last executing test programs:

29.609548963s ago: executing program 3 (id=83):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

29.527510515s ago: executing program 3 (id=84):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
inotify_rm_watch(0xffffffffffffffff, 0x0)

29.486680025s ago: executing program 3 (id=85):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x30}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000000000000500200"])

29.344229757s ago: executing program 3 (id=87):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')

29.291223218s ago: executing program 3 (id=88):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
capget(0x0, 0x0)

29.223763859s ago: executing program 3 (id=91):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

29.11924984s ago: executing program 32 (id=91):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

14.151951531s ago: executing program 4 (id=579):
r0 = socket$inet(0x2, 0x3, 0x100)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x3c)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000980)="0d37b9", 0x3}], 0x1, &(0x7f0000000b40)=[@ip_tos_u8={{0x11}}], 0x18}}], 0x1, 0x4c854)

14.129574272s ago: executing program 4 (id=580):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xf8)
lseek(r1, 0x3, 0x0)
getdents64(r1, 0x0, 0x22)

14.087102002s ago: executing program 4 (id=582):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

14.053748613s ago: executing program 4 (id=584):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000640)='./file2\x00', 0x10050, &(0x7f00000000c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7}}]}, 0x3, 0x51e, &(0x7f0000000680)="$eJzs3dFrJHcdAPDvTLLX5C41qfqgBWuxlUvV2ySN1wYfqoLoU0Gt+HrGZBNCNtkj2bSXUGyKf4AgogVf9MkXwT9AkL74LkJB30VFkXrVB4X2RmZ29u6y2U1yuJuB5POBX3Z+M7Pz/f427G9/v51hJ4BL6+mImI2IsYh4LiKmy/VpWeKwU/L93rv7+kpeksiyV95NIinXdY/1WPl4rXzaRER882sR302Ox93dP9hcbjYbO2V9rr2VvJ9lBzc2tpbXG+uN7cXFhReWXly6uTQ/lHbORMRLX/nrj3/wi6++9JvPvfanW3+f/V6e1n+z7I3oaccwdZpeK16LrvGI2BlFsIqMFy3suFlxLgAAnCwf7384Ij5VjP+nY6wYzQEAAAAXSfbFqXg/icgAAACACyuNiKlI0np5ve9UpGm93rmG96NxNW22dtufXWvtba/m2yJmopaubTQb8+W1AzNRS/L6QnmNbbf+fE99MSKeiIgfTU8W9fpKq7la9ZcfAAAAcElc65n//3u6M/8vHFacHAAAADA8M1UnAAAAAIyc+T8AAABcfOb/AAAAcKF9/eWX85J173+9+ur+3mbr1Rurjd3N+tbeSn2ltXO7vt5qrRe/2bd12vGardbtz8f23p25dmO3Pbe7f3Brq7W33b61ceQW2AAAAMA5euKTb/8xiYjDL0wWJXel3FaLyMYe3nm8igyBUUkfZee/jC4P4Pw9/Pk+WWEewPkzpIfLq1Z1AkDlklO2D7x453fDzwUAABiN6x8ffP7/3bVKUwNGrDz/n5w2/wcunrGqEwAq0zn/dy/rqDob4DzVThoBmBTAhZcO5/z/KZcSJjoUAACo2FRRkrRezgOmIk3r9YjHi9sC1JK1jWZjPiI+FBF/mK49ltcXimcmRvMAAAAAAAAAAAAAAAAAAAAAAAAAcEZZlkQGAAAAXGgR6d+6d+a6Pv3sVO/3A1eS/0wXjxHx2k9f+cmd5XZ7ZyFf/8/769tvleufr+IbDAAAAKBXd57enccDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDC9d/f1lW45z7j/+HJEzPSLPx4TxeNE1CLi6r+SGH/oeUlEjA0h/uGbEfGxfvGTPK2YKbM4Ev9KRBoRk8OK3/f1PyF+dOJfG0J8uMzezvufL/V7/6XxdPHY//03Xpb/1+D+L73f/40N6P8eH3TQ2tHqk+/8am5g/Dcjnhzv3/904yf58frEf+aMbfzOtw4OBm3Lfh5xvV//lxyNNdfeuj23u39wY2Nreb2x3theXFx4YenFpZtL83NrG81G+bdvjB9+4tf3HtQ+ONb+qyf0v0X7B7z+z56x/R+8c+fuRzqLPf+ZqMXPsmz2mf7//8JnjsfvfvZ9utwrr+evYfrWt/vGf+qXv39qUG55+1cHtH/ilPbPnrH9z33j+38+464AwDnY3T/YXG42GzsWLDzCQj7urDyNJJI4vmm5+sQ6C2+U77HlZvfdNqQj/7acHI0y+Yr6IwAAYHQeDPp7tyTVJAQAAAAAAAAAAAAAAAAAAACX0Kk/AzZoUxoRZ/w5sd6Yh9U0FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgRP8LAAD//0mN1e4=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x265, 0x2)

13.802766606s ago: executing program 4 (id=585):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x1, @desc1})
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000040))

13.672331988s ago: executing program 4 (id=586):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

13.645004899s ago: executing program 33 (id=586):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

2.04418499s ago: executing program 0 (id=1043):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
close(0x3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
unshare(0x60600)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x0, 0x3}, &(0x7f0000000240)={0x1f, 0x0, 0x10001, 0x0, 0x5, 0x0, 0x5, 0x2000000000}, 0x0, 0x0, 0x0)

1.982571311s ago: executing program 0 (id=1047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)

1.964633101s ago: executing program 0 (id=1049):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioctl$USBDEVFS_REAPURB(r0, 0x4004550c, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000400)=@urb_type_control={0x2, {}, 0x0, 0x40, &(0x7f0000000000)={0x40, 0x14, 0x8, 0x4cba}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20200, 0x0})

1.854908552s ago: executing program 0 (id=1058):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x0, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x435}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x74, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x28, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xa, 0xfffffffa}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5, 0xc19}}]}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8}]}, 0x74}}, 0x8000)

1.789321944s ago: executing program 0 (id=1060):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r1)

1.768681874s ago: executing program 0 (id=1063):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448cc, &(0x7f0000000040))

679.05554ms ago: executing program 5 (id=1105):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
mkdir(0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

637.04012ms ago: executing program 5 (id=1107):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x3, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x84}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xd, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x20)

609.800591ms ago: executing program 5 (id=1111):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5800000010001fff000000000007000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000300012800b000100697036746e6c0000200002801400020000000000000000000000ffffac1414bb050004000500000008000a00", @ANYRES32], 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

499.190183ms ago: executing program 5 (id=1119):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1, 0x0, 0x0, @void, @value}, 0x20)

474.664273ms ago: executing program 2 (id=1122):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='freezer.state\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000240)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r1, 0x28, 0x8, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)

452.840913ms ago: executing program 2 (id=1123):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0xfc, 0xfffff038}, {0x80000006, 0x0, 0x0, 0xfffffffd}]}, 0x10)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

418.864424ms ago: executing program 6 (id=1126):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000a80)={0x1, 0x2}, 0x4)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000800)={0x0, 0x3}, 0x4)

369.695154ms ago: executing program 6 (id=1127):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
close(r1)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x1fffa2}], 0x1)

347.195965ms ago: executing program 5 (id=1128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
clock_getres(0x0, 0x0)

312.439135ms ago: executing program 6 (id=1131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})

298.308896ms ago: executing program 5 (id=1132):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = signalfd(0xffffffffffffffff, &(0x7f0000000180), 0x8)
ppoll(&(0x7f0000000080)=[{r1, 0x80}], 0x1, 0x0, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

266.440306ms ago: executing program 1 (id=1133):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)

265.939386ms ago: executing program 6 (id=1134):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x4000, 0x0, 0x0, 0xeffffdff, 0x0, [{0x9, 0x0, 0xff, '\x00', 0xf7}, {0x0, 0xa, 0x0, '\x00', 0x7e}, {0xfc, 0x12, 0x4, '\x00', 0xbb}, {0x11, 0xb, 0x0, '\x00', 0xfe}, {}, {0x0, 0x0, 0x4, '\x00', 0x2}, {0xfd, 0x0, 0x6}, {}, {0x0, 0x8f, 0xf7, '\x00', 0xa}, {0xa8, 0x6, 0x0, '\x00', 0x1}, {0xb}, {0x5, 0x99, 0x2, '\x00', 0xff}, {0x0, 0x1, 0x5, '\x00', 0x3}, {0x2, 0x0, 0x8, '\x00', 0x3}, {0xc3, 0xfd, 0x0, '\x00', 0x2}, {0x0, 0x21, 0x88, '\x00', 0x5}, {0x3}, {0x0, 0x2, 0x6, '\x00', 0x10}, {0xb, 0x9, 0x3}, {0x1, 0xbb}, {0x0, 0x4, 0x0, '\x00', 0x37}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x0, 0x6, 0x9}, {0x80, 0xff, 0x3}]}})

244.419056ms ago: executing program 1 (id=1135):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="a1ab000000000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)

172.427947ms ago: executing program 1 (id=1136):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)

145.340788ms ago: executing program 2 (id=1137):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback, 0x3}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000040)=0xff7ffd02, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7fbf, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

132.545668ms ago: executing program 1 (id=1138):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000440)='kfree\x00', r0}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0)

109.319188ms ago: executing program 2 (id=1139):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000e8000000000040d900008500000023000000850000000f00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
tgkill(r1, r1, 0x12)

93.680198ms ago: executing program 1 (id=1140):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2, <r3=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f00000000c0)=r0}, 0x20)
shutdown(r0, 0x0)

86.152099ms ago: executing program 6 (id=1141):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000040), &(0x7f0000000080)=r1}, 0x20)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1}, 0x57)

7.0949ms ago: executing program 2 (id=1142):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000072"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2d, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))

6.90212ms ago: executing program 6 (id=1143):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newlink={0x4c, 0x10, 0x403, 0x70b528, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0xa1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)

6.61017ms ago: executing program 2 (id=1144):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000500)=""/4096, 0x3000}], 0x1}, 0x7}], 0x1, 0x100, 0x0)
sendmsg$NFT_MSG_GETGEN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x14, 0x10, 0xa, 0xd01, 0x0, 0x0, {0x5, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000080)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

0s ago: executing program 1 (id=1145):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000800000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="00000000000000000052ae008e53ad56a4e85700", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000004"], 0x50)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.177' (ED25519) to the list of known hosts.
[   19.503298][   T28] audit: type=1400 audit(1742772129.738:66): avc:  denied  { mounton } for  pid=265 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   19.504643][  T265] cgroup: Unknown subsys name 'net'
[   19.507841][   T28] audit: type=1400 audit(1742772129.738:67): avc:  denied  { mount } for  pid=265 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.512576][   T28] audit: type=1400 audit(1742772129.748:68): avc:  denied  { unmount } for  pid=265 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.512795][  T265] cgroup: Unknown subsys name 'devices'
[   19.640311][  T265] cgroup: Unknown subsys name 'hugetlb'
[   19.645733][  T265] cgroup: Unknown subsys name 'rlimit'
[   19.781064][   T28] audit: type=1400 audit(1742772130.018:69): avc:  denied  { setattr } for  pid=265 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   19.804780][   T28] audit: type=1400 audit(1742772130.018:70): avc:  denied  { mounton } for  pid=265 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   19.829683][  T282] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   19.829770][   T28] audit: type=1400 audit(1742772130.018:71): avc:  denied  { mount } for  pid=265 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   19.861181][   T28] audit: type=1400 audit(1742772130.078:72): avc:  denied  { relabelto } for  pid=282 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.880408][  T265] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   19.886852][   T28] audit: type=1400 audit(1742772130.078:73): avc:  denied  { write } for  pid=282 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.920545][   T28] audit: type=1400 audit(1742772130.118:74): avc:  denied  { read } for  pid=265 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   19.945868][   T28] audit: type=1400 audit(1742772130.118:75): avc:  denied  { open } for  pid=265 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.520201][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.527061][  T291] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.534508][  T291] device bridge_slave_0 entered promiscuous mode
[   20.542581][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.549595][  T291] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.556799][  T291] device bridge_slave_1 entered promiscuous mode
[   20.593641][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.600520][  T292] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.607842][  T292] device bridge_slave_0 entered promiscuous mode
[   20.622956][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.629841][  T292] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.637112][  T292] device bridge_slave_1 entered promiscuous mode
[   20.708204][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.715061][  T289] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.722452][  T289] device bridge_slave_0 entered promiscuous mode
[   20.729342][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.736185][  T290] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.743554][  T290] device bridge_slave_0 entered promiscuous mode
[   20.753022][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.759960][  T290] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.767188][  T290] device bridge_slave_1 entered promiscuous mode
[   20.777757][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.784680][  T289] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.791974][  T289] device bridge_slave_1 entered promiscuous mode
[   20.874901][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.881836][  T293] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.889223][  T293] device bridge_slave_0 entered promiscuous mode
[   20.907596][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.914488][  T293] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.921877][  T293] device bridge_slave_1 entered promiscuous mode
[   21.023227][  T291] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.030104][  T291] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.037178][  T291] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.044001][  T291] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.093575][  T290] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.100454][  T290] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.107529][  T290] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.114343][  T290] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.124266][  T292] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.131139][  T292] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.138242][  T292] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.145005][  T292] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.179487][  T289] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.186355][  T289] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.193603][  T289] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.200463][  T289] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.222452][  T293] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.229334][  T293] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.236401][  T293] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.243233][  T293] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.251717][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.260225][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.268994][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.276125][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.283629][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.290986][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.298155][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.305349][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.312815][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.319895][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.327315][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.334726][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.362490][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.370253][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.377621][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.385741][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.392609][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.402238][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.410368][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.417213][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.433507][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.441779][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.448650][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.455845][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.464045][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.472313][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.479199][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.508767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.516673][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.524764][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.532767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.541167][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.578847][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.587116][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.595495][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.603075][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.610648][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   21.619136][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.627084][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.634041][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.641512][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   21.649761][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.657811][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.664674][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.671911][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.679852][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.687614][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.695610][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.703628][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.711038][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.718410][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   21.726561][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.734977][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.741871][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.749172][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   21.757342][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.765439][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.772286][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.784045][  T291] device veth0_vlan entered promiscuous mode
[   21.808666][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.816450][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.824499][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.833509][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.841982][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.850045][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.857977][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.865842][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.873913][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.881881][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.889663][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.898025][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.906327][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.913826][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.928225][  T291] device veth1_macvtap entered promiscuous mode
[   21.940447][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.948858][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.956926][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.964806][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.973156][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.981565][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.989832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.002920][  T292] device veth0_vlan entered promiscuous mode
[   22.013303][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.021294][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.029519][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.037597][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.046159][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.054187][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.062339][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.069772][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.077010][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.084599][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.095652][  T290] device veth0_vlan entered promiscuous mode
[   22.103778][  T289] device veth0_vlan entered promiscuous mode
[   22.110341][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.118303][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.136288][  T291] request_module fs-gadgetfs succeeded, but still no fs?
[   22.143983][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.152624][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.160042][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.176111][  T292] device veth1_macvtap entered promiscuous mode
[   22.186063][  T290] device veth1_macvtap entered promiscuous mode
[   22.193388][  T289] device veth1_macvtap entered promiscuous mode
[   22.200631][  T293] device veth0_vlan entered promiscuous mode
[   22.210555][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.219232][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.232744][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.248237][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.255621][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.263578][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.277155][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.299839][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.308266][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.316468][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.324913][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.348949][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.357348][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.365807][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.374196][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.382562][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.391267][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.399932][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.408433][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.420506][  T197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.446589][  T293] device veth1_macvtap entered promiscuous mode
[   22.470450][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.480763][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.500183][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.529736][  T331] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   22.759763][  T368] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   22.763721][  T368] آ: renamed from pim6reg1
[   22.856218][    T6] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   22.876952][  T371] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   22.980302][  T380] incfs: Options parsing error. -22
[   22.985410][  T380] incfs: mount failed -22
[   23.041255][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   23.062950][    T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   23.080938][    T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   23.090872][    T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   23.099820][    T6] usb 3-1: config 0 descriptor??
[   23.140933][  T395] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   23.329354][  T410] loop3: detected capacity change from 0 to 40427
[   23.338703][  T410] F2FS-fs (loop3): fault_injection options not supported
[   23.346673][  T410] F2FS-fs (loop3): invalid crc value
[   23.389934][  T410] F2FS-fs (loop3): Found nat_bits in checkpoint
[   23.445789][  T410] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   23.507726][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   23.514495][    T6] pyra 0003:1E7D:2CF6.0001: unknown global tag 0xc
[   23.528306][    T6] pyra 0003:1E7D:2CF6.0001: item 0 0 1 12 parsing failed
[   23.544577][  T290] syz-executor: attempt to access beyond end of device
[   23.544577][  T290] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   23.552595][    T6] pyra 0003:1E7D:2CF6.0001: parse failed
[   23.571096][    T6] pyra: probe of 0003:1E7D:2CF6.0001 failed with error -22
[   23.704896][  T427] syz.3.49[427] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   23.704984][  T427] syz.3.49[427] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   23.708856][   T24] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[   23.735959][    T6] usb 3-1: USB disconnect, device number 2
[   23.765784][   T24] usb 1-1: config 0 has no interface number 0
[   23.791497][   T24] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   23.817722][   T24] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   23.827351][   T24] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18
[   23.841415][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   23.858128][   T24] usb 1-1: config 0 descriptor??
[   23.954972][  T442] loop3: detected capacity change from 0 to 512
[   24.032304][  T442] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   24.047276][  T442] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   24.070313][  T442] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.56: corrupted inode contents
[   24.083218][  T442] EXT4-fs error (device loop3): ext4_dirty_inode:6091: inode #2: comm syz.3.56: mark_inode_dirty error
[   24.095286][  T442] EXT4-fs error (device loop3): ext4_do_update_inode:5226: inode #2: comm syz.3.56: corrupted inode contents
[   24.109582][  T442] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.56: mark_inode_dirty error
[   24.126550][  T452] EXT4-fs warning (device loop3): ext4_empty_dir:3147: inode #18: comm syz.3.56: directory missing '.'
[   24.158590][  T290] EXT4-fs (loop3): unmounting filesystem.
[   24.206194][  T457] loop3: detected capacity change from 0 to 512
[   24.223130][  T457] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   24.236636][  T457] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   24.277871][  T457] EXT4-fs (loop3): orphan cleanup on readonly fs
[   24.294249][  T457] EXT4-fs (loop3): 1 truncate cleaned up
[   24.298524][   T24] input: HID 04d9:a055 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:04D9:A055.0002/input/input4
[   24.300035][  T457] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   24.319729][  T322] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   24.344770][  T290] EXT4-fs (loop3): unmounting filesystem.
[   24.421909][   T24] holtek_kbd 0003:04D9:A055.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.0-1/input1
[   24.498047][  T322] usb 2-1: Using ep0 maxpacket: 16
[   24.504137][  T322] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   24.513800][    T6] usb 1-1: USB disconnect, device number 2
[   24.525116][  T322] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   24.545094][  T322] usb 2-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[   24.571491][  T322] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   24.587162][   T28] kauditd_printk_skb: 75 callbacks suppressed
[   24.587178][   T28] audit: type=1400 audit(1742772134.818:151): avc:  denied  { create } for  pid=474 comm="syz.2.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   24.619732][  T322] usb 2-1: config 0 descriptor??
[   24.675542][   T28] audit: type=1400 audit(1742772134.908:152): avc:  denied  { setopt } for  pid=478 comm="syz.2.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   24.734302][   T28] audit: type=1400 audit(1742772134.918:153): avc:  denied  { write } for  pid=478 comm="syz.2.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   24.890571][   T28] audit: type=1400 audit(1742772135.128:154): avc:  denied  { compute_member } for  pid=487 comm="syz.2.72" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   24.941466][   T28] audit: type=1400 audit(1742772135.178:155): avc:  denied  { mounton } for  pid=489 comm="syz.2.73" path="/11/file0" dev="tmpfs" ino=73 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   24.983780][  T477] loop3: detected capacity change from 0 to 40427
[   24.999506][  T477] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   25.014796][  T477] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   25.028417][  T322] hid-picolcd 0003:04D8:F002.0003: collection stack underflow
[   25.030098][   T28] audit: type=1400 audit(1742772135.268:156): avc:  denied  { create } for  pid=493 comm="syz.2.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   25.046017][  T322] hid-picolcd 0003:04D8:F002.0003: item 0 4 0 12 parsing failed
[   25.058437][   T28] audit: type=1400 audit(1742772135.288:157): avc:  denied  { connect } for  pid=493 comm="syz.2.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   25.089982][  T477] F2FS-fs (loop3): invalid crc value
[   25.105824][   T28] audit: type=1400 audit(1742772135.288:158): avc:  denied  { write } for  pid=493 comm="syz.2.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   25.118639][  T322] hid-picolcd 0003:04D8:F002.0003: device report parse failed
[   25.144995][  T477] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[   25.156596][  T322] hid-picolcd: probe of 0003:04D8:F002.0003 failed with error -22
[   25.189329][  T477] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   25.198478][   T28] audit: type=1400 audit(1742772135.288:159): avc:  denied  { read } for  pid=493 comm="syz.2.75" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   25.223561][  T503] syz.2.78 (503) used greatest stack depth: 20848 bytes left
[   25.246447][   T39] usb 2-1: USB disconnect, device number 2
[   25.268275][   T28] audit: type=1400 audit(1742772135.508:160): avc:  denied  { read } for  pid=506 comm="syz.2.80" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=16526 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   25.298293][  T477] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   25.307343][  T477] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   25.589668][  T518] Driver unsupported XDP return value 0 on prog  (id 44) dev N/A, expect packet loss!
[   25.827762][  T525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=525 comm=syz.1.86
[   26.304311][  T549] loop4: detected capacity change from 0 to 512
[   26.334176][  T552] loop1: detected capacity change from 0 to 256
[   26.347592][  T549] EXT4-fs (loop4): orphan cleanup on readonly fs
[   26.357747][  T549] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   26.381354][  T549] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   26.396309][  T549] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.98: attempt to clear invalid blocks 2 len 1
[   26.409108][  T549] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.98: invalid indirect mapped block 1819239214 (level 0)
[   26.423743][  T549] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.98: invalid indirect mapped block 1819239214 (level 1)
[   26.441206][  T552] syz.1.101: attempt to access beyond end of device
[   26.441206][  T552] loop1: rw=2049, sector=256, nr_sectors = 120 limit=256
[   26.458128][  T549] EXT4-fs (loop4): 1 truncate cleaned up
[   26.460431][  T552] syz.1.101: attempt to access beyond end of device
[   26.460431][  T552] loop1: rw=2049, sector=372, nr_sectors = 4 limit=256
[   26.467794][  T549] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   26.485962][  T552] Buffer I/O error on dev loop1, logical block 93, lost async page write
[   26.496290][  T552] syz.1.101: attempt to access beyond end of device
[   26.496290][  T552] loop1: rw=2049, sector=372, nr_sectors = 4 limit=256
[   26.509805][  T552] Buffer I/O error on dev loop1, logical block 93, lost async page write
[   26.536620][    T8] device bridge_slave_1 left promiscuous mode
[   26.558438][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.584679][  T514] loop2: detected capacity change from 0 to 131072
[   26.592457][  T514] F2FS-fs (loop2): Test dummy encryption mode enabled
[   26.605412][    T8] device bridge_slave_0 left promiscuous mode
[   26.613696][  T514] F2FS-fs (loop2): invalid crc value
[   26.618994][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.622547][  T549] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   26.633810][  T560] loop1: detected capacity change from 0 to 256
[   26.642332][    T8] device veth1_macvtap left promiscuous mode
[   26.648186][  T549] EXT4-fs error (device loop4): __ext4_remount:6598: comm syz.4.98: Abort forced by user
[   26.652952][    T8] device veth0_vlan left promiscuous mode
[   26.664394][  T549] EXT4-fs (loop4): Remounting filesystem read-only
[   26.671201][  T549] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[   26.678078][  T514] F2FS-fs (loop2): Found nat_bits in checkpoint
[   26.710666][  T293] EXT4-fs (loop4): unmounting filesystem.
[   26.780795][  T514] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   26.811752][  T514] F2FS-fs (loop2): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[   26.853030][  T545] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.886085][  T545] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.888515][  T580] syz.4.110[580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.893006][  T580] syz.4.110[580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   26.902326][  T545] device bridge_slave_0 entered promiscuous mode
[   26.942800][  T545] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.949874][  T545] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.957350][  T545] device bridge_slave_1 entered promiscuous mode
[   27.139937][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   27.148162][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.171000][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   27.184895][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.196411][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.203342][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.211112][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   27.220418][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.228866][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.235742][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.252842][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   27.260554][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.268787][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.286121][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.303005][  T545] device veth0_vlan entered promiscuous mode
[   27.309955][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.318753][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.326237][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.341168][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.351573][  T545] device veth1_macvtap entered promiscuous mode
[   27.365869][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.379881][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.420385][  T600] netlink: 'syz.5.100': attribute type 3 has an invalid length.
[   27.507735][  T322] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   27.532380][  T615] loop5: detected capacity change from 0 to 512
[   27.538812][  T615] EXT4-fs: Ignoring removed mblk_io_submit option
[   27.547653][  T615] EXT4-fs error (device loop5): ext4_get_branch:178: inode #13: block 2: comm syz.5.123: invalid block
[   27.576548][  T615] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.123: invalid indirect mapped block 10 (level 1)
[   27.590321][  T615] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.123: invalid indirect mapped block 8 (level 1)
[   27.603939][  T615] EXT4-fs (loop5): 1 truncate cleaned up
[   27.609829][  T615] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   27.665259][  T545] EXT4-fs (loop5): unmounting filesystem.
[   27.687799][  T322] usb 2-1: Using ep0 maxpacket: 32
[   27.694924][  T322] usb 2-1: config 0 has an invalid interface number: 74 but max is 1
[   27.717780][  T322] usb 2-1: config 0 has no interface number 1
[   27.727484][  T322] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[   27.743885][  T628] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   27.747797][  T322] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   27.764497][  T628] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   27.783214][  T322] usb 2-1: Product: syz
[   27.787235][  T322] usb 2-1: Manufacturer: syz
[   27.792733][  T322] usb 2-1: SerialNumber: syz
[   27.822424][  T322] usb 2-1: config 0 descriptor??
[   27.830476][  T322] snd-usb-audio: probe of 2-1:0.74 failed with error -22
[   27.840390][  T322] usb 2-1: Waiting for MOTU Microbook II to boot up...
[   27.847087][  T322] usb 2-1: failed setting the sample rate for Motu MicroBook II: -22
[   27.878024][  T322] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[   27.941032][  T640] loop5: detected capacity change from 0 to 4096
[   27.975716][  T650] loop0: detected capacity change from 0 to 512
[   27.983458][  T640] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   28.005436][  T650] EXT4-fs (loop0): 1 orphan inode deleted
[   28.015888][  T650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   28.025326][   T43] EXT4-fs error (device loop0): ext4_release_dquot:6805: comm kworker/u4:2: Failed to release dquot type 1
[   28.042425][  T650] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   28.053091][  T312] usb 2-1: USB disconnect, device number 3
[   28.056158][  T545] EXT4-fs (loop5): unmounting filesystem.
[   28.102167][  T292] EXT4-fs (loop0): unmounting filesystem.
[   28.287569][  T669] loop5: detected capacity change from 0 to 2048
[   28.299540][  T669] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   28.318054][  T545] EXT4-fs (loop5): unmounting filesystem.
[   28.440154][  T682] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   28.463424][  T684] loop5: detected capacity change from 0 to 512
[   28.469913][  T684] EXT4-fs: Ignoring removed oldalloc option
[   28.476173][  T684] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   28.487751][  T684] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   28.500924][  T684] EXT4-fs (loop5): 1 truncate cleaned up
[   28.506498][  T684] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   28.525077][  T545] EXT4-fs (loop5): unmounting filesystem.
[   28.591506][  T695] loop1: detected capacity change from 0 to 16
[   28.598739][  T695] erofs: (device loop1): mounted with root inode @ nid 36.
[   28.643160][  T701] loop1: detected capacity change from 0 to 512
[   28.649610][  T701] =======================================================
[   28.649610][  T701] WARNING: The mand mount option has been deprecated and
[   28.649610][  T701]          and is ignored by this kernel. Remove the mand
[   28.649610][  T701]          option from the mount to silence this warning.
[   28.649610][  T701] =======================================================
[   28.687557][  T701] EXT4-fs (loop1): 1 truncate cleaned up
[   28.693103][  T701] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   28.712336][  T289] EXT4-fs (loop1): unmounting filesystem.
[   28.794809][  T711] syz.1.163 (711) used greatest stack depth: 20488 bytes left
[   28.813995][  T713] loop1: detected capacity change from 0 to 512
[   28.826677][  T713] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   28.835831][  T713] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   28.854220][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.863505][  T289] EXT4-fs (loop1): unmounting filesystem.
[   28.865025][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.881669][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.889253][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.896609][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.904415][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.911743][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.919108][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.926416][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.933645][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.940990][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.948337][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.956012][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.963352][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.977140][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   28.997757][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.008432][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.016006][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.033508][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.040099][  T736] loop1: detected capacity change from 0 to 512
[   29.046307][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.055248][  T736] EXT4-fs: dax option not supported
[   29.059546][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.068191][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.075461][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.082956][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.090375][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.097895][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.105177][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.112729][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.120189][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.127503][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.133261][  T736] loop1: detected capacity change from 0 to 256
[   29.135185][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.147906][  T312] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   29.155654][   T39] hid-generic 0006:0003:0003.0004: unknown main item tag 0x0
[   29.167112][   T39] hid-generic 0006:0003:0003.0004: hidraw0: VIRTUAL HID v0.00 Device [syz1] on syz0
[   29.199729][  T736] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   29.217950][  T736] exFAT-fs (loop1): unable to read boot sector
[   29.256021][  T736] exFAT-fs (loop1): failed to read boot sector
[   29.267841][  T736] exFAT-fs (loop1): failed to recognize exfat type
[   29.343531][  T312] usb 3-1: config 0 has no interfaces?
[   29.354970][  T312] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[   29.384932][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   29.396031][  T312] usb 3-1: config 0 descriptor??
[   29.490825][  T755] loop5: detected capacity change from 0 to 512
[   29.515265][  T755] EXT4-fs: Invalid want_extra_isize 7
[   29.604166][  T312] usb 3-1: USB disconnect, device number 3
[   29.626579][   T28] kauditd_printk_skb: 61 callbacks suppressed
[   29.626595][   T28] audit: type=1400 audit(1742772139.858:221): avc:  denied  { create } for  pid=759 comm="syz.4.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   29.662131][   T28] audit: type=1400 audit(1742774699.896:222): avc:  denied  { bind } for  pid=759 comm="syz.4.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   29.682014][   T28] audit: type=1400 audit(1742774699.896:223): avc:  denied  { name_bind } for  pid=759 comm="syz.4.184" src=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[   29.705042][   T28] audit: type=1400 audit(1742774699.896:224): avc:  denied  { node_bind } for  pid=759 comm="syz.4.184" src=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[   29.726060][  T762] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[   29.735239][   T28] audit: type=1400 audit(1742774699.976:225): avc:  denied  { relabelto } for  pid=761 comm="syz.4.185" name="26" dev="tmpfs" ino=146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[   29.784931][   T28] audit: type=1400 audit(1742774699.976:226): avc:  denied  { associate } for  pid=761 comm="syz.4.185" name="26" dev="tmpfs" ino=146 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:man_t:s0"
[   29.827757][  T322] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   29.839988][  T768] devpts: called with bogus options
[   29.842063][   T28] audit: type=1400 audit(1742774699.996:227): avc:  denied  { write } for  pid=293 comm="syz-executor" name="26" dev="tmpfs" ino=146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[   29.891769][   T28] audit: type=1400 audit(1742774699.996:228): avc:  denied  { remove_name } for  pid=293 comm="syz-executor" name="binderfs" dev="tmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[   29.932838][   T28] audit: type=1400 audit(1742774700.006:229): avc:  denied  { rmdir } for  pid=293 comm="syz-executor" name="26" dev="tmpfs" ino=146 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:man_t:s0"
[   29.958576][   T28] audit: type=1400 audit(1742774700.036:230): avc:  denied  { create } for  pid=765 comm="syz.4.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   30.019182][  T322] usb 6-1: Using ep0 maxpacket: 32
[   30.025482][  T322] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   30.036379][  T322] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   30.046905][  T322] usb 6-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[   30.061110][  T322] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   30.084972][  T322] usb 6-1: config 0 descriptor??
[   30.221698][  T802] loop1: detected capacity change from 0 to 512
[   30.235651][  T806] TCP: tcp_parse_options: Illegal window scaling value 224 > 14 received
[   30.271790][  T802] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   30.288246][  T802] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   30.325400][  T818] capability: warning: `syz.4.211' uses deprecated v2 capabilities in a way that may be insecure
[   30.337393][  T802] EXT4-fs (loop1): unmounting filesystem.
[   30.432453][  T830] SELinux: ebitmap start bit (5259586) is not a multiple of the map unit size (64)
[   30.450895][  T830] SELinux: failed to load policy
[   30.477302][  T834] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   30.486512][  T834] FAT-fs (loop5): unable to read boot sector
[   30.507093][  T322] input: HID 054c:03d5 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:054C:03D5.0005/input/input6
[   30.548673][  T322] sony 0003:054C:03D5.0005: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.5-1/input0
[   30.653535][  T843] loop0: detected capacity change from 0 to 1024
[   30.668346][  T843] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   30.696671][  T843] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   30.709559][   T19] usb 6-1: USB disconnect, device number 2
[   30.728052][  T843] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   30.756837][  T832] loop4: detected capacity change from 0 to 40427
[   30.763900][  T832] F2FS-fs (loop4): fault_type options not supported
[   30.771381][  T832] F2FS-fs (loop4): invalid crc value
[   30.781539][  T843] capability: warning: `syz.0.220' uses 32-bit capabilities (legacy support in use)
[   30.792254][  T832] F2FS-fs (loop4): Found nat_bits in checkpoint
[   30.818969][  T292] EXT4-fs (loop0): unmounting filesystem.
[   30.870104][  T832] F2FS-fs (loop4): Start checkpoint disabled!
[   30.894267][  T832] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   30.957174][  T832] F2FS-fs (loop4): Unexpected flush for atomic writes: ino=10, npages=2
[   30.966416][  T832] syz.4.217: attempt to access beyond end of device
[   30.966416][  T832] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   31.052211][  T197] kworker/u4:3: attempt to access beyond end of device
[   31.052211][  T197] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   31.345520][  T916] loop0: detected capacity change from 0 to 1024
[   31.351983][  T915] loop2: detected capacity change from 0 to 2048
[   31.363342][  T916] EXT4-fs: Ignoring removed oldalloc option
[   31.380126][  T916] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   31.391083][  T915] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.421793][  T292] EXT4-fs (loop0): unmounting filesystem.
[   31.421858][  T291] EXT4-fs (loop2): unmounting filesystem.
[   31.487733][  T312] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   31.535236][  T938] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96
[   31.544610][  T938] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0001 with DS=0x1
[   31.640709][  T954] loop0: detected capacity change from 0 to 1024
[   31.647261][  T954] EXT4-fs: Ignoring removed nobh option
[   31.653860][  T954] EXT4-fs: Ignoring removed bh option
[   31.660048][  T954] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   31.679596][  T954] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   31.704524][  T954] EXT4-fs (loop0): Online defrag not supported with bigalloc
[   31.720496][  T312] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   31.729911][  T312] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   31.738152][  T312] usb 5-1: Product: syz
[   31.742353][  T312] usb 5-1: Manufacturer: syz
[   31.747187][  T292] EXT4-fs (loop0): unmounting filesystem.
[   31.748797][  T312] usb 5-1: SerialNumber: syz
[   31.839549][  T976] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   31.848923][  T976] FAT-fs (loop5): unable to read boot sector
[   31.909160][  T984] loop0: detected capacity change from 0 to 512
[   31.916026][  T984] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   31.927436][  T984] EXT4-fs (loop0): 1 truncate cleaned up
[   31.932950][  T984] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   31.974175][  T984] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[   31.989061][  T984] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.282: invalid indirect mapped block 6 (level 1)
[   32.014591][  T292] EXT4-fs (loop0): unmounting filesystem.
[   32.039675][  T991] loop0: detected capacity change from 0 to 512
[   32.063334][  T991] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   32.079249][  T991] EXT4-fs (loop0): 1 truncate cleaned up
[   32.085076][  T991] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   32.111065][  T292] EXT4-fs (loop0): unmounting filesystem.
[   32.773469][  T312] cdc_ncm 5-1:1.0: failed to get mac address
[   32.781921][  T312] cdc_ncm 5-1:1.0: bind() failure
[   32.793766][  T312] cdc_ncm: probe of 5-1:1.1 failed with error -71
[   32.811744][  T312] cdc_mbim: probe of 5-1:1.1 failed with error -71
[   32.827112][  T312] usb 5-1: USB disconnect, device number 2
[   33.487737][    T6] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   33.537895][  T936] Bluetooth: hci0: command 0x1003 tx timeout
[   33.543768][  T352] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   33.559863][ T1097] netlink: 24 bytes leftover after parsing attributes in process `syz.5.334'.
[   33.588255][ T1103] netlink: 40 bytes leftover after parsing attributes in process `syz.5.337'.
[   33.623242][ T1109] loop4: detected capacity change from 0 to 1024
[   33.635349][ T1109] EXT4-fs: Ignoring removed orlov option
[   33.641082][ T1109] EXT4-fs: Ignoring removed nomblk_io_submit option
[   33.676892][ T1109] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   33.687545][    T6] usb 1-1: Using ep0 maxpacket: 32
[   33.706450][    T6] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[   33.715292][    T6] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   33.725559][  T293] EXT4-fs (loop4): unmounting filesystem.
[   33.732266][    T6] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[   33.741851][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   33.752099][    T6] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   33.762074][    T6] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   33.775316][    T6] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   33.784468][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   33.796798][    T6] usb 1-1: config 0 descriptor??
[   33.801724][  T312] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   34.009175][  T312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[   34.022188][  T312] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[   34.032147][    T6] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   34.042788][  T312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   34.052452][  T312] usb 3-1: config 0 descriptor??
[   34.058907][ T1095] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   34.138668][   T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   34.241571][  T322] usb 1-1: USB disconnect, device number 3
[   34.257980][  T322] usblp0: removed
[   34.320823][ T1161] loop5: detected capacity change from 0 to 40427
[   34.327847][   T24] usb 5-1: Using ep0 maxpacket: 16
[   34.333087][ T1161] F2FS-fs (loop5): fault_injection options not supported
[   34.340823][   T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[   34.341281][ T1161] F2FS-fs (loop5): invalid crc value
[   34.351193][   T24] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   34.356353][ T1161] F2FS-fs (loop5): Found nat_bits in checkpoint
[   34.363662][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   34.377421][   T24] usb 5-1: Product: syz
[   34.381443][   T24] usb 5-1: Manufacturer: syz
[   34.385787][   T24] usb 5-1: SerialNumber: syz
[   34.398008][   T24] usb 5-1: config 0 descriptor??
[   34.404059][   T24] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[   34.411842][   T24] usb 5-1: Detected FT232R
[   34.421607][ T1161] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   34.464789][  T545] syz-executor: attempt to access beyond end of device
[   34.464789][  T545] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   34.489947][  T312] hid-generic 0003:04F3:0755.0006: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0
[   34.583310][ T1170] netlink: 'syz.5.365': attribute type 1 has an invalid length.
[   34.605033][   T24] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   34.683609][  T312] usb 3-1: USB disconnect, device number 4
[   34.764919][   T28] kauditd_printk_skb: 135 callbacks suppressed
[   34.764934][   T28] audit: type=1400 audit(1742774705.056:366): avc:  denied  { bind } for  pid=1173 comm="syz.0.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   34.790279][   T28] audit: type=1400 audit(1742774705.056:367): avc:  denied  { name_bind } for  pid=1173 comm="syz.0.367" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[   34.810884][   T28] audit: type=1400 audit(1742774705.056:368): avc:  denied  { node_bind } for  pid=1173 comm="syz.0.367" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   34.831657][   T28] audit: type=1400 audit(1742774705.056:369): avc:  denied  { write } for  pid=1173 comm="syz.0.367" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   34.852730][   T28] audit: type=1400 audit(1742774705.056:370): avc:  denied  { read } for  pid=1173 comm="syz.0.367" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   34.873217][   T24] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   34.982731][   T28] audit: type=1400 audit(1742774705.276:371): avc:  denied  { module_request } for  pid=1178 comm="syz.0.369" kmod="net-pf-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   35.011903][   T28] audit: type=1400 audit(1742774705.306:372): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   35.041877][    T6] usb 5-1: USB disconnect, device number 3
[   35.055568][   T28] audit: type=1400 audit(1742774705.346:373): avc:  denied  { read write } for  pid=1184 comm="syz.1.372" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   35.056072][    T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   35.080153][   T28] audit: type=1400 audit(1742774705.346:374): avc:  denied  { open } for  pid=1184 comm="syz.1.372" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   35.090881][    T6] ftdi_sio 5-1:0.0: device disconnected
[   35.152540][ T1189] syz.0.374 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   35.210840][   T28] audit: type=1400 audit(1742774705.506:375): avc:  denied  { create } for  pid=1194 comm="syz.5.379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   35.319114][ T1213] syz.0.386[1213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.319202][ T1213] syz.0.386[1213] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   35.335688][ T1215] loop5: detected capacity change from 0 to 512
[   35.355051][ T1215] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   35.398895][ T1215] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   35.408849][ T1215] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.468679][  T545] EXT4-fs (loop5): unmounting filesystem.
[   35.871921][ T1290] block device autoloading is deprecated and will be removed.
[   35.907754][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   36.018042][ T1318] loop4: detected capacity change from 0 to 512
[   36.024667][ T1318] EXT4-fs: Invalid commit interval 2147483647, must be smaller than 21474836
[   36.104402][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   36.120853][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   36.138850][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[   36.157927][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[   36.180500][   T24] usb 1-1: New USB device found, idVendor=0738, idProduct=a2c5, bcdDevice=1e.ce
[   36.189639][   T39] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   36.198853][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   36.212436][   T24] usb 1-1: Product: syz
[   36.216517][   T24] usb 1-1: Manufacturer: syz
[   36.221205][   T24] usb 1-1: SerialNumber: syz
[   36.231402][   T24] usb 1-1: config 0 descriptor??
[   36.240787][   T24] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[   36.253236][   T24] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input8
[   36.372346][ T1351] loop4: detected capacity change from 0 to 512
[   36.388998][   T39] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   36.405077][   T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   36.419530][ T1351] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.447: casefold flag without casefold feature
[   36.432153][   T39] usb 6-1: Product: syz
[   36.436158][   T39] usb 6-1: Manufacturer: syz
[   36.448828][   T39] usb 6-1: SerialNumber: syz
[   36.453439][ T1351] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.447: couldn't read orphan inode 15 (err -117)
[   36.465753][   T24] usb 1-1: USB disconnect, device number 4
[   36.471833][   T24] xpad 1-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   36.481871][ T1351] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   36.515527][  T293] EXT4-fs (loop4): unmounting filesystem.
[   36.567372][ T1364] loop4: detected capacity change from 0 to 4096
[   36.582293][ T1364] EXT4-fs: Ignoring removed nomblk_io_submit option
[   36.599092][ T1364] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   36.717520][  T293] EXT4-fs (loop4): unmounting filesystem.
[   36.731354][ T1374] loop2: detected capacity change from 0 to 512
[   36.746208][ T1374] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   36.769574][ T1374] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   36.779421][ T1374] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.790239][ T1382] futex_wake_op: syz.1.471 tries to shift op by -1; fix this program
[   36.844247][  T291] EXT4-fs (loop2): unmounting filesystem.
[   36.901131][ T1398] loop2: detected capacity change from 0 to 2048
[   36.919409][ T1398] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   36.947170][  T291] EXT4-fs (loop2): unmounting filesystem.
[   37.104309][ T1419] loop0: detected capacity change from 0 to 512
[   37.122332][ T1419] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.478: inode #1: comm syz.0.478: iget: illegal inode #
[   37.152051][ T1419] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.478: error while reading EA inode 1 err=-117
[   37.180330][ T1419] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.478: inode #1: comm syz.0.478: iget: illegal inode #
[   37.208073][ T1419] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.478: error while reading EA inode 1 err=-117
[   37.222221][ T1419] EXT4-fs (loop0): 1 orphan inode deleted
[   37.228078][ T1419] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   37.263615][  T292] EXT4-fs (loop0): unmounting filesystem.
[   37.509656][   T39] cdc_ncm 6-1:1.0: failed to get mac address
[   37.516733][   T39] cdc_ncm 6-1:1.0: bind() failure
[   37.532405][   T39] cdc_ncm: probe of 6-1:1.1 failed with error -71
[   37.545016][   T39] cdc_mbim: probe of 6-1:1.1 failed with error -71
[   37.555860][   T39] usb 6-1: USB disconnect, device number 3
[   37.662718][ T1455] loop0: detected capacity change from 0 to 4096
[   37.669374][ T1455] EXT4-fs: Ignoring removed nomblk_io_submit option
[   37.682948][ T1455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   37.781934][  T292] EXT4-fs (loop0): unmounting filesystem.
[   37.971741][ T1476] loop0: detected capacity change from 0 to 512
[   37.983356][ T1476] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.504: casefold flag without casefold feature
[   37.998375][ T1476] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.504: couldn't read orphan inode 15 (err -117)
[   38.010206][ T1476] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   38.048773][  T292] EXT4-fs (loop0): unmounting filesystem.
[   38.189166][ T1497] netlink: 'syz.0.513': attribute type 1 has an invalid length.
[   38.242715][ T1500] loop0: detected capacity change from 0 to 512
[   38.282828][ T1500] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.515: casefold flag without casefold feature
[   38.300327][ T1500] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.515: couldn't read orphan inode 15 (err -117)
[   38.313527][ T1479] mmap: syz.2.505 (1479) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   38.328088][ T1500] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   38.375977][ T1514] IPv6: sit2: Disabled Multicast RS
[   38.384531][  T292] EXT4-fs (loop0): unmounting filesystem.
[   38.430104][ T1521] loop5: detected capacity change from 0 to 512
[   38.438009][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   38.475085][ T1521] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   38.494157][ T1521] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   38.551566][ T1521] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   38.552359][ T1533] loop4: detected capacity change from 0 to 1024
[   38.566444][ T1521] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[   38.584349][ T1521] EXT4-fs (loop5): This should not happen!! Data will be lost
[   38.584349][ T1521] 
[   38.590551][ T1535] loop2: detected capacity change from 0 to 4096
[   38.594668][ T1521] EXT4-fs (loop5): Total free blocks count 0
[   38.600744][ T1535] EXT4-fs: Ignoring removed nomblk_io_submit option
[   38.611553][ T1521] EXT4-fs (loop5): Free/Dirty block details
[   38.618030][ T1521] EXT4-fs (loop5): free_blocks=65280
[   38.623160][ T1521] EXT4-fs (loop5): dirty_blocks=2
[   38.627978][ T1521] EXT4-fs (loop5): Block reservation details
[   38.633842][ T1521] EXT4-fs (loop5): i_reserved_data_blocks=2
[   38.635103][ T1533] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[   38.639584][   T24] usb 2-1: Using ep0 maxpacket: 32
[   38.651405][ T1535] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   38.667560][   T24] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[   38.676184][   T24] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   38.684797][   T24] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[   38.694425][  T545] EXT4-fs (loop5): unmounting filesystem.
[   38.700270][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   38.713966][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   38.723797][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   38.739329][   T24] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   38.748523][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   38.757585][   T24] usb 2-1: config 0 descriptor??
[   38.774043][ T1543] xt_hashlimit: size too large, truncated to 1048576
[   38.812991][ T1545] loop4: detected capacity change from 0 to 1024
[   38.844740][ T1545] EXT4-fs: Ignoring removed orlov option
[   38.873712][ T1545] EXT4-fs (loop4): Test dummy encryption mode enabled
[   38.910965][ T1545] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   38.956616][  T291] EXT4-fs (loop2): unmounting filesystem.
[   38.966436][   T24] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   38.986837][ T1545] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   39.040243][  T293] EXT4-fs (loop4): unmounting filesystem.
[   39.116826][ T1565] netlink: 16 bytes leftover after parsing attributes in process `syz.5.540'.
[   39.184570][   T24] usb 2-1: USB disconnect, device number 4
[   39.207275][   T24] usblp0: removed
[   39.242738][ T1562] loop4: detected capacity change from 0 to 40427
[   39.253458][ T1562] F2FS-fs (loop4): fault_type options not supported
[   39.260749][ T1562] F2FS-fs (loop4): invalid crc value
[   39.279014][ T1562] F2FS-fs (loop4): Found nat_bits in checkpoint
[   39.323172][ T1562] F2FS-fs (loop4): Start checkpoint disabled!
[   39.336460][ T1562] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[   39.379525][ T1581] netlink: 68 bytes leftover after parsing attributes in process `syz.0.548'.
[   39.457157][  T578] kworker/u4:5: attempt to access beyond end of device
[   39.457157][  T578] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   39.464921][ T1572] loop2: detected capacity change from 0 to 40427
[   39.495624][ T1572] F2FS-fs (loop2): fault_injection options not supported
[   39.521726][ T1572] F2FS-fs (loop2): invalid crc value
[   39.550556][ T1593] loop0: detected capacity change from 0 to 1024
[   39.564288][ T1572] F2FS-fs (loop2): Found nat_bits in checkpoint
[   39.565784][ T1593] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f01cc01c, mo2=0002]
[   39.578521][ T1593] System zones: 0-1, 3-36
[   39.595643][ T1593] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   39.652197][ T1597] loop5: detected capacity change from 0 to 4096
[   39.661781][  T292] EXT4-fs (loop0): unmounting filesystem.
[   39.694505][ T1597] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   39.726252][ T1572] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   39.876134][  T291] syz-executor: attempt to access beyond end of device
[   39.876134][  T291] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   39.891223][ T1612] loop0: detected capacity change from 0 to 1024
[   39.913123][ T1612] EXT4-fs: Ignoring removed orlov option
[   39.928012][ T1612] EXT4-fs (loop0): Test dummy encryption mode enabled
[   39.948967][ T1612] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   39.980683][  T292] EXT4-fs (loop0): unmounting filesystem.
[   40.061589][ T1617] loop0: detected capacity change from 0 to 512
[   40.082812][ T1619] loop2: detected capacity change from 0 to 512
[   40.093069][ T1617] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.121037][ T1619] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   40.130579][   T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   40.138194][ T1617] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   40.138274][ T1619] ext4 filesystem being mounted at /107/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.153625][ T1617] ext4 filesystem being mounted at /121/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.220989][ T1619] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   40.235730][ T1619] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[   40.248189][ T1619] EXT4-fs (loop2): This should not happen!! Data will be lost
[   40.248189][ T1619] 
[   40.257721][ T1619] EXT4-fs (loop2): Total free blocks count 0
[   40.263684][ T1619] EXT4-fs (loop2): Free/Dirty block details
[   40.269349][ T1619] EXT4-fs (loop2): free_blocks=65280
[   40.274795][ T1619] EXT4-fs (loop2): dirty_blocks=2
[   40.279594][ T1619] EXT4-fs (loop2): Block reservation details
[   40.285465][ T1619] EXT4-fs (loop2): i_reserved_data_blocks=2
[   40.296243][  T292] EXT4-fs (loop0): unmounting filesystem.
[   40.339637][  T291] EXT4-fs (loop2): unmounting filesystem.
[   40.358896][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   40.377841][  T545] EXT4-fs (loop5): unmounting filesystem.
[   40.390078][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   40.417852][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[   40.437406][ T1634] loop5: detected capacity change from 0 to 512
[   40.453735][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[   40.474891][ T1634] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.565: casefold flag without casefold feature
[   40.516309][   T24] usb 2-1: New USB device found, idVendor=0738, idProduct=a2c5, bcdDevice=1e.ce
[   40.537936][ T1634] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.565: couldn't read orphan inode 15 (err -117)
[   40.559740][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   40.597199][   T24] usb 2-1: Product: syz
[   40.603391][ T1634] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   40.617724][   T24] usb 2-1: Manufacturer: syz
[   40.622161][   T24] usb 2-1: SerialNumber: syz
[   40.658754][   T24] usb 2-1: config 0 descriptor??
[   40.667132][   T24] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[   40.707596][  T545] EXT4-fs (loop5): unmounting filesystem.
[   40.714343][   T24] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input9
[   40.801463][ T1655] loop0: detected capacity change from 0 to 512
[   40.819829][ T1655] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   40.828898][ T1655] ext4 filesystem being mounted at /128/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   40.835331][ T1636] loop2: detected capacity change from 0 to 40427
[   40.870105][ T1636] F2FS-fs (loop2): Wrong NAT boundary, start(2560) end(3584) blocks(83968)
[   40.875659][   T39] usb 2-1: USB disconnect, device number 5
[   40.879020][ T1636] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   40.892748][   T39] xpad 2-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[   40.903048][ T1655] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   40.914210][ T1636] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288)
[   40.926092][ T1655] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[   40.934665][ T1636] F2FS-fs (loop2): invalid crc value
[   40.938843][ T1655] EXT4-fs (loop0): This should not happen!! Data will be lost
[   40.938843][ T1655] 
[   40.944967][ T1636] F2FS-fs (loop2): Found nat_bits in checkpoint
[   40.953337][ T1655] EXT4-fs (loop0): Total free blocks count 0
[   40.965420][ T1655] EXT4-fs (loop0): Free/Dirty block details
[   40.971582][ T1655] EXT4-fs (loop0): free_blocks=65280
[   40.976884][ T1655] EXT4-fs (loop0): dirty_blocks=2
[   40.982231][ T1655] EXT4-fs (loop0): Block reservation details
[   40.988447][ T1655] EXT4-fs (loop0): i_reserved_data_blocks=2
[   41.003614][ T1636] F2FS-fs (loop2): Start checkpoint disabled!
[   41.014116][  T292] EXT4-fs (loop0): unmounting filesystem.
[   41.020296][ T1636] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   41.027580][ T1636] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   41.120577][ T1675] loop4: detected capacity change from 0 to 512
[   41.153810][ T1675] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   41.207386][ T1675] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   41.220383][ T1675] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   41.230602][ T1675] System zones: 0-1, 15-15, 18-18, 34-34
[   41.236663][ T1675] EXT4-fs (loop4): orphan cleanup on readonly fs
[   41.242987][ T1675] __quota_error: 58 callbacks suppressed
[   41.243003][ T1675] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[   41.257751][ T1675] EXT4-fs warning (device loop4): ext4_enable_quotas:7017: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   41.272245][ T1675] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   41.278889][ T1675] EXT4-fs error (device loop4): ext4_orphan_get:1426: comm syz.4.584: bad orphan inode 16
[   41.288982][ T1675] ext4_test_bit(bit=15, block=18) = 1
[   41.294228][ T1675] is_bad_inode(inode)=0
[   41.298385][ T1675] NEXT_ORPHAN(inode)=0
[   41.302385][ T1675] max_ino=32
[   41.305439][ T1675] i_nlink=2
[   41.308467][ T1675] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   41.327720][    T6] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   41.335071][   T28] audit: type=1400 audit(1742774711.626:434): avc:  denied  { mounton } for  pid=1674 comm="syz.4.584" path="/90/file2/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   41.358467][  T293] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[   41.376030][  T293] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0)
[   41.431164][  T293] EXT4-fs (loop4): unmounting filesystem.
[   41.527926][   T28] audit: type=1400 audit(1742774711.826:435): avc:  denied  { getattr } for  pid=1682 comm="syz.1.588" name="/" dev="dax" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   41.552516][    T6] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   41.564928][    T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   41.581527][    T6] usb 1-1: Product: syz
[   41.590004][    T6] usb 1-1: Manufacturer: syz
[   41.600032][    T6] usb 1-1: SerialNumber: syz
[   41.673609][   T28] audit: type=1400 audit(1742774711.966:436): avc:  denied  { mounton } for  pid=1687 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   41.774971][ T1687] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.787386][ T1687] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.801832][ T1687] device bridge_slave_0 entered promiscuous mode
[   41.818988][ T1687] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.832379][ T1687] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.846324][ T1687] device bridge_slave_1 entered promiscuous mode
[   41.991236][ T1687] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.998170][ T1687] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.005256][ T1687] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.012188][ T1687] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.032984][  T578] device bridge_slave_1 left promiscuous mode
[   42.039286][  T578] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.046734][  T578] device bridge_slave_0 left promiscuous mode
[   42.053099][  T578] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.072366][  T578] device veth1_macvtap left promiscuous mode
[   42.081636][  T578] device veth0_vlan left promiscuous mode
[   42.130045][   T28] audit: type=1400 audit(1742774712.426:437): avc:  denied  { bind } for  pid=1706 comm="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   42.164115][   T28] audit: type=1400 audit(1742774712.446:438): avc:  denied  { ioctl } for  pid=1708 comm="syz.5.598" path="/dev/uinput" dev="devtmpfs" ino=258 ioctlcmd=0x5504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   42.278056][   T28] audit: type=1400 audit(1742774712.576:439): avc:  denied  { write } for  pid=1723 comm="syz.5.604" name="/" dev="incremental-fs" ino=539 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.300458][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   42.300609][   T28] audit: type=1400 audit(1742774712.576:440): avc:  denied  { add_name } for  pid=1723 comm="syz.5.604" name="control" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.310248][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   42.328857][   T28] audit: type=1400 audit(1742774712.576:441): avc:  denied  { associate } for  pid=1723 comm="syz.5.604" name="control" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   42.359300][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   42.374905][   T28] audit: type=1400 audit(1742774712.576:442): avc:  denied  { remove_name } for  pid=1723 comm="syz.5.604" name="control" dev="incremental-fs" ino=542 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   42.381465][ T1726] process 'syz.5.605' launched './file0' with NULL argv: empty string added
[   42.407121][ T1728] netlink: 'syz.1.606': attribute type 12 has an invalid length.
[   42.415195][ T1728] netlink: 'syz.1.606': attribute type 29 has an invalid length.
[   42.424525][ T1728] netlink: 148 bytes leftover after parsing attributes in process `syz.1.606'.
[   42.433918][ T1728] Zero length message leads to an empty skb
[   42.445236][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   42.465347][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   42.478209][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   42.502548][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   42.511119][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   42.523732][ T1687] device veth0_vlan entered promiscuous mode
[   42.530813][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   42.539192][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   42.550424][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   42.561349][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   42.575624][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   42.583904][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   42.593160][ T1687] device veth1_macvtap entered promiscuous mode
[   42.614057][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   42.621858][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   42.630490][    T6] cdc_ncm 1-1:1.0: failed to get mac address
[   42.636660][    T6] cdc_ncm 1-1:1.0: bind() failure
[   42.642646][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   42.652593][    T6] cdc_ncm: probe of 1-1:1.1 failed with error -71
[   42.669389][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   42.682652][    T6] cdc_mbim: probe of 1-1:1.1 failed with error -71
[   42.691875][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   42.701563][    T6] usb 1-1: USB disconnect, device number 5
[   42.831380][ T1769] netlink: 'syz.6.623': attribute type 11 has an invalid length.
[   42.859866][ T1773] loop6: detected capacity change from 0 to 512
[   42.880468][  T314] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   42.897636][ T1773] loop6: detected capacity change from 0 to 256
[   43.297988][  T327] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   43.364883][ T1826] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[   43.374585][ T1826] overlayfs: NFS export requires an index dir, falling back to nfs_export=off.
[   43.477112][ T1838] loop2: detected capacity change from 0 to 4096
[   43.498690][  T327] usb 7-1: config 0 has an invalid interface number: 156 but max is 0
[   43.500405][ T1843] loop5: detected capacity change from 0 to 512
[   43.514148][ T1843] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.524830][  T327] usb 7-1: config 0 has no interface number 0
[   43.531010][ T1838] EXT4-fs (loop2): Test dummy encryption mode enabled
[   43.535212][  T327] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   43.549467][  T327] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   43.550754][ T1838] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   43.559648][  T327] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   43.569525][ T1843] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   43.584084][  T327] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.598659][  T327] usb 7-1: config 0 descriptor??
[   43.598654][ T1843] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.619352][  T327] usb 7-1: MIDIStreaming interface descriptor not found
[   43.635933][  T327] snd-usb-audio: probe of 7-1:0.156 failed with error -12
[   43.643636][ T1838] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   43.657545][  T356] udevd[356]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.156/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   43.687871][  T291] EXT4-fs (loop2): unmounting filesystem.
[   43.719841][  T545] EXT4-fs (loop5): unmounting filesystem.
[   43.832846][   T19] usb 7-1: USB disconnect, device number 2
[   43.934185][ T1884] loop2: detected capacity change from 0 to 512
[   43.960329][ T1884] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   43.978162][ T1884] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.672: corrupted in-inode xattr
[   44.014075][ T1884] EXT4-fs (loop2): Remounting filesystem read-only
[   44.030500][ T1884] EXT4-fs (loop2): 1 truncate cleaned up
[   44.039161][ T1884] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   44.078923][  T291] EXT4-fs (loop2): unmounting filesystem.
[   44.175731][ T1911] loop2: detected capacity change from 0 to 512
[   44.197746][    T6] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   44.388945][    T6] usb 6-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[   44.411323][    T6] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[   44.441027][    T6] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.460617][    T6] aiptek 6-1:17.0: interface has no int in endpoints, but must have minimum 1
[   44.663101][    T6] usb 6-1: USB disconnect, device number 4
[   44.729810][ T1958] loop2: detected capacity change from 0 to 128
[   45.330801][ T1986] loop6: detected capacity change from 0 to 256
[   45.340047][ T1986] exfat: Deprecated parameter 'utf8'
[   45.376311][ T1986] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[   45.395087][ T1988] netlink: 'syz.0.721': attribute type 8 has an invalid length.
[   45.601375][ T2010] loop6: detected capacity change from 0 to 512
[   45.617312][ T2010] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   45.632309][ T2017] loop0: detected capacity change from 0 to 512
[   45.638736][ T2017] EXT4-fs: Ignoring removed oldalloc option
[   45.648192][ T2017] EXT4-fs (loop0): 1 truncate cleaned up
[   45.653667][ T2017] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   45.674635][ T1687] EXT4-fs (loop6): unmounting filesystem.
[   45.685959][ T2021] loop5: detected capacity change from 0 to 128
[   45.687484][  T292] EXT4-fs (loop0): unmounting filesystem.
[   45.716619][ T2021] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   45.717769][ T2026] loop2: detected capacity change from 0 to 256
[   45.731340][ T2026] exfat: Deprecated parameter 'namecase'
[   45.739905][ T2021] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.741057][ T2026] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   45.782618][  T545] EXT4-fs (loop5): unmounting filesystem.
[   45.801929][ T2032] usb usb1: check_ctrlrecip: process 2032 (syz.6.741) requesting ep 01 but needs 81
[   45.827795][  T327] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   45.852745][ T2026] exFAT-fs (loop2): error, tried to truncate zeroed cluster.
[   45.864082][ T2026] syz.2.739: attempt to access beyond end of device
[   45.864082][ T2026] loop2: rw=524288, sector=34359738488, nr_sectors = 16 limit=256
[   45.882243][ T2026] syz.2.739: attempt to access beyond end of device
[   45.882243][ T2026] loop2: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[   46.017721][  T327] usb 2-1: Using ep0 maxpacket: 16
[   46.024102][  T327] usb 2-1: unable to get BOS descriptor or descriptor too short
[   46.066083][  T327] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[   46.091964][  T327] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   46.120860][  T327] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   46.159531][  T327] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   46.175177][  T327] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   46.180844][ T2079] loop5: detected capacity change from 0 to 512
[   46.183419][  T327] usb 2-1: Product: syz
[   46.193266][  T327] usb 2-1: Manufacturer: syz
[   46.198248][  T327] usb 2-1: SerialNumber: syz
[   46.201806][ T2079] EXT4-fs: Ignoring removed oldalloc option
[   46.210884][ T2079] EXT4-fs (loop5): 1 truncate cleaned up
[   46.216447][ T2079] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   46.238205][  T545] EXT4-fs (loop5): unmounting filesystem.
[   46.292744][ T2090] loop6: detected capacity change from 0 to 256
[   46.338991][ T2090] FAT-fs (loop6): Directory bread(block 64) failed
[   46.355624][ T2090] FAT-fs (loop6): Directory bread(block 65) failed
[   46.369123][ T2090] FAT-fs (loop6): Directory bread(block 66) failed
[   46.385655][ T2090] FAT-fs (loop6): Directory bread(block 67) failed
[   46.402515][ T2090] FAT-fs (loop6): Directory bread(block 68) failed
[   46.411902][  T327] usb 2-1: 0:2 : does not exist
[   46.417096][ T2090] FAT-fs (loop6): Directory bread(block 69) failed
[   46.424783][  T327] usb 2-1: USB disconnect, device number 6
[   46.430530][ T2090] FAT-fs (loop6): Directory bread(block 70) failed
[   46.436853][ T2090] FAT-fs (loop6): Directory bread(block 71) failed
[   46.464743][ T2090] FAT-fs (loop6): Directory bread(block 72) failed
[   46.477814][ T2090] FAT-fs (loop6): Directory bread(block 73) failed
[   46.528061][   T28] kauditd_printk_skb: 35 callbacks suppressed
[   46.528077][   T28] audit: type=1400 audit(1742774716.826:478): avc:  denied  { watch watch_reads } for  pid=2088 comm="syz.6.767" path="/35/bus" dev="loop6" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[   46.595923][ T2092] loop5: detected capacity change from 0 to 40427
[   46.611172][ T2092] F2FS-fs (loop5): Invalid log blocks per segment (4278190089)
[   46.618863][ T2092] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   46.631523][ T2092] F2FS-fs (loop5): invalid crc value
[   46.641900][ T2092] F2FS-fs (loop5): Found nat_bits in checkpoint
[   46.693500][   T28] audit: type=1400 audit(1742774716.986:479): avc:  denied  { read write } for  pid=1687 comm="syz-executor" name="loop6" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   46.715768][ T2092] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   46.722429][   T28] audit: type=1400 audit(1742774716.986:480): avc:  denied  { open } for  pid=1687 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   46.731165][ T2092] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   46.758926][   T28] audit: type=1400 audit(1742774716.986:481): avc:  denied  { ioctl } for  pid=1687 comm="syz-executor" path="/dev/loop6" dev="devtmpfs" ino=120 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   46.797753][   T28] audit: type=1400 audit(1742774717.006:482): avc:  denied  { bpf } for  pid=2107 comm="syz.6.775" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   46.842963][   T28] audit: type=1400 audit(1742774717.006:483): avc:  denied  { map_create } for  pid=2107 comm="syz.6.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   46.867050][ T2115] netlink: 24 bytes leftover after parsing attributes in process `syz.2.778'.
[   46.871429][   T28] audit: type=1400 audit(1742774717.006:484): avc:  denied  { perfmon } for  pid=2107 comm="syz.6.775" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   46.882450][  T545] syz-executor: attempt to access beyond end of device
[   46.882450][  T545] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   46.897958][   T28] audit: type=1400 audit(1742774717.006:485): avc:  denied  { map_read map_write } for  pid=2107 comm="syz.6.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   46.935889][   T28] audit: type=1400 audit(1742774717.006:486): avc:  denied  { prog_load } for  pid=2107 comm="syz.6.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   46.956230][   T28] audit: type=1400 audit(1742774717.006:487): avc:  denied  { prog_run } for  pid=2107 comm="syz.6.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   47.027380][ T2125] loop2: detected capacity change from 0 to 1024
[   47.050411][ T2125] EXT4-fs: Ignoring removed bh option
[   47.055959][ T2125] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   47.080632][ T2128] netlink: 'syz.5.780': attribute type 8 has an invalid length.
[   47.087035][ T2125] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   47.121367][  T291] EXT4-fs (loop2): unmounting filesystem.
[   47.134533][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[   47.208637][ T2148] netlink: 20 bytes leftover after parsing attributes in process `syz.1.791'.
[   47.310761][ T2142] loop6: detected capacity change from 0 to 40427
[   47.318034][ T2142] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[   47.325624][ T2142] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[   47.343827][ T2142] F2FS-fs (loop6): Found nat_bits in checkpoint
[   47.345810][ T2165] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   47.408013][ T2142] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[   47.414914][ T2142] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   47.512945][ T2181] input input12: cannot allocate more than FF_MAX_EFFECTS effects
[   47.586452][ T2194] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   47.741689][ T2207] netlink: 104 bytes leftover after parsing attributes in process `syz.6.818'.
[   48.675999][ T2228] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Dropping request.  Check SNMP counters.
[   48.752176][ T2241] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[   48.908236][ T2265] netlink: 8 bytes leftover after parsing attributes in process `syz.1.845'.
[   48.971445][ T2273] loop6: detected capacity change from 0 to 2048
[   49.011448][ T2278] netlink: 20 bytes leftover after parsing attributes in process `syz.1.851'.
[   49.022946][ T2273] Alternate GPT is invalid, using primary GPT.
[   49.029084][ T2273]  loop6: p2 p3 p7
[   49.063475][  T314] udevd[314]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[   49.087197][  T356] udevd[356]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[   49.098698][  T482] udevd[482]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory
[   49.099085][  T314] udevd[314]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[   49.147795][  T936] Bluetooth: hci0: command 0x1003 tx timeout
[   49.148407][  T352] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   49.207808][  T327] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   49.387816][  T327] usb 3-1: Using ep0 maxpacket: 8
[   49.394797][  T327] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   49.415649][  T327] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[   49.440293][ T2330] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   49.459612][  T327] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   49.477749][  T327] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.507148][  T327] usb 3-1: Product: syz
[   49.522602][  T327] usb 3-1: Manufacturer: syz
[   49.527126][  T327] usb 3-1: SerialNumber: syz
[   49.631932][ T2351] input: syz0 as /devices/virtual/input/input14
[   49.679925][ T2354] netem: change failed
[   49.747034][ T2368] netlink: 28 bytes leftover after parsing attributes in process `syz.5.894'.
[   49.757422][  T327] cdc_ncm 3-1:1.0: bind() failure
[   49.764010][  T327] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[   49.776726][  T327] cdc_ncm 3-1:1.1: bind() failure
[   49.791491][  T327] usb 3-1: USB disconnect, device number 5
[   49.837495][ T2380] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.841932][ T2378] loop5: detected capacity change from 0 to 512
[   49.845053][ T2380] device bridge_slave_1 left promiscuous mode
[   49.857081][ T2380] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.871209][ T2380] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   49.886664][ T2378] EXT4-fs: Ignoring removed bh option
[   49.903792][ T2378] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   49.933237][ T2378] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[   49.953315][ T2378] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[   49.963261][ T2378] System zones: 0-2, 18-18, 34-34
[   49.972709][ T2378] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   49.990126][ T2378] EXT4-fs (loop5): 1 truncate cleaned up
[   50.005110][ T2378] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   50.036102][  T545] EXT4-fs (loop5): unmounting filesystem.
[   50.105916][ T2412] x_tables: duplicate underflow at hook 4
[   50.188521][ T2421] loop6: detected capacity change from 0 to 512
[   50.210240][ T2421] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[   50.219105][ T2421] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.274946][ T1687] EXT4-fs (loop6): unmounting filesystem.
[   50.325197][ T2434] netlink: 28 bytes leftover after parsing attributes in process `syz.6.919'.
[   50.369446][ T2438] SELinux: failed to load policy
[   50.967771][   T39] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   51.062113][    T8] tipc: Subscription rejected, illegal request
[   51.147769][   T39] usb 7-1: Using ep0 maxpacket: 8
[   51.160909][   T39] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   51.181127][   T39] usb 7-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[   51.191609][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[   51.207725][   T39] usb 7-1: SerialNumber: syz
[   51.216857][   T39] usb 7-1: config 0 descriptor??
[   51.229234][   T39] usb 7-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[   51.243658][   T39] usb 7-1: Failed to create links for entity 255
[   51.256414][   T39] usb 7-1: Failed to register entities (-22).
[   51.379496][ T2514] netlink: 8 bytes leftover after parsing attributes in process `syz.5.957'.
[   51.432638][   T39] usb 7-1: USB disconnect, device number 3
[   51.686762][   T28] kauditd_printk_skb: 154 callbacks suppressed
[   51.686779][   T28] audit: type=1400 audit(1742774721.976:642): avc:  denied  { read } for  pid=2553 comm="syz.2.976" name="usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   51.720951][   T28] audit: type=1400 audit(1742774722.016:643): avc:  denied  { open } for  pid=2553 comm="syz.2.976" path="/dev/usbmon0" dev="devtmpfs" ino=155 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   51.745423][   T28] audit: type=1400 audit(1742774722.016:644): avc:  denied  { ioctl } for  pid=2553 comm="syz.2.976" path="/dev/usbmon0" dev="devtmpfs" ino=155 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   51.793283][ T2560] syz.5.979[2560] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.793339][ T2560] syz.5.979[2560] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   51.848334][   T28] audit: type=1400 audit(1742774722.146:645): avc:  denied  { relabelto } for  pid=2565 comm="syz.1.983" name="232" dev="tmpfs" ino=1212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   51.902088][   T28] audit: type=1400 audit(1742774722.186:646): avc:  denied  { associate } for  pid=2565 comm="syz.1.983" name="232" dev="tmpfs" ino=1212 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[   51.929197][   T28] audit: type=1400 audit(1742774722.186:647): avc:  denied  { write } for  pid=289 comm="syz-executor" name="232" dev="tmpfs" ino=1212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   51.955792][   T28] audit: type=1400 audit(1742774722.186:648): avc:  denied  { remove_name } for  pid=289 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1216 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   51.983175][   T28] audit: type=1400 audit(1742774722.186:649): avc:  denied  { rmdir } for  pid=289 comm="syz-executor" name="232" dev="tmpfs" ino=1212 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[   52.030974][   T28] audit: type=1400 audit(1742774722.326:650): avc:  denied  { create } for  pid=2575 comm="syz.6.987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.068734][   T28] audit: type=1400 audit(1742774722.346:651): avc:  denied  { write } for  pid=2575 comm="syz.6.987" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.269645][ T2612] loop2: detected capacity change from 0 to 512
[   52.308779][ T2612] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.1003: bg 0: block 16: invalid block bitmap
[   52.330601][ T2612] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   52.354696][ T2612] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1003: invalid indirect mapped block 5 (level 0)
[   52.378621][ T2612] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1003: invalid indirect mapped block 4294967295 (level 1)
[   52.391958][ T2590] loop5: detected capacity change from 0 to 40427
[   52.403198][ T2612] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1003: invalid indirect mapped block 4294967295 (level 2)
[   52.416077][ T2590] F2FS-fs (loop5): invalid crc value
[   52.423093][ T2612] EXT4-fs (loop2): 1 truncate cleaned up
[   52.429053][ T2612] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   52.440450][ T2590] F2FS-fs (loop5): Found nat_bits in checkpoint
[   52.458249][  T291] EXT4-fs (loop2): unmounting filesystem.
[   52.517175][ T2590] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[   52.526487][ T2631] SELinux:  Context system_u:object_r:netlabel_mgmt_exec_t:s0 is not valid (left unmapped).
[   52.577146][  T545] syz-executor: attempt to access beyond end of device
[   52.577146][  T545] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   52.726249][ T2650] loop5: detected capacity change from 0 to 128
[   52.732818][ T2649] syz.1.1017[2649] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.732899][ T2649] syz.1.1017[2649] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   52.767061][ T2650] ext4 filesystem being mounted at /187/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   52.940982][ T2671] futex_wake_op: syz.2.1027 tries to shift op by -1; fix this program
[   52.952987][ T2673] device bridge1 entered promiscuous mode
[   53.049374][ T2691] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1037'.
[   53.263977][ T2730] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.320675][ T2738] device vlan2 entered promiscuous mode
[   53.328928][ T2738] device dummy0 entered promiscuous mode
[   53.349219][ T2740] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1059'.
[   53.508275][ T2760] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1069'.
[   53.547546][ T2760] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1069'.
[   53.578230][ T2760] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1069'.
[   53.627756][ T2760] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1069'.
[   53.749798][ T2771] tipc: Started in network mode
[   53.754595][ T2771] tipc: Node identity 7f000001, cluster identity 4711
[   53.763104][ T2771] tipc: Enabled bearer <udp:syz2>, priority 10
[   53.993982][ T2792] 9pnet: p9_errstr2errno: server reported unknown error ‌@يخ‚ح(للي«Qے0x0000000000000004
[   54.036621][ T2752] loop6: detected capacity change from 0 to 131072
[   54.044337][ T2752] F2FS-fs (loop6): Wrong CP boundary, start(512) end(198144) blocks(1024)
[   54.053090][ T2752] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[   54.064006][ T2752] F2FS-fs (loop6): invalid crc value
[   54.076284][ T2752] F2FS-fs (loop6): Found nat_bits in checkpoint
[   54.132933][ T2752] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[   54.138534][ T2809] loop5: detected capacity change from 0 to 256
[   54.140076][ T2752] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[   54.224386][ T2752] F2FS-fs (loop6): sanity_check_inode: inode (ino=8, mode=0) should not have inline_dentry, run fsck to fix
[   54.242107][ T2814] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   54.370064][ T2827] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2827 comm=syz.1.1095
[   54.593926][ T2859] device ip6tnl1 entered promiscuous mode
[   54.749168][ T2887] tipc: Started in network mode
[   54.753879][ T2887] tipc: Node identity ac14142f, cluster identity 4711
[   54.769959][ T2887] tipc: New replicast peer: 0.0.0.0
[   54.779725][ T2887] tipc: Enabled bearer <udp:syz2>, priority 10
[   54.791737][ T2887] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[   54.878944][  T310] tipc: Node number set to 2130706433
[   54.946758][ T2908] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1135'.
[   54.981662][ T2905] Disabled LAPIC found during irq injection
[   55.005258][ T2911] SELinux:  Context ـ is not valid (left unmapped).
[   55.167599][ T2927] bridge0: port 2(vlan2) entered blocking state
[   55.192893][ T2927] bridge0: port 2(vlan2) entered disabled state
[   55.198068][    C0] ==================================================================
[   55.206887][    C0] BUG: KASAN: use-after-free in dev_map_generic_redirect+0x9f/0x7d0
[   55.214710][    C0] Read of size 8 at addr ffff88810d223400 by task kworker/u4:0/8
[   55.222247][    C0] 
[   55.224430][    C0] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted 6.1.128-syzkaller-00029-g5145d157731f #0
[   55.233970][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   55.243860][    C0] Workqueue: tipc_send tipc_conn_send_work
[   55.249499][    C0] Call Trace:
[   55.252624][    C0]  <IRQ>
[   55.255312][    C0]  dump_stack_lvl+0x151/0x1b7
[   55.259827][    C0]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[   55.265123][    C0]  ? _printk+0xd1/0x111
[   55.269113][    C0]  ? __virt_addr_valid+0x242/0x2f0
[   55.274059][    C0]  print_report+0x158/0x4e0
[   55.278399][    C0]  ? __virt_addr_valid+0x242/0x2f0
[   55.283348][    C0]  ? kasan_complete_mode_report_info+0x90/0x1b0
[   55.289420][    C0]  ? dev_map_generic_redirect+0x9f/0x7d0
[   55.294886][    C0]  kasan_report+0x13c/0x170
[   55.299225][    C0]  ? dev_map_generic_redirect+0x9f/0x7d0
[   55.304695][    C0]  __asan_report_load8_noabort+0x14/0x20
[   55.310163][    C0]  dev_map_generic_redirect+0x9f/0x7d0
[   55.315456][    C0]  ? kasan_quarantine_put+0x34/0x1a0
[   55.320577][    C0]  ? kfree+0x7a/0xf0
[   55.324309][    C0]  ? bq_enqueue+0x3e0/0x3e0
[   55.328647][    C0]  ? bpf_prog_run_generic_xdp+0xa35/0x1200
[   55.334291][    C0]  xdp_do_generic_redirect+0x42e/0xb40
[   55.339589][    C0]  do_xdp_generic+0x53e/0x800
[   55.344097][    C0]  ? stack_trace_snprint+0xf0/0xf0
[   55.349046][    C0]  ? generic_xdp_tx+0x560/0x560
[   55.353736][    C0]  ? migrate_disable+0xd9/0x190
[   55.358419][    C0]  __netif_receive_skb_core+0x19ae/0x43d0
[   55.363971][    C0]  ? cpudl_cleanup+0x40/0x40
[   55.368403][    C0]  ? qdisc_run+0x260/0x260
[   55.372652][    C0]  ? update_load_avg+0x513/0x1530
[   55.377513][    C0]  ? enqueue_task_fair+0xe82/0x2260
[   55.382546][    C0]  __netif_receive_skb+0x11c/0x530
[   55.387492][    C0]  ? __netif_receive_skb_list_core+0x890/0x890
[   55.393481][    C0]  ? __kasan_check_write+0x14/0x20
[   55.398427][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   55.403375][    C0]  ? _raw_spin_lock_irqsave+0x210/0x210
[   55.408758][    C0]  process_backlog+0x32c/0x630
[   55.413358][    C0]  __napi_poll+0xbe/0x5c0
[   55.417525][    C0]  net_rx_action+0x595/0xdd0
[   55.421952][    C0]  ? net_tx_action+0x560/0x560
[   55.426547][    C0]  ? sched_clock+0x9/0x10
[   55.430717][    C0]  ? irqtime_account_irq+0x79/0x260
[   55.435754][    C0]  handle_softirqs+0x1db/0x650
[   55.440355][    C0]  __do_softirq+0xb/0xd
[   55.444339][    C0]  do_softirq+0xf6/0x150
[   55.448423][    C0]  </IRQ>
[   55.451195][    C0]  <TASK>
[   55.453975][    C0]  ? __local_bh_enable_ip+0x80/0x80
[   55.459007][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   55.463869][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[   55.468908][    C0]  __local_bh_enable_ip+0x75/0x80
[   55.473766][    C0]  _raw_spin_unlock_bh+0x50/0x60
[   55.478537][    C0]  tipc_conn_send_work+0x211/0x990
[   55.483485][    C0]  ? compat_start_thread+0x20/0x20
[   55.488433][    C0]  ? tipc_topsrv_exit_net+0x320/0x320
[   55.493640][    C0]  ? kthread_data+0x53/0xc0
[   55.497983][    C0]  ? __kasan_check_read+0x11/0x20
[   55.502837][    C0]  ? read_word_at_a_time+0x12/0x20
[   55.507786][    C0]  ? strscpy+0x9c/0x260
[   55.511781][    C0]  process_one_work+0x73d/0xcb0
[   55.516471][    C0]  worker_thread+0xa60/0x1260
[   55.520986][    C0]  kthread+0x26d/0x300
[   55.524883][    C0]  ? worker_clr_flags+0x1a0/0x1a0
[   55.529745][    C0]  ? kthread_blkcg+0xd0/0xd0
[   55.534173][    C0]  ret_from_fork+0x1f/0x30
[   55.538426][    C0]  </TASK>
[   55.541287][    C0] 
[   55.543457][    C0] Allocated by task 2920:
[   55.547631][    C0]  kasan_set_track+0x4b/0x70
[   55.552052][    C0]  kasan_save_alloc_info+0x1f/0x30
[   55.556998][    C0]  __kasan_kmalloc+0x9c/0xb0
[   55.561435][    C0]  __kmalloc_node+0xb4/0x1e0
[   55.565850][    C0]  bpf_map_kmalloc_node+0xd0/0x2c0
[   55.570799][    C0]  __dev_map_alloc_node+0x5c/0x4e0
[   55.575745][    C0]  dev_map_update_elem+0x20e/0x3f0
[   55.580694][    C0]  bpf_map_update_value+0x23a/0x410
[   55.585728][    C0]  map_update_elem+0x500/0x680
[   55.590327][    C0]  __sys_bpf+0x460/0x7f0
[   55.594403][    C0]  __x64_sys_bpf+0x7c/0x90
[   55.598656][    C0]  x64_sys_call+0x87f/0x9a0
[   55.603000][    C0]  do_syscall_64+0x3b/0xb0
[   55.607252][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.612980][    C0] 
[   55.615150][    C0] Freed by task 43:
[   55.618797][    C0]  kasan_set_track+0x4b/0x70
[   55.623220][    C0]  kasan_save_free_info+0x2b/0x40
[   55.628080][    C0]  ____kasan_slab_free+0x131/0x180
[   55.633026][    C0]  __kasan_slab_free+0x11/0x20
[   55.637635][    C0]  __kmem_cache_free+0x21d/0x410
[   55.642412][    C0]  kfree+0x7a/0xf0
[   55.645962][    C0]  dev_map_free+0x593/0x6c0
[   55.650299][    C0]  bpf_map_free_deferred+0xf7/0x1b0
[   55.655332][    C0]  process_one_work+0x73d/0xcb0
[   55.660020][    C0]  worker_thread+0xa60/0x1260
[   55.664532][    C0]  kthread+0x26d/0x300
[   55.668438][    C0]  ret_from_fork+0x1f/0x30
[   55.672690][    C0] 
[   55.674862][    C0] Last potentially related work creation:
[   55.680415][    C0]  kasan_save_stack+0x3b/0x60
[   55.684932][    C0]  __kasan_record_aux_stack+0xb4/0xc0
[   55.690138][    C0]  kasan_record_aux_stack_noalloc+0xb/0x10
[   55.695781][    C0]  kvfree_call_rcu+0x9f/0x800
[   55.700295][    C0]  kernfs_unlink_open_file+0x327/0x3d0
[   55.705584][    C0]  kernfs_fop_release+0x253/0x310
[   55.710446][    C0]  __fput+0x1e5/0x870
[   55.714263][    C0]  ____fput+0x15/0x20
[   55.718083][    C0]  task_work_run+0x24d/0x2e0
[   55.722509][    C0]  exit_to_user_mode_loop+0x94/0xa0
[   55.727558][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[   55.732931][    C0]  syscall_exit_to_user_mode+0x26/0x130
[   55.738307][    C0]  do_syscall_64+0x47/0xb0
[   55.742559][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   55.748291][    C0] 
[   55.750457][    C0] The buggy address belongs to the object at ffff88810d223400
[   55.750457][    C0]  which belongs to the cache kmalloc-96 of size 96
[   55.764171][    C0] The buggy address is located 0 bytes inside of
[   55.764171][    C0]  96-byte region [ffff88810d223400, ffff88810d223460)
[   55.777017][    C0] 
[   55.779203][    C0] The buggy address belongs to the physical page:
[   55.785464][    C0] page:ffffea00043488c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88810d223c00 pfn:0x10d223
[   55.796830][    C0] flags: 0x4000000000000200(slab|zone=1)
[   55.802304][    C0] raw: 4000000000000200 ffffea0004db6508 ffffea0004ccfb08 ffff888100042900
[   55.810700][    C0] raw: ffff88810d223c00 0000000000200015 00000001ffffffff 0000000000000000
[   55.819110][    C0] page dumped because: kasan: bad access detected
[   55.825370][    C0] page_owner tracks the page as allocated
[   55.830918][    C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 1455, tgid 1454 (syz.0.494), ts 37723493819, free_ts 35640118009
[   55.850157][    C0]  post_alloc_hook+0x213/0x220
[   55.854752][    C0]  prep_new_page+0x1b/0x110
[   55.859093][    C0]  get_page_from_freelist+0x3a98/0x3b10
[   55.864474][    C0]  __alloc_pages+0x234/0x610
[   55.868897][    C0]  alloc_slab_page+0x6c/0xf0
[   55.873324][    C0]  new_slab+0x90/0x3e0
[   55.877229][    C0]  ___slab_alloc+0x6f9/0xb80
[   55.881659][    C0]  __slab_alloc+0x5d/0xa0
[   55.885825][    C0]  __kmem_cache_alloc_node+0x207/0x2a0
[   55.891117][    C0]  __kmalloc+0xa3/0x1e0
[   55.895110][    C0]  ext4_find_extent+0x375/0xe30
[   55.899798][    C0]  ext4_ext_map_blocks+0x257/0x7340
[   55.904830][    C0]  ext4_map_blocks+0xa25/0x1ca0
[   55.909527][    C0]  _ext4_get_block+0x23b/0x660
[   55.914121][    C0]  ext4_get_block_unwritten+0x2e/0x110
[   55.919415][    C0]  ext4_block_write_begin+0x55e/0x1200
[   55.924709][    C0] page last free stack trace:
[   55.929223][    C0]  free_unref_page_prepare+0x9f1/0xa00
[   55.934511][    C0]  free_unref_page+0xb2/0x5c0
[   55.939027][    C0]  __free_pages+0x61/0xf0
[   55.943193][    C0]  pcpu_depopulate_chunk+0x4df/0x5b0
[   55.948314][    C0]  pcpu_balance_workfn+0x2bb/0xe60
[   55.953259][    C0]  process_one_work+0x73d/0xcb0
[   55.957948][    C0]  worker_thread+0xa60/0x1260
[   55.962564][    C0]  kthread+0x26d/0x300
[   55.966471][    C0]  ret_from_fork+0x1f/0x30
[   55.970724][    C0] 
[   55.972902][    C0] Memory state around the buggy address:
[   55.978374][    C0]  ffff88810d223300: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   55.986267][    C0]  ffff88810d223380: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   55.994163][    C0] >ffff88810d223400: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   56.002058][    C0]                    ^
[   56.005964][    C0]  ffff88810d223480: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   56.013864][    C0]  ffff88810d223500: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   56.021760][    C0] ==================================================================
[   56.029715][    C0] Disabling lock debugging due to kernel taint
[   56.036544][  T310] tipc: Node number set to 2886997039
[   56.038783][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[   56.047620][  T352] Bluetooth: hci0: Opcode 0x1003 failed: -110