last executing test programs:

31.761037852s ago: executing program 4 (id=10338):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x90c20}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000006200)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffe60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
io_setup(0x1fe, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x140b, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r3, &(0x7f0000000180)='\x00', 0x37000}])
dup3(r0, r1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x15, &(0x7f0000000700)={{}, &(0x7f0000000680), 0x0}, 0x20)

31.575950638s ago: executing program 4 (id=10341):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r5 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
close_range(r2, 0xffffffffffffffff, 0x0)

31.229198457s ago: executing program 4 (id=10345):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',g', @ANYRESDEC=0x0], 0x3e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)

31.152648094s ago: executing program 4 (id=10349):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0xffffffffffffff22, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x169142, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

31.152491004s ago: executing program 4 (id=10350):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000080), 0x4)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x80, 0x0)
connect$unix(r2, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
close(r1)

31.07665197s ago: executing program 4 (id=10352):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
ptrace(0x10, 0x1)
read$FUSE(0xffffffffffffffff, &(0x7f00000074c0)={0x2020}, 0x2020)
r0 = gettid()
timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
ptrace$setopts(0x4206, 0x0, 0x0, 0x20004c)
recvmsg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000003c0)}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_usb_connect(0x0, 0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="1201010222736b4021049204e322"], &(0x7f0000000180)={0x0, 0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="160f"]})

10.71118464s ago: executing program 0 (id=10498):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000140)={0x81, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

9.191146959s ago: executing program 0 (id=10502):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001300)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r2], 0x74}}, 0x0)

9.190668799s ago: executing program 1 (id=10503):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$binfmt_elf32(r1, &(0x7f0000001e80)=ANY=[], 0x38)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200002, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x431, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="02e462b5d9c7dc00f00000000300"/28, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setns(0xffffffffffffffff, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

9.190419379s ago: executing program 2 (id=10504):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000940), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000980)={0x24, r1, 0x1, 0x70bd28, 0x0, {{}, {}, {0x8, 0x11, 0xffffffff}}}, 0x24}}, 0x0)

9.190302119s ago: executing program 3 (id=10505):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r0, 0x301, 0x0, 0x25dfdbfd, {0x24}}, 0x14}}, 0x0)

7.501192843s ago: executing program 0 (id=10506):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r0, 0x4b4a, &(0x7f00000000c0))

7.500748923s ago: executing program 1 (id=10507):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f00000008c0)="166da1949ba0ee9ee511f385427169498f9565a1c4099287", 0x18}], 0x1}}], 0x1, 0x0)

7.500588513s ago: executing program 2 (id=10508):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
preadv(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f00000005c0)=""/151, 0x97}], 0x1, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0x6000001f})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000005000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000476ca446325c43c470c6dfd47dbf33afaa6d56680ce7b6fd720a545dda85868da5d4a98d6cdc35a254ad6d5b4a7ccc8ba1480cf8ceea584435f7c608cffb4a376902ce4c7aff333b0c042bb9a1b7807118a39cd7088ba5305c3320bf6ac82a478d6e4f4e1292b8105c71e1d2ba5592b285f6286bc7957d625daf970352ef791f536d19c1f6d1dae0a86a6751ebb25999d033d933937bce254b4ab848863a5e138cd3c231b843cfb89a097ada6a131d196812773488dd9fce7e362c1b81dd43a21690870261a6c2ffa56f05eb7b9577897cf2e6fe4f11edb5cbcc84434438957b3852e07ffb45d41a678a78cf6f4e368bd015539eab55a4e8e802d14b049670dabd2df733740fde36cad2067411c4cbec41c9400e55a211eb738f2a66f2917f7d2a3913783eae694e1c12b30cc50551589f"], 0x48)
sendfile(r3, r2, 0x0, 0x7ffff07a)
close_range(r0, 0xffffffffffffffff, 0x0)

7.500376673s ago: executing program 3 (id=10509):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000900)=@file={0x0, '.\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, 0x1, 0x9, 0x101}, 0x14}}, 0x0)

5.818998505s ago: executing program 0 (id=10510):
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x1}}}}}}, 0x0)

5.818581455s ago: executing program 1 (id=10511):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xfffffd64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}}, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_DEV(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032abd7000fbdbdf2514000000080001000200000008001d00", @ANYRES32=r5, @ANYBLOB="0c000600030000000300000008001d00", @ANYRES32=r5, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x40080}, 0x20000800)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x50, 0x0, 0x0, 0xfffffffd}]})
r7 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000000)='source', &(0x7f00000005c0)='#mS\xb2j\xcb\xa18:.)\xc7\xcb\xc5\xd8\x91\xa1\"\xd5\r\x89M;\x99\xd6\x8e?K\x82\xd5\xd7\xab\x10\xea\x14\n\xea\xe9\xcc\xdc\xf3\xc0\xf8\x89\xd0\x0ep\xb1I\x04T[\r&\xf0z\xde\xc0\xf3\xcd\x9a\xae\xa8*v_(\x94]\xdf\xf1\x95!\xb3+\x1aD\xda\xa1G\x06M\xdaz2\xe9\xe6\xda\x92U\xaaN\xff\xca\xb37-<3\xb28\xb8:UQ\x95|\xe5\xaa\x0e\xe7{\xd4T\x84\x83\x86\x9d', 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(r8, &(0x7f0000002a80)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff)

5.817870456s ago: executing program 3 (id=10512):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$getregs(0xc, r0, 0x4, &(0x7f0000001580)=""/4096)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
io_setup(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @dev}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@rr={0x7, 0x3, 0x8b}, @noop]}}}], 0x38}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

5.817641366s ago: executing program 2 (id=10516):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfe02, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r1 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000180)={0x15, 0xc, 0x9, 0x2, 0x4, 0x5, 0x1, 0x6b})

4.00328354s ago: executing program 0 (id=10513):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000022c0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000580)="36850f99840c99491ad148f49a13bee9cdfb76500e28d8e7f32f4dc8a04ba3c47828779b9ec4f11bfb7e99eb8342f8fef1b24408cd35194921e17baaa1384bbc1dc7a5", 0x43}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000040)="cbe3", 0x2}], 0x1}}], 0x2, 0xc8000)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)=""/85, 0x55}], 0x1}, 0x9}], 0x1, 0x10000, 0x0)

4.0029717s ago: executing program 1 (id=10514):
r0 = getpgid(0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x555581e96fff, 0x28011, r1, 0x0)
r2 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r2, 0xf, &(0x7f0000000000)={0x1d, 0x401, 0x7}, 0x0)

4.00266567s ago: executing program 2 (id=10515):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$MSR(&(0x7f0000000000), 0x200, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000300)=[@mss, @mss, @window, @timestamp, @sack_perm, @sack_perm, @sack_perm, @timestamp], 0x8)
write$binfmt_elf64(r0, &(0x7f0000000fc0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x40}, [{}]}, 0x78)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e", 0xc5, 0x805, 0x0, 0x0)

4.00199844s ago: executing program 3 (id=10517):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$binfmt_elf32(r1, &(0x7f0000001e80)=ANY=[], 0x38)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x200002, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440)={[{@noload}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x431, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="02e462b5d9c7dc00f00000000300"/28, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setns(0xffffffffffffffff, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

2.057342485s ago: executing program 1 (id=10518):
sched_setscheduler(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r2, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
renameat2(r3, &(0x7f00000001c0)='./file0\x00', r3, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000300)=""/104, 0x68)

2.056608085s ago: executing program 2 (id=10519):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000880)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r4 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETTXFILTER(r4, 0x401054d5, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x0, 0x0})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

2.055941885s ago: executing program 3 (id=10520):
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00@\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000002a00)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYBLOB="0685e91d0e4e886803a969a164ae2513effd3cac32e55bbd856c2da42a810c5afa381fb359e198604bd9f24e0a788041ce5419f5c51698f3415d333c1ab0be774b27a0f16710beec7c3eed4cff91248aee75e88ecdccf12c3a9595dd9e43b24064d3a2db3152214643ff16e46e708bf31dbdaa829a4e88159f262c90483a8e6770bbf3b28822adb674c90c76b13c197ba6348bd3dca0e156daa541927fe805ba6a54b123b8c4b984a136997af2aa20a22a58e914f86f3717675581875f9adcbc3192e202daa8abd25c816b062de42d3bc293efe9895b321db46a43986e8d65515555674359e8744ebebec61c81901a22250bc91b9c0aca9a767b738b6e578d1c43c46970a17315bcfedc56de62914d8746435fc58a1e1b9280ee209ccac7eda0f3618c1f3385266eb71b1963fa338bd067db2a47c1e161a7bae16a45192d44ddebbd97ecdefe81d31513e1c4ca78802b2797029906ded27666eddb86087399c9598a35acce909cda011ca7fdae4b83ab89bd8ed199c7eb2a8eaba46d27d2f20be8b08b53e8f397e933b3a3381514d1beadb7d8247d9f5c644853a49a89f1444f52443316af791b2ae0b7e27c1055d05483bff8040e12d426b338de52dc882595a3138e6db9ca4d8eff8886c41e553ab959a55c116d11585f89d31cca55e829968a3e97acea15e21c805078dc43ae3536cb25d99f9a91763960662ab06d0f505ad6583b1dcdd08a27d7c279659708da330f48181dcd531dbc748133313308b8c772ed94cf1b49b3c4875694fb3e844fa3feb0f0df6d353c58e7ceddc1a77d8e4e569e6271f54476d891af4201d4b7bb142c60de353a70d095f543ab067df56187b010b411e88e46d620cf8f3f342d8788c696376891294d21462fc1d27ebba67de4a870e8b33228360381f9aee5a713c15f01a5506981e7d94766efbde9d48c1de64ea93f343c8cd8a236a0a32cad7c33c53bd200e2a0a655c0769481c0c2963528259a2a572f581825c91d4cc2677b42534e9628bb42dfecb42b18ceffadbdaa754d58e4331bc8cd299549ce066e64cfcb1611744ccb6cbdc1c2e2f7c54969a08b7c48926453161770f9e11c5b8db27ab2bf6d348d05e7f17c594ad90073c50bc6f14af2c678257a3edf87601661447a5b62d61e2b4d67682ecbee0388a3d6a4f966f34ac8e184fb17aeea5f51c2a0b3591fb9fe7bc0dfec53043bb15862d3fed895d17fa9502ccf714c210e97ca7ca7ca0fd53e2f0321c7c4406c590622cd7ae953b66aeeb897043d6092bb05098c0e590ff032ca15d9e2186dc612dc2a85ff7ff7ed844feb54fced282bba366affb3b4e9e7af1e07b2f3c67ebca817c576d5befbe7a0917f7aa771677343cc446e1ff2b7f734f14259e7c3ca36451eb57363f3dea17f1c522b13a057642ee2d16c6b624d71d683907f1121ce30d2c04abdb713fe2cc0ed68f64c75a43ff34d969dec5f848157a4387ac9504e4bbda48023568e412c26fedb93e679021d682f3a2c1fb12202b7041ed7ae4d5aaadd493ff7cfb8f30ec1330d6ae8b8a7a732b1bedaa1c9d2058ddb3e1be461415f586fa21d760c953d87ce05e7b7afcd6ad2b93395e246f1b39ed2c60ca151a47d55165092ef945fdff088e3c7a81d583baadd56c5cb2bda3323a02a107fd31b213a399458e2acbb80e57740ed6a925b6f9bca973fb15f5d2d28f51f804a40982ea8b098f1b0c369fbd03d64ddd3c256bdf1d69e4d3d6cf56379cadfa1c1d7333af1ff73c153c8639fab6719795d68bd781cec3277d365992f0b00032c727990154d036eee53b90b8ca61210692247c1725c803c7e82f2e5ff0f6093bdb6c30925ffb5e3cbc512faaed886fd51a0936d9a0e2520c276a52569e768dec8481291d11c16ece5a26c0a0636d2cdec01449729b14bae0ec2e5c9675b8da0cb2caa9b9f6d7b1a5f651e12656ae1f1568bde435ebae5221cd0367ac9ca8db6f76310f9a76b467f3f5bd490e47a17f8404a81d90593b65bcaed516b7d0a3eef4bf6740c5cc44db4fabe311e24fb052526272dbe7a73fcd947b20266bafca5572d416fcd0dc8fd9d96184730dcd67821eff29661a6c6732c3fbcc099a82ad35f2ca2132eafc414a31937912260513162e4de2169ef40fb8b811a62b8956ac041fc92cb2fd055477231f6cb531d7ef65500199ba54b4cb70221a33da1bbaaadc50330a0046a8922f7123c7dda86908edb3b2f1e364df2432402be7c092ea01be0e5146acab3b9c49883b65547a4863a94f168a076c0b4ed825848efdde08ac652df0dcf746aeafc096522c0118a55c383ec40d0e98eec031807beeaa0690aa25bbba6da2900023a0978ab1162a1c8a6219d70662e62d6a5729ef07ed748e998efa78ea52bb64ed2ad2a83e15f2cb118a9d7049d1c3e0d832855c49137ac003a210988688d16ea151a5054473fee89028d0edd0edaa0c7fb9280dd09fbcfaf9d85c2419613b7bd16051cd41c9f89310d9b0849fb4fd98d1ad96f4412c546007c41e1b7fa43a328d4536e2ed6e39e0caaadab8fed3aca9aed87239153f87b129e779f40b2ca4efbe5a9b3e50d3871f90f8b98c6865ef640286f357e31e154506f2f9c136258284d650577cb211cb496ba943d4ed1e2e79feb3b6ce94f8452a48966076bf8b6c3c322dcd611547c84f39a307427cf41d1eb267a8c5808c021ebe98039af4af6e943cfcfde19b99978f007f4fb4f1474382523fd801ed07b4a0aa66e69af02384b78c38b150afa840d1bb685f0eb26cfdd01fce1700f4d48bab951e3d5829f3c89b928e28e74d7f7a18df290ace7cbc647fc0c32ea86ce110a7b3ff9f01fd7b645e6463aee556eee75e7a7ded0441a9ca66d18e1f36d4099a9c82059927c55571426411598a06337c04b25a3690f7674b6a0021c05709590df4463d8ee1b5cfb02c738839f6bc230cff4348d6935a25890c1282566737eb56245583b2dacf535230ae441a7c7a1923385b2530ebe7c529923d8e71fd983b68674d7b726087da1382f111d31373c6d0249f98a80a21044037bc6448013b30f2731b99e60152b3acaf3e239b60a338e50b0c624b058e698e82c68d28d5a23e83993d1ed08651ac72efcbea6b3d5657401859e98d60a25c2ec38fb1bd304e8db0fd46d9693bf6090b9d90b62033021d79d7d3d3e24a56b2d298dd12fa17814410144e9ae378711cbc9820685ddfce96fdab09cdc69574e398deb59e42b6c2cb6d70ed64e6c756fd0ea791b4264d4cc6d4bc271f85d2f989364974f97da2ad81038fb6d2f2bd19c8d5eccba52704daf8319e1d172b5fdf6fcc2fe5ab961a86791df6c79f7ce00495916a6c744fa821208e770e0608528fccec23ee45386ba8ce792b0c7940b0802207a6e774715f6bd22c2312283461443473c25b635ae852fb87fa1c099ca326c5e3fe825792a8d4b240836bd5164e673227af36317b8e8eb87dfc0e0633712b10ee54e32df9eae77d77ef4280e3bda4801671a372a8f035ab7188beca504cfc0e9850f15d12d27816ccfa904e2bd6300327be05497bb0bf142c286fe76ee6e9c5471f95cb0495a118c310938e5fd4bfb49f1ec7f86a3ad773479811e058c6c8f99b250766eef26f139d18d93c73a92444dd2e75a8b52b11d87269ca5477afc6c214c8d79dd0bb1217a9e2a8b1917f798e48a6bfea5d83e5fbaff59dbc2918cb43be30839480ecf96dc79874a493be99cf0c72f87bab13a1cbcd007c972dcda7f11f503537cf4eaf14c33b85330a4817db9c17c8a7db7ab869c662609119fa20f460f74a955a171b5ffacb42e29cf6d8bfd20680d8beca843ad6a6172ebfe5a1b972d5f350bde5a7b1f0d9214ee21b4654a32be3651b92265fe4c55ab4e17b87c803179376861cc705d0112166c481414c4654b5496e4e037a89e884864f7e99dcb255e190ba1ee9a41f289abaecfd4068481d9cce90b6c424b2002f6414a17122a45af93335c082179b91719f510b22e7bd2ae6c4a72d801000e3f2327879b23fd26de4a5dbc7389bb0463dbc9ede62995ae1ebc1b551ff222bf87d8c2a029c2626690f0dba2c2ae396a9b364519e0c641273ced64b53a856deb50d5b7bfabba8769e271ec8f7ea7677e420026a2756ee4a8449b2ea6ccfa2a47a0e87e02410edc857ccefbcb672ea07e3798bf0f959fd144692d0afe0803956b26abfd2919c7a1a4e7ac080effb02a1e4ac1f713fa28ded511b2bbc56a410dcfd4271ff623d5dfb8aa054b477644282f6fd9f1635b00b8a6e7afe6ee9184effec2ace19fb47353ac8ac57e2330053fdf5bdaac4a6a0b18be8975d2f38d757a02d2ece3c180e3ecd3b3b86a988244c13f4911321c931979447dd92336b7c03a05a5bd1dc5d09bb48ae7809a72f344d1aa1221e18a87cd9edd7a750569adb54c4202dac938893b9a8f0bce067567ac242cf86cd60e9c72b44fe517938919f627ba89a1c2b1a87979929eaadd8aa67457fb7f17104a04f88d6fc36dc39eac05ce0424897b230f96bb712221a6dfc8479854d3baff769b2599478322a7392a212dfa59f92a4bc3d182da7db23bd995e57c1cb670e6e7c6098ed12ca15e422abc8132e7bd9ed2930b1ee1298ea6a6b7b775c62205cba174dc965c4328bcf7ce12ab4e3880789472a10f2d503d5057a39031a32deb7b4e2ab293bbba16b12667de6fa05147d80666013877f394542c6eac830d16c10e9826ca15aa0905718cfe809116ea9729eb98144af37ce53bf0a614c14d1b120532d9940100de7d647ba99ce359f27718ca2853f3fcf78517f303efa8d6eeb1a99d3f0ebc745bf5d972b8b2cd262339b7ee20c7b863e219739baa93b03fd47fb175e0244b27ffe81db58ca683971fa69eac6d011e6bb921293728680932e0ee76624ca545d92e3d77c6d2eb06202d965b2938fd8b29375fc46ae8638cc9309e130a1204f8bfc8e268765f02d0ccf26d2f92a14d7271421831dcea923bc4330e5f134178b4627c573573a0e1ff16afa1070cb05062132b3ef324256f91e2e6f78f0d3344e6795a5a3b585a38fc574f2b159415cc567b68c224b1d791fcba62495ad32f44d74a29af5abf6e7c7c573435b8326d0583c0b0554de8d026b000efdbfb84eb51ba32a262d4cc74961384f9fcb1baa62d418bc55da19581e87b3f339fc283d540117d72c979a4697ef17bc2d2722a812be1702cc58d5cb779f1163855564a089a0b353d064f2b5ce59855fcf244821094af33a7995a11f95d5196b8003026790cdf99e1be8bd7ed74aa0c0ca927009de73451a834b3de73f617fe8c03a4f89bed4c7140cbe8dd600f1e156af350bc838b969669a56c0eebb7fe4fe402b7348a2fbc36de06b7dee1b8975f4daf316faafce9d7842336fdba3936d3d1ae17a3324997e635d2781d455369ebdc104352deb61f642c9634d03dd755b2c73612db9ea49d821dc6054f6d58c4e377001ceedf4d2600d9d0551277e4439e5d00d72c0f0461c6e86d4c1cfb7b74e98067706d26fb7e0a70f2ba775da53a406f754adc6c3ae9fba277830873f189cc860ca628850eb80411c7f5e850ec8b073cd16a98f597d6eb759e518bdd4890dcae6140ef5f538d871b78f6f63f1e32b46801251d1611958eb10c1503adddb7430dd1cb58796d09d61ff8b28fc6954a99bdb647660e595b8f4682a76b91411c3a3843f2c5bf54502f8ab4679371104ef2951c6830e0cfb2967f875af8b56f4e1ef583ae2535a99a7658083edf46ebeb784ec4117e14f0d51814fcea08e8c15963692cd750a0be72cf45f93c6081", @ANYBLOB="0000000000000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r4, 0x0, r2, 0x0, 0xf3a, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000008780))
write$binfmt_elf64(r3, &(0x7f0000003380)=ANY=[], 0x18c6)
write$cgroup_int(r0, &(0x7f0000000200), 0x43451)
ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000180)=0x200)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f00000001c0)='./bus\x00', 0xc0ed000e, &(0x7f0000000200)={[{@nouser_xattr}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xfe, 0x47e, &(0x7f0000001380)="$eJzs3M1vFOUfAPDvTLfl7cevFfEFBKmikfjS0vIiBy8aTThoYqIHjKfaLqSyUENrIoRo9YBHQ+Ld+C94Mp70YtSLJl7xbkiI4QLqZc3szJRSdssuLV3Kfj7JdJ9n5uk+z3dmnt1n5tndAHrWcPYnifhfRFyKiME8e3OB4fzh+tXzk39fPT85EBFv/ZU0yl27en6yLFr+35Y8U68X+Q1N6r3wbsRErVY9U+RH5059MDp79twL06cmTlRPVE+PHzly8MDugcPjh1Ylziyuazs/ntm14+g7F9+YPHbxvZ+TSuRxx5I4ltffdp3D+d5t6um2n2V92Loo3dixC/b8eiPd7Eygm/oiolKc1ZdiMPpi08K2wXjts642Drir6vV6fZlX5fk6cB9LotstALqjfKPPrn/LZY2GHveEKy/nF0BZ3NeLJd9SiTRP7Olfcn27moYj4tj8P19lS3R0HwIA4M58n41/nm82/kvj4TwxkP35fzGHMhQRD0TEtoh4MCK2R8RDEY2yj0TEox3Wv3SG5NbxT3r5joNrQzb+e6mY27p5/JeWRYb6itzWRvz9yfHpWnV/sU/2Rf+G49NJdWyZOn549fcvWm1bPP7Llqz+cixYtONyZckNuqmJuYmVxLzYlU8jdlaaxZ9EOY2TRMSOiNh5h3VMP1tpue328S+j9dO2rf51xDP58Z+PJfGXkpbzk2MvHh4/NLoxatX9o+VZcatffrvwZqv6VxT/KsiO/+am5/9C/EPJxojZs+dONuZrZzuv48Ifn7e8punw/D+6tTj/B5K3GysGig0fTczNnRmLGEhev3X9+I1nK/Nl+Sz+fXub9/9tcWNPPBYRuyJid0Q8nl0UFm1/IiKejIi9y8T/0ytPvd95/GszV5rFP3W74x+Lj3/nib6TP353+/g3RkSr43+wkdpXrGnn9a/dBq5k3wEAAMB6kTY+A5+kIwvpNB0ZyT/Dvz02p7WZ2bnnjs98eHoq/6z8UPSn5Z2uwUX3Q8eKe8NlfnwhnzSuxg8U942/7NvU2D4yOVOb6nbw0OO2tOj/mT/7ut064K5bhXk0YJ3S/6F36f/QmxL9H3paO/3/G7/dAvelZv3/k5alR769q40B1pTxP/SuNvr/fP7QelQArE/e/6F36f/Qk1p+Nz5d0Vf+1zzxb/F7ht1qRnQx9jS6EXKk98Jx74FEpe0fs+ggUR/M+3+2ZkPTMt1+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgd/wUAAP//ejXiag==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
close(r5)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000c00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001f80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
write$binfmt_script(r6, &(0x7f0000000080), 0x208e24b)
rmdir(&(0x7f0000000180)='./file0/../file0\x00')
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

2.053238445s ago: executing program 0 (id=10527):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000880)=ANY=[@ANYBLOB="120100002192ea0845050c800a03010603010902"], 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000002c0)="316f82", 0x3}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

1.343499ms ago: executing program 1 (id=10521):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000002000000000000000000000e00000000000000000000000006004482ba31675ce48200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000902"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010000000c0000000c00000002000000000000000000000400"/38], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000280)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600), 0x4)
sendto$inet(r1, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0)
recvmsg(r1, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000140)='bic\x00', 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000b50ccf1381c3afc5c0978d00000002000000000000000000000000000000009f07f368e0d2c99ab5dc2a2918ed34f939ab5ba4d4cfc4144f37f10ec6fd9fd48e648904449525b07cc90e4c02f160e347a1a1b7ce08d71897269cd01055309bde6546de6837f24a07ddb8772d8716e4594aa6ced720870fc218f6e6daec478c82a454fb9bfcb39125521ca56dfb85d7add0dcd44a2cc87e73ec5eb1ca3900571afc703c7a94f149d943df8de223d09253e79e42408bed60b038a94ca2232407a3516dbddc4e3ae990c164329318044a9aded74d6eb40ec35a18a54a32dee5c3fcd9d262f35b94bdfac048573ad5eadad5219f74372b71168d45e9411223432016ddd00fd2652d28c8704e19a13a0b7424b7c230975ef292ba62"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r2, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket(0x10, 0x1, 0xfffffffd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)

855.73µs ago: executing program 2 (id=10522):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

0s ago: executing program 3 (id=10523):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x10)
ptrace(0x10, 0x1)
read$FUSE(0xffffffffffffffff, &(0x7f00000074c0)={0x2020}, 0x2020)
r1 = gettid()
timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
ptrace$setopts(0x4206, 0x0, 0x0, 0x20004c)
recvmsg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000003c0)}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_usb_connect(0x0, 0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="1201010222736b4021049204e322"], &(0x7f0000000180)={0x0, 0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="160f"]})

kernel console output (not intermixed with test programs):

T30] audit: type=1326 audit(1728573600.196:7585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10708 comm="syz.3.9962" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd6383a9ff9 code=0x0
[ 2890.614350][  T384] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 2890.885902][  T384] usb 5-1: Using ep0 maxpacket: 32
[ 2890.902980][T10720] syz.0.9966[10720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2890.903053][T10720] syz.0.9966[10720] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2890.955763][   T30] audit: type=1326 audit(1728573601.046:7586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10719 comm="syz.0.9966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b12834ff9 code=0x7ffc0000
[ 2891.184605][  T384] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 2891.203665][  T384] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2891.213750][  T384] usb 5-1: Product: syz
[ 2891.223854][  T384] usb 5-1: Manufacturer: syz
[ 2891.243695][  T384] usb 5-1: SerialNumber: syz
[ 2891.268683][  T384] usb 5-1: config 0 descriptor??
[ 2891.278395][T10726] syz.0.9967[10726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2891.278469][T10726] syz.0.9967[10726] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2891.324775][  T384] hub 5-1:0.0: bad descriptor, ignoring hub
[ 2891.351727][  T384] hub: probe of 5-1:0.0 failed with error -5
[ 2891.510034][T10727] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2891.525779][T10706] UDC core: couldn't find an available UDC or it's busy: -16
[ 2891.527735][T10727] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2891.535081][T10706] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2891.553646][T10727] device bridge_slave_0 entered promiscuous mode
[ 2891.566753][T10727] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2891.581788][T10727] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2891.596271][T10727] device bridge_slave_1 entered promiscuous mode
[ 2891.674468][  T384] usb 5-1: USB disconnect, device number 122
[ 2891.749631][T10727] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2891.756527][T10727] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2891.763616][T10727] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2891.770396][T10727] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2891.810415][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2891.819218][ T8870] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2891.826785][ T8870] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2891.847470][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2891.856045][ T8870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2891.862902][ T8870] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2891.884662][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2891.892774][ T8870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2891.899637][ T8870] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2891.915676][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2892.338033][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2892.374551][T11163] device bridge_slave_1 left promiscuous mode
[ 2892.381588][T11163] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2892.409704][T11163] device bridge_slave_0 left promiscuous mode
[ 2892.434596][T11163] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2892.447298][T11163] device veth1_macvtap left promiscuous mode
[ 2892.453141][T11163] device veth0_vlan left promiscuous mode
[ 2892.463108][T10756] syz.1.9975[10756] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2892.463180][T10756] syz.1.9975[10756] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2893.081598][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2893.099191][T10752] loop4: detected capacity change from 0 to 40427
[ 2893.122641][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2893.172755][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2893.180788][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2893.193955][T10727] device veth0_vlan entered promiscuous mode
[ 2893.200217][T10752] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2893.216918][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2893.218285][T10752] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 2893.315146][T10752] F2FS-fs (loop4): invalid crc value
[ 2893.479235][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2893.493323][T10727] device veth1_macvtap entered promiscuous mode
[ 2893.503033][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2893.517349][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2893.530551][T10752] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 2893.535047][T10774] FAULT_INJECTION: forcing a failure.
[ 2893.535047][T10774] name failslab, interval 1, probability 0, space 0, times 0
[ 2893.552454][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2893.587714][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2893.593392][T10774] CPU: 1 PID: 10774 Comm: syz.1.9980 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 2893.605325][T10774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2893.610787][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2893.615223][T10774] Call Trace:
[ 2893.615231][T10774]  <TASK>
[ 2893.615238][T10774]  dump_stack_lvl+0x151/0x1c0
[ 2893.633538][T10774]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2893.635279][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2893.639000][T10774]  ? vfs_write+0x94d/0x1110
[ 2893.651152][T10774]  ? putname+0xfa/0x150
[ 2893.655148][T10774]  dump_stack+0x15/0x20
[ 2893.659136][T10774]  should_fail+0x3c6/0x510
[ 2893.663392][T10774]  __should_failslab+0xa4/0xe0
[ 2893.667992][T10774]  should_failslab+0x9/0x20
[ 2893.672331][T10774]  slab_pre_alloc_hook+0x37/0xd0
[ 2893.672403][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2893.677118][T10774]  ? __se_sys_mount+0x9b/0x3b0
[ 2893.677136][T10774]  __kmalloc_track_caller+0x6c/0x260
[ 2893.677154][T10774]  ? __se_sys_mount+0x9b/0x3b0
[ 2893.699324][T10774]  strndup_user+0x76/0x150
[ 2893.703576][T10774]  __se_sys_mount+0x9b/0x3b0
[ 2893.708003][T10774]  ? __x64_sys_mount+0xd0/0xd0
[ 2893.712603][T10774]  ? debug_smp_processor_id+0x17/0x20
[ 2893.717811][T10774]  __x64_sys_mount+0xbf/0xd0
[ 2893.722240][T10774]  x64_sys_call+0x49d/0x9a0
[ 2893.726575][T10774]  do_syscall_64+0x3b/0xb0
[ 2893.730827][T10774]  ? clear_bhb_loop+0x35/0x90
[ 2893.735343][T10774]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2893.741071][T10774] RIP: 0033:0x7f14c384aff9
[ 2893.745325][T10774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2893.764767][T10774] RSP: 002b:00007f14c24c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2893.773011][T10774] RAX: ffffffffffffffda RBX: 00007f14c3a02f80 RCX: 00007f14c384aff9
[ 2893.780824][T10774] RDX: 00000000200001c0 RSI: 0000000020000040 RDI: 0000000020000000
[ 2893.788635][T10774] RBP: 00007f14c24c4090 R08: 0000000020000240 R09: 0000000000000000
[ 2893.796445][T10774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2893.804256][T10774] R13: 0000000000000000 R14: 00007f14c3a02f80 R15: 00007ffc7fc72fe8
[ 2893.812075][T10774]  </TASK>
[ 2893.819326][T10752] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 2893.826360][T10752] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 2893.997767][T10785] sch_fq: defrate 0 ignored.
[ 2894.055126][T19584] handle_bad_sector: 50126 callbacks suppressed
[ 2894.055145][T19584] attempt to access beyond end of device
[ 2894.055145][T19584] loop1: rw=524288, want=59328, limit=40427
[ 2894.085064][T19584] attempt to access beyond end of device
[ 2894.085064][T19584] loop1: rw=524288, want=59336, limit=40427
[ 2894.096635][T19584] attempt to access beyond end of device
[ 2894.096635][T19584] loop1: rw=524288, want=59344, limit=40427
[ 2894.108170][T19584] attempt to access beyond end of device
[ 2894.108170][T19584] loop1: rw=524288, want=59352, limit=40427
[ 2894.119930][T19584] attempt to access beyond end of device
[ 2894.119930][T19584] loop1: rw=524288, want=59360, limit=40427
[ 2894.144720][T19584] attempt to access beyond end of device
[ 2894.144720][T19584] loop1: rw=524288, want=59368, limit=40427
[ 2894.156845][T19584] attempt to access beyond end of device
[ 2894.156845][T19584] loop1: rw=524288, want=59376, limit=40427
[ 2894.169295][T19584] attempt to access beyond end of device
[ 2894.169295][T19584] loop1: rw=524288, want=59384, limit=40427
[ 2894.181000][T10795] syz.1.9986[10795] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2894.181087][T10795] syz.1.9986[10795] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2894.193908][T19584] attempt to access beyond end of device
[ 2894.193908][T19584] loop1: rw=524288, want=59392, limit=40427
[ 2894.216918][T19584] attempt to access beyond end of device
[ 2894.216918][T19584] loop1: rw=0, want=57352, limit=40427
[ 2894.314349][ T4552] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 2894.554409][ T4552] usb 4-1: Using ep0 maxpacket: 32
[ 2894.854886][ T4552] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 2894.950407][ T4552] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2894.958779][   T30] kauditd_printk_skb: 114 callbacks suppressed
[ 2894.958793][   T30] audit: type=1326 audit(1728573605.116:7701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.2.9990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2894.978143][ T4552] usb 4-1: Product: syz
[ 2894.993955][   T30] audit: type=1326 audit(1728573605.146:7702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.2.9990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2895.022392][ T4552] usb 4-1: Manufacturer: syz
[ 2895.024442][T10812] loop2: detected capacity change from 0 to 1024
[ 2895.039085][ T4552] usb 4-1: SerialNumber: syz
[ 2895.047113][   T30] audit: type=1326 audit(1728573605.146:7703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.2.9990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2895.049550][ T4552] usb 4-1: config 0 descriptor??
[ 2895.074775][   T30] audit: type=1326 audit(1728573605.146:7704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.2.9990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2895.099581][   T30] audit: type=1326 audit(1728573605.146:7705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz.2.9990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2895.134760][ T4552] hub 4-1:0.0: bad descriptor, ignoring hub
[ 2895.141901][ T4552] hub: probe of 4-1:0.0 failed with error -5
[ 2895.566500][T10790] UDC core: couldn't find an available UDC or it's busy: -16
[ 2895.569470][T10825] loop2: detected capacity change from 0 to 256
[ 2895.584353][T10790] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2895.595570][T10825] FAT-fs (loop2): Unrecognized mount option "time_offset=0x0000000000000e	e0®{1fa" or missing value
[ 2895.704523][  T384] usb 4-1: USB disconnect, device number 9
[ 2896.031294][T10825] loop2: detected capacity change from 0 to 512
[ 2896.105119][T10825] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2896.137510][T10825] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.9994: bg 0: block 264: padding at end of block bitmap is not set
[ 2896.182835][T10825] EXT4-fs (loop2): Remounting filesystem read-only
[ 2896.209729][T10825] EXT4-fs (loop2): 1 truncate cleaned up
[ 2896.235850][T10825] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,errors=remount-ro,. Quota mode: none.
[ 2896.462003][   T30] audit: type=1326 audit(1728573606.606:7706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.4.10002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efca5559ff9 code=0x7ffc0000
[ 2896.462997][T10846] syz.4.10002[10846] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2896.504472][   T30] audit: type=1326 audit(1728573606.606:7707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.4.10002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efca5559ff9 code=0x7ffc0000
[ 2896.578368][T10846] syz.4.10002[10846] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2896.629521][   T30] audit: type=1326 audit(1728573606.726:7708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.4.10002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efca5559ff9 code=0x7ffc0000
[ 2896.696589][   T30] audit: type=1326 audit(1728573606.726:7709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10844 comm="syz.4.10002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efca5559ff9 code=0x7ffc0000
[ 2897.945362][T10879] loop2: detected capacity change from 0 to 1024
[ 2898.058444][T10879] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2898.164358][  T384] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[ 2898.212120][T10888] FAULT_INJECTION: forcing a failure.
[ 2898.212120][T10888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2898.252886][T10888] CPU: 0 PID: 10888 Comm: syz.3.10012 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 2898.262787][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2898.272686][T10888] Call Trace:
[ 2898.275806][T10888]  <TASK>
[ 2898.278583][T10888]  dump_stack_lvl+0x151/0x1c0
[ 2898.283097][T10888]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2898.288567][T10888]  dump_stack+0x15/0x20
[ 2898.292554][T10888]  should_fail+0x3c6/0x510
[ 2898.296808][T10888]  should_fail_usercopy+0x1a/0x20
[ 2898.301669][T10888]  _copy_to_user+0x20/0x90
[ 2898.305922][T10888]  simple_read_from_buffer+0xc7/0x150
[ 2898.311129][T10888]  proc_fail_nth_read+0x1a3/0x210
[ 2898.315990][T10888]  ? proc_fault_inject_write+0x390/0x390
[ 2898.321458][T10888]  ? fsnotify_perm+0x269/0x5b0
[ 2898.326058][T10888]  ? security_file_permission+0x86/0xb0
[ 2898.331436][T10888]  ? proc_fault_inject_write+0x390/0x390
[ 2898.336906][T10888]  vfs_read+0x27d/0xd40
[ 2898.340902][T10888]  ? kernel_read+0x1f0/0x1f0
[ 2898.345327][T10888]  ? __kasan_check_write+0x14/0x20
[ 2898.350272][T10888]  ? mutex_lock+0xb6/0x1e0
[ 2898.354527][T10888]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2898.360948][T10888]  ? __fdget_pos+0x2e7/0x3a0
[ 2898.365376][T10888]  ? ksys_read+0x77/0x2c0
[ 2898.369541][T10888]  ksys_read+0x199/0x2c0
[ 2898.373618][T10888]  ? __ia32_sys_recv+0xb0/0xb0
[ 2898.378223][T10888]  ? vfs_write+0x1110/0x1110
[ 2898.382649][T10888]  __x64_sys_read+0x7b/0x90
[ 2898.386989][T10888]  x64_sys_call+0x28/0x9a0
[ 2898.391239][T10888]  do_syscall_64+0x3b/0xb0
[ 2898.395494][T10888]  ? clear_bhb_loop+0x35/0x90
[ 2898.400013][T10888]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2898.405737][T10888] RIP: 0033:0x7fd6383a8a3c
[ 2898.409992][T10888] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 2898.429518][T10888] RSP: 002b:00007fd637002030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2898.437759][T10888] RAX: ffffffffffffffda RBX: 00007fd638562058 RCX: 00007fd6383a8a3c
[ 2898.445570][T10888] RDX: 000000000000000f RSI: 00007fd6370020a0 RDI: 0000000000000006
[ 2898.453384][T10888] RBP: 00007fd637002090 R08: 0000000000000000 R09: 0000000000000000
[ 2898.461192][T10888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2898.469004][T10888] R13: 0000000000000001 R14: 00007fd638562058 R15: 00007fff29b3a158
[ 2898.476821][T10888]  </TASK>
[ 2898.604380][  T384] usb 2-1: Using ep0 maxpacket: 32
[ 2899.070762][T19584] handle_bad_sector: 47227 callbacks suppressed
[ 2899.070783][T19584] attempt to access beyond end of device
[ 2899.070783][T19584] loop1: rw=0, want=58328, limit=40427
[ 2899.088815][T19584] attempt to access beyond end of device
[ 2899.088815][T19584] loop1: rw=0, want=58336, limit=40427
[ 2899.107634][T19584] attempt to access beyond end of device
[ 2899.107634][T19584] loop1: rw=0, want=58344, limit=40427
[ 2899.119569][T19584] attempt to access beyond end of device
[ 2899.119569][T19584] loop1: rw=0, want=58352, limit=40427
[ 2899.146377][T19584] attempt to access beyond end of device
[ 2899.146377][T19584] loop1: rw=0, want=58360, limit=40427
[ 2899.146385][  T384] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 2899.166277][  T384] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2899.170664][T19584] attempt to access beyond end of device
[ 2899.170664][T19584] loop1: rw=0, want=58368, limit=40427
[ 2899.174592][  T384] usb 2-1: Product: syz
[ 2899.188852][  T384] usb 2-1: Manufacturer: syz
[ 2899.193272][  T384] usb 2-1: SerialNumber: syz
[ 2899.198201][T19584] attempt to access beyond end of device
[ 2899.198201][T19584] loop1: rw=0, want=58376, limit=40427
[ 2899.209241][  T384] usb 2-1: config 0 descriptor??
[ 2899.214167][T19584] attempt to access beyond end of device
[ 2899.214167][T19584] loop1: rw=0, want=58384, limit=40427
[ 2899.225041][T19584] attempt to access beyond end of device
[ 2899.225041][T19584] loop1: rw=0, want=58392, limit=40427
[ 2899.236400][T19584] attempt to access beyond end of device
[ 2899.236400][T19584] loop1: rw=0, want=58400, limit=40427
[ 2899.237192][T10905] syz.4.10017[10905] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2899.247208][   T30] audit: type=1326 audit(1728573609.386:7710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10904 comm="syz.4.10017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efca5559ff9 code=0x7ffc0000
[ 2899.254702][  T384] hub 2-1:0.0: bad descriptor, ignoring hub
[ 2899.258944][T10905] syz.4.10017[10905] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2899.297322][  T384] hub: probe of 2-1:0.0 failed with error -5
[ 2899.480438][T10878] UDC core: couldn't find an available UDC or it's busy: -16
[ 2899.487748][T10878] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 2899.615753][T10472] usb 2-1: USB disconnect, device number 124
[ 2899.664379][  T580] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 2899.943855][T10914] syz.2.10020[10914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2899.943938][T10914] syz.2.10020[10914] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2899.964476][   T30] kauditd_printk_skb: 53 callbacks suppressed
[ 2899.964492][   T30] audit: type=1326 audit(1728573610.116:7764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.005357][  T580] usb 5-1: no configurations
[ 2900.014357][  T580] usb 5-1: can't read configurations, error -22
[ 2900.062228][   T30] audit: type=1326 audit(1728573610.166:7765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.107924][   T30] audit: type=1326 audit(1728573610.246:7766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10913 comm="syz.2.10020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd136560adf code=0x7ffc0000
[ 2900.174400][  T580] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[ 2900.381428][   T30] audit: type=1326 audit(1728573610.356:7767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.404775][   T30] audit: type=1326 audit(1728573610.376:7768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.453580][T10914] loop2: detected capacity change from 0 to 40427
[ 2900.459901][   T30] audit: type=1326 audit(1728573610.596:7769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.501068][   T30] audit: type=1326 audit(1728573610.596:7770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10913 comm="syz.2.10020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd136562087 code=0x7ffc0000
[ 2900.514519][  T580] usb 5-1: no configurations
[ 2900.524512][   T30] audit: type=1326 audit(1728573610.596:7771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10913 comm="syz.2.10020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd136560990 code=0x7ffc0000
[ 2900.533890][  T580] usb 5-1: can't read configurations, error -22
[ 2900.564380][   T30] audit: type=1326 audit(1728573610.596:7772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10913 comm="syz.2.10020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd136561bfb code=0x7ffc0000
[ 2900.568784][  T580] usb usb5-port1: attempt power cycle
[ 2900.589516][T10914] F2FS-fs (loop2): invalid crc value
[ 2900.600669][T10922] syz.0.10023[10922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2900.600743][T10922] syz.0.10023[10922] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2900.612405][   T30] audit: type=1326 audit(1728573610.626:7773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10907 comm="syz.4.10018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efca5559bfb code=0x7ffc0000
[ 2900.648699][T10914] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 2900.715123][T10914] F2FS-fs (loop2): recover fsync data on readonly fs
[ 2900.721868][T10914] F2FS-fs (loop2): checkpoint=disable on readonly fs
[ 2900.994382][  T580] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[ 2901.824999][  T580] usb 5-1: no configurations
[ 2901.830877][  T580] usb 5-1: can't read configurations, error -22
[ 2901.971627][T10941] syz.1.10029[10941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2901.971701][T10941] syz.1.10029[10941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2902.047947][T10943] syz.0.10027[10943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2902.059515][T10943] syz.0.10027[10943] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2902.114393][  T580] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[ 2902.374637][  T580] usb 5-1: no configurations
[ 2902.380217][  T580] usb 5-1: can't read configurations, error -22
[ 2902.386813][T10956] FAULT_INJECTION: forcing a failure.
[ 2902.386813][T10956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2902.400009][  T580] usb usb5-port1: unable to enumerate USB device
[ 2902.408266][T10956] CPU: 1 PID: 10956 Comm: syz.1.10032 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 2902.418147][T10956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2902.428043][T10956] Call Trace:
[ 2902.431166][T10956]  <TASK>
[ 2902.433946][T10956]  dump_stack_lvl+0x151/0x1c0
[ 2902.438459][T10956]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2902.443928][T10956]  dump_stack+0x15/0x20
[ 2902.447919][T10956]  should_fail+0x3c6/0x510
[ 2902.452172][T10956]  should_fail_usercopy+0x1a/0x20
[ 2902.457035][T10956]  _copy_from_user+0x20/0xd0
[ 2902.461461][T10956]  __sys_bpf+0x1e9/0x760
[ 2902.465539][T10956]  ? fput_many+0x160/0x1b0
[ 2902.469789][T10956]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 2902.475003][T10956]  ? debug_smp_processor_id+0x17/0x20
[ 2902.480207][T10956]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2902.486115][T10956]  __x64_sys_bpf+0x7c/0x90
[ 2902.490362][T10956]  x64_sys_call+0x87f/0x9a0
[ 2902.494699][T10956]  do_syscall_64+0x3b/0xb0
[ 2902.498954][T10956]  ? clear_bhb_loop+0x35/0x90
[ 2902.503472][T10956]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2902.509194][T10956] RIP: 0033:0x7f14c384aff9
[ 2902.513448][T10956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2902.532891][T10956] RSP: 002b:00007f14c24c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2902.541135][T10956] RAX: ffffffffffffffda RBX: 00007f14c3a02f80 RCX: 00007f14c384aff9
[ 2902.548946][T10956] RDX: 0000000000000070 RSI: 00000000200000c0 RDI: 0000000000000005
[ 2902.556756][T10956] RBP: 00007f14c24c4090 R08: 0000000000000000 R09: 0000000000000000
[ 2902.564567][T10956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2902.572382][T10956] R13: 0000000000000000 R14: 00007f14c3a02f80 R15: 00007ffc7fc72fe8
[ 2902.580195][T10956]  </TASK>
[ 2904.074327][T19584] handle_bad_sector: 114082 callbacks suppressed
[ 2904.074347][T19584] attempt to access beyond end of device
[ 2904.074347][T19584] loop1: rw=0, want=57656, limit=40427
[ 2904.091343][T19584] attempt to access beyond end of device
[ 2904.091343][T19584] loop1: rw=0, want=57664, limit=40427
[ 2904.102072][T19584] attempt to access beyond end of device
[ 2904.102072][T19584] loop1: rw=0, want=57672, limit=40427
[ 2904.112847][T19584] attempt to access beyond end of device
[ 2904.112847][T19584] loop1: rw=0, want=57680, limit=40427
[ 2904.124540][T19584] attempt to access beyond end of device
[ 2904.124540][T19584] loop1: rw=0, want=57688, limit=40427
[ 2904.135360][T19584] attempt to access beyond end of device
[ 2904.135360][T19584] loop1: rw=0, want=57696, limit=40427
[ 2904.146135][T19584] attempt to access beyond end of device
[ 2904.146135][T19584] loop1: rw=0, want=57704, limit=40427
[ 2904.156938][T19584] attempt to access beyond end of device
[ 2904.156938][T19584] loop1: rw=0, want=57712, limit=40427
[ 2904.167818][T19584] attempt to access beyond end of device
[ 2904.167818][T19584] loop1: rw=0, want=57720, limit=40427
[ 2904.179042][T19584] attempt to access beyond end of device
[ 2904.179042][T19584] loop1: rw=0, want=57728, limit=40427
[ 2905.018599][   T30] kauditd_printk_skb: 74 callbacks suppressed
[ 2905.018613][   T30] audit: type=1326 audit(1728573615.166:7848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10989 comm="syz.2.10042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.019204][T10990] syz.2.10042[10990] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2905.024863][   T30] audit: type=1326 audit(1728573615.166:7849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10989 comm="syz.2.10042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.083510][T10990] syz.2.10042[10990] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2905.084833][   T30] audit: type=1326 audit(1728573615.236:7850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10989 comm="syz.2.10042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.119687][   T30] audit: type=1326 audit(1728573615.236:7851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10989 comm="syz.2.10042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.200758][   T30] audit: type=1326 audit(1728573615.346:7852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.2.10043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.201138][T10994] syz.2.10043[10994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2905.224379][T10994] syz.2.10043[10994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2905.242565][   T30] audit: type=1326 audit(1728573615.346:7853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.2.10043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.279124][   T30] audit: type=1326 audit(1728573615.386:7854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.2.10043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.304561][   T30] audit: type=1326 audit(1728573615.386:7855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.2.10043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2905.328248][   T30] audit: type=1326 audit(1728573615.386:7856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10993 comm="syz.2.10043" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd136561ff9 code=0x7ffc0000
[ 2906.277638][T11008] loop2: detected capacity change from 0 to 512
[ 2906.356008][T11008] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[ 2906.356008][T11008] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[ 2906.356008][T11008] 
[ 2906.374272][T11008] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[ 2906.382132][T11008] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 2906.460516][T11008] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a0028118, mo2=0002]
[ 2906.471364][T11008] System zones: 1-12
[ 2906.476639][T11008] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2219: inode #15: comm syz.2.10047: corrupted in-inode xattr
[ 2906.488841][T11008] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.10047: couldn't read orphan inode 15 (err -117)
[ 2906.500855][T11008] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouser_xattr,journal_ioprio=0x0000000000000004,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,debug,,errors=continue. Quota mode: none.
[ 2906.776761][   T30] audit: type=1400 audit(1728573616.926:7857): avc:  denied  { link } for  pid=11007 comm="syz.2.10047" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 2906.844019][T11008] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #2: block 13: comm syz.2.10047: lblock 0 mapped to illegal pblock 13 (length 1)
[ 2906.903639][T10727] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #2: block 13: comm syz-executor: lblock 0 mapped to illegal pblock 13 (length 1)
[ 2906.928345][T10727] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[ 2906.956106][T10727] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm syz-executor: Invalid inode table block 1633771873 in block_group 0
[ 2906.973206][T10727] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5834: Corrupt filesystem
[ 2906.982760][T10727] EXT4-fs error (device loop2): ext4_dirty_inode:6038: inode #2: comm syz-executor: mark_inode_dirty error
[ 2906.998284][ T1399] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:8: Invalid inode table block 1633771873 in block_group 0
[ 2907.011938][ T1399] EXT4-fs error (device loop2): __ext4_get_inode_loc:4351: comm kworker/u4:8: Invalid inode table block 1633771873 in block_group 0
[ 2907.186641][T11026] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2907.193587][T11026] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2907.202733][T11026] device bridge_slave_0 entered promiscuous mode
[ 2907.212344][T11026] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2907.219401][T11026] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2907.226809][T11026] device bridge_slave_1 entered promiscuous mode
[ 2907.348866][T11026] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2907.355761][T11026] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2907.362849][T11026] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2907.369634][T11026] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2907.407647][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2907.425031][T11163] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2907.557323][T11163] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2907.624813][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2907.666609][T11163] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2907.673482][T11163] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2907.691670][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2907.704294][T11163] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2907.711179][T11163] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2907.770601][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2907.886561][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2907.936328][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2907.947601][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2907.976919][T11026] device veth0_vlan entered promiscuous mode
[ 2907.988133][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2907.998955][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2908.024913][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2908.062962][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2908.071338][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2908.094762][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2908.758730][T11026] device veth1_macvtap entered promiscuous mode
[ 2908.766619][ T1399] device bridge_slave_1 left promiscuous mode
[ 2908.772820][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2908.785664][ T1399] device bridge_slave_0 left promiscuous mode
[ 2908.791623][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2908.799768][ T1399] device veth1_macvtap left promiscuous mode
[ 2908.810747][ T1399] device veth0_vlan left promiscuous mode
[ 2909.084343][T19584] handle_bad_sector: 91797 callbacks suppressed
[ 2909.084364][T19584] attempt to access beyond end of device
[ 2909.084364][T19584] loop1: rw=0, want=58928, limit=40427
[ 2909.101478][T19584] attempt to access beyond end of device
[ 2909.101478][T19584] loop1: rw=0, want=58936, limit=40427
[ 2909.112719][T19584] attempt to access beyond end of device
[ 2909.112719][T19584] loop1: rw=0, want=58944, limit=40427
[ 2909.123622][T19584] attempt to access beyond end of device
[ 2909.123622][T19584] loop1: rw=0, want=58952, limit=40427
[ 2909.134462][T19584] attempt to access beyond end of device
[ 2909.134462][T19584] loop1: rw=0, want=58960, limit=40427
[ 2909.145257][T19584] attempt to access beyond end of device
[ 2909.145257][T19584] loop1: rw=0, want=58968, limit=40427
[ 2909.158705][T19584] attempt to access beyond end of device
[ 2909.158705][T19584] loop1: rw=0, want=58976, limit=40427
[ 2909.169658][T19584] attempt to access beyond end of device
[ 2909.169658][T19584] loop1: rw=0, want=58984, limit=40427
[ 2909.182428][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2909.190220][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2909.199104][T19584] attempt to access beyond end of device
[ 2909.199104][T19584] loop1: rw=0, want=58992, limit=40427
[ 2909.210483][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2909.219187][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2909.227346][T19584] attempt to access beyond end of device
[ 2909.227346][T19584] loop1: rw=0, want=59000, limit=40427
[ 2909.229516][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2909.291657][T11061] syz.1.10063[11061] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2909.291730][T11061] syz.1.10063[11061] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2910.326301][T11071] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2910.338011][T11083] syz.2.10067[11083] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2910.347240][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 2910.347253][   T30] audit: type=1326 audit(1728573620.496:7875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f14c3849adf code=0x7ffc0000
[ 2910.364363][T11071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2910.369618][T11083] syz.2.10067[11083] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2910.395969][T11071] device bridge_slave_0 entered promiscuous mode
[ 2910.437380][T11071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2910.445681][T11071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2910.505057][T11071] device bridge_slave_1 entered promiscuous mode
[ 2910.518155][   T30] audit: type=1326 audit(1728573620.666:7876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f14c384b087 code=0x7ffc0000
[ 2910.564785][   T30] audit: type=1326 audit(1728573620.666:7877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f14c3849990 code=0x7ffc0000
[ 2910.873828][   T30] audit: type=1326 audit(1728573620.666:7878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f14c384abfb code=0x7ffc0000
[ 2910.897987][   T30] audit: type=1326 audit(1728573620.666:7879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f14c384abfb code=0x7ffc0000
[ 2910.968460][   T30] audit: type=1326 audit(1728573620.666:7880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f14c387d0e5 code=0x7ffc0000
[ 2911.013760][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2911.017855][   T30] audit: type=1326 audit(1728573620.666:7881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f14c384abfb code=0x7ffc0000
[ 2911.023826][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2911.068529][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2911.076528][   T30] audit: type=1326 audit(1728573620.666:7882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f14c3849c8a code=0x7ffc0000
[ 2911.076555][   T30] audit: type=1326 audit(1728573620.666:7883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f14c3849c8a code=0x7ffc0000
[ 2911.076576][   T30] audit: type=1326 audit(1728573620.726:7884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11060 comm="syz.1.10063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2911.147432][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2911.156115][ T8870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2911.162950][ T8870] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2911.170169][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2911.179087][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2911.187147][ T8870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2911.193977][ T8870] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2911.201213][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2911.221273][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2911.237186][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2911.269558][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2911.317217][  T384] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 2911.341211][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2911.354634][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2911.380112][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2911.394940][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2911.435299][T11071] device veth0_vlan entered promiscuous mode
[ 2911.453602][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2911.462836][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2911.472209][T11071] device veth1_macvtap entered promiscuous mode
[ 2911.482770][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2911.490977][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2911.499815][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2911.742120][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2911.757704][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2911.795192][ T1399] device bridge_slave_1 left promiscuous mode
[ 2911.801368][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2911.830936][T11113] loop4: detected capacity change from 0 to 1024
[ 2911.837813][ T1399] device bridge_slave_0 left promiscuous mode
[ 2911.843753][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2911.867100][ T1399] device veth1_macvtap left promiscuous mode
[ 2911.875562][  T384] usb 4-1: no configurations
[ 2911.878448][ T1399] device veth0_vlan left promiscuous mode
[ 2911.879970][  T384] usb 4-1: can't read configurations, error -22
[ 2911.944787][T11113] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 2911.967857][T11113] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #14: comm syz.4.10064: attempt to clear invalid blocks 1886221359 len 1
[ 2912.008492][T11118] syz.1.10077[11118] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2912.008569][T11118] syz.1.10077[11118] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2912.024354][  T384] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 2912.067749][T11120] syz.1.10079[11120] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2912.067827][T11120] syz.1.10079[11120] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2912.374714][  T384] usb 4-1: no configurations
[ 2912.410948][  T384] usb 4-1: can't read configurations, error -22
[ 2912.431418][  T384] usb usb4-port1: attempt power cycle
[ 2913.047372][  T384] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 2913.388416][T11146] FAULT_INJECTION: forcing a failure.
[ 2913.388416][T11146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2913.403859][T11146] CPU: 1 PID: 11146 Comm: syz.2.10086 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 2913.413750][T11146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2913.423644][T11146] Call Trace:
[ 2913.426769][T11146]  <TASK>
[ 2913.429546][T11146]  dump_stack_lvl+0x151/0x1c0
[ 2913.434059][T11146]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2913.439528][T11146]  dump_stack+0x15/0x20
[ 2913.443520][T11146]  should_fail+0x3c6/0x510
[ 2913.447773][T11146]  should_fail_usercopy+0x1a/0x20
[ 2913.452632][T11146]  _copy_from_user+0x20/0xd0
[ 2913.455300][  T384] usb 4-1: no configurations
[ 2913.457058][T11146]  __sys_bpf+0x1e9/0x760
[ 2913.462325][  T384] usb 4-1: can't read configurations, error -22
[ 2913.465564][T11146]  ? fput_many+0x160/0x1b0
[ 2913.465585][T11146]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 2913.465605][T11146]  ? debug_smp_processor_id+0x17/0x20
[ 2913.486313][T11146]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2913.492211][T11146]  __x64_sys_bpf+0x7c/0x90
[ 2913.496463][T11146]  x64_sys_call+0x87f/0x9a0
[ 2913.500804][T11146]  do_syscall_64+0x3b/0xb0
[ 2913.505056][T11146]  ? clear_bhb_loop+0x35/0x90
[ 2913.509571][T11146]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2913.515298][T11146] RIP: 0033:0x7f2a47da9ff9
[ 2913.519551][T11146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2913.538993][T11146] RSP: 002b:00007f2a46a23038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2913.547237][T11146] RAX: ffffffffffffffda RBX: 00007f2a47f61f80 RCX: 00007f2a47da9ff9
[ 2913.555049][T11146] RDX: 0000000000000020 RSI: 0000000020000140 RDI: 0000000000000012
[ 2913.562862][T11146] RBP: 00007f2a46a23090 R08: 0000000000000000 R09: 0000000000000000
[ 2913.570674][T11146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2913.578484][T11146] R13: 0000000000000000 R14: 00007f2a47f61f80 R15: 00007fffbd9016e8
[ 2913.586300][T11146]  </TASK>
[ 2913.634429][  T384] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 2913.885403][  T384] usb 4-1: no configurations
[ 2913.936175][  T384] usb 4-1: can't read configurations, error -22
[ 2913.961864][  T384] usb usb4-port1: unable to enumerate USB device
[ 2914.024425][  T403] usb 2-1: new high-speed USB device number 125 using dummy_hcd
[ 2914.115468][T19584] handle_bad_sector: 60539 callbacks suppressed
[ 2914.115486][T19584] attempt to access beyond end of device
[ 2914.115486][T19584] loop1: rw=524288, want=57944, limit=40427
[ 2914.126566][T11156] syz.4.10089[11156] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2914.133031][T19584] attempt to access beyond end of device
[ 2914.133031][T19584] loop1: rw=524288, want=57952, limit=40427
[ 2914.134471][T11156] syz.4.10089[11156] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2914.144533][T19584] attempt to access beyond end of device
[ 2914.144533][T19584] loop1: rw=524288, want=57960, limit=40427
[ 2914.178306][T19584] attempt to access beyond end of device
[ 2914.178306][T19584] loop1: rw=524288, want=57968, limit=40427
[ 2914.190137][T19584] attempt to access beyond end of device
[ 2914.190137][T19584] loop1: rw=524288, want=57976, limit=40427
[ 2914.203833][T19584] attempt to access beyond end of device
[ 2914.203833][T19584] loop1: rw=524288, want=57984, limit=40427
[ 2914.216244][T19584] attempt to access beyond end of device
[ 2914.216244][T19584] loop1: rw=524288, want=57992, limit=40427
[ 2914.227861][T19584] attempt to access beyond end of device
[ 2914.227861][T19584] loop1: rw=524288, want=58000, limit=40427
[ 2914.239312][T19584] attempt to access beyond end of device
[ 2914.239312][T19584] loop1: rw=524288, want=58008, limit=40427
[ 2914.250918][T19584] attempt to access beyond end of device
[ 2914.250918][T19584] loop1: rw=524288, want=58016, limit=40427
[ 2914.454713][  T403] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2914.464594][  T403] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 2914.474222][  T403] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2914.614420][  T403] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2914.626567][  T403] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2914.644557][  T403] usb 2-1: SerialNumber: syz
[ 2914.695034][  T403] usb-storage 2-1:1.0: USB Mass Storage device detected
[ 2914.770615][T11164] loop2: detected capacity change from 0 to 40427
[ 2914.846046][T11164] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2914.853600][T11164] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2914.862595][T11164] F2FS-fs (loop2): invalid crc value
[ 2914.869357][T11164] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2914.903868][  T384] usb 2-1: USB disconnect, device number 125
[ 2914.914985][T11164] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2914.921932][T11164] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2915.523378][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 2915.523395][   T30] audit: type=1326 audit(1728573625.666:7950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.553380][T11180] syz.1.10096[11180] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2915.553491][T11180] syz.1.10096[11180] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2915.577095][   T30] audit: type=1326 audit(1728573625.666:7951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.634551][   T30] audit: type=1326 audit(1728573625.696:7952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.658717][   T30] audit: type=1326 audit(1728573625.726:7953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.682396][   T30] audit: type=1326 audit(1728573625.726:7954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.706108][   T30] audit: type=1326 audit(1728573625.726:7955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.731493][   T30] audit: type=1326 audit(1728573625.756:7956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.755165][   T30] audit: type=1326 audit(1728573625.756:7957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.778829][   T30] audit: type=1326 audit(1728573625.756:7958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2915.804568][   T30] audit: type=1326 audit(1728573625.756:7959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11179 comm="syz.1.10096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14c384aff9 code=0x7ffc0000
[ 2916.728249][T11196] syz.1.10100[11196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2916.728326][T11196] syz.1.10100[11196] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2917.628881][T11207] loop2: detected capacity change from 0 to 512
[ 2917.726737][T11207] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2917.738363][T11207] EXT4-fs (loop2): 1 truncate cleaned up
[ 2917.743825][T11207] EXT4-fs (loop2): mounted filesystem without journal. Opts: resuid=0x0000000000000000,init_itable,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[ 2918.641690][T11227] syz.1.10107[11227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2918.641764][T11227] syz.1.10107[11227] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2919.126768][T19584] handle_bad_sector: 88493 callbacks suppressed
[ 2919.126787][T19584] attempt to access beyond end of device
[ 2919.126787][T19584] loop1: rw=524288, want=57352, limit=40427
[ 2919.156384][T11232] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2919.163303][T11232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2919.168528][T19584] attempt to access beyond end of device
[ 2919.168528][T19584] loop1: rw=524288, want=57360, limit=40427
[ 2919.170873][T11232] device bridge_slave_0 entered promiscuous mode
[ 2919.197080][T11232] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2919.203954][T11232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2919.204467][T19584] attempt to access beyond end of device
[ 2919.204467][T19584] loop1: rw=524288, want=57368, limit=40427
[ 2919.211284][T11232] device bridge_slave_1 entered promiscuous mode
[ 2919.237450][T19584] attempt to access beyond end of device
[ 2919.237450][T19584] loop1: rw=524288, want=57376, limit=40427
[ 2919.249000][T19584] attempt to access beyond end of device
[ 2919.249000][T19584] loop1: rw=524288, want=57384, limit=40427
[ 2919.260605][T19584] attempt to access beyond end of device
[ 2919.260605][T19584] loop1: rw=524288, want=57392, limit=40427
[ 2919.272058][T19584] attempt to access beyond end of device
[ 2919.272058][T19584] loop1: rw=524288, want=57400, limit=40427
[ 2919.283448][T19584] attempt to access beyond end of device
[ 2919.283448][T19584] loop1: rw=524288, want=57408, limit=40427
[ 2919.294857][T19584] attempt to access beyond end of device
[ 2919.294857][T19584] loop1: rw=524288, want=57416, limit=40427
[ 2919.306327][T19584] attempt to access beyond end of device
[ 2919.306327][T19584] loop1: rw=524288, want=57424, limit=40427
[ 2919.328206][T11163] device bridge_slave_1 left promiscuous mode
[ 2919.335620][T11163] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2919.343185][T11163] device bridge_slave_0 left promiscuous mode
[ 2919.357132][T11163] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2919.422907][T11163] device veth1_macvtap left promiscuous mode
[ 2919.429054][T11163] device veth0_vlan left promiscuous mode
[ 2919.688831][T11242] syz.4.10112[11242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2919.689748][T11242] syz.4.10112[11242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2919.865699][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2919.894672][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2919.916499][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2919.934642][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2919.944728][ T1399] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2919.951567][ T1399] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2919.976596][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2919.994518][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2920.005048][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2920.024420][ T1399] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2920.031265][ T1399] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2920.052659][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2920.066490][T11242] loop4: detected capacity change from 0 to 40427
[ 2920.072865][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2920.091261][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2920.103717][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2920.114990][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2920.123003][T11242] F2FS-fs (loop4): invalid crc value
[ 2920.128989][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2920.137023][T11242] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 2920.149840][T11232] device veth0_vlan entered promiscuous mode
[ 2920.164889][T11242] F2FS-fs (loop4): recover fsync data on readonly fs
[ 2920.171505][T11232] device veth1_macvtap entered promiscuous mode
[ 2920.174513][T11242] F2FS-fs (loop4): checkpoint=disable on readonly fs
[ 2920.184230][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2920.239803][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2920.251700][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2920.261707][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2920.330748][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2921.577475][T11269] syz.4.10120[11269] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2921.577543][T11269] syz.4.10120[11269] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2921.577838][   T30] kauditd_printk_skb: 70 callbacks suppressed
[ 2921.577851][   T30] audit: type=1326 audit(1728573631.726:8030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.707248][   T30] audit: type=1326 audit(1728573631.726:8031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.773832][   T30] audit: type=1326 audit(1728573631.746:8032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.811701][T11261] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2921.818593][T11261] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2921.825983][T11261] device bridge_slave_0 entered promiscuous mode
[ 2921.833091][   T30] audit: type=1326 audit(1728573631.746:8033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.835155][T11261] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2921.856616][   T30] audit: type=1326 audit(1728573631.776:8034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.886735][   T30] audit: type=1326 audit(1728573631.786:8035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.910413][   T30] audit: type=1326 audit(1728573631.786:8036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.917360][T11261] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2921.943978][   T30] audit: type=1326 audit(1728573631.786:8037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2921.984349][   T30] audit: type=1326 audit(1728573631.786:8038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2922.014805][T11261] device bridge_slave_1 entered promiscuous mode
[ 2922.061435][   T30] audit: type=1326 audit(1728573631.786:8039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.4.10120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fb5c3294ff9 code=0x7ffc0000
[ 2922.104650][T11266] loop2: detected capacity change from 0 to 40427
[ 2922.112083][T11269] loop4: detected capacity change from 0 to 40427
[ 2922.151120][T11269] F2FS-fs (loop4): invalid crc value
[ 2922.175777][T11266] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 2922.190807][T11266] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 2922.206795][T11269] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 2922.208838][T11266] F2FS-fs (loop2): invalid crc value
[ 2922.479038][T11270] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2922.486972][T11270] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2922.505266][T11266] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 2922.511779][T11269] F2FS-fs (loop4): recover fsync data on readonly fs
[ 2922.525860][T11269] F2FS-fs (loop4): checkpoint=disable on readonly fs
[ 2922.534865][T11270] device bridge_slave_0 entered promiscuous mode
[ 2922.544709][T11270] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2922.551549][T11270] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2922.574880][T11270] device bridge_slave_1 entered promiscuous mode
[ 2922.581882][ T1399] device bridge_slave_1 left promiscuous mode
[ 2922.588260][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2922.596143][T11266] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 2922.603070][T11266] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 2922.610832][ T1399] device bridge_slave_0 left promiscuous mode
[ 2922.616899][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2922.645386][ T1399] device veth1_macvtap left promiscuous mode
[ 2922.651214][ T1399] device veth0_vlan left promiscuous mode
[ 2923.340564][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2923.350910][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2923.366243][T11292] netlink: 60 bytes leftover after parsing attributes in process `syz.1.10123'.
[ 2923.379823][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2923.392092][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2923.409385][ T8870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2923.416253][ T8870] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2923.424492][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2923.432888][T11292] tipc: Started in network mode
[ 2923.437794][T11292] tipc: Node identity ac14140f, cluster identity 4711
[ 2923.444849][T11292] tipc: New replicast peer: 255.255.255.255
[ 2923.451091][T11292] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2923.459354][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2923.484951][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2923.494609][ T8870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2923.501454][ T8870] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2923.559336][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2923.567873][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2923.582916][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2923.591762][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2923.700411][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2923.708915][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2923.835807][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2923.876663][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2923.916688][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2923.957891][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2923.965949][  T580] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[ 2923.973823][  T926] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2923.980695][  T926] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2923.988628][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2923.996558][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2924.004843][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2924.013035][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2924.021213][  T926] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2924.028072][  T926] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2924.036425][T11261] device veth0_vlan entered promiscuous mode
[ 2924.068076][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2924.076423][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2924.083743][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2924.091238][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2924.100301][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2924.117234][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2924.128254][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2924.137931][T19584] handle_bad_sector: 86711 callbacks suppressed
[ 2924.137944][T19584] attempt to access beyond end of device
[ 2924.137944][T19584] loop1: rw=524288, want=58880, limit=40427
[ 2924.155414][T19584] attempt to access beyond end of device
[ 2924.155414][T19584] loop1: rw=524288, want=58888, limit=40427
[ 2924.167235][T19584] attempt to access beyond end of device
[ 2924.167235][T19584] loop1: rw=524288, want=58896, limit=40427
[ 2924.178509][T19584] attempt to access beyond end of device
[ 2924.178509][T19584] loop1: rw=524288, want=58904, limit=40427
[ 2924.193199][T19584] attempt to access beyond end of device
[ 2924.193199][T19584] loop1: rw=524288, want=58912, limit=40427
[ 2924.206934][T19584] attempt to access beyond end of device
[ 2924.206934][T19584] loop1: rw=524288, want=58920, limit=40427
[ 2924.220815][T19584] attempt to access beyond end of device
[ 2924.220815][T19584] loop1: rw=524288, want=58928, limit=40427
[ 2924.272710][T19584] attempt to access beyond end of device
[ 2924.272710][T19584] loop1: rw=524288, want=58936, limit=40427
[ 2924.288820][T19584] attempt to access beyond end of device
[ 2924.288820][T19584] loop1: rw=524288, want=58944, limit=40427
[ 2924.301877][T19584] attempt to access beyond end of device
[ 2924.301877][T19584] loop1: rw=524288, want=58952, limit=40427
[ 2924.338420][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2924.346735][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2924.355000][  T580] usb 5-1: no configurations
[ 2924.359580][  T580] usb 5-1: can't read configurations, error -22
[ 2924.377827][T11261] device veth1_macvtap entered promiscuous mode
[ 2924.384558][T11270] device veth0_vlan entered promiscuous mode
[ 2924.390693][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2924.399576][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2924.408597][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2924.417460][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2924.426119][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2924.450333][T11270] device veth1_macvtap entered promiscuous mode
[ 2924.457496][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2924.470946][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2924.478609][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2924.491505][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2924.500436][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2924.508781][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2924.516964][  T580] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 2924.524645][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2924.532414][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2924.540925][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2924.571057][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2924.584611][T32231] tipc: Node number set to 2886997007
[ 2924.586917][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2924.599492][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2924.601971][T11309] syz.0.10115[11309] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2924.607648][  T926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2924.616528][T11309] syz.0.10115[11309] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2924.701346][ T1399] device bridge_slave_1 left promiscuous mode
[ 2924.728271][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2924.737201][ T1399] device bridge_slave_0 left promiscuous mode
[ 2924.743915][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2924.809671][ T1399] device veth1_macvtap left promiscuous mode
[ 2924.815791][ T1399] device veth0_vlan left promiscuous mode
[ 2925.134647][  T580] usb 5-1: no configurations
[ 2925.141550][  T580] usb 5-1: can't read configurations, error -22
[ 2925.147914][  T580] usb usb5-port1: attempt power cycle
[ 2925.391447][T11323] 9pnet: Insufficient options for proto=fd
[ 2925.555819][  T580] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 2925.687543][ T3428] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 2925.744576][  T580] usb 5-1: no configurations
[ 2925.749042][  T580] usb 5-1: can't read configurations, error -22
[ 2925.904461][  T580] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 2926.015481][T11334] syz.1.10133[11334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2926.015555][T11334] syz.1.10133[11334] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2926.084430][  T580] usb 5-1: no configurations
[ 2926.104344][ T3428] usb 3-1: Using ep0 maxpacket: 16
[ 2926.106115][  T580] usb 5-1: can't read configurations, error -22
[ 2926.117937][  T580] usb usb5-port1: unable to enumerate USB device
[ 2926.254418][ T3428] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2926.274388][ T3428] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 2926.283942][ T3428] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2926.304329][ T3428] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 2926.313793][ T3428] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[ 2926.354353][ T3428] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2926.363256][ T3428] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2926.404423][T11323] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 2926.444824][ T3428] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[ 2926.452563][ T3428] cdc_acm: probe of 3-1:1.0 failed with error -12
[ 2926.679698][T11354] device wireguard0 entered promiscuous mode
[ 2926.831796][T11362] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[ 2927.161869][   T30] kauditd_printk_skb: 68 callbacks suppressed
[ 2927.161885][   T30] audit: type=1400 audit(1728573637.306:8108): avc:  denied  { nlmsg_write } for  pid=11373 comm="syz.3.10147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 2927.274024][   T30] audit: type=1400 audit(1728573637.356:8109): avc:  denied  { audit_write } for  pid=11373 comm="syz.3.10147" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 2927.300841][   T30] audit: type=1107 audit(1728573637.356:8110): pid=11373 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 2928.055186][  T926] tipc: Disabling bearer <udp:syz2>
[ 2928.260772][  T926] tipc: Left network mode
[ 2928.310942][   T30] audit: type=1326 audit(1728573638.456:8111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.342642][  T384] usb 3-1: USB disconnect, device number 122
[ 2928.390075][T11428] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2928.400965][T11428] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2928.408152][   T30] audit: type=1326 audit(1728573638.456:8112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.414787][T11428] device bridge_slave_0 entered promiscuous mode
[ 2928.431587][   T30] audit: type=1326 audit(1728573638.456:8113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.461724][   T30] audit: type=1326 audit(1728573638.456:8114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.485443][   T30] audit: type=1326 audit(1728573638.456:8115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.495016][T11428] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2928.508955][   T30] audit: type=1326 audit(1728573638.456:8116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.541719][   T30] audit: type=1326 audit(1728573638.456:8117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.3.10162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa588d50ff9 code=0x7fc00000
[ 2928.564326][T11428] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2928.587174][T11428] device bridge_slave_1 entered promiscuous mode
[ 2928.765937][T11444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2928.772955][T11444] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2928.915724][T11447] device bridge_slave_1 left promiscuous mode
[ 2928.922140][T11447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2928.945941][T11447] device bridge_slave_0 left promiscuous mode
[ 2928.956028][T11450] loop2: detected capacity change from 0 to 512
[ 2928.962576][T11447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2929.024930][T11450] EXT4-fs (loop2): unable to read superblock
[ 2929.145607][T19584] handle_bad_sector: 106192 callbacks suppressed
[ 2929.145720][T19584] attempt to access beyond end of device
[ 2929.145720][T19584] loop1: rw=0, want=58576, limit=40427
[ 2929.207557][T11453] 9pnet: p9_client_clunk (11453): Trying to clunk with invalid fid
[ 2929.210144][T19584] attempt to access beyond end of device
[ 2929.210144][T19584] loop1: rw=0, want=58584, limit=40427
[ 2929.250011][T19584] attempt to access beyond end of device
[ 2929.250011][T19584] loop1: rw=0, want=58592, limit=40427
[ 2929.272911][T19584] attempt to access beyond end of device
[ 2929.272911][T19584] loop1: rw=0, want=58600, limit=40427
[ 2929.275608][T11453] CPU: 0 PID: 11453 Comm: syz.2.10179 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0
[ 2929.293561][T11453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 2929.303455][T11453] Call Trace:
[ 2929.306577][T11453]  <TASK>
[ 2929.309355][T11453]  dump_stack_lvl+0x151/0x1c0
[ 2929.313868][T11453]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 2929.319335][T11453]  ? avc_has_perm_noaudit+0x430/0x430
[ 2929.324544][T11453]  dump_stack+0x15/0x20
[ 2929.328534][T11453]  p9_client_clunk+0x2e2/0x3a0
[ 2929.333135][T11453]  ? v9fs_fid_lookup+0x118/0x160
[ 2929.337910][T11453]  v9fs_statfs+0x16d/0x4d0
[ 2929.342162][T11453]  ? selinux_sb_show_options+0x610/0x610
[ 2929.347629][T11453]  ? v9fs_drop_inode+0x130/0x130
[ 2929.352405][T11453]  user_statfs+0x20b/0x450
[ 2929.356658][T11453]  ? vfs_statfs+0x320/0x320
[ 2929.360998][T11453]  __x64_sys_statfs+0xe4/0x1a0
[ 2929.365597][T11453]  ? fd_statfs+0x3c0/0x3c0
[ 2929.369848][T11453]  ? __se_sys_mount+0x367/0x3b0
[ 2929.374542][T11453]  ? __se_sys_futex+0x37b/0x3e0
[ 2929.379229][T11453]  ? switch_fpu_return+0x15f/0x2e0
[ 2929.384175][T11453]  ? exit_to_user_mode_prepare+0x7e/0xa0
[ 2929.389641][T11453]  x64_sys_call+0x3e0/0x9a0
[ 2929.393980][T11453]  do_syscall_64+0x3b/0xb0
[ 2929.398231][T11453]  ? clear_bhb_loop+0x35/0x90
[ 2929.402746][T11453]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2929.408473][T11453] RIP: 0033:0x7fad224e1ff9
[ 2929.412727][T11453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2929.432168][T11453] RSP: 002b:00007fad2115b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000089
[ 2929.440420][T11453] RAX: ffffffffffffffda RBX: 00007fad22699f80 RCX: 00007fad224e1ff9
[ 2929.448226][T11453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040
[ 2929.456036][T11453] RBP: 00007fad22554296 R08: 0000000000000000 R09: 0000000000000000
[ 2929.463848][T11453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2929.471659][T11453] R13: 0000000000000000 R14: 00007fad22699f80 R15: 00007ffda7434a18
[ 2929.479475][T11453]  </TASK>
[ 2929.484730][T19584] attempt to access beyond end of device
[ 2929.484730][T19584] loop1: rw=0, want=58608, limit=40427
[ 2929.495926][T19584] attempt to access beyond end of device
[ 2929.495926][T19584] loop1: rw=0, want=58616, limit=40427
[ 2929.506827][T19584] attempt to access beyond end of device
[ 2929.506827][T19584] loop1: rw=0, want=58624, limit=40427
[ 2929.517838][T19584] attempt to access beyond end of device
[ 2929.517838][T19584] loop1: rw=0, want=58632, limit=40427
[ 2929.535670][T19584] attempt to access beyond end of device
[ 2929.535670][T19584] loop1: rw=0, want=58640, limit=40427
[ 2929.546624][T19584] attempt to access beyond end of device
[ 2929.546624][T19584] loop1: rw=0, want=58648, limit=40427
[ 2929.597538][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2929.614496][ T8870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2929.645766][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2929.657541][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2929.677084][T11163] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2929.683940][T11163] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2929.732116][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2929.760176][  T926] device bridge_slave_1 left promiscuous mode
[ 2929.775110][  T926] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2929.784267][  T926] device bridge_slave_0 left promiscuous mode
[ 2929.790574][  T926] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2929.798945][  T926] device veth1_macvtap left promiscuous mode
[ 2929.805166][  T926] device veth0_vlan left promiscuous mode
[ 2929.929567][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2929.937892][ T1399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2929.946726][ T1399] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2929.953587][ T1399] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2929.976303][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2929.996800][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2930.014804][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2930.026733][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2930.036800][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2930.050452][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2930.080526][T11428] device veth0_vlan entered promiscuous mode
[ 2930.088894][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2930.097037][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2930.106768][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2930.116395][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2930.131008][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2930.139262][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2930.147961][T11428] device veth1_macvtap entered promiscuous mode
[ 2930.159558][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2930.167754][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2930.177230][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2930.201688][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2930.227729][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2930.385081][T11487] syz.1.10192[11487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2930.385161][T11487] syz.1.10192[11487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2930.465290][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[ 2930.606633][T11500] xt_hashlimit: size too large, truncated to 1048576
[ 2930.896954][T11519] netlink: 52 bytes leftover after parsing attributes in process `syz.1.10204'.
[ 2930.906792][T11519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10204'.
[ 2930.925174][T11519] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2930.940405][T11519] device bridge_slave_0 left promiscuous mode
[ 2930.946857][T11519] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2931.266162][T11538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10211'.
[ 2931.473787][T11547] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10215'.
[ 2931.479045][T11549] xt_hashlimit: size too large, truncated to 1048576
[ 2933.249740][T11561] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10219'.
[ 2933.420931][T11574] loop2: detected capacity change from 0 to 2048
[ 2933.466265][T11574]  loop2: p1 p2 p3
[ 2933.611452][T11588] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2933.619318][T11588] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2933.626815][T11588] device bridge_slave_0 entered promiscuous mode
[ 2933.633840][T11588] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2933.641299][T11588] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2933.648841][T11588] device bridge_slave_1 entered promiscuous mode
[ 2933.670919][  T312] udevd[312]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 2933.672738][  T333] udevd[333]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 2933.681848][  T845] udevd[845]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 2933.846018][T11610] loop2: detected capacity change from 0 to 1024
[ 2933.879875][T11588] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2933.886776][T11588] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2933.893854][T11588] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2933.900646][T11588] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2933.991075][T11610] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,noload,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,usrquota,data_err=abort,errors=remount-ro,. Quota mode: writeback.
[ 2934.025627][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2934.043976][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2934.053648][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2934.068163][T11610] EXT4-fs (loop2): shut down requested (2)
[ 2934.074994][   T30] kauditd_printk_skb: 71 callbacks suppressed
[ 2934.075008][   T30] audit: type=1400 audit(1728573644.226:8189): avc:  denied  { create } for  pid=11608 comm="syz.2.10243" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[ 2934.104080][T11607] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2934.113935][T11607] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2934.131823][T11607] device bridge_slave_0 entered promiscuous mode
[ 2934.154329][T19584] handle_bad_sector: 70780 callbacks suppressed
[ 2934.154344][T19584] attempt to access beyond end of device
[ 2934.154344][T19584] loop1: rw=524288, want=57600, limit=40427
[ 2934.173140][T19584] attempt to access beyond end of device
[ 2934.173140][T19584] loop1: rw=524288, want=57608, limit=40427
[ 2934.184490][T19584] attempt to access beyond end of device
[ 2934.184490][T19584] loop1: rw=524288, want=57616, limit=40427
[ 2934.196344][T19584] attempt to access beyond end of device
[ 2934.196344][T19584] loop1: rw=524288, want=57624, limit=40427
[ 2934.208213][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2934.208790][T19584] attempt to access beyond end of device
[ 2934.208790][T19584] loop1: rw=524288, want=57632, limit=40427
[ 2934.216803][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2934.227338][T19584] attempt to access beyond end of device
[ 2934.227338][T19584] loop1: rw=524288, want=57640, limit=40427
[ 2934.234065][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2934.252647][T19584] attempt to access beyond end of device
[ 2934.252647][T19584] loop1: rw=524288, want=57648, limit=40427
[ 2934.275126][T11607] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2934.283534][T19584] attempt to access beyond end of device
[ 2934.283534][T19584] loop1: rw=524288, want=57656, limit=40427
[ 2934.286353][T11607] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2934.303713][T11607] device bridge_slave_1 entered promiscuous mode
[ 2934.310589][T19584] attempt to access beyond end of device
[ 2934.310589][T19584] loop1: rw=524288, want=57664, limit=40427
[ 2934.343474][T19584] attempt to access beyond end of device
[ 2934.343474][T19584] loop1: rw=524288, want=57672, limit=40427
[ 2934.362339][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2934.386852][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2934.393703][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2934.402917][   T30] audit: type=1326 audit(1728573644.546:8190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11636 comm="syz.2.10254" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fad224e1ff9 code=0x0
[ 2934.442371][ T1399] device bridge_slave_1 left promiscuous mode
[ 2934.458579][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2934.482309][ T1399] device bridge_slave_0 left promiscuous mode
[ 2934.482377][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2934.493762][ T1399] device veth1_macvtap left promiscuous mode
[ 2934.510685][ T1399] device veth0_vlan left promiscuous mode
[ 2934.618128][T11661] Invalid ELF header magic: != ELF
[ 2934.627927][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2934.636432][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2934.650736][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2934.677654][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2934.716570][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2934.736401][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2934.762778][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2934.774650][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2934.797573][T11588] device veth0_vlan entered promiscuous mode
[ 2934.813744][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2934.824048][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2934.866322][T11588] device veth1_macvtap entered promiscuous mode
[ 2934.886628][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2934.895012][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2934.903032][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2934.929797][   T30] audit: type=1400 audit(1728573645.076:8191): avc:  denied  { map } for  pid=11673 comm="syz.0.10271" path="pipe:[237740]" dev="pipefs" ino=237740 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 2934.965891][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2934.973877][   T30] audit: type=1400 audit(1728573645.076:8192): avc:  denied  { execute } for  pid=11673 comm="syz.0.10271" path="pipe:[237740]" dev="pipefs" ino=237740 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 2934.986164][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2935.017624][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2935.026594][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2935.109047][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2935.120000][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2935.142175][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2935.156699][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2935.165028][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2935.171892][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2935.179825][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2935.188318][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2935.196839][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2935.203698][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2935.240832][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2935.259641][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2935.269058][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2935.280763][T11698] device pim6reg1 entered promiscuous mode
[ 2935.306807][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2935.320160][T11701] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10281'.
[ 2935.339023][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2935.349158][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2935.356725][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2935.368651][T11607] device veth0_vlan entered promiscuous mode
[ 2935.403911][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2935.422963][T11607] device veth1_macvtap entered promiscuous mode
[ 2935.455651][   T30] audit: type=1400 audit(1728573645.606:8193): avc:  denied  { read } for  pid=11711 comm="syz.3.10286" path="socket:[237831]" dev="sockfs" ino=237831 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 2935.484840][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2935.514872][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2935.539865][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2935.557492][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2935.608354][T11724] loop2: detected capacity change from 0 to 512
[ 2935.664150][T11730] syz.1.10293[11730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2935.664229][T11730] syz.1.10293[11730] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2935.705510][T11724] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 2935.746194][ T1399] device bridge_slave_1 left promiscuous mode
[ 2935.752589][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2935.767006][T11724] EXT4-fs warning (device loop2): ext4_enable_quotas:6422: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[ 2935.782113][ T1399] device bridge_slave_0 left promiscuous mode
[ 2935.789438][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2935.798015][ T1399] device veth1_macvtap left promiscuous mode
[ 2935.803883][T11724] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 2935.810728][ T1399] device veth0_vlan left promiscuous mode
[ 2935.824617][T11724] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #13: comm syz.2.10291: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[ 2935.915532][T11724] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.10291: couldn't read orphan inode 13 (err -117)
[ 2935.936130][T11724] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2935.970978][T11724] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[ 2935.981633][T11724] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 2
[ 2936.004543][T11724] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[ 2936.035817][T11724] EXT4-fs warning (device loop2): read_mmp_block:115: Error -117 while reading MMP block 2
[ 2936.066810][   T30] audit: type=1326 audit(1728573646.226:8194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.1.10308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe65d05ff9 code=0x7ffc0000
[ 2936.110683][   T30] audit: type=1326 audit(1728573646.226:8195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.1.10308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7efe65d05ff9 code=0x7ffc0000
[ 2936.198739][T11772] loop4: detected capacity change from 0 to 1024
[ 2936.204440][   T30] audit: type=1326 audit(1728573646.226:8196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.1.10308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe65d05ff9 code=0x7ffc0000
[ 2936.258410][T11781] Invalid ELF header magic: != ELF
[ 2936.267750][T11772] EXT4-fs (loop4): Ignoring removed orlov option
[ 2936.273925][T11772] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[ 2936.278318][   T30] audit: type=1326 audit(1728573646.226:8197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.1.10308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe65d05ff9 code=0x7ffc0000
[ 2936.320878][T11772] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 2936.373124][   T30] audit: type=1326 audit(1728573646.226:8198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.1.10308" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe65d05ff9 code=0x7ffc0000
[ 2936.400516][T11794] loop2: detected capacity change from 0 to 1024
[ 2936.415546][T11794] EXT4-fs (loop2): Ignoring removed orlov option
[ 2936.423534][T11794] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[ 2936.456562][T11780] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2936.475133][T11794] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[ 2936.475857][T11780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2936.596750][T11780] device bridge_slave_0 entered promiscuous mode
[ 2936.613582][T11780] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2936.621697][T11780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2936.631086][T11780] device bridge_slave_1 entered promiscuous mode
[ 2936.689033][T11795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10321'.
[ 2936.708025][T11795] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10321'.
[ 2936.763310][T11814] loop4: detected capacity change from 0 to 512
[ 2936.832363][T11780] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2936.839277][T11780] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2936.883156][T11812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10328'.
[ 2936.913091][T11812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10328'.
[ 2936.938919][T11814] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[ 2936.955301][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2936.961829][T11814] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038 (0x7fffffff)
[ 2936.975570][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2937.003168][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2937.023354][T11814] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #2: comm syz.4.10329: corrupted inode contents
[ 2937.059464][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2937.082394][T11814] EXT4-fs error (device loop4): ext4_dirty_inode:6038: inode #2: comm syz.4.10329: mark_inode_dirty error
[ 2937.097157][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2937.119862][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2937.126753][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2937.137295][T11814] EXT4-fs error (device loop4): ext4_do_update_inode:5205: inode #2: comm syz.4.10329: corrupted inode contents
[ 2937.167365][T11814] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.10329: mark_inode_dirty error
[ 2937.179952][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2937.197714][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2937.204589][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2937.236001][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2937.250546][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2937.273593][ T1399] device bridge_slave_1 left promiscuous mode
[ 2937.282355][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2937.299739][ T1399] device bridge_slave_0 left promiscuous mode
[ 2937.307843][T11835] loop2: detected capacity change from 0 to 512
[ 2937.326922][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2937.337265][ T1399] device veth1_macvtap left promiscuous mode
[ 2937.345640][ T1399] device veth0_vlan left promiscuous mode
[ 2937.423815][T11844] loop2: detected capacity change from 0 to 512
[ 2937.471563][T11163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2937.485657][T11780] device veth0_vlan entered promiscuous mode
[ 2937.492571][T11844] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[ 2937.509226][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2937.509959][T11844] ext4 filesystem being mounted at /47/bus supports timestamps until 2038 (0x7fffffff)
[ 2937.520339][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2937.564393][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2937.571722][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2937.587979][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2937.604990][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2937.623247][T11780] device veth1_macvtap entered promiscuous mode
[ 2937.641767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2937.651337][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2937.668459][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2937.694421][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2937.711147][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2937.788585][T11851] netlink: 60 bytes leftover after parsing attributes in process `syz.1.10342'.
[ 2937.926239][T11863] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10345'.
[ 2939.135002][  T580] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 2939.166404][   T30] kauditd_printk_skb: 200 callbacks suppressed
[ 2939.166427][   T30] audit: type=1326 audit(1728573649.316:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.341572][T19584] handle_bad_sector: 80717 callbacks suppressed
[ 2939.341594][T19584] attempt to access beyond end of device
[ 2939.341594][T19584] loop1: rw=0, want=58296, limit=40427
[ 2939.374145][T19584] attempt to access beyond end of device
[ 2939.374145][T19584] loop1: rw=0, want=58304, limit=40427
[ 2939.385409][T19584] attempt to access beyond end of device
[ 2939.385409][T19584] loop1: rw=0, want=58312, limit=40427
[ 2939.403899][   T30] audit: type=1326 audit(1728573649.506:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.406824][T19584] attempt to access beyond end of device
[ 2939.406824][T19584] loop1: rw=0, want=58320, limit=40427
[ 2939.428008][   T30] audit: type=1326 audit(1728573649.556:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11896 comm="syz.1.10358" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efe65d05ff9 code=0x0
[ 2939.440560][T19584] attempt to access beyond end of device
[ 2939.440560][T19584] loop1: rw=0, want=58328, limit=40427
[ 2939.473525][T19584] attempt to access beyond end of device
[ 2939.473525][T19584] loop1: rw=0, want=58336, limit=40427
[ 2939.484848][T19584] attempt to access beyond end of device
[ 2939.484848][T19584] loop1: rw=0, want=58344, limit=40427
[ 2939.489586][T11897] syz.0.10357[11897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2939.495868][T11897] syz.0.10357[11897] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2939.496077][T19584] attempt to access beyond end of device
[ 2939.496077][T19584] loop1: rw=0, want=58352, limit=40427
[ 2939.529596][T19584] attempt to access beyond end of device
[ 2939.529596][T19584] loop1: rw=0, want=58360, limit=40427
[ 2939.543790][T19584] attempt to access beyond end of device
[ 2939.543790][T19584] loop1: rw=0, want=58368, limit=40427
[ 2939.546477][T11900] ªªªªªª: renamed from vlan0
[ 2939.578891][   T30] audit: type=1326 audit(1728573649.726:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.607705][T11904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10360'.
[ 2939.622398][T11906] loop2: detected capacity change from 0 to 512
[ 2939.632630][   T30] audit: type=1326 audit(1728573649.746:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.634575][  T580] usb 5-1: no configurations
[ 2939.660579][  T580] usb 5-1: can't read configurations, error -22
[ 2939.677208][   T30] audit: type=1326 audit(1728573649.766:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.702019][   T30] audit: type=1326 audit(1728573649.786:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.749753][   T30] audit: type=1400 audit(1728573649.896:8406): avc:  denied  { setattr } for  pid=11905 comm="syz.2.10361" name="loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 2939.814608][  T580] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 2939.835210][   T30] audit: type=1326 audit(1728573649.986:8407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2939.860541][   T30] audit: type=1326 audit(1728573650.016:8408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11878 comm="syz.4.10352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7feea61e2bfb code=0x7ffc0000
[ 2940.000977][T11927] loop2: detected capacity change from 0 to 1024
[ 2940.048284][T11927] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[ 2940.074156][T11925] device veth0_vlan left promiscuous mode
[ 2940.080206][T11925] device veth0_vlan entered promiscuous mode
[ 2940.097173][T11925] netlink: 'syz.0.10369': attribute type 1 has an invalid length.
[ 2940.134526][  T580] usb 5-1: no configurations
[ 2940.139012][  T580] usb 5-1: can't read configurations, error -22
[ 2940.146150][  T580] usb usb5-port1: attempt power cycle
[ 2940.564609][  T580] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 2940.804657][  T580] usb 5-1: no configurations
[ 2940.812197][  T580] usb 5-1: can't read configurations, error -22
[ 2940.885889][T11959] device veth0_vlan left promiscuous mode
[ 2940.891909][T11959] device veth0_vlan entered promiscuous mode
[ 2940.900259][T11960] netlink: 'syz.1.10382': attribute type 1 has an invalid length.
[ 2941.013207][  T580] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 2941.265606][  T580] usb 5-1: no configurations
[ 2941.305811][  T580] usb 5-1: can't read configurations, error -22
[ 2941.403545][  T580] usb usb5-port1: unable to enumerate USB device
[ 2942.482068][T12003] netlink: 60 bytes leftover after parsing attributes in process `syz.3.10396'.
[ 2943.628102][T12046] netlink: 'syz.0.10413': attribute type 1 has an invalid length.
[ 2944.344328][T19584] handle_bad_sector: 135815 callbacks suppressed
[ 2944.344343][T19584] attempt to access beyond end of device
[ 2944.344343][T19584] loop1: rw=524288, want=57408, limit=40427
[ 2944.361839][T19584] attempt to access beyond end of device
[ 2944.361839][T19584] loop1: rw=524288, want=57416, limit=40427
[ 2944.373075][T19584] attempt to access beyond end of device
[ 2944.373075][T19584] loop1: rw=524288, want=57424, limit=40427
[ 2944.384283][T19584] attempt to access beyond end of device
[ 2944.384283][T19584] loop1: rw=524288, want=57432, limit=40427
[ 2944.395460][T19584] attempt to access beyond end of device
[ 2944.395460][T19584] loop1: rw=524288, want=57440, limit=40427
[ 2944.406679][T19584] attempt to access beyond end of device
[ 2944.406679][T19584] loop1: rw=524288, want=57448, limit=40427
[ 2944.425364][T12055] loop2: detected capacity change from 0 to 2048
[ 2944.428257][T19584] attempt to access beyond end of device
[ 2944.428257][T19584] loop1: rw=524288, want=57456, limit=40427
[ 2944.443203][T19584] attempt to access beyond end of device
[ 2944.443203][T19584] loop1: rw=524288, want=57464, limit=40427
[ 2944.454880][T19584] attempt to access beyond end of device
[ 2944.454880][T19584] loop1: rw=524288, want=57472, limit=40427
[ 2944.466430][T19584] attempt to access beyond end of device
[ 2944.466430][T19584] loop1: rw=524288, want=57480, limit=40427
[ 2944.466494][T12060] overlayfs: './file0' not a directory
[ 2944.478394][T12055] EXT4-fs (loop2): Ignoring removed orlov option
[ 2944.493896][T12055] EXT4-fs (loop2): Unrecognized mount option "fsuuid=" or missing value
[ 2944.911636][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 2944.911658][   T30] audit: type=1326 audit(1728573655.056:8428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2944.952294][T12075] syz.3.10423[12075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2944.952368][T12075] syz.3.10423[12075] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2944.981005][T12055] netlink: 60 bytes leftover after parsing attributes in process `syz.2.10416'.
[ 2945.023268][   T30] audit: type=1326 audit(1728573655.096:8429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.067372][   T30] audit: type=1326 audit(1728573655.116:8430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.121271][   T30] audit: type=1326 audit(1728573655.116:8431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.164384][   T30] audit: type=1326 audit(1728573655.116:8432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.214343][   T30] audit: type=1326 audit(1728573655.116:8433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.258035][   T30] audit: type=1326 audit(1728573655.116:8434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.293582][   T30] audit: type=1326 audit(1728573655.116:8435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.329793][   T30] audit: type=1326 audit(1728573655.116:8436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2945.454364][   T30] audit: type=1326 audit(1728573655.116:8437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12072 comm="syz.3.10423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2947.695997][T12156] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10454'.
[ 2948.182975][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10457'.
[ 2948.765965][ T1399] device bridge_slave_1 left promiscuous mode
[ 2948.774599][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2948.792590][ T1399] device bridge_slave_0 left promiscuous mode
[ 2948.808801][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2948.825576][ T1399] device veth1_macvtap left promiscuous mode
[ 2948.841580][ T1399] device veth0_vlan left promiscuous mode
[ 2949.354334][T19584] handle_bad_sector: 110588 callbacks suppressed
[ 2949.354351][T19584] attempt to access beyond end of device
[ 2949.354351][T19584] loop1: rw=524288, want=57456, limit=40427
[ 2949.371761][T19584] attempt to access beyond end of device
[ 2949.371761][T19584] loop1: rw=524288, want=57464, limit=40427
[ 2949.382939][T19584] attempt to access beyond end of device
[ 2949.382939][T19584] loop1: rw=524288, want=57472, limit=40427
[ 2949.394139][T19584] attempt to access beyond end of device
[ 2949.394139][T19584] loop1: rw=524288, want=57480, limit=40427
[ 2949.405324][T19584] attempt to access beyond end of device
[ 2949.405324][T19584] loop1: rw=524288, want=57488, limit=40427
[ 2949.416536][T19584] attempt to access beyond end of device
[ 2949.416536][T19584] loop1: rw=524288, want=57496, limit=40427
[ 2949.427718][T19584] attempt to access beyond end of device
[ 2949.427718][T19584] loop1: rw=524288, want=57504, limit=40427
[ 2949.438921][T19584] attempt to access beyond end of device
[ 2949.438921][T19584] loop1: rw=524288, want=57512, limit=40427
[ 2949.450107][T19584] attempt to access beyond end of device
[ 2949.450107][T19584] loop1: rw=524288, want=57520, limit=40427
[ 2949.461314][T19584] attempt to access beyond end of device
[ 2949.461314][T19584] loop1: rw=524288, want=57528, limit=40427
[ 2949.865674][T12199] syz.2.10468[12199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2949.865748][T12199] syz.2.10468[12199] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2950.008784][   T30] kauditd_printk_skb: 43 callbacks suppressed
[ 2950.008799][   T30] audit: type=1326 audit(1728573660.156:8481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fad224e0adf code=0x7ffc0000
[ 2950.064672][T12199] loop2: detected capacity change from 0 to 40427
[ 2950.084875][   T30] audit: type=1326 audit(1728573660.206:8482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fad224e2087 code=0x7ffc0000
[ 2950.085929][T12199] F2FS-fs (loop2): invalid crc value
[ 2950.114120][   T30] audit: type=1326 audit(1728573660.216:8483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fad224e0990 code=0x7ffc0000
[ 2950.138312][   T30] audit: type=1326 audit(1728573660.216:8484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad224e1bfb code=0x7ffc0000
[ 2950.161831][T12199] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[ 2950.175071][   T30] audit: type=1326 audit(1728573660.216:8485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fad224e0c8a code=0x7ffc0000
[ 2950.198372][   T30] audit: type=1326 audit(1728573660.216:8486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fad224e0c8a code=0x7ffc0000
[ 2950.221713][   T30] audit: type=1326 audit(1728573660.236:8487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fad224e0897 code=0x7ffc0000
[ 2950.222365][T12199] F2FS-fs (loop2): recover fsync data on readonly fs
[ 2950.245128][   T30] audit: type=1326 audit(1728573660.236:8488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fad224e379a code=0x7ffc0000
[ 2950.275085][T12199] F2FS-fs (loop2): checkpoint=disable on readonly fs
[ 2950.356759][   T30] audit: type=1326 audit(1728573660.506:8489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fad224e0990 code=0x7ffc0000
[ 2950.380446][   T30] audit: type=1326 audit(1728573660.526:8490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12195 comm="syz.2.10468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fad224e1bfb code=0x7ffc0000
[ 2950.656509][T12208] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10474'.
[ 2951.684354][  T580] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 2951.934339][  T580] usb 3-1: Using ep0 maxpacket: 8
[ 2952.065477][  T580] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 2952.076363][  T580] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 2952.086410][  T580] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2952.096279][  T580] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2952.109203][  T580] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2952.118180][  T580] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2953.351697][T12240] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10485'.
[ 2954.364331][T19584] handle_bad_sector: 247672 callbacks suppressed
[ 2954.364347][T19584] attempt to access beyond end of device
[ 2954.364347][T19584] loop1: rw=0, want=58496, limit=40427
[ 2954.381363][T19584] attempt to access beyond end of device
[ 2954.381363][T19584] loop1: rw=0, want=58504, limit=40427
[ 2954.392103][T19584] attempt to access beyond end of device
[ 2954.392103][T19584] loop1: rw=0, want=58512, limit=40427
[ 2954.403009][T19584] attempt to access beyond end of device
[ 2954.403009][T19584] loop1: rw=0, want=58520, limit=40427
[ 2954.404899][T30480] usb 3-1: USB disconnect, device number 123
[ 2954.413749][T19584] attempt to access beyond end of device
[ 2954.413749][T19584] loop1: rw=0, want=58528, limit=40427
[ 2954.430328][T19584] attempt to access beyond end of device
[ 2954.430328][T19584] loop1: rw=0, want=58536, limit=40427
[ 2954.441100][T19584] attempt to access beyond end of device
[ 2954.441100][T19584] loop1: rw=0, want=58544, limit=40427
[ 2954.453045][T19584] attempt to access beyond end of device
[ 2954.453045][T19584] loop1: rw=0, want=58552, limit=40427
[ 2954.473094][T19584] attempt to access beyond end of device
[ 2954.473094][T19584] loop1: rw=0, want=58560, limit=40427
[ 2954.484010][T19584] attempt to access beyond end of device
[ 2954.484010][T19584] loop1: rw=0, want=58568, limit=40427
[ 2954.538061][T12245] loop2: detected capacity change from 0 to 512
[ 2954.579204][T12245] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 2954.832314][T12245] EXT4-fs (loop2): 1 truncate cleaned up
[ 2954.842276][T12245] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback.
[ 2958.479065][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 2958.479081][   T30] audit: type=1400 audit(1728573668.626:8496): avc:  denied  { read } for  pid=12286 comm="syz.3.10501" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 2958.514216][   T30] audit: type=1400 audit(1728573668.666:8497): avc:  denied  { open } for  pid=12286 comm="syz.3.10501" path="/38/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 2959.374308][T19584] handle_bad_sector: 287921 callbacks suppressed
[ 2959.374328][T19584] attempt to access beyond end of device
[ 2959.374328][T19584] loop1: rw=524288, want=57944, limit=40427
[ 2959.391739][T19584] attempt to access beyond end of device
[ 2959.391739][T19584] loop1: rw=524288, want=57952, limit=40427
[ 2959.402944][T19584] attempt to access beyond end of device
[ 2959.402944][T19584] loop1: rw=524288, want=57960, limit=40427
[ 2959.414141][T19584] attempt to access beyond end of device
[ 2959.414141][T19584] loop1: rw=524288, want=57968, limit=40427
[ 2959.425321][T19584] attempt to access beyond end of device
[ 2959.425321][T19584] loop1: rw=524288, want=57976, limit=40427
[ 2959.436508][T19584] attempt to access beyond end of device
[ 2959.436508][T19584] loop1: rw=524288, want=57984, limit=40427
[ 2959.447717][T19584] attempt to access beyond end of device
[ 2959.447717][T19584] loop1: rw=524288, want=57992, limit=40427
[ 2959.458907][T19584] attempt to access beyond end of device
[ 2959.458907][T19584] loop1: rw=524288, want=58000, limit=40427
[ 2959.470103][T19584] attempt to access beyond end of device
[ 2959.470103][T19584] loop1: rw=524288, want=58008, limit=40427
[ 2959.481292][T19584] attempt to access beyond end of device
[ 2959.481292][T19584] loop1: rw=524288, want=58016, limit=40427
[ 2959.945280][T12301] netlink: 88 bytes leftover after parsing attributes in process `syz.0.10502'.
[ 2959.961434][T12304] tipc: Started in network mode
[ 2959.969664][T12304] tipc: Node identity ffffffff, cluster identity 4711
[ 2959.982082][T12304] tipc: Node number set to 4294967295
[ 2964.385611][T19584] handle_bad_sector: 238508 callbacks suppressed
[ 2964.385634][T19584] attempt to access beyond end of device
[ 2964.385634][T19584] loop1: rw=524288, want=57352, limit=40427
[ 2964.405427][T19584] attempt to access beyond end of device
[ 2964.405427][T19584] loop1: rw=524288, want=57360, limit=40427
[ 2964.416751][T19584] attempt to access beyond end of device
[ 2964.416751][T19584] loop1: rw=524288, want=57368, limit=40427
[ 2964.428017][T19584] attempt to access beyond end of device
[ 2964.428017][T19584] loop1: rw=524288, want=57376, limit=40427
[ 2964.439780][T19584] attempt to access beyond end of device
[ 2964.439780][T19584] loop1: rw=524288, want=57384, limit=40427
[ 2964.451070][T19584] attempt to access beyond end of device
[ 2964.451070][T19584] loop1: rw=524288, want=57392, limit=40427
[ 2964.462834][T19584] attempt to access beyond end of device
[ 2964.462834][T19584] loop1: rw=524288, want=57400, limit=40427
[ 2964.474099][T19584] attempt to access beyond end of device
[ 2964.474099][T19584] loop1: rw=524288, want=57408, limit=40427
[ 2964.485312][T19584] attempt to access beyond end of device
[ 2964.485312][T19584] loop1: rw=524288, want=57416, limit=40427
[ 2964.497039][T19584] attempt to access beyond end of device
[ 2964.497039][T19584] loop1: rw=524288, want=57424, limit=40427
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: failed to mkdtemp
 (errno 28: No space left on device)
SYZFAIL: repeatedly failed to execute the program
proc=4 req=10461 state=1 status=67 (errno 9: Bad file descriptor)
[ 2969.142885][   T30] audit: type=1326 audit(1728573679.286:8498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f99f0aff9 code=0x7ffc0000
[ 2969.168151][   T30] audit: type=1326 audit(1728573679.316:8499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2f99f09990 code=0x7ffc0000
[ 2969.192770][   T30] audit: type=1326 audit(1728573679.316:8500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f99f0abfb code=0x7ffc0000
[ 2969.216444][   T30] audit: type=1326 audit(1728573679.316:8501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f99f0abfb code=0x7ffc0000
[ 2969.242426][   T30] audit: type=1326 audit(1728573679.316:8502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f99f0abfb code=0x7ffc0000
[ 2969.266147][   T30] audit: type=1326 audit(1728573679.316:8503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12368 comm="syz.3.10523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f99f0abfb code=0x7ffc0000
[ 2969.352710][ T1399] tipc: Left network mode
[ 2969.394306][T19584] handle_bad_sector: 276523 callbacks suppressed
[ 2969.394325][T19584] attempt to access beyond end of device
[ 2969.394325][T19584] loop1: rw=524288, want=57776, limit=40427
[ 2969.411773][T19584] attempt to access beyond end of device
[ 2969.411773][T19584] loop1: rw=524288, want=57784, limit=40427
[ 2969.422956][T19584] attempt to access beyond end of device
[ 2969.422956][T19584] loop1: rw=524288, want=57792, limit=40427
[ 2969.434151][T19584] attempt to access beyond end of device
[ 2969.434151][T19584] loop1: rw=524288, want=57800, limit=40427
[ 2969.445360][  T403] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 2969.445435][T19584] attempt to access beyond end of device
[ 2969.445435][T19584] loop1: rw=524288, want=57808, limit=40427
[ 2969.464335][T19584] attempt to access beyond end of device
[ 2969.464335][T19584] loop1: rw=524288, want=57816, limit=40427
[ 2969.475621][T19584] attempt to access beyond end of device
[ 2969.475621][T19584] loop1: rw=524288, want=57824, limit=40427
[ 2969.486827][T19584] attempt to access beyond end of device
[ 2969.486827][T19584] loop1: rw=524288, want=57832, limit=40427
[ 2969.498096][T19584] attempt to access beyond end of device
[ 2969.498096][T19584] loop1: rw=524288, want=57840, limit=40427
[ 2969.509463][T19584] attempt to access beyond end of device
[ 2969.509463][T19584] loop1: rw=524288, want=57848, limit=40427
[ 2970.295758][ T1399] device veth1_macvtap left promiscuous mode
[ 2971.436961][ T1399] device bridge_slave_1 left promiscuous mode
[ 2971.442938][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2971.450607][ T1399] device bridge_slave_0 left promiscuous mode
[ 2971.456662][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2971.466393][ T1399] device bridge_slave_1 left promiscuous mode
[ 2971.472324][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2971.480139][ T1399] device bridge_slave_0 left promiscuous mode
[ 2971.486166][ T1399] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2971.493911][ T1399] device bridge_slave_1 left promiscuous mode
[ 2971.500204][ T1399] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2971.508719][ T1399] device veth1_macvtap left promiscuous mode
[ 2971.514825][ T1399] device veth1_macvtap left promiscuous mode
[ 2971.520641][ T1399] device veth0_vlan left promiscuous mode
[ 2971.526622][ T1399] device veth1_macvtap left promiscuous mode
[ 2974.404302][T19584] handle_bad_sector: 317903 callbacks suppressed
[ 2974.404324][T19584] attempt to access beyond end of device
[ 2974.404324][T19584] loop1: rw=524288, want=57464, limit=40427
[ 2974.421757][T19584] attempt to access beyond end of device
[ 2974.421757][T19584] loop1: rw=524288, want=57472, limit=40427
[ 2974.432933][T19584] attempt to access beyond end of device
[ 2974.432933][T19584] loop1: rw=524288, want=57480, limit=40427
[ 2974.444128][T19584] attempt to access beyond end of device
[ 2974.444128][T19584] loop1: rw=524288, want=57488, limit=40427
[ 2974.455434][T19584] attempt to access beyond end of device
[ 2974.455434][T19584] loop1: rw=524288, want=57496, limit=40427
[ 2974.466665][T19584] attempt to access beyond end of device
[ 2974.466665][T19584] loop1: rw=524288, want=57504, limit=40427
[ 2974.477866][T19584] attempt to access beyond end of device
[ 2974.477866][T19584] loop1: rw=524288, want=57512, limit=40427
[ 2974.489083][T19584] attempt to access beyond end of device
[ 2974.489083][T19584] loop1: rw=524288, want=57520, limit=40427
[ 2974.500264][T19584] attempt to access beyond end of device
[ 2974.500264][T19584] loop1: rw=524288, want=57528, limit=40427
[ 2974.511445][T19584] attempt to access beyond end of device
[ 2974.511445][T19584] loop1: rw=524288, want=57536, limit=40427