridge_slave_1) entered blocking state
[  625.117393][ T1528] bridge0: port 2(bridge_slave_1) entered forwarding state
[  625.136622][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  625.141601][T10066] erofs: (device loop4): mounted with root inode @ nid 36.
[  625.144673][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  625.184461][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  625.194630][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  625.217013][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  625.232210][   T26] usb 4-1: Using ep0 maxpacket: 16
[  625.232671][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  625.233132][   T49] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  625.269278][T10016] device veth0_vlan entered promiscuous mode
[  625.284223][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  625.294652][T10068] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  625.317647][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  625.356307][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  625.365799][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  625.387812][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  625.397263][   T26] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  625.413893][   T26] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  625.446277][   T26] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  625.471376][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  625.480020][   T49] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  625.481581][T10016] device veth1_macvtap entered promiscuous mode
[  625.507300][T10070] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  625.509874][   T26] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  625.555911][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  625.565966][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  625.604210][ T1528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  625.636692][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  625.682494][  T293] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  625.939725][   T26] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  625.958181][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.966139][   T26] usb 4-1: Product: syz
[  626.050114][   T26] usb 4-1: Manufacturer: syz
[  626.058050][   T26] usb 4-1: SerialNumber: syz
[  626.068630][T10079] loop3: detected capacity change from 0 to 512
[  626.087248][   T26] usb 4-1: can't set config #1, error -71
[  626.095525][   T26] usb 4-1: USB disconnect, device number 32
[  626.119170][T10079] EXT4-fs (loop3): Ignoring removed bh option
[  626.126584][ T4613] device bridge_slave_1 left promiscuous mode
[  626.145053][ T4613] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.161699][T10079] EXT4-fs error (device loop3): __ext4_iget:4892: inode #15: block 1803188595: comm syz.3.2195: invalid block
[  626.178888][ T4613] device bridge_slave_0 left promiscuous mode
[  626.193182][ T4613] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.205690][T10079] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2195: couldn't read orphan inode 15 (err -117)
[  626.222815][ T4613] device veth1_macvtap left promiscuous mode
[  626.227232][   T60] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  626.233897][ T4613] device veth0_vlan left promiscuous mode
[  626.245984][T10079] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x000000000000ee00,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none.
[  626.286441][T10079] xt_hashlimit: size too large, truncated to 1048576
[  626.488717][   T60] usb 1-1: Using ep0 maxpacket: 8
[  626.598683][T10089] loop4: detected capacity change from 0 to 1024
[  626.655430][T10085] loop2: detected capacity change from 0 to 512
[  626.680194][T10089] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  626.694646][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  626.709196][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  626.716437][T10086] loop1: detected capacity change from 0 to 40427
[  626.725396][T10085] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  626.726916][   T60] usb 1-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00
[  626.742950][T10085] EXT4-fs (loop2): 1 orphan inode deleted
[  626.750001][T10085] EXT4-fs (loop2): 1 truncate cleaned up
[  626.755461][T10085] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,max_dir_size_kb=0x0000000000000004,resgid=0x0000000000000000,nobarrier,init_itable,errors=remount-ro,init_itable=0x0000000000000008,journal_dev=0x000000007ffffffe,auto_da_alloc,. Quota mode: none.
[  626.785904][T10086] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  626.793579][T10086] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  626.802891][T10086] F2FS-fs (loop1): invalid crc value
[  626.811552][   T42] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  626.833692][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.849385][   T60] usb 1-1: config 0 descriptor??
[  626.850099][T10086] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  626.880948][T10086] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  626.887978][T10086] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  626.985472][T10097] 9pnet: Insufficient options for proto=fd
[  627.127281][   T42] usb 4-1: Using ep0 maxpacket: 32
[  627.264306][T10101] loop2: detected capacity change from 0 to 16
[  627.275336][T10101] erofs: (device loop2): mounted with root inode @ nid 36.
[  627.282661][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  627.295288][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  627.306710][   T42] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  627.315895][   T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.387502][   T42] usb 4-1: config 0 descriptor??
[  627.407227][T10082] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  628.153283][   T42] hub 4-1:0.0: USB hub found
[  628.170504][   T49] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  628.192000][T10105] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  628.217956][   T60] usbhid 1-1:0.0: can't add hid device: -71
[  628.226885][   T60] usbhid: probe of 1-1:0.0 failed with error -71
[  628.234271][   T60] usb 1-1: USB disconnect, device number 26
[  628.357223][   T42] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  628.483889][T10110] binder: BINDER_SET_CONTEXT_MGR already set
[  628.489928][T10110] binder: 10107:10110 ioctl 4018620d 20000040 returned -16
[  628.517494][   T42] usbhid 4-1:0.0: can't add hid device: -71
[  628.548966][   T42] usbhid: probe of 4-1:0.0 failed with error -71
[  628.696289][T10112] loop2: detected capacity change from 0 to 512
[  628.710772][T10112] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  628.727575][   T42] usb 4-1: USB disconnect, device number 33
[  628.733581][T10112] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  628.865533][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  628.865551][   T30] audit: type=1326 audit(1727161784.138:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10116 comm="syz.3.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  628.896554][   T30] audit: type=1326 audit(1727161784.138:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10116 comm="syz.3.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.058356][  T487] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  629.160631][   T30] audit: type=1326 audit(1727161784.138:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10116 comm="syz.3.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.184468][   T30] audit: type=1326 audit(1727161784.138:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10116 comm="syz.3.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.220455][   T30] audit: type=1326 audit(1727161784.148:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10116 comm="syz.3.2204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.305040][T10125] loop1: detected capacity change from 0 to 1024
[  629.367935][   T30] audit: type=1326 audit(1727161784.648:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10127 comm="syz.3.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.522537][  T487] usb 1-1: Using ep0 maxpacket: 8
[  629.655672][   T30] audit: type=1326 audit(1727161784.648:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10127 comm="syz.3.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.707495][  T487] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  629.733837][   T30] audit: type=1326 audit(1727161784.648:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10127 comm="syz.3.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.754987][  T487] usb 1-1: config 1 has no interface number 1
[  629.779900][   T30] audit: type=1326 audit(1727161784.648:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10127 comm="syz.3.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  629.804366][T10125] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  629.830235][  T487] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  629.887638][   T30] audit: type=1326 audit(1727161784.648:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10127 comm="syz.3.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4690f4cef9 code=0x7ffc0000
[  631.497532][  T487] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  631.720941][  T487] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.729694][  T487] usb 1-1: Product: syz
[  631.733273][T10146] loop3: detected capacity change from 0 to 1024
[  631.734335][  T487] usb 1-1: Manufacturer: syz
[  631.748971][  T487] usb 1-1: SerialNumber: syz
[  631.767317][  T487] usb 1-1: can't set config #1, error -71
[  631.773664][  T487] usb 1-1: USB disconnect, device number 27
[  631.781057][T10150] loop2: detected capacity change from 0 to 1024
[  631.782817][T10154] loop0: detected capacity change from 0 to 256
[  631.791632][T10152] loop1: detected capacity change from 0 to 128
[  631.936031][T10156] loop4: detected capacity change from 0 to 512
[  631.970888][T10156] EXT4-fs (loop4): Test dummy encryption mode enabled
[  633.071984][T10152] FAT-fs (loop1): Unrecognized mount option "shortnam�e=winnt" or missing value
[  633.095473][T10156] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.2211: invalid block
[  633.106986][T10156] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.2211: couldn't read orphan inode 11 (err -117)
[  633.119649][T10156] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,prjquota,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  633.237067][T10150] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  633.278849][T10146] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  635.325211][T10170] 9pnet: Insufficient options for proto=fd
[  635.354341][T10176] loop0: detected capacity change from 0 to 1024
[  635.493818][T10176] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  635.651388][T10189] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=10189 comm=syz.2.2217
[  637.997254][ T1523] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  638.666264][T10215] loop2: detected capacity change from 0 to 128
[  638.697385][T10202] loop4: detected capacity change from 0 to 40427
[  638.738970][T10202] F2FS-fs (loop4): invalid crc value
[  638.745630][T10202] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  638.757003][ T1523] usb 4-1: device descriptor read/all, error -71
[  638.763533][T10215] FAT-fs (loop2): Unrecognized mount option "shortnam�e=winnt" or missing value
[  638.795538][T10202] F2FS-fs (loop4): Start checkpoint disabled!
[  638.839360][T10202] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  638.850385][   T30] kauditd_printk_skb: 42 callbacks suppressed
[  638.850401][   T30] audit: type=1400 audit(1727161794.128:1728): avc:  denied  { mount } for  pid=10223 comm="syz.1.2228" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  638.886563][   T30] audit: type=1400 audit(1727161794.158:1729): avc:  denied  { unmount } for  pid=10223 comm="syz.1.2228" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  639.403120][T10236] loop0: detected capacity change from 0 to 1024
[  639.412641][   T30] audit: type=1400 audit(1727161794.688:1730): avc:  denied  { watch } for  pid=10201 comm="syz.4.2224" path="/15/bus/control" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  639.419413][T10224] loop1: detected capacity change from 0 to 40427
[  639.449842][   T10] attempt to access beyond end of device
[  639.449842][   T10] loop4: rw=2049, want=40976, limit=40427
[  639.477853][T10224] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  639.485608][T10224] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  639.495516][T10224] F2FS-fs (loop1): invalid crc value
[  639.557833][T10236] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  639.583716][T10236] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  639.598957][T10224] F2FS-fs (loop1): Found nat_bits in checkpoint
[  639.604027][T10236] EXT4-fs error (device loop0): ext4_get_journal_inode:5150: inode #5: comm syz.0.2231: unexpected bad inode w/o EXT4_IGET_BAD
[  639.631181][T10236] EXT4-fs (loop0): no journal found
[  639.636343][T10236] EXT4-fs (loop0): can't get journal size
[  639.677888][T10236] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,nolazytime,abort,,errors=continue. Quota mode: writeback.
[  639.730994][T10224] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  639.738693][T10224] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  639.875075][T10252] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=10252 comm=syz.3.2233
[  641.057770][   T30] audit: type=1400 audit(1727161796.338:1731): avc:  denied  { mounton } for  pid=10257 comm="syz.4.2235" path="/17/file0" dev="fuse" ino=137438953472 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  641.089215][T10258] 9pnet: Insufficient options for proto=fd
[  641.562177][T10266] loop4: detected capacity change from 0 to 40427
[  641.589033][T10266] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  641.617734][T10266] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  641.681320][T10266] F2FS-fs (loop4): Found nat_bits in checkpoint
[  641.805411][T10266] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  641.815756][T10266] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  641.844528][   T30] audit: type=1326 audit(1727161797.118:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  641.961487][   T30] audit: type=1326 audit(1727161797.118:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  642.016261][   T30] audit: type=1326 audit(1727161797.148:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  642.077201][   T30] audit: type=1326 audit(1727161797.148:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  642.095381][T10244] loop2: detected capacity change from 0 to 131072
[  642.117164][   T60] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  642.131323][T10244] F2FS-fs (loop2): Segment count (31) mismatch with total segments from devices (0)
[  642.132358][   T30] audit: type=1326 audit(1727161797.148:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  642.140731][T10244] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  642.172319][   T30] audit: type=1326 audit(1727161797.148:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10276 comm="syz.0.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2814ba3ef9 code=0x7ffc0000
[  642.267250][T10244] F2FS-fs (loop2): invalid crc value
[  642.286849][T10244] F2FS-fs (loop2): Found nat_bits in checkpoint
[  642.602688][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.602742][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.610826][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.618582][T10244] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  642.626447][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.632865][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.640235][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.647660][ T9872] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  642.647740][T10244] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  642.737281][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  642.755098][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  642.773059][   T60] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  642.792205][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.812632][   T60] usb 2-1: config 0 descriptor??
[  642.915926][T10294] loop4: detected capacity change from 0 to 256
[  643.096362][T10301] loop3: detected capacity change from 0 to 16
[  643.253735][T10302] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=10302 comm=syz.2.2245
[  643.443952][T10301] erofs: Unknown parameter '����t�5�;�
�}	�7_c��������N�����"L������a�m)p�������'6~�'
[  643.734632][T10311] loop3: detected capacity change from 0 to 16
[  643.792666][T10311] erofs: (device loop3): mounted with root inode @ nid 36.
[  643.809666][   T60] lg-g15 0003:046D:C222.001A: unknown main item tag 0x0
[  643.827821][T10292] loop0: detected capacity change from 0 to 131072
[  643.835375][   T60] lg-g15 0003:046D:C222.001A: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.1-1/input0
[  643.866519][T10313] loop4: detected capacity change from 0 to 16
[  643.886692][T10292] F2FS-fs (loop0): Segment count (31) mismatch with total segments from devices (0)
[  643.896194][T10292] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  643.905702][T10292] F2FS-fs (loop0): invalid crc value
[  643.916198][T10292] F2FS-fs (loop0): Found nat_bits in checkpoint
[  643.956024][T10292] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  644.032989][T10324] overlayfs: missing 'lowerdir'
[  644.056468][T10292] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  644.070314][T10313] erofs: (device loop4): mounted with root inode @ nid 36.
[  644.548458][ T1523] usb 2-1: USB disconnect, device number 41
[  644.690397][   T48] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  644.711604][T10326] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  644.888210][T10332] loop2: detected capacity change from 0 to 1024
[  644.968290][T10332] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  645.813782][T10329] loop3: detected capacity change from 0 to 40427
[  645.888852][T10329] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  645.957324][T10329] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  646.021228][T10354] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=10354 comm=syz.2.2260
[  646.098109][T10329] F2FS-fs (loop3): invalid crc value
[  646.249711][T10329] F2FS-fs (loop3): Found nat_bits in checkpoint
[  646.324986][T10346] loop1: detected capacity change from 0 to 40427
[  646.401529][T10329] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  646.410080][T10365] loop0: detected capacity change from 0 to 256
[  646.410688][T10329] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  646.434758][T10346] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  646.442834][T10346] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  646.452443][T10346] F2FS-fs (loop1): invalid crc_offset: 12
[  646.458179][T10346] F2FS-fs (loop1): Failed to get valid F2FS checkpoint
[  646.667287][   T60] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  646.873370][T10346] loop1: detected capacity change from 0 to 512
[  646.890004][T10372] loop2: detected capacity change from 0 to 1024
[  646.909882][T10372] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  646.921169][T10346] EXT4-fs (loop1): Ignoring removed nobh option
[  646.929163][T10346] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  646.940469][T10346] EXT4-fs (loop1): 1 truncate cleaned up
[  646.946041][T10346] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nobh,data_err=ignore,nolazytime,nodiscard,acl,,errors=continue. Quota mode: none.
[  647.314467][   T60] usb 5-1: Using ep0 maxpacket: 8
[  647.437387][   T60] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  647.458348][   T60] usb 5-1: New USB device found, idVendor=05a9, idProduct=2640, bcdDevice=55.12
[  647.516995][T10380] loop0: detected capacity change from 0 to 16
[  647.526469][T10380] erofs: (device loop0): mounted with root inode @ nid 36.
[  647.593977][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.617023][   T60] usb 5-1: config 0 descriptor??
[  647.650804][T10382] loop3: detected capacity change from 0 to 16
[  647.712999][T10386] overlayfs: missing 'lowerdir'
[  648.818056][T10382] erofs: (device loop3): mounted with root inode @ nid 36.
[  648.892088][T10392] loop1: detected capacity change from 0 to 1024
[  648.919135][T10395] loop0: detected capacity change from 0 to 512
[  648.943660][T10392] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  648.960880][   T48] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  648.981887][T10393] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  649.042475][T10395] EXT4-fs (loop0): 1 orphan inode deleted
[  649.050879][T10395] EXT4-fs (loop0): mounted filesystem without journal. Opts: acl,,errors=continue. Quota mode: writeback.
[  649.068106][T10403] loop2: detected capacity change from 0 to 512
[  649.074381][T10395] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038 (0x7fffffff)
[  649.476702][T10403] EXT4-fs (loop2): 1 orphan inode deleted
[  649.485068][T10403] EXT4-fs (loop2): mounted filesystem without journal. Opts: acl,,errors=continue. Quota mode: writeback.
[  649.496390][T10403] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038 (0x7fffffff)
[  649.587866][T10416] device syzkaller0 entered promiscuous mode
[  649.607912][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  649.607929][   T30] audit: type=1400 audit(1727161804.878:1741): avc:  denied  { create } for  pid=10415 comm="syz.0.2276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  649.707834][T10417] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=10417 comm=syz.3.2274
[  649.867888][T10420] loop2: detected capacity change from 0 to 16
[  649.894179][T10420] erofs: (device loop2): mounted with root inode @ nid 36.
[  649.971039][   T30] audit: type=1400 audit(1727161805.178:1742): avc:  granted  { setsecparam } for  pid=10411 comm="syz.2.2275" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  650.071656][  T292] usb 5-1: USB disconnect, device number 29
[  650.097838][T10424] loop4: detected capacity change from 0 to 1024
[  650.112822][T10428] loop1: detected capacity change from 0 to 16
[  650.120956][T10428] erofs: (device loop1): mounted with root inode @ nid 36.
[  650.160924][T10424] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  650.192626][T10424] incfs: Error accessing: ./file1.
[  650.197712][T10424] incfs: mount failed -20
[  650.307777][T10434] overlayfs: missing 'lowerdir'
[  650.697753][T10439] loop3: detected capacity change from 0 to 16
[  650.709352][T10439] erofs: (device loop3): mounted with root inode @ nid 36.
[  650.845668][   T48] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  650.867061][T10446] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  651.107800][T10455] FAULT_INJECTION: forcing a failure.
[  651.107800][T10455] name failslab, interval 1, probability 0, space 0, times 0
[  651.120335][T10455] CPU: 1 PID: 10455 Comm: syz.4.2285 Not tainted 5.15.161-syzkaller-00425-gb92c0d35d015 #0
[  651.130080][T10455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  651.139972][T10455] Call Trace:
[  651.143094][T10455]  <TASK>
[  651.145874][T10455]  dump_stack_lvl+0x151/0x1c0
[  651.150389][T10455]  ? io_uring_drop_tctx_refs+0x190/0x190
[  651.155853][T10455]  dump_stack+0x15/0x20
[  651.159846][T10455]  should_fail+0x3c6/0x510
[  651.164098][T10455]  __should_failslab+0xa4/0xe0
[  651.168696][T10455]  ? getname_flags+0xba/0x520
[  651.173214][T10455]  should_failslab+0x9/0x20
[  651.177550][T10455]  slab_pre_alloc_hook+0x37/0xd0
[  651.182324][T10455]  ? getname_flags+0xba/0x520
[  651.186834][T10455]  kmem_cache_alloc+0x44/0x200
[  651.191436][T10455]  ? fpu_flush_thread+0xf0/0xf0
[  651.196126][T10455]  getname_flags+0xba/0x520
[  651.200472][T10455]  __x64_sys_mkdirat+0x7c/0xa0
[  651.205064][T10455]  x64_sys_call+0x6c6/0x9a0
[  651.209400][T10455]  do_syscall_64+0x3b/0xb0
[  651.213653][T10455]  ? clear_bhb_loop+0x35/0x90
[  651.218172][T10455]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  651.223897][T10455] RIP: 0033:0x7f9493f7bef9
[  651.228151][T10455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  651.247588][T10455] RSP: 002b:00007f9492bb3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  651.255837][T10455] RAX: ffffffffffffffda RBX: 00007f9494134130 RCX: 00007f9493f7bef9
[  651.263653][T10455] RDX: 00000000000001ff RSI: 0000000020000000 RDI: ffffffffffffff9c
[  651.271471][T10455] RBP: 00007f9492bb3090 R08: 0000000000000000 R09: 0000000000000000
[  651.279271][T10455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  651.287080][T10455] R13: 0000000000000000 R14: 00007f9494134130 R15: 00007fff2560adf8
[  651.294895][T10455]  </TASK>
[  652.022943][T10463] loop1: detected capacity change from 0 to 1024
[  652.046182][T10467] loop0: detected capacity change from 0 to 256
[  652.307262][   T30] audit: type=1400 audit(1727161807.548:1743): avc:  denied  { setopt } for  pid=10472 comm="syz.2.2294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  652.330067][T10478] bridge0: port 2(bridge_slave_1) entered disabled state
[  652.337274][T10478] bridge0: port 1(bridge_slave_0) entered disabled state
[  652.566710][T10463] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  652.669984][T10463] incfs: Error accessing: ./file1.
[  652.691693][T10463] incfs: mount failed -20
[  652.785018][   T30] audit: type=1107 audit(1727161807.608:1744): pid=10466 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='
'
[  652.810974][   T10] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  652.826411][   T10] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  652.839625][   T10] EXT4-fs (loop1): This should not happen!! Data will be lost
[  652.839625][   T10] 
[  652.849165][   T10] EXT4-fs (loop1): Total free blocks count 0
[  652.854972][   T10] EXT4-fs (loop1): Free/Dirty block details
[  652.860730][   T10] EXT4-fs (loop1): free_blocks=68451041280
[  652.867275][   T10] EXT4-fs (loop1): dirty_blocks=64
[  652.872282][   T10] EXT4-fs (loop1): Block reservation details
[  652.890259][   T10] EXT4-fs (loop1): i_reserved_data_blocks=4
[  653.043428][T10499] loop4: detected capacity change from 0 to 16
[  653.050921][T10496] loop0: detected capacity change from 0 to 16
[  653.076077][   T30] audit: type=1400 audit(1727161808.348:1745): avc:  denied  { ioctl } for  pid=10502 comm="syz.1.2302" path="socket:[49812]" dev="sockfs" ino=49812 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  653.210828][T10499] erofs: (device loop4): mounted with root inode @ nid 36.
[  653.271728][T10496] erofs: (device loop0): mounted with root inode @ nid 36.
[  653.490274][   T48] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  653.511891][T10506] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  653.626271][T10508] overlayfs: missing 'workdir'
[  654.501428][T10531] loop1: detected capacity change from 0 to 1024
[  654.513647][T10533] loop4: detected capacity change from 0 to 256
[  654.627437][   T30] audit: type=1400 audit(1727161809.858:1746): avc:  denied  { write } for  pid=10523 comm="syz.0.2307" name="task" dev="proc" ino=48662 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  654.666445][T10536] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2306'.
[  654.710771][   T30] audit: type=1400 audit(1727161809.858:1747): avc:  denied  { add_name } for  pid=10523 comm="syz.0.2307" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  654.740201][   T30] audit: type=1400 audit(1727161809.858:1748): avc:  denied  { create } for  pid=10523 comm="syz.0.2307" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  654.752905][T10531] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  654.795814][   T30] audit: type=1400 audit(1727161809.858:1749): avc:  denied  { associate } for  pid=10523 comm="syz.0.2307" name="file0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  655.500654][   T30] audit: type=1107 audit(1727161810.188:1750): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='
'
[  655.520471][T10541] incfs: Error accessing: ./file1.
[  655.530795][T10541] incfs: mount failed -20
[  655.602199][T10546] loop4: detected capacity change from 0 to 256
[  655.613156][   T45] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
SYZFAIL: bad allocate request
allocated=0 size=18446744071994143502/18446744071994143504 (errno 11: Resource temporarily unavailable)
[  655.639667][   T30] audit: type=1400 audit(1727161810.918:1751): avc:  denied  { write } for  pid=277 comm="syz-executor" path="pipe:[394]" dev="pipefs" ino=394 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  655.663981][   T45] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  655.676191][   T45] EXT4-fs (loop1): This should not happen!! Data will be lost
[  655.676191][   T45] 
[  655.719648][   T45] EXT4-fs (loop1): Total free blocks count 0
[  655.725465][   T45] EXT4-fs (loop1): Free/Dirty block details
[  655.731608][   T45] EXT4-fs (loop1): free_blocks=68451041280
[  655.745263][   T45] EXT4-fs (loop1): dirty_blocks=64
[  655.750265][T10546] exFAT-fs (loop4): failed to read boot sector
[  655.759917][T10546] exFAT-fs (loop4): failed to recognize exfat type
[  655.766359][   T45] EXT4-fs (loop1): Block reservation details
[  655.772089][   T45] EXT4-fs (loop1): i_reserved_data_blocks=4
[  656.508006][   T10] device bridge_slave_1 left promiscuous mode
[  656.513945][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  656.521377][   T10] device bridge_slave_0 left promiscuous mode
[  656.527395][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  656.535151][   T10] device veth1_macvtap left promiscuous mode
[  656.541166][   T10] device veth0_vlan left promiscuous mode
[  657.868716][   T10] device bridge_slave_1 left promiscuous mode
[  657.874652][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.882001][   T10] device bridge_slave_0 left promiscuous mode
[  657.888100][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.895647][   T10] device bridge_slave_1 left promiscuous mode
[  657.901611][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.908825][   T10] device bridge_slave_0 left promiscuous mode
[  657.914734][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.922519][   T10] device bridge_slave_1 left promiscuous mode
[  657.928486][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.935875][   T10] device bridge_slave_0 left promiscuous mode
[  657.941925][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.949948][   T10] device bridge_slave_1 left promiscuous mode
[  657.955858][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.963298][   T10] device bridge_slave_0 left promiscuous mode
[  657.969342][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.977807][   T10] device veth1_macvtap left promiscuous mode
[  657.983617][   T10] device veth0_vlan left promiscuous mode
[  657.989386][   T10] device veth1_macvtap left promiscuous mode
[  657.995200][   T10] device veth0_vlan left promiscuous mode
[  658.000958][   T10] device veth1_macvtap left promiscuous mode
[  658.006768][   T10] device veth0_vlan left promiscuous mode
[  658.012575][   T10] device veth1_macvtap left promiscuous mode
[  658.018436][   T10] device veth0_vlan left promiscuous mode