last executing test programs:

11.99179991s ago: executing program 0:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x89a2, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

11.984073321s ago: executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x4001, 0x3, 0x280, 0x128, 0x700001b, 0x148, 0x0, 0x148, 0x1e8, 0x240, 0x240, 0x1e8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'tunl0\x00', 'sit0\x00'}, 0x1ea, 0xc0, 0x128, 0x0, {0x390}, [@common=@inet=@socket1={{0x28}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'veth0_to_bond\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e0)

11.978929802s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x5a9782, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000f98c0e60c66ceb8918", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff})
close(r5)
close(r5)

11.09047351s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000013c0)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r2, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)

11.086988371s ago: executing program 0:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$SIOCSIFHWADDR(r0, 0x89a2, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

11.073609532s ago: executing program 0:
open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})

10.463466017s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83b23dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c11160fb20b1c581e7b0915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab3aa32f948c06b59b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2abd18cae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e26d0a5752813bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a7237841cef384b22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c74f0e2a9bf62ffec6459db40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced84680900000000000000d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d2782a70cf44ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d767671414c99d4894edff8249dc1e3428d2129369ee1b85af1eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038deb359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d40973109644fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f77abb21338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e155f455010b0cb578af7dc7d5e87d4cd376444e2de02f47c61e8e84ff828de453f3489460fd83210e95307e676e1fb4d5865c0ca177a4c7fbb4e62b4450900576b2b5cc7f819abd0f885cc4806f47ffbff01000054f5a2d3875e46000000000000e734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329a18cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481ed51a6359cade91fd645c6d924f36a86bf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf817becd9e5a225d67521d1128eac7d80a6225c3e2f0932223bfbf69ff861f4394836ddf128d6d19079e64336e09000000c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661fdcfa68f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b98a8bf6c747d9a1cc500bb892c3a16ff10feea20bdac89afb758cfa10000000000000000000000000200000000000000ed713df0c59e38928511a64845f1b21ed03369719fa905909d8ce35b42761c46d040e53a0a227e9cecd4d414231baa4894a13763ea5de7a52e61a588babaf5da9a28f477e032400938116cb294447898039724881de3ba3dd5e5e115b58d438b17ad11bf1b1f1ed057d89ec46b2b9bb434e9187a728d1136333958469b22d2126664b5299cc3167ac9a4d501638b978e1c692da5261dae5c9d13065b8ed8b358e7273dfa1e9a8dc1d16aa1edd0c274dedb7cd7e4753c152b4e0e3d124e561420587b9b00ab68c32d6b397c5e7cc4e803e6b6e8ed547e2875372023d111e64cd9ee3635888ecbc7352fd60f348456d74e9e7c09ee202dd09524ecfd3d8c836c0a13a9a45a7e2cec88fa2710ee35c9ed1b824fe4fe68849eee41b5e335aeec0f27053b3a07a001ffe29c5cc3a0ccdcc74330c2a995378d225495c5a543519d952c96da9257f47acc29c48d48b22b1f502b9d743d352de56efbb1b15158c4f0107ba5b3394d4cad4f0a1d31f694d0f559e7f82682775ec7569eeb7ef643dbcbafc4c1c5cbb0ad02dd2a69c5f2b5350049a817b546cf734a746a1cc147a6050bd16598e8e3a5c3515d0edc23e66bbdc6c117559357f49c59208af1162ba1d6667e3ab6bb1696c32dc3bcb2c8ab30d28265ff55c8a80c8e3ce29b2f576ea686d351a8cdb808739ed1a7022fb6e4e834593279c791085e49d1b8124adaf0010790e72ef2035e3da7ebb117c1a032a7378d5c62bb1a4e212618113bbd688091273028a44abfe09067e22fda361d6769d1f44bb06ca0cb9a14a54a8ba0dcb5445c4b368bd1dcce7500"/2356], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076044238cb89e14f0020047e0ffff00004000632f77fb8035140cac14140c07029f89052f87e577ca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

10.4438372s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x26e1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0)
pwritev2(r3, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0x1}], 0x1, 0x0, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_usb_connect$uac1(0x0, 0x9b, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902890003010000000904000000010100000a24010000000201020a240400003ee0e9ddb609240800000000d4640c240200000000000000000006240500009a0524040000090401000001020000090401016fc30c05000905010900000000000725010000000009040200000102000009040201010102000009058209000000000007250100000000"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOSETOWN(r5, 0x8901, 0x0)
fallocate(r2, 0x3, 0x800000, 0x8000c62)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000c50000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

7.41574798s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7.371720167s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
remap_file_pages(&(0x7f0000a9a000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0)

7.328245804s ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x0)

7.180801816s ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000000100)={0x50}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffffffffffffff)
mount$fuseblk(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x6b, 0x0)

879.434184ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
getpid()
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000140)={[], [], 0x2c})
close(0xffffffffffffffff)
execve(0x0, 0x0, 0x0)

861.042707ms ago: executing program 4:
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
mount$9p_fd(0x20100000, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

842.92902ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

809.476965ms ago: executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)={0x20, r3, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}]}, 0x20}}, 0x0)

773.31411ms ago: executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)

693.989283ms ago: executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/191, 0xbf}], 0x1}}], 0x1, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

533.695138ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
r2 = gettid()
process_vm_writev(r2, 0x0, 0x0, 0x0, 0x0, 0x0)

525.420248ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r0}, 0x38)

488.604475ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x48}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='ext4_mballoc_prealloc\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_pid(r2, &(0x7f0000000980), 0x12)

428.964684ms ago: executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000008780)={0x2020, 0x0, <r1=>0x0}, 0x2020)
chdir(&(0x7f0000004340)='./file0\x00')
write$FUSE_INIT(r0, &(0x7f00000066c0)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
read$FUSE(r0, &(0x7f0000006740)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f00000063c0)={0x10, 0x0, r2}, 0x10)
read$FUSE(r0, &(0x7f0000004380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
mount$fuseblk(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
write$FUSE_ENTRY(r0, &(0x7f0000004200)={0x90, 0x0, r3, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}}}, 0x90)

233.621954ms ago: executing program 3:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r3, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

219.778656ms ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e29000000000000000000bee70000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2250bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2ed0db9901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f5842cd8ae832fdf06d884a24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000400)=0x60)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)='^.}-].\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb6bba8839fe8bc048c0cdafd1f8a9918bc4055eaaeb6db4ee9bcb25b1811dbf40b3a7da5a8a64db04ed6dd26eea2e37229c339b1f91201c2796173864", 0x3d}], 0x1}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2804049, &(0x7f0000001880)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYRESDEC, @ANYRES32, @ANYBLOB="017bd269f7dd3a93fa412d09c2790257816e859e38befc7634f092626c62b45f123b8f0f84059ba4351abe0bfd3933e564c513028b41a418555d5e4c744478e7ca03d24a2c1b0f248513f8f9cfc324431f5d5a6999ad47b61152edad98c141cf359dfcf021d4e8a18166aa7767e69420c5308149bcddd4a62a31d8f902a24645ef50e8395e891793f46aaa025a260c8d784a1ec9233755d12803582f06ed000000000000df6c634447f23d2cd9e65d3461d3a09b93f7318e486e862f288bb7ce21e0df72e59ed16f3796c260b5be486b21c5d7cf21996406b4b3240f009a12c844c2d35cefba99e2b26b01a1347225c1a8cb9f6630d930847f193662a5eea4daf62aeb29324a86f8ec6367bf3105d3529316d3e044bbeedf80c3b301686b44cd51c9ff53690e9269caf72a039b5e32b3e543b8fbba25a1eaf60c3e1da6becef1750a9e8d991ef03ce3d14d85d69f6ff54465fba8ad4aef625612f9fdc9cba6fea9a38fb5244e7729c047949660af09fa91fd17928f55f6bed589cdf6e6dde72206336961da8ce2c100ff90ac4a598e9846bc2b868a640021bec390b7f460d14330beadd5458a0352cde0d6c8bc1655da9121090c98cdf98438ab1baa3bbbb60db2436ae26fad78755d3df25b0f03c4c8f39f27a668aa45aa2953ebd6a34233a386f3d63a07f7e491a2db98af12cc6fc814e8a75efcf90c0e2a56a833d53b086be1ec10efe3c7d46abfedb36fc2fc75ebbdabcd356e489fe87dbf67bfe8de6d24d4db48c65da860ccf9f9b2f8b1fc8c8d757521a1b0677f50901ea19c53fd3a8ca59fbc328e69b0d064746a000000a1ed7631a64c8ecb86645f66b4efc49b74ec93f4897a56c7dbb42f094e6685051a0d42bed7598cc30ffc08bc2db500c5e5f9d51fc89d25f3a202b0abc67dd7926f915d61c24e031636d984759a36ba0b3a06151764621bdbe91b510a6064aa51e0a73317ccb02dbb89c701eac52445561f7355071ef71ae5427f612f8620f6b9a80c440af2f162"], 0x41, 0x30f, &(0x7f0000001bc0)="$eJzs3M9LG2kYwPEnMZoY0eSwLOsuiy+7l93LoNn7LkEUlg3s4pplf8DCaCa7IdMkZFJLpNT01Gv/jQaPXorQ2j/AS2899VJ68VLoRWhtyvyISXSiadREyfcD8j7O+z7zI+8kPDMwc/Dnw1v5rKVl9YoEI0qCIjU5EonbkWd9WkQCEhCnmXAXRtymJt9PvX3xtRKRZCq1tKLUcnL1h4RSambuyZ2729/sVab+2JnZDct+/N+DN4lX+5/vzx58WP0/Z6mcpQrFitLVWvFlRV8zDZXJWXlNqd9MQ7cMlStYRtntL1a8zUqpVFV6ITMdLZUNy1J6oaryRlVViqpSrir9Pz1XUJqmqemojI7DOacpfWpeur6yoif73Oh6n3m4dHtn9pbLzS/Ps8XOnnT96vYJAABcV836P9xe/x921v8Brw221/+emtTs+v/3v/7+pYf6f3eiS/1fPFX/e9cX0tGfNYvU//2KnF6Uro/1X//jhihPitS3pfWNvv/P9rwTUP8DAAAAAAAAAAAAAAAAAAAAAHATHDYasUajEbPboLix/Rf2Hhhp/j/s/cTVaJ9/d65D9qwz/yOi7cG9iIj5YCO9kXZbtz+ZlZyYYsi8xOS9cz543Hj559RSQDni8tTc8vK3NtJjnfkLEpO4f/6Cm68688cl2p6fkJh85p+f8M2fkO++bcvXJCbP16UopmSc87qVf29BqcVfUyfyJyXj88QcAAAAAAA3kaaO+V6/a1q3fje/l/sD877X5yH5MjTcYwcAAAAAYFRY1c28bppG+dzgkZdx7uDX3sCe13zRYLzXowj3vubHThDotubI8Ud3+4sBHmkraL6T+czBk96gji7v9szW4Pf5wsHcULYesk/6tiXRroNnxvw+cCewTxifrLD3VmZ7yVHjRNaPO1+9q27+NHvOLF9RMNCfIQAAAAAD0Cr6h70nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMrst+edi4z3vOhn2MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHXxMQAA//8qfA8F")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r5, 0xc0185879, 0x0)

184.401932ms ago: executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = open(&(0x7f0000000140)='./file1\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)

174.647983ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000c000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
lremovexattr(0x0, 0x0)

158.325816ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)

139.837339ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r2}, 0x9)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})

88.636296ms ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)

0s ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0006, &(0x7f0000000980)={[{@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee00}}, {@data_err_ignore}, {@noload}, {@bh}, {@data_err_abort}, {@usrquota}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0xfe, 0x43e, &(0x7f00000004c0)="$eJzs3MtvG0UYAPBv7SR9k1DKo6WFQEFEPJImfdADFxBIHEBCgkMRp5CkVajboCZItIogcAhHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZu6iZ3GiVOX7O8nbTvjHWvm292xZ2e8CaCwBtN/koi9EfFHRPTXs7cXGKz/d3NpfuKfpfmJJKrVt/9OauVuLM1P5EXz9+2pZ6rVLL+jSb2L70WMVypTl7L8yNyFD0dmL195YfrC+Lmpc1MXx06fPnH8SN+psZMdiTON68ahT2YOH3z93atvTpy5+v4v36Xt3Zvtb4yjUwbrR7eppztdWZfta0gnPV1sCG0pR0R6unpr/b8/yrFreV9/vPZ5VxsHbKlqtVpt9v2cWagC21gS3W4B0B35F316/5tvd2nocU+4/nL9BiiN+2a21ff0RCkr07vi/raTBiPizMK/X6dbbNE8BABAox/S8c/zzcZ/pXioodx92RrKQETcHxH7I+KBiDgQEQ9G1Mo+HBGPtFn/yhWS1eOf0rUNBbZO6fjvpWxt6/bxXz76i4FylttXi783OTtdmTqWHZOh6N2R5kfXqOPHV3//stW+xvFfuqX152PBrB3XelZM0E2Oz41vJuZG1z+LONTTLP4k8mWcJCIORsShDdYx/ey3h1vtu3P8a+jAOlP1m4hn6ud/IVbEn0tark+Ovnhq7OTIzqhMHRvJr4rVfv1t8a1W9W8q/g5Iz//uptf/cvwDyc6I2ctXztfWa2fbr2Pxzy9a3tNs9PrvS96ppfuy1z4en5u7NBrRl7yx+vWxW+/N83n5NP6ho837//64dSQejYj0Ij4SEY9FxONZ25+IiCcj4uga8f/8ylMftB//GrPyHZTGP3mn8x+N57/9RPn8T9+3H38uPf8naqmh7JX1fP6tt4GbOXYAAADwf1Gq/QY+KQ0vp0ul4eH6b/gPxO5SZWZ27rmzMx9dnKz/Vn4gekv5TFd/w3zoaDY3nOfHVuSPZ/PGX5V31fLDEzOVyW4HDwW3p0X/T/1V7nbrgC3neS0oLv0fikv/h+LS/6G49H8ormb9/9MutAO4+3z/Q3Hp/1Bc+j8Ul/4PhdTy2fjSph75l9j2iSjdE83Y/omedf8xiw0mdjTd1e1PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74LwAA//9wiOSH")
open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ee289f413bb90152f7d6d1ce5ca93c0f7c41499dc28ac63a01000000000000004faa2ad9c084a003ea00", "03bdbcef549ba19704007ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c20c62df7a8d5da5c00000000ff030000fff2ff008900"})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ered blocking state
[   78.830326][ T1925] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.837953][ T1925] device bridge_slave_1 entered promiscuous mode
[   78.893003][ T1933] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[   78.902550][ T1933] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[   78.963885][ T1921] loop0: detected capacity change from 0 to 131072
[   78.988223][ T1925] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.995205][ T1925] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.996244][ T1935] loop2: detected capacity change from 0 to 8192
[   79.002293][ T1925] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.002308][ T1925] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.021596][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   79.029978][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.038427][ T1921] F2FS-fs (loop0): Found nat_bits in checkpoint
[   79.046311][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.073841][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   79.082208][  T336] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.089084][  T336] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.089996][ T1935] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[   79.098264][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   79.105014][ T1935] FAT-fs (loop2): Filesystem has been set read-only
[   79.113762][  T336] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.121925][ T1935] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068)
[   79.126139][  T336] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.134240][ T1935] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068)
[   79.141398][ T1921] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   79.178375][ T1947] loop2: detected capacity change from 0 to 256
[   79.188539][ T1947] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[   79.190338][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   79.225061][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   79.245340][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   79.255516][ T1953] loop3: detected capacity change from 0 to 256
[   79.271932][ T1953] exfat: Deprecated parameter 'utf8'
[   79.281021][ T1925] device veth0_vlan entered promiscuous mode
[   79.286940][ T1953] exfat: Deprecated parameter 'namecase'
[   79.305759][   T10] device erspan0 left promiscuous mode
[   79.311056][   T10] bridge1: port 1(erspan0) entered disabled state
[   79.317889][ T1953] exfat: Deprecated parameter 'utf8'
[   79.325123][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   79.327603][ T1953] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[   79.333718][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   79.359798][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   79.371442][ T1960] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[   79.381363][ T1960] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[   79.391179][ T1962] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[   79.400588][ T1962] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'.
[   79.414180][ T1925] device veth1_macvtap entered promiscuous mode
[   79.415380][ T1953] syz-executor.3[1953] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.420330][ T1953] syz-executor.3[1953] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   79.438157][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   79.483588][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   79.494282][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   79.502931][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   79.511057][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   79.600097][ T1965] loop2: detected capacity change from 0 to 8192
[   79.705823][   T10] device bridge_slave_1 left promiscuous mode
[   79.719016][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.877104][ T1965] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[   79.901769][ T1965] FAT-fs (loop2): Filesystem has been set read-only
[   79.905111][   T10] device bridge_slave_0 left promiscuous mode
[   79.917448][ T1965] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068)
[   79.920752][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.936967][   T10] device veth1_macvtap left promiscuous mode
[   79.942949][ T1965] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 2068)
[   79.951028][   T10] device veth0_vlan left promiscuous mode
[   80.054572][ T1982] loop0: detected capacity change from 0 to 1024
[   80.061219][ T1982] EXT4-fs: Ignoring removed nobh option
[   80.070725][ T1982] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   80.139273][ T1982] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   80.183430][  T318] EXT4-fs (loop0): unmounting filesystem.
[   80.346964][ T1997] loop3: detected capacity change from 0 to 512
[   80.386055][ T1997] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature
[   80.412193][ T1997] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.3: missing EA_INODE flag
[   80.427203][ T2000] loop4: detected capacity change from 0 to 256
[   80.443664][ T1997] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 2 err=-117
[   80.461727][  T315] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   80.477832][ T2000] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   80.500034][ T1997] EXT4-fs (loop3): 1 orphan inode deleted
[   80.530316][ T1997] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   80.587150][ T2002] tmpfs: Unknown parameter 'nolazytime˙˙'
[   80.641305][ T2004] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[   80.656765][   T28] kauditd_printk_skb: 8 callbacks suppressed
[   80.656779][   T28] audit: type=1400 audit(1718177697.366:352): avc:  denied  { unmount } for  pid=914 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   80.683971][  T914] EXT4-fs (loop3): unmounting filesystem.
[   80.695133][ T2004] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.4'.
[   80.711751][  T315] usb 3-1: Using ep0 maxpacket: 16
[   80.994432][ T2014] loop1: detected capacity change from 0 to 128
[   81.081807][  T315] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[   81.095611][ T1995] loop0: detected capacity change from 0 to 131072
[   81.106289][ T1995] F2FS-fs (loop0): Found nat_bits in checkpoint
[   81.136182][ T1995] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   81.241788][  T315] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[   81.250841][  T315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.258760][  T315] usb 3-1: Product: syz
[   81.263156][  T315] usb 3-1: Manufacturer: syz
[   81.267635][  T315] usb 3-1: SerialNumber: syz
[   81.276091][  T315] usb 3-1: config 0 descriptor??
[   81.295684][ T2025] loop4: detected capacity change from 0 to 512
[   81.312368][  T315] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[   81.316403][ T2025] EXT4-fs: Invalid gid value -1
[   81.322523][  T315] usb 3-1: Detected FT232R
[   82.098297][  T315] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   82.427219][ T2035] loop0: detected capacity change from 0 to 1024
[   82.454596][ T2035] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   82.495828][ T2035] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   82.537853][  T318] EXT4-fs (loop0): unmounting filesystem.
[   82.575718][ T2046] loop3: detected capacity change from 0 to 512
[   82.617190][ T2046] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz-executor.3: casefold flag without casefold feature
[   82.632971][ T2046] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.3: missing EA_INODE flag
[   82.651937][  T315] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[   82.663847][ T2046] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 2 err=-117
[   82.686367][  T315] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   82.694824][ T2046] EXT4-fs (loop3): 1 orphan inode deleted
[   82.700534][ T2046] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   82.725958][  T315] usb 3-1: USB disconnect, device number 9
[   82.769280][  T315] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   82.790401][  T315] ftdi_sio 3-1:0.0: device disconnected
[   82.799613][  T914] EXT4-fs (loop3): unmounting filesystem.
[   82.945406][ T2056] loop0: detected capacity change from 0 to 40427
[   82.960596][ T2056] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[   82.967174][ T2056] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   82.977093][ T2056] F2FS-fs (loop0): Found nat_bits in checkpoint
[   83.025392][ T2056] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   83.032364][ T2056] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   83.049029][  T318] syz-executor.0: attempt to access beyond end of device
[   83.049029][  T318] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   83.159232][ T2067] ------------[ cut here ]------------
[   83.164572][ T2067] WARNING: CPU: 1 PID: 2067 at mm/page_alloc.c:5688 __alloc_pages+0xc0/0x780
[   83.173160][ T2067] Modules linked in:
[   83.176846][ T2067] CPU: 1 PID: 2067 Comm: syz-executor.4 Not tainted 6.1.78-syzkaller-00002-g65aed0e2f758 #0
[   83.186813][ T2067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   83.196961][ T2067] RIP: 0010:__alloc_pages+0xc0/0x780
[   83.202142][ T2067] Code: 0b 72 13 44 89 e8 25 00 20 00 00 75 09 80 3d 0b b6 b4 05 00 74 0d 83 fb 0a 76 16 45 31 e4 e9 4e 03 00 00 c6 05 f5 b5 b4 05 01 <0f> 0b 83 fb 0a 77 ea 89 1c 24 44 23 2d 57 a0 b7 05 65 48 8b 05 27
[   83.222038][ T2067] RSP: 0018:ffffc90004fefa40 EFLAGS: 00010246
[   83.228160][ T2067] RAX: 0000000000000000 RBX: 000000000000001a RCX: 0000000000000000
[   83.236015][ T2067] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc90004fefae8
[   83.243818][ T2067] RBP: ffffc90004fefb78 R08: dffffc0000000000 R09: ffffc90004fefad0
[   83.251581][ T2067] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[   83.259421][ T2067] R13: 0000000000040dc0 R14: dffffc0000000000 R15: 1ffff920009fdf54
[   83.267238][ T2067] FS:  00007fe33fd8d6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   83.276025][ T2067] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   83.282412][ T2067] CR2: 0000001b2f028000 CR3: 000000012d49c000 CR4: 00000000003506a0
[   83.290206][ T2067] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   83.298190][ T2067] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   83.306053][ T2067] Call Trace:
[   83.309065][ T2067]  <TASK>
[   83.311890][ T2067]  ? show_regs+0x58/0x60
[   83.315924][ T2067]  ? __warn+0x160/0x3d0
[   83.319918][ T2067]  ? __alloc_pages+0xc0/0x780
[   83.324460][ T2067]  ? report_bug+0x4d5/0x7d0
[   83.328768][ T2067]  ? __alloc_pages+0xc0/0x780
[   83.333314][ T2067]  ? handle_bug+0x41/0x70
[   83.337445][ T2067]  ? exc_invalid_op+0x1b/0x50
[   83.342021][ T2067]  ? asm_exc_invalid_op+0x1b/0x20
[   83.346828][ T2067]  ? __alloc_pages+0xc0/0x780
[   83.351335][ T2067]  ? do_vfs_ioctl+0xba7/0x29a0
[   83.355984][ T2067]  ? prep_new_page+0x110/0x110
[   83.360538][ T2067]  ? futex_wake+0x758/0xb60
[   83.364913][ T2067]  __kmalloc_large_node+0x9e/0x1b0
[   83.369823][ T2067]  ? input_mt_init_slots+0xcf/0xa50
[   83.375048][ T2067]  __kmalloc+0xef/0x1e0
[   83.379039][ T2067]  input_mt_init_slots+0xcf/0xa50
[   83.383927][ T2067]  ? mutex_lock_interruptible+0xb1/0x1e0
[   83.389367][ T2067]  uinput_create_device+0x522/0x630
[   83.394480][ T2067]  uinput_ioctl_handler+0xa63/0x16a0
[   83.399516][ T2067]  ? uinput_release+0x50/0x50
[   83.404060][ T2067]  ? selinux_file_ioctl+0x3cc/0x540
[   83.409074][ T2067]  uinput_ioctl+0x28/0x30
[   83.413268][ T2067]  ? uinput_poll+0x120/0x120
[   83.417655][ T2067]  __se_sys_ioctl+0x114/0x190
[   83.422365][ T2067]  __x64_sys_ioctl+0x7b/0x90
[   83.426782][ T2067]  do_syscall_64+0x3d/0xb0
[   83.431032][ T2067]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.436811][ T2067] RIP: 0033:0x7fe33f07cea9
[   83.441016][ T2067] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   83.460517][ T2067] RSP: 002b:00007fe33fd8d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.468873][ T2067] RAX: ffffffffffffffda RBX: 00007fe33f1b3f80 RCX: 00007fe33f07cea9
[   83.476808][ T2067] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000004
[   83.477342][ T2077] loop1: detected capacity change from 0 to 512
[   83.484625][ T2067] RBP: 00007fe33f0ebff4 R08: 0000000000000000 R09: 0000000000000000
[   83.484644][ T2067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   83.484656][ T2067] R13: 000000000000000b R14: 00007fe33f1b3f80 R15: 00007ffec0e70648
[   83.514224][ T2067]  </TASK>
[   83.517052][ T2067] ---[ end trace 0000000000000000 ]---
[   83.532026][ T2077] EXT4-fs: Invalid gid value -1
[   83.617032][ T2081] loop4: detected capacity change from 0 to 1024
[   83.643595][ T2081] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   83.659696][ T2081] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   84.028561][  T316] EXT4-fs (loop4): unmounting filesystem.
[   84.116785][   T28] audit: type=1400 audit(1718177700.826:353): avc:  denied  { bind } for  pid=2086 comm="syz-executor.2" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   84.150208][   T28] audit: type=1400 audit(1718177700.846:354): avc:  denied  { node_bind } for  pid=2086 comm="syz-executor.2" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   84.312426][ T2100] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[   84.332129][ T2100] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[   84.341256][ T2100] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.348684][ T2100] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.355583][ T2100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.424096][ T2110] loop0: detected capacity change from 0 to 2048
[   84.456971][ T2110] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 8192
[   84.467838][ T2110] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   84.525801][ T2110] EXT4-fs error (device loop0): ext4_get_max_inline_size:116: inode #18: comm syz-executor.0: can't get inode location 18
[   84.554990][  T318] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 16: comm syz-executor.0: lblock 0 mapped to illegal pblock 16 (length 1)
[   84.572924][  T318] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[   84.582765][  T318] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #18: comm syz-executor.0: mark_inode_dirty error
[   84.595491][  T318] EXT4-fs (loop0): unmounting filesystem.
[   84.998262][ T2123] loop2: detected capacity change from 0 to 512
[   85.020935][ T2123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[   85.035463][ T2123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[   85.048957][ T2123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[   85.062876][ T2123] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[   85.075529][ T2123] EXT4-fs (loop2): 1 orphan inode deleted
[   85.081080][ T2123] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   85.136390][ T2122] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.150885][ T2122] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.158521][ T2122] device bridge_slave_0 entered promiscuous mode
[   85.165728][ T2122] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.172784][ T2122] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.180169][ T2122] device bridge_slave_1 entered promiscuous mode
[   85.257637][ T2129] device pim6reg1 entered promiscuous mode
[   85.271520][ T2133] loop4: detected capacity change from 0 to 512
[   85.285231][ T2133] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.287223][ T2122] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.300329][ T2122] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.304026][ T2133] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set
[   85.307499][ T2122] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.322482][ T2133] Quota error (device loop4): write_blk: dquota write failed
[   85.328629][ T2122] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.343997][ T2133] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   85.353982][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.354797][ T2133] EXT4-fs (loop4): 1 truncate cleaned up
[   85.366658][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.373691][ T2133] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   85.383913][ T2133] ext4 filesystem being mounted at /root/syzkaller-testdir637393716/syzkaller.QE8Kjg/116/bus supports timestamps until 2038 (0x7fffffff)
[   85.404009][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   85.411430][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   85.412515][ T2133] EXT4-fs error (device loop4): __ext4_remount:6412: comm syz-executor.4: Abort forced by user
[   85.429038][ T2137] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[   85.431910][ T2133] EXT4-fs (loop4): Remounting filesystem read-only
[   85.438319][ T2137] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[   85.453659][ T2137] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.460862][ T2137] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.467858][ T2137] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.485401][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   85.493831][  T737] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.498508][  T316] EXT4-fs (loop4): unmounting filesystem.
[   85.500673][  T737] bridge0: port 1(bridge_slave_0) entered forwarding state
[   85.500870][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   85.521504][  T737] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.528382][  T737] bridge0: port 2(bridge_slave_1) entered forwarding state
[   85.535732][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   85.556246][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.571190][ T2122] device veth0_vlan entered promiscuous mode
[   85.577557][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   85.585890][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   85.593646][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   85.600832][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   85.616488][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   85.626179][ T2122] device veth1_macvtap entered promiscuous mode
[   85.639609][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   85.649123][ T1891] EXT4-fs (loop2): unmounting filesystem.
[   85.671455][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.772546][   T28] audit: type=1400 audit(1718177702.486:355): avc:  denied  { block_suspend } for  pid=2153 comm="syz-executor.2" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   85.892958][ T2165] loop2: detected capacity change from 0 to 1024
[   85.923900][ T2165] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[   85.932166][ T2165] System zones: 0-1, 3-12
[   85.936889][ T2165] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   85.945440][   T28] audit: type=1400 audit(1718177702.656:356): avc:  denied  { mount } for  pid=2164 comm="syz-executor.2" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   85.986806][ T2165] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop2 ino=12
[   86.020173][ T2165] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop2 ino=12
[   86.039083][   T28] audit: type=1400 audit(1718177702.686:357): avc:  denied  { map } for  pid=2164 comm="syz-executor.2" path="/root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/bus" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.097234][ T1891] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 32: comm syz-executor.2: path /root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.138962][ T1891] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.152260][   T28] audit: type=1400 audit(1718177702.806:358): avc:  denied  { unmount } for  pid=1891 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   86.171231][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.200179][ T1891] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 32: comm syz-executor.2: path /root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.226026][   T28] audit: type=1400 audit(1718177702.846:359): avc:  denied  { rmdir } for  pid=1891 comm="syz-executor.2" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   86.251801][ T1891] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.283405][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.295037][ T1891] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 32: comm syz-executor.2: path /root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.320927][ T1891] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.340257][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.352432][ T1891] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 32: comm syz-executor.2: path /root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.378313][ T1891] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.397712][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.409299][ T1891] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 32: comm syz-executor.2: path /root/syzkaller-testdir4183781097/syzkaller.ctt2ew/16/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.435494][ T1891] EXT4-fs error (device loop2): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   86.455322][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.470538][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.483149][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.498090][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.510378][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.522343][ T1891] EXT4-fs warning (device loop2): ext4_empty_dir:3101: inode #11: comm syz-executor.2: directory missing '.'
[   86.589520][   T28] audit: type=1400 audit(1718177703.296:360): avc:  denied  { write } for  pid=2179 comm="syz-executor.1" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   86.589615][ T2180] random: crng reseeded on system resumption
[   86.613256][   T28] audit: type=1400 audit(1718177703.296:361): avc:  denied  { open } for  pid=2179 comm="syz-executor.1" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   86.718734][ T1891] EXT4-fs (loop2): unmounting filesystem.
[   86.742707][ T2191] device pim6reg1 entered promiscuous mode
[   87.468914][ T2202] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.475876][ T2202] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.483669][ T2202] device bridge_slave_0 entered promiscuous mode
[   87.490722][ T2202] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.498141][ T2202] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.505684][ T2202] device bridge_slave_1 entered promiscuous mode
[   87.595854][ T2210] loop0: detected capacity change from 0 to 16
[   87.614282][ T2210] erofs: (device loop0): mounted with root inode @ nid 36.
[   87.625069][  T399] device bridge_slave_1 left promiscuous mode
[   87.633937][  T399] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.642013][  T399] device bridge_slave_0 left promiscuous mode
[   87.648138][  T399] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.648205][ T2212] loop4: detected capacity change from 0 to 256
[   87.661576][ T2210] syz-executor.0: attempt to access beyond end of device
[   87.661576][ T2210] loop0: rw=0, sector=8, nr_sectors = 32 limit=16
[   87.674928][  T399] device veth1_macvtap left promiscuous mode
[   87.680692][ T2210] syz-executor.0: attempt to access beyond end of device
[   87.680692][ T2210] loop0: rw=0, sector=1049272, nr_sectors = 32 limit=16
[   87.681073][  T399] device veth0_vlan left promiscuous mode
[   87.694978][ T2210] syz-executor.0: attempt to access beyond end of device
[   87.694978][ T2210] loop0: rw=0, sector=8, nr_sectors = 32 limit=16
[   87.713637][ T2210] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117]
[   87.722206][ T2210] erofs: (device loop0): erofs_readdir: fail to readdir of logical block 16 of nid 36
[   87.742499][ T2212] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   87.788317][ T2214] loop0: detected capacity change from 0 to 2048
[   87.862488][  T613] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   87.965897][ T2202] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.972782][ T2202] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.979867][ T2202] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.986689][ T2202] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.013002][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   88.018026][ T2204] loop1: detected capacity change from 0 to 131072
[   88.024763][ T2229] loop0: detected capacity change from 0 to 512
[   88.033170][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.040393][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.048712][ T2229] EXT4-fs: Invalid gid value -1
[   88.065419][ T2204] F2FS-fs (loop1): Found nat_bits in checkpoint
[   88.120340][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   88.129221][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.129352][ T2204] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   88.136109][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.136802][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   88.159312][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.166198][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.173519][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   88.391936][  T336] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[   88.399799][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   88.420092][ T2202] device veth0_vlan entered promiscuous mode
[   88.427292][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   88.436105][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   88.444401][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   88.453138][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   88.469559][ T2202] device veth1_macvtap entered promiscuous mode
[   88.477578][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   88.485680][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   88.494065][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   88.506594][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   88.515018][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.531939][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   88.540656][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.643924][   T28] audit: type=1400 audit(1718177705.356:362): avc:  denied  { write } for  pid=2245 comm="syz-executor.1" name="uhid" dev="devtmpfs" ino=175 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[   88.645431][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.674498][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.682137][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x2
[   88.689399][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.696726][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.703951][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.711213][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.718448][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.725697][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.733095][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.740362][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.747979][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.755694][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.763115][  T336] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   88.773853][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.781081][  T336] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[   88.819032][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.826343][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.833494][  T336] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   88.846343][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.853594][  T336] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   88.862595][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.869811][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.870183][ T2249] loop0: detected capacity change from 0 to 16
[   88.877493][  T336] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.891242][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.891621][ T2249] erofs: (device loop0): mounted with root inode @ nid 36.
[   88.899100][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.913238][  T336] usb 5-1: config 0 descriptor??
[   88.918237][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.925859][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.926103][ T2249] syz-executor.0: attempt to access beyond end of device
[   88.926103][ T2249] loop0: rw=0, sector=8, nr_sectors = 32 limit=16
[   88.933358][ T2225] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[   88.953610][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.958028][ T2249] syz-executor.0: attempt to access beyond end of device
[   88.958028][ T2249] loop0: rw=0, sector=1049272, nr_sectors = 32 limit=16
[   88.960935][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.974774][ T2249] syz-executor.0: attempt to access beyond end of device
[   88.974774][ T2249] loop0: rw=0, sector=8, nr_sectors = 32 limit=16
[   88.982420][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   88.997671][ T2249] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117]
[   89.002965][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.011300][ T2249] erofs: (device loop0): erofs_readdir: fail to readdir of logical block 16 of nid 36
[   89.017593][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.034078][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.041288][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.048595][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.055844][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.063100][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.065570][ T2251] loop0: detected capacity change from 0 to 512
[   89.070308][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.070333][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.090785][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.098023][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.103861][ T2251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   89.105245][  T315] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   89.114011][ T2251] ext4 filesystem being mounted at /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0 supports timestamps until 2038 (0x7fffffff)
[   89.124993][  T315] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   89.156236][ T2256] loop1: detected capacity change from 0 to 512
[   89.166023][ T2251] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[   89.178524][ T2251] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[   89.179093][ T2256] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002]
[   89.190872][ T2251] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[   89.197799][ T2256] System zones: 
[   89.209971][ T2251] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz-executor.0: mark_inode_dirty error
[   89.219986][ T2256] 0-2, 18-18, 34-35
[   89.233162][ T2256] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   89.242246][ T2256] ext4 filesystem being mounted at /root/syzkaller-testdir350708450/syzkaller.v3a9Vv/21/file0 supports timestamps until 2038 (0x7fffffff)
[   89.261438][ T2251] EXT4-fs warning (device loop0): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 756586225
[   89.278605][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.294212][ T1925] EXT4-fs warning (device loop1): ext4_dirblock_csum_set:426: inode #2: comm syz-executor.1: No space for directory leaf checksum. Please run e2fsck -D.
[   89.294618][ T2122] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: directory fails checksum at offset 0
[   89.309572][   T28] audit: type=1400 audit(1718177706.006:363): avc:  denied  { unlink } for  pid=1925 comm="syz-executor.1" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   89.352766][ T2122] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4122464895, rec_len=63823, size=2048 fake=0
[   89.354714][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.377610][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.389545][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.404997][ T2122] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: directory fails checksum at offset 18432
[   89.415821][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.433969][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.445731][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.460829][ T2122] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: directory fails checksum at offset 20480
[   89.472356][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.492334][  T336] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[   89.503515][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.521019][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.533161][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.533834][  T336] plantronics 0003:047F:FFFF.0009: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[   89.547968][ T1925] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #12: comm syz-executor.1: directory missing '.'
[   89.568738][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.587217][ T2122] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: directory fails checksum at offset 22528
[   89.607903][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.625367][ T2122] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir3101400910/syzkaller.SUa0Ol/10/file0: directory fails checksum at offset 24576
[   89.644583][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.660659][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.677363][ T1925] EXT4-fs (loop1): unmounting filesystem.
[   89.677541][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.713489][ T2122] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D.
[   89.742632][ T2267] device pim6reg1 entered promiscuous mode
[   89.848161][   T28] audit: type=1400 audit(1718177706.556:364): avc:  denied  { read } for  pid=2271 comm="syz-executor.2" name="usbmon0" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   89.892536][ T2269] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.899391][ T2269] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.906890][ T2269] device bridge_slave_0 entered promiscuous mode
[   89.915982][ T2269] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.923147][ T2269] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.930553][ T2269] device bridge_slave_1 entered promiscuous mode
[   90.040972][ T2269] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.047869][ T2269] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.054969][ T2269] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.061740][ T2269] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.118302][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   90.131842][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.142747][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.178336][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   90.186573][  T336] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.193445][  T336] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.200879][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   90.209810][  T336] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.216892][  T336] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.224489][  T336] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   90.241107][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   90.256752][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   90.270717][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   90.280675][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   90.288959][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   90.298887][ T2269] device veth0_vlan entered promiscuous mode
[   90.312575][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   90.322324][ T2269] device veth1_macvtap entered promiscuous mode
[   90.332931][  T399] device bridge_slave_1 left promiscuous mode
[   90.339022][  T399] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.346670][  T399] device bridge_slave_0 left promiscuous mode
[   90.352808][  T399] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.360863][  T399] device veth1_macvtap left promiscuous mode
[   90.367090][  T399] device veth0_vlan left promiscuous mode
[   90.480165][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   90.488912][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   90.723671][ T2283] loop1: detected capacity change from 0 to 512
[   90.902024][ T2283] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[   90.917740][ T2283] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[   90.930183][    C0] plantronics 0003:047F:FFFF.0009: usb_submit_urb(ctrl) failed: -1
[   90.945526][ T2283] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz-executor.1: inode #1: comm syz-executor.1: iget: illegal inode #
[   90.959292][ T2283] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 1 err=-117
[   90.972322][ T2283] EXT4-fs (loop1): 1 orphan inode deleted
[   90.977874][ T2283] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   91.051969][ T2291] syz-executor.2[2291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   91.052043][ T2291] syz-executor.2[2291] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   91.395590][ T2269] EXT4-fs (loop1): unmounting filesystem.
[   91.762021][  T315] usb 5-1: USB disconnect, device number 12
[   91.840761][ T2122] EXT4-fs (loop0): unmounting filesystem.
[   91.872070][    T8] __quota_error: 1 callbacks suppressed
[   91.872093][    T8] Quota error (device loop0): do_check_range: Getting block 1634105445 out of range 1-6
[   92.179749][   T28] audit: type=1400 audit(1718177708.876:366): avc:  denied  { mounton } for  pid=2310 comm="syz-executor.4" path="/proc/2310/fd" dev="proc" ino=23832 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   92.241729][ T2313] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[   92.378907][ T2317] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.385948][ T2317] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.393480][ T2317] device bridge_slave_0 entered promiscuous mode
[   92.402909][ T2317] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.410134][ T2317] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.420948][ T2317] device bridge_slave_1 entered promiscuous mode
[   92.673040][ T2317] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.679952][ T2317] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.687047][ T2317] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.693973][ T2317] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.713633][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.721086][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.729013][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.759087][ T2317] device veth0_vlan entered promiscuous mode
[   92.774283][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   92.782903][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   92.790734][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   92.791718][  T315] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[   92.798358][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   92.812674][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   92.820620][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.827655][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.837499][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   92.845952][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.852824][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.860162][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   92.868006][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   92.880344][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   92.888898][ T2317] device veth1_macvtap entered promiscuous mode
[   92.911326][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   92.940119][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   93.007350][ T2338] loop0: detected capacity change from 0 to 2048
[   93.014536][    T8] device bridge_slave_1 left promiscuous mode
[   93.020786][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.028275][    T8] device bridge_slave_0 left promiscuous mode
[   93.034380][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.041701][  T315] usb 3-1: Using ep0 maxpacket: 16
[   93.047760][    T8] device veth1_macvtap left promiscuous mode
[   93.053775][    T8] device veth0_vlan left promiscuous mode
[   93.053840][ T2338]  loop0: p1 < > p4
[   93.064084][ T2338] loop0: p4 size 8388608 extends beyond EOD, truncated
[   93.162464][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   93.181347][  T315] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   93.201962][  T315] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   93.224648][  T315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.238736][  T315] usb 3-1: config 0 descriptor??
[   93.289191][   T28] audit: type=1400 audit(1718177709.996:367): avc:  denied  { ioctl } for  pid=2344 comm="syz-executor.0" path="socket:[24912]" dev="sockfs" ino=24912 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   93.721259][   T28] audit: type=1400 audit(1718177710.426:368): avc:  denied  { bind } for  pid=2359 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   93.742459][   T28] audit: type=1400 audit(1718177710.426:369): avc:  denied  { listen } for  pid=2359 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   93.765295][   T28] audit: type=1400 audit(1718177710.426:370): avc:  denied  { setopt } for  pid=2359 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   93.786141][ T2327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.795101][ T2327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.824118][  T315] hid (null): usage index exceeded
[   93.839151][  T315] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1
[   93.846659][  T315] hid-generic 0003:0158:0100.000A: unexpected long global item
[   93.854413][  T315] hid-generic: probe of 0003:0158:0100.000A failed with error -22
[   94.025987][ T2367] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.033123][ T2367] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.040597][ T2367] device bridge_slave_0 entered promiscuous mode
[   94.045119][  T315] usb 3-1: USB disconnect, device number 10
[   94.048364][ T2367] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.059930][ T2367] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.067881][ T2367] device bridge_slave_1 entered promiscuous mode
[   94.150378][ T2367] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.157281][ T2367] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.164389][ T2367] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.171227][ T2367] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.197411][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.205236][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.213549][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.300537][ T2382] loop4: detected capacity change from 0 to 512
[   94.352029][ T2382] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   94.366384][ T2382] EXT4-fs (loop4): 1 truncate cleaned up
[   94.372071][ T2382] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   94.385897][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.394779][  T803] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.401621][  T803] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.417883][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.426493][ T2386] loop0: detected capacity change from 0 to 256
[   94.432342][  T728] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.439464][  T728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.456414][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.480402][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.497180][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.509500][ T2367] device veth0_vlan entered promiscuous mode
[   94.521122][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.530030][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.537496][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.556181][ T2367] device veth1_macvtap entered promiscuous mode
[   94.563291][ T2396] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[   94.572353][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.589169][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.599795][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.703801][  T728] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[   95.277835][   T10] device bridge_slave_1 left promiscuous mode
[   95.283919][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.291335][   T10] device bridge_slave_0 left promiscuous mode
[   95.294861][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.297971][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.306528][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.312117][  T728] usb 5-1: Using ep0 maxpacket: 16
[   95.318792][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.331291][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.338683][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.338730][   T10] device veth1_macvtap left promiscuous mode
[   95.346316][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.352164][   T10] device veth0_vlan left promiscuous mode
[   95.359360][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.371866][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.379125][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.386603][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.393943][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.401260][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.408560][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.415763][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.422983][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.430264][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.437506][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.444800][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.452183][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.459461][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.463935][  T728] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.498042][  T728] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   95.511058][  T728] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   95.523502][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.525149][  T728] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.530807][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.545988][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.555256][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.562617][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.569864][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.577247][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.578126][  T728] usb 5-1: config 0 descriptor??
[   95.584650][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584675][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584695][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584715][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584735][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584755][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584775][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.584800][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.648215][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.666066][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.680272][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.696154][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.711393][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.726297][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.734584][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.742302][    T6] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   95.750081][    T6] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   95.762580][ T2425] syz-executor.2 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   95.854331][   T28] audit: type=1400 audit(1718177712.566:371): avc:  denied  { sys_module } for  pid=2432 comm="syz-executor.0" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   96.253498][  T728] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.000C/input/input18
[   96.304429][  T803] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   96.393566][   T28] audit: type=1400 audit(1718177713.106:372): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=694 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.417466][   T28] audit: type=1400 audit(1718177713.106:373): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=694 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.417517][  T728] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[   96.441010][   T28] audit: type=1400 audit(1718177713.106:374): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=694 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   96.556960][  T803] usb 3-1: Using ep0 maxpacket: 16
[   96.881806][  T803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[   96.892884][  T803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   96.903001][  T803] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[   96.912345][  T803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.922480][  T803] usb 3-1: config 0 descriptor??
[   97.578838][   T39] usb 5-1: USB disconnect, device number 13
[   97.603918][  T316] EXT4-fs (loop4): unmounting filesystem.
[   97.642874][ T2430] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.651265][ T2430] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.663522][  T803] hid (null): usage index exceeded
[   97.671275][  T803] hid-generic 0003:0158:0100.000D: unknown main item tag 0x1
[   97.678942][  T803] hid-generic 0003:0158:0100.000D: unexpected long global item
[   97.686526][  T803] hid-generic: probe of 0003:0158:0100.000D failed with error -22
[   97.868874][  T336] usb 3-1: USB disconnect, device number 11
[   98.011747][   T39] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[   98.022085][   T28] audit: type=1400 audit(1718177714.736:375): avc:  denied  { unlink } for  pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   98.231841][  T728] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   98.411777][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   98.416072][ T2476] loop1: detected capacity change from 0 to 256
[   98.421713][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[   98.437678][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[   98.448077][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[   98.742272][  T728] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   98.752734][   T39] usb 5-1: New USB device found, idVendor=05cc, idProduct=3350, bcdDevice=16.9c
[   98.761929][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.769741][   T39] usb 5-1: Product: syz
[   98.774295][  T728] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[   98.789333][  T728] usb 1-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   98.802607][   T39] usb 5-1: Manufacturer: syz
[   98.807180][   T39] usb 5-1: SerialNumber: syz
[   98.817373][   T39] usb 5-1: config 0 descriptor??
[   98.872166][   T39] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[   99.166919][  T336] usb 5-1: USB disconnect, device number 14
[   99.179204][  T728] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   99.188138][  T728] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.195936][  T728] usb 1-1: Product: syz
[   99.199930][  T728] usb 1-1: Manufacturer: syz
[   99.204362][  T728] usb 1-1: SerialNumber: syz
[   99.686589][ T2508] syz-executor.4[2508] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.686663][ T2508] syz-executor.4[2508] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   99.709152][ T2508] loop4: detected capacity change from 0 to 512
[   99.727945][ T2508] EXT4-fs (loop4): fragment/cluster size (4096) != block size (1024)
[   99.753659][  T338] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   99.777247][   T28] audit: type=1400 audit(1718177716.486:376): avc:  denied  { relabelfrom } for  pid=2511 comm="syz-executor.4" name="" dev="pipefs" ino=25241 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   99.808749][ T2514] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[   99.891978][   T28] audit: type=1400 audit(1718177716.606:377): avc:  denied  { write } for  pid=2509 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   99.914328][ T2517] loop2: detected capacity change from 0 to 128
[   99.939548][ T2517] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  100.401370][   T28] audit: type=1400 audit(1718177717.106:378): avc:  denied  { create } for  pid=2526 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  100.421233][   T28] audit: type=1400 audit(1718177717.116:379): avc:  denied  { connect } for  pid=2526 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  100.441218][   T28] audit: type=1400 audit(1718177717.116:380): avc:  denied  { bind } for  pid=2526 comm="syz-executor.1" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  100.461360][   T28] audit: type=1400 audit(1718177717.116:381): avc:  denied  { node_bind } for  pid=2526 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  100.501899][  T728] cdc_ncm 1-1:1.0: bind() failure
[  100.521794][  T728] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  100.541780][  T728] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  100.549217][  T728] usb 1-1: USB disconnect, device number 14
[  101.422319][ T1582] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  101.440514][ T2544] syz-executor.0[2544] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.440586][ T2544] syz-executor.0[2544] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  101.470571][ T2544] loop0: detected capacity change from 0 to 512
[  101.495049][ T2544] EXT4-fs (loop0): fragment/cluster size (4096) != block size (1024)
[  101.641983][ T2552] loop0: detected capacity change from 0 to 40427
[  101.649846][ T2552] F2FS-fs (loop0): invalid crc value
[  101.656385][ T2552] F2FS-fs (loop0): Found nat_bits in checkpoint
[  101.683799][ T2552] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  102.028953][ T1582] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  102.039507][   T28] audit: type=1400 audit(1718177718.746:382): avc:  denied  { relabelfrom } for  pid=2551 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  102.040185][ T1582] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  102.060093][   T28] audit: type=1400 audit(1718177718.746:383): avc:  denied  { relabelto } for  pid=2551 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  102.069828][ T1582] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  102.098545][ T1582] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  102.291735][ T1582] usb 3-1: New USB device found, idVendor=05cc, idProduct=3350, bcdDevice=16.9c
[  102.300615][ T1582] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.308641][ T1582] usb 3-1: Product: syz
[  102.312678][ T1582] usb 3-1: Manufacturer: syz
[  102.317113][ T1582] usb 3-1: SerialNumber: syz
[  102.328924][ T1582] usb 3-1: config 0 descriptor??
[  102.364820][ T2563] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.4' sets config #1
[  102.374691][ T1582] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  103.096219][  T803] usb 3-1: USB disconnect, device number 12
[  103.211761][ T1582] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  103.612013][ T2594] usb usb8: usbfs: interface 0 claimed by hub while 'syz-executor.2' sets config #1
[  103.621785][ T1582] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.632246][ T1582] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[  103.642757][ T1582] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  103.721953][ T2599] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  103.841784][ T1582] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  103.850986][ T1582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.858808][ T1582] usb 2-1: Product: syz
[  103.863000][ T1582] usb 2-1: Manufacturer: syz
[  103.867489][ T1582] usb 2-1: SerialNumber: syz
[  104.409807][ T2615] syz-executor.4[2615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.409868][ T2615] syz-executor.4[2615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.771838][   T39] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  104.774939][ T2626] loop0: detected capacity change from 0 to 128
[  104.799074][ T2626] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  105.161760][   T39] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.191754][ T1582] cdc_ncm 2-1:1.0: bind() failure
[  105.211727][ T1582] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  105.231774][ T1582] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  105.238814][ T1582] usb 2-1: USB disconnect, device number 8
[  105.361837][   T39] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  105.378111][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.386132][   T39] usb 5-1: Product: syz
[  105.390200][   T39] usb 5-1: Manufacturer: syz
[  105.395678][   T39] usb 5-1: SerialNumber: syz
[  105.445013][ T2636] loop0: detected capacity change from 0 to 40427
[  105.452714][ T2636] F2FS-fs (loop0): invalid crc value
[  105.458756][ T2636] F2FS-fs (loop0): Found nat_bits in checkpoint
[  105.494954][ T2636] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  105.926180][ T2649] syz-executor.2[2649] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  105.926228][ T2649] syz-executor.2[2649] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.675263][ T2656] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.693965][ T2656] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.400782][ T2670] loop0: detected capacity change from 0 to 256
[  107.452514][   T28] audit: type=1400 audit(1718177724.166:384): avc:  denied  { create } for  pid=2669 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  107.473362][   T39] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  107.479844][   T39] cdc_ncm 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  107.479987][   T28] audit: type=1400 audit(1718177724.166:385): avc:  denied  { bind } for  pid=2669 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  107.487118][   T39] cdc_ncm 5-1:1.0: setting rx_max = 2048
[  107.584532][   T28] audit: type=1400 audit(1718177724.296:386): avc:  denied  { ioctl } for  pid=2675 comm="syz-executor.1" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=25831 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  107.703001][   T39] cdc_ncm 5-1:1.0: setting tx_max = 184
[  107.710825][   T39] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  107.730939][   T39] usb 5-1: USB disconnect, device number 15
[  107.737818][   T39] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP)
[  107.938409][   T28] audit: type=1326 audit(1718177724.646:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  107.962249][   T28] audit: type=1326 audit(1718177724.646:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  107.986027][   T28] audit: type=1326 audit(1718177724.646:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  108.009868][   T28] audit: type=1326 audit(1718177724.646:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  108.034125][   T28] audit: type=1326 audit(1718177724.646:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  108.057897][   T28] audit: type=1326 audit(1718177724.746:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85327cea9 code=0x7ffc0000
[  108.081884][   T28] audit: type=1326 audit(1718177724.746:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2692 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa85327a627 code=0x7ffc0000
[  108.159300][ T2699] loop2: detected capacity change from 0 to 8192
[  108.166846][ T2699] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  108.179010][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.187992][ T2699] FAT-fs (loop2): Filesystem has been set read-only
[  108.194515][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.203085][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.211858][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.220615][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.229336][ T2699] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  108.238542][ T2702] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  108.340904][ T2701] loop4: detected capacity change from 0 to 40427
[  108.348151][ T2701] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  108.362743][ T2701] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  108.373756][ T2701] F2FS-fs (loop4): invalid crc value
[  108.380101][ T2709] loop0: detected capacity change from 0 to 256
[  108.388022][ T2701] F2FS-fs (loop4): Found nat_bits in checkpoint
[  108.429297][ T2701] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  108.436278][ T2701] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  108.481750][ T2701] loop4: detected capacity change from 40427 to 11
[  108.488718][ T2701] syz-executor.4: attempt to access beyond end of device
[  108.488718][ T2701] loop4: rw=2049, sector=32800, nr_sectors = 16 limit=11
[  108.783153][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  108.792847][   T10] F2FS-fs (loop4): f2fs_commit_super fails to record errors:4, err:-5
[  108.800854][   T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  108.966292][ T2725] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.973229][ T2725] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.983490][ T2725] device bridge_slave_0 entered promiscuous mode
[  108.995875][ T2725] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.002877][ T2725] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.012466][ T2725] device bridge_slave_1 entered promiscuous mode
[  109.163613][ T2725] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.170503][ T2725] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.177570][ T2725] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.184371][ T2725] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.204822][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  109.214064][  T728] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.221238][  T728] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.231055][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.239310][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.246182][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.262417][ T2735] syz-executor.0[2735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.262482][ T2735] syz-executor.0[2735] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  109.275145][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.296564][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.304893][  T728] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.311891][  T728] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.320361][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  109.328306][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  109.338439][ T2725] device veth0_vlan entered promiscuous mode
[  109.347721][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.355712][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.363009][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.375818][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.385394][ T2725] device veth1_macvtap entered promiscuous mode
[  109.396152][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.406368][  T399] device bridge_slave_1 left promiscuous mode
[  109.412670][  T399] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.419864][  T399] device bridge_slave_0 left promiscuous mode
[  109.426102][  T399] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.433949][  T399] device veth1_macvtap left promiscuous mode
[  109.439822][  T399] device veth0_vlan left promiscuous mode
[  109.445603][  T803] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  109.577600][ T2748] device veth0_vlan left promiscuous mode
[  109.583707][ T2748] device veth0_vlan entered promiscuous mode
[  109.590892][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.714420][ T2759] loop1: detected capacity change from 0 to 256
[  109.811738][  T803] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.863494][ T2763] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.872809][ T2763] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.880187][ T2763] device bridge_slave_0 entered promiscuous mode
[  109.887276][ T2763] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.894527][ T2763] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.901991][ T2763] device bridge_slave_1 entered promiscuous mode
[  109.981773][  T803] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  109.990709][  T803] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.998725][  T803] usb 3-1: Product: syz
[  110.002703][  T803] usb 3-1: Manufacturer: syz
[  110.007041][  T803] usb 3-1: SerialNumber: syz
[  110.060450][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.068318][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.094797][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  110.104199][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  110.112834][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  110.120895][  T737] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.127743][  T737] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.135050][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  110.143248][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.151387][  T737] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.158235][  T737] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.171789][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  110.189788][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  110.204251][ T2763] device veth0_vlan entered promiscuous mode
[  110.222009][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  110.229946][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  110.247627][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  110.257730][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.286250][ T2763] device veth1_macvtap entered promiscuous mode
[  110.295480][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  110.310876][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.319561][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.361582][ T2762] loop1: detected capacity change from 0 to 131072
[  110.371106][ T2762] F2FS-fs (loop1): Test dummy encryption mode enabled
[  110.378874][ T2762] F2FS-fs (loop1): invalid crc value
[  110.399460][ T2762] F2FS-fs (loop1): Found nat_bits in checkpoint
[  110.405850][ T2783] loop4: detected capacity change from 0 to 256
[  110.445572][ T2762] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  110.453680][  T399] device bridge_slave_1 left promiscuous mode
[  110.459739][  T399] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.471122][ T2762] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  110.519547][  T399] device bridge_slave_0 left promiscuous mode
[  110.525869][  T399] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.770192][  T399] device veth1_macvtap left promiscuous mode
[  110.776487][  T399] device veth0_vlan left promiscuous mode
[  111.108318][ T2801] loop1: detected capacity change from 0 to 256
[  111.189281][ T2804] Driver unsupported XDP return value 0 on prog  (id 586) dev N/A, expect packet loss!
[  111.303063][ T2808] xt_bpf: check failed: parse error
[  111.331190][ T2811] loop4: detected capacity change from 0 to 512
[  111.339726][ T2811] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  111.354920][ T2811] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  111.363679][ T2811] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor.4: invalid indirect mapped block 2683928664 (level 1)
[  111.378441][ T2811] EXT4-fs (loop4): Remounting filesystem read-only
[  111.385534][ T2811] EXT4-fs (loop4): 1 truncate cleaned up
[  111.391097][ T2811] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  111.411679][ T2725] EXT4-fs error (device loop4): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor.4: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  111.436300][ T2725] EXT4-fs (loop4): Remounting filesystem read-only
[  111.443984][ T2725] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr
[  111.456624][ T2725] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.4: corrupted in-inode xattr
[  111.469017][  T803] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  111.475491][  T803] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  111.485537][  T803] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  111.553924][ T2725] EXT4-fs (loop4): unmounting filesystem.
[  111.664216][ T2818] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.671227][ T2818] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.678567][ T2818] device bridge_slave_0 entered promiscuous mode
[  111.684923][  T803] cdc_ncm 3-1:1.0: setting tx_max = 184
[  111.685634][ T2818] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.697231][ T2818] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.704360][ T2818] device bridge_slave_1 entered promiscuous mode
[  111.714016][  T803] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  111.726229][  T803] usb 3-1: USB disconnect, device number 13
[  111.732393][  T803] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  111.775890][ T2818] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.782800][ T2818] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.789910][ T2818] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.796739][ T2818] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.817797][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.825512][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.832771][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.843804][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.852227][  T737] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.859088][  T737] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.866395][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.874456][  T737] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.881310][  T737] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.897464][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.905812][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.919266][  T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.930078][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.938348][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.946020][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.956242][ T2818] device veth0_vlan entered promiscuous mode
[  111.966835][  T728] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  111.975916][ T2818] device veth1_macvtap entered promiscuous mode
[  111.988086][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  111.996603][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.018278][ T2823] loop4: detected capacity change from 0 to 256
[  112.124597][ T2836] incfs: Error accessing: ./file0/file0.
[  112.130126][ T2836] incfs: mount failed -2
[  112.157646][ T2840] loop0: detected capacity change from 0 to 1024
[  112.173108][ T2840] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 2097152
[  112.184429][   T10] device bridge_slave_1 left promiscuous mode
[  112.184725][ T2840] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  112.196346][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.207289][ T2840] EXT4-fs error (device loop0): __ext4_new_inode:1071: comm syz-executor.0: reserved inode found cleared - inode=18
[  112.207374][   T10] device bridge_slave_0 left promiscuous mode
[  112.226416][ T2763] EXT4-fs (loop0): unmounting filesystem.
[  112.229140][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.241247][   T10] device veth1_macvtap left promiscuous mode
[  112.247163][   T10] device veth0_vlan left promiscuous mode
[  112.610119][ T2869] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  112.629375][ T2871] loop0: detected capacity change from 0 to 1024
[  112.653977][ T2871] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz-executor.0: bad orphan inode 2097152
[  112.665227][ T2871] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  112.703085][ T2871] EXT4-fs error (device loop0): __ext4_new_inode:1071: comm syz-executor.0: reserved inode found cleared - inode=18
[  112.843187][ T2763] EXT4-fs (loop0): unmounting filesystem.
[  113.125869][ T2884] fuse: Bad value for 'fd'
[  113.361326][ T2885] loop0: detected capacity change from 0 to 512
[  113.590125][ T2885] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  113.604451][ T2885] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  113.617698][ T2885] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz-executor.0: inode #1: comm syz-executor.0: iget: illegal inode #
[  113.631496][ T2885] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz-executor.0: error while reading EA inode 1 err=-117
[  113.644244][ T2885] EXT4-fs (loop0): 1 orphan inode deleted
[  113.649885][ T2885] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  113.828189][ T2763] EXT4-fs (loop0): unmounting filesystem.
[  113.845441][ T2895] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.898351][ T2895] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.914059][ T2908] loop2: detected capacity change from 0 to 1024
[  113.914163][ T2895] device bridge_slave_0 entered promiscuous mode
[  113.929534][ T2912] loop4: detected capacity change from 0 to 256
[  113.937251][ T2895] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.946536][ T2895] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.962550][ T2912] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 197)
[  113.972345][ T2895] device bridge_slave_1 entered promiscuous mode
[  113.973140][ T2908] EXT4-fs error (device loop2): ext4_orphan_get:1422: comm syz-executor.2: bad orphan inode 2097152
[  113.990437][ T2908] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  114.034928][ T2908] EXT4-fs error (device loop2): __ext4_new_inode:1071: comm syz-executor.2: reserved inode found cleared - inode=18
[  114.060470][ T2202] EXT4-fs (loop2): unmounting filesystem.
[  114.232155][ T2895] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.239015][ T2895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.246141][ T2895] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.253035][ T2895] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.572617][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.580293][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.623106][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  114.630802][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  114.658838][ T2917] loop4: detected capacity change from 0 to 32768
[  114.665473][ T2927] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  114.676863][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  114.688360][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  114.696530][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.703402][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.710741][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  114.719057][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  114.727164][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.734159][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.742032][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  114.757261][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  114.765143][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  114.773017][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.787164][ T2895] device veth0_vlan entered promiscuous mode
[  114.793428][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  114.801545][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  114.809674][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  114.817373][  T803] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  114.825684][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  114.833057][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  114.846418][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  114.854515][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  114.866131][ T2895] device veth1_macvtap entered promiscuous mode
[  114.877257][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  114.885147][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  114.893702][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  114.925716][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  114.932682][ T2938] loop3: detected capacity change from 0 to 2048
[  114.940077][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  114.952965][ T2938] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  114.961409][ T2938] ext4 filesystem being mounted at /root/syzkaller-testdir1577155991/syzkaller.Cxgw9S/0/file0 supports timestamps until 2038 (0x7fffffff)
[  115.043320][  T395] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  115.202892][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  115.202916][   T28] audit: type=1400 audit(1718177731.916:415): avc:  denied  { create } for  pid=2937 comm="syz-executor.3" name="file3" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[  115.234150][ T2938] EXT4-fs error (device loop3): ext4_find_dest_de:2112: inode #2: block 16: comm syz-executor.3: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2, rec_len=4, size=4096 fake=0
[  115.288281][ T2895] EXT4-fs (loop3): unmounting filesystem.
[  115.354359][   T28] audit: type=1400 audit(1718177732.066:416): avc:  denied  { remount } for  pid=2952 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  115.359430][ T2953] EXT4-fs (sda1): re-mounted. Quota mode: none.
[  115.498213][ T2964] fuse: Bad value for 'fd'
[  115.711171][ T2965] loop4: detected capacity change from 0 to 512
[  115.976906][  T395] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.988773][  T395] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.000234][  T395] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  116.000343][ T2965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  116.009564][  T395] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.010173][  T395] usb 1-1: config 0 descriptor??
[  116.036234][ T2965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  116.043440][ T2969] overlayfs: statfs failed on './file0'
[  116.049515][ T2965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  116.067826][ T2965] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  116.080625][ T2965] EXT4-fs (loop4): 1 orphan inode deleted
[  116.086328][ T2965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  116.210414][ T2977] loop2: detected capacity change from 0 to 2048
[  116.489250][ T2818] EXT4-fs (loop4): unmounting filesystem.
[  116.502688][ T2977] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  116.505403][ T2984] loop4: detected capacity change from 0 to 128
[  116.515454][ T2977] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 234: padding at end of block bitmap is not set
[  116.532662][ T2977] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117
[  116.545003][ T2977] EXT4-fs (loop2): This should not happen!! Data will be lost
[  116.545003][ T2977] 
[  116.560446][ T2987] loop4: detected capacity change from 0 to 2048
[  116.567735][ T2202] EXT4-fs (loop2): unmounting filesystem.
[  116.576966][ T2987] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  116.597614][ T2994] loop2: detected capacity change from 0 to 512
[  116.604665][ T2818] EXT4-fs (loop4): unmounting filesystem.
[  116.612343][ T2994] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  116.631994][ T2994] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  116.677449][ T2994] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz-executor.2: invalid indirect mapped block 2683928664 (level 1)
[  116.692085][ T2994] EXT4-fs (loop2): Remounting filesystem read-only
[  116.698700][ T2994] EXT4-fs (loop2): 1 truncate cleaned up
[  116.704374][ T2994] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  116.724506][ T2202] EXT4-fs error (device loop2): htree_dirblock_to_tree:1111: inode #2: block 13: comm syz-executor.2: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  116.746037][ T2202] EXT4-fs (loop2): Remounting filesystem read-only
[  116.758736][ T2202] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr
[  116.773700][ T2202] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr
[  116.815355][ T3007] fuse: Bad value for 'fd'
[  117.028616][ T3012] loop1: detected capacity change from 0 to 128
[  117.043681][ T2202] EXT4-fs (loop2): unmounting filesystem.
[  117.084582][  T395] usb 1-1: string descriptor 0 read error: -71
[  117.094883][ T3009] kvm [3008]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x5600004105
[  117.101011][ T3019] loop1: detected capacity change from 0 to 2048
[  117.111733][  T395] uclogic 0003:256C:006D.000E: failed retrieving string descriptor #200: -71
[  117.120340][  T395] uclogic 0003:256C:006D.000E: failed retrieving pen parameters: -71
[  117.136199][ T3009] kvm [3008]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x5600004106
[  117.146091][  T395] uclogic 0003:256C:006D.000E: failed probing pen v2 parameters: -71
[  117.156342][ T3019] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  117.181059][ T2367] EXT4-fs (loop1): unmounting filesystem.
[  117.191688][  T395] uclogic 0003:256C:006D.000E: failed probing parameters: -71
[  117.198990][  T395] uclogic: probe of 0003:256C:006D.000E failed with error -71
[  117.234103][  T395] usb 1-1: USB disconnect, device number 15
[  117.337774][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.344713][ T3026] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.357209][ T3026] device bridge_slave_0 entered promiscuous mode
[  117.364276][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.371714][ T3026] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.379107][ T3026] device bridge_slave_1 entered promiscuous mode
[  117.462634][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.469521][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.476656][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.483528][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.532412][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  117.540069][  T350] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.562890][  T350] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.611096][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  117.623320][ T3039] loop3: detected capacity change from 0 to 512
[  117.630088][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.636972][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.646089][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  117.646322][ T3040] loop0: detected capacity change from 0 to 128
[  117.654510][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.667497][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.685344][ T3039] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 393: padding at end of block bitmap is not set
[  117.712802][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  117.722491][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  117.731257][ T3039] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6157: Corrupt filesystem
[  117.748368][ T3026] device veth0_vlan entered promiscuous mode
[  117.765946][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  117.774511][ T3039] EXT4-fs (loop3): 2 truncates cleaned up
[  117.780644][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  117.792519][   T28] audit: type=1326 audit(1718177734.506:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.818109][ T3039] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  117.831707][ T1582] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  117.833227][ T3045] loop0: detected capacity change from 0 to 256
[  117.848503][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  117.849450][   T28] audit: type=1326 audit(1718177734.526:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.856163][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  117.881720][   T28] audit: type=1326 audit(1718177734.526:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.912276][   T28] audit: type=1326 audit(1718177734.536:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.915026][ T3045] FAT-fs (loop0): Directory bread(block 64) failed
[  117.936539][   T28] audit: type=1326 audit(1718177734.536:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.948395][ T3045] FAT-fs (loop0): Directory bread(block 65) failed
[  117.973329][  T911] device bridge_slave_1 left promiscuous mode
[  117.979189][   T28] audit: type=1326 audit(1718177734.536:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  117.979259][  T911] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.003411][   T28] audit: type=1326 audit(1718177734.536:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  118.010225][ T3045] FAT-fs (loop0): Directory bread(block 66) failed
[  118.039971][   T28] audit: type=1326 audit(1718177734.536:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3044 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9175c7cea9 code=0x7ffc0000
[  118.040175][ T3045] FAT-fs (loop0): Directory bread(block 67) failed
[  118.040359][ T2895] EXT4-fs (loop3): unmounting filesystem.
[  118.076203][  T911] device bridge_slave_0 left promiscuous mode
[  118.076291][ T3045] FAT-fs (loop0): Directory bread(block 68) failed
[  118.082518][  T911] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.088482][ T3045] FAT-fs (loop0): Directory bread(block 69) failed
[  118.101767][ T3045] FAT-fs (loop0): Directory bread(block 70) failed
[  118.108115][ T3045] FAT-fs (loop0): Directory bread(block 71) failed
[  118.108198][  T911] device veth1_macvtap left promiscuous mode
[  118.123023][  T911] device veth0_vlan left promiscuous mode
[  118.124186][ T3045] FAT-fs (loop0): Directory bread(block 72) failed
[  118.135428][ T3045] FAT-fs (loop0): Directory bread(block 73) failed
[  118.268502][ T3026] device veth1_macvtap entered promiscuous mode
[  118.276694][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  118.281764][ T1582] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  118.294548][ T1582] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[  118.305072][ T1582] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.321891][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  118.329972][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  118.341849][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  118.350086][  T737] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  118.543944][ T3069] fuse: Bad value for 'fd'
[  118.682101][  T737] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  118.709579][ T1582] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  118.718822][ T1582] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.726948][ T1582] usb 2-1: Product: syz
[  118.731200][ T1582] usb 2-1: Manufacturer: syz
[  118.735724][ T1582] usb 2-1: SerialNumber: syz
[  118.749824][ T3075] serio: Serial port pts0
[  118.901731][  T395] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  119.211877][  T737] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.233971][  T737] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.244786][  T737] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  119.253932][  T737] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.262190][  T737] usb 5-1: config 0 descriptor??
[  119.305656][ T3088] IPv6: sit1: Disabled Multicast RS
[  119.321774][  T395] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.332758][  T395] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.342476][  T395] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  119.351312][  T395] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.359849][  T395] usb 3-1: config 0 descriptor??
[  119.585322][ T3103] loop3: detected capacity change from 0 to 512
[  119.592186][ T3103] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  119.601725][ T3103] EXT4-fs (loop3): failed to initialize system zone (-117)
[  119.608817][ T3103] EXT4-fs (loop3): mount failed
[  119.742559][  T737] lg-g15 0003:046D:C222.000F: unknown main item tag 0x0
[  119.749487][  T737] lg-g15 0003:046D:C222.000F: unknown main item tag 0x0
[  119.756534][  T737] lg-g15 0003:046D:C222.000F: unknown main item tag 0x0
[  119.763420][  T737] lg-g15 0003:046D:C222.000F: unknown main item tag 0x0
[  119.770722][ T3105] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  119.780682][  T737] lg-g15 0003:046D:C222.000F: unknown main item tag 0x0
[  119.787631][  T737] lg-g15 0003:046D:C222.000F: item fetching failed at offset 8/11
[  119.795713][  T737] lg-g15: probe of 0003:046D:C222.000F failed with error -22
[  119.871821][ T1582] cdc_ncm 2-1:1.0: bind() failure
[  119.891843][ T1582] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  119.921763][ T1582] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  119.928865][ T1582] usb 2-1: USB disconnect, device number 9
[  119.945551][  T737] usb 5-1: USB disconnect, device number 16
[  120.161769][  T395] usb 3-1: string descriptor 0 read error: -71
[  120.182066][  T395] uclogic 0003:256C:006D.0010: failed retrieving string descriptor #200: -71
[  120.190721][  T395] uclogic 0003:256C:006D.0010: failed retrieving pen parameters: -71
[  120.198594][  T395] uclogic 0003:256C:006D.0010: failed probing pen v2 parameters: -71
[  120.206512][  T395] uclogic 0003:256C:006D.0010: failed probing parameters: -71
[  120.213776][  T395] uclogic: probe of 0003:256C:006D.0010 failed with error -71
[  120.221998][  T395] usb 3-1: USB disconnect, device number 14
[  120.534486][   T28] kauditd_printk_skb: 44 callbacks suppressed
[  120.534501][   T28] audit: type=1400 audit(1718177737.246:469): avc:  denied  { wake_alarm } for  pid=3130 comm="syz-executor.3" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  120.741697][  T395] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  120.857670][ T3139] syz-executor.2[3139] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.857760][ T3139] syz-executor.2[3139] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.870492][ T3139] syz-executor.2[3139] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.882102][ T3139] syz-executor.2[3139] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  120.926674][ T3145] loop2: detected capacity change from 0 to 512
[  120.944939][ T3145] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  120.954628][ T3145] EXT4-fs (loop2): failed to initialize system zone (-117)
[  120.961863][ T3145] EXT4-fs (loop2): mount failed
[  121.011751][  T395] usb 2-1: Using ep0 maxpacket: 16
[  121.061792][ T1582] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  121.111341][ T3147] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  121.151746][  T395] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  121.160717][  T395] usb 2-1: too many endpoints for config 1 interface 1 altsetting 1: 111, using maximum allowed: 30
[  121.172226][  T395] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  121.182887][  T395] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  121.192362][  T395] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 111
[  121.205131][  T395] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  121.215825][  T395] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  121.392660][  T395] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  121.401718][  T395] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.409519][  T395] usb 2-1: Product: syz
[  121.413602][  T395] usb 2-1: Manufacturer: syz
[  121.417939][  T395] usb 2-1: SerialNumber: syz
[  121.431798][ T1582] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.441836][ T1582] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[  121.452245][ T1582] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  121.661801][ T1582] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  121.671602][ T1582] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.679701][ T1582] usb 4-1: Product: syz
[  121.683738][ T1582] usb 4-1: Manufacturer: syz
[  121.688107][ T1582] usb 4-1: SerialNumber: syz
[  121.851889][  T728] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  122.116849][ T3166] loop2: detected capacity change from 0 to 128
[  122.203504][ T3166] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  122.291814][  T728] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.302582][  T728] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.312121][  T728] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  122.320922][  T728] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.329215][  T728] usb 5-1: config 0 descriptor??
[  122.799881][  T728] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  122.807092][  T728] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  122.814321][  T728] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  122.821439][  T728] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  122.828252][  T728] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  122.835038][  T728] lg-g15 0003:046D:C222.0011: item fetching failed at offset 8/11
[  122.873220][ T1582] cdc_ncm 4-1:1.0: bind() failure
[  122.878959][  T728] lg-g15: probe of 0003:046D:C222.0011 failed with error -22
[  122.902133][ T1582] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  122.921757][ T1582] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  122.928765][ T1582] usb 4-1: USB disconnect, device number 13
[  123.119500][  T728] usb 5-1: USB disconnect, device number 17
[  123.494959][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.495032][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.507874][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.519550][ T3173] syz-executor.1[3173] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.551913][ T3181] mmap: syz-executor.1 (3181) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  123.583571][  T395] usb 2-1: USB disconnect, device number 10
[  123.594893][ T3183] loop1: detected capacity change from 0 to 512
[  123.613640][ T3183] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  123.622734][ T3183] ext4 filesystem being mounted at /root/syzkaller-testdir3194826102/syzkaller.Lzucae/67/file1 supports timestamps until 2038 (0x7fffffff)
[  123.724802][ T2367] EXT4-fs error (device loop1): ext4_readdir:260: inode #12: block 32: comm syz-executor.1: path /root/syzkaller-testdir3194826102/syzkaller.Lzucae/67/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  123.924624][ T3193] kvm [3191]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x5600004105
[  123.934116][ T3193] kvm [3191]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x5600004106
[  124.161664][  T395] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  124.191699][  T315] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  124.411677][  T395] usb 5-1: Using ep0 maxpacket: 16
[  124.531739][  T395] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  124.550747][  T395] usb 5-1: too many endpoints for config 1 interface 1 altsetting 1: 111, using maximum allowed: 30
[  124.551702][  T315] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.571549][  T395] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  124.591653][  T395] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  124.603195][  T395] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 111
[  124.611760][  T315] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x94, skipping
[  124.616129][  T395] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  124.637301][  T315] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.637785][  T395] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  124.738639][ T3208] syz-executor.2[3208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.738713][ T3208] syz-executor.2[3208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.823284][  T315] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.848625][  T315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.851815][  T395] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  124.877628][  T315] usb 4-1: Product: syz
[  124.881739][  T315] usb 4-1: Manufacturer: syz
[  124.886148][  T315] usb 4-1: SerialNumber: syz
[  124.889045][  T395] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.899122][  T395] usb 5-1: Product: syz
[  124.903151][  T395] usb 5-1: Manufacturer: syz
[  124.907517][  T395] usb 5-1: SerialNumber: syz
[  126.141730][  T315] cdc_ncm 4-1:1.0: bind() failure
[  126.161711][  T315] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  126.181868][  T315] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  126.189392][  T315] usb 4-1: USB disconnect, device number 14
[  126.461686][ T1582] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  126.921961][ T1582] usb 3-1: config 0 has no interfaces?
[  127.022110][ T1582] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  127.054682][ T1582] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  127.100298][ T1582] usb 3-1: SerialNumber: syz
[  127.110460][ T1582] usb 3-1: config 0 descriptor??
[  127.117469][  T395] usb 5-1: USB disconnect, device number 18
[  127.150109][   T28] audit: type=1400 audit(1718177743.856:470): avc:  denied  { name_bind } for  pid=3244 comm="syz-executor.4" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  127.386145][  T395] usb 3-1: USB disconnect, device number 15
[  127.871710][  T315] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  128.020460][ T3268] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'.
[  128.030342][ T3268] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'.
[  128.231743][  T315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.251749][  T315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.271443][  T315] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  128.291589][  T315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.312050][  T315] usb 4-1: config 0 descriptor??
[  128.461655][    T6] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  128.831760][    T6] usb 5-1: config 0 has no interfaces?
[  128.911774][    T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  128.930843][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  128.940924][    T6] usb 5-1: SerialNumber: syz
[  128.955719][    T6] usb 5-1: config 0 descriptor??
[  129.111736][  T315] usb 4-1: string descriptor 0 read error: -71
[  129.131711][  T315] uclogic 0003:256C:006D.0012: failed retrieving string descriptor #200: -71
[  129.140446][  T315] uclogic 0003:256C:006D.0012: failed retrieving pen parameters: -71
[  129.148401][  T315] uclogic 0003:256C:006D.0012: failed probing pen v2 parameters: -71
[  129.156314][  T315] uclogic 0003:256C:006D.0012: failed probing parameters: -71
[  129.163604][  T315] uclogic: probe of 0003:256C:006D.0012 failed with error -71
[  129.171644][  T315] usb 4-1: USB disconnect, device number 15
[  129.194833][    T6] usb 5-1: USB disconnect, device number 19
[  129.610087][ T3292] kernel profiling enabled (shift: 0)
[  129.893426][ T3300] IPv6: ADDRCONF(NETDEV_CHANGE): vcan1: link becomes ready
[  129.915658][ T3302] device pim6reg1 entered promiscuous mode
[  129.943249][   T28] audit: type=1400 audit(1718177746.656:471): avc:  denied  { write } for  pid=3299 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  129.983426][ T3304] loop2: detected capacity change from 0 to 1024
[  129.990341][   T28] audit: type=1400 audit(1718177746.656:472): avc:  denied  { nlmsg_write } for  pid=3299 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  130.014525][ T3304] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  130.024999][ T3304] EXT4-fs (loop2): orphan cleanup on readonly fs
[  130.041385][ T3304] EXT4-fs error (device loop2): ext4_map_blocks:721: inode #3: block 3: comm syz-executor.2: lblock 3 mapped to illegal pblock 3 (length 1)
[  130.076053][ T3304] Quota error (device loop2): write_blk: dquota write failed
[  130.099324][ T3304] Quota error (device loop2): find_free_dqentry: Can't write quota data block 3
[  130.121748][ T3304] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  130.131898][ T3304] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #3: block 3: comm syz-executor.2: lblock 3 mapped to illegal pblock 3 (length 1)
[  130.148264][ T3304] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  130.158219][ T3304] EXT4-fs error (device loop2): ext4_free_blocks:6197: comm syz-executor.2: Freeing blocks not in datazone - block = 0, count = 4096
[  130.173110][ T3304] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #3: block 3: comm syz-executor.2: lblock 3 mapped to illegal pblock 3 (length 1)
[  130.187593][ T3304] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  130.197977][ T3304] EXT4-fs (loop2): 1 orphan inode deleted
[  130.213886][ T3304] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  130.233894][ T3304] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  130.256555][ T3026] EXT4-fs (loop2): unmounting filesystem.
[  130.360314][ T3324] loop2: detected capacity change from 0 to 128
[  130.453985][ T3336] loop2: detected capacity change from 0 to 1024
[  130.460704][ T3336] EXT4-fs: Ignoring removed orlov option
[  130.467361][ T3336] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.486637][ T3336] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  130.500883][ T3336] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  130.514437][ T3336] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  130.534091][   T28] audit: type=1400 audit(1718177747.246:473): avc:  denied  { unlink } for  pid=3026 comm="syz-executor.2" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  130.560333][ T3026] EXT4-fs (loop2): unmounting filesystem.
[  130.783160][ T3360] loop3: detected capacity change from 0 to 128
[  130.789987][ T3360] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  130.826220][ T3366] loop2: detected capacity change from 0 to 1024
[  130.832972][ T3366] EXT4-fs: Ignoring removed orlov option
[  130.838489][ T3366] EXT4-fs: Ignoring removed nomblk_io_submit option
[  130.853427][ T3366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  130.872561][ T3366] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.2: corrupt xattr in inline inode
[  130.886333][ T3366] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.2: corrupted in-inode xattr
[  130.907262][ T3026] ==================================================================
[  130.915324][ T3026] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  130.923138][ T3026] Read of size 4 at addr ffff88814bc62000 by task syz-executor.2/3026
[  130.931122][ T3026] 
[  130.933417][ T3026] CPU: 0 PID: 3026 Comm: syz-executor.2 Tainted: G        W          6.1.78-syzkaller-00002-g65aed0e2f758 #0
[  130.944850][ T3026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  130.954752][ T3026] Call Trace:
[  130.957879][ T3026]  <TASK>
[  130.960651][ T3026]  dump_stack_lvl+0x151/0x1b7
[  130.965254][ T3026]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  130.970551][ T3026]  ? _printk+0xd1/0x111
[  130.974542][ T3026]  ? __virt_addr_valid+0x242/0x2f0
[  130.979500][ T3026]  print_report+0x158/0x4e0
[  130.983826][ T3026]  ? __virt_addr_valid+0x242/0x2f0
[  130.988776][ T3026]  ? kasan_addr_to_slab+0xd/0x80
[  130.993548][ T3026]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  130.999014][ T3026]  kasan_report+0x13c/0x170
[  131.003365][ T3026]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  131.008822][ T3026]  __asan_report_load4_noabort+0x14/0x20
[  131.014288][ T3026]  ext4_xattr_delete_inode+0xcd0/0xce0
[  131.019583][ T3026]  ? sb_end_intwrite+0x130/0x130
[  131.024358][ T3026]  ? ext4_expand_extra_isize_ea+0x1c40/0x1c40
[  131.030264][ T3026]  ? __kasan_check_read+0x11/0x20
[  131.035121][ T3026]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  131.040847][ T3026]  ? ext4_evict_inode+0xbc2/0x1550
[  131.045795][ T3026]  ext4_evict_inode+0xef9/0x1550
[  131.050566][ T3026]  ? _raw_spin_unlock+0x4c/0x70
[  131.055267][ T3026]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  131.060982][ T3026]  ? _raw_spin_unlock+0x4c/0x70
[  131.065670][ T3026]  ? inode_io_list_del+0x18b/0x1a0
[  131.070619][ T3026]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
2024/06/12 07:44:19 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  131.076345][ T3026]  evict+0x2a3/0x630
[  131.080082][ T3026]  iput+0x642/0x870
[  131.083723][ T3026]  vfs_rmdir+0x3c2/0x500
[  131.087801][ T3026]  do_rmdir+0x3ab/0x630
[  131.091795][ T3026]  ? d_delete_notify+0x160/0x160
[  131.096593][ T3026]  __x64_sys_unlinkat+0xdf/0xf0
[  131.101258][ T3026]  do_syscall_64+0x3d/0xb0
[  131.105506][ T3026]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.111233][ T3026] RIP: 0033:0x7fd85c87c687
[  131.115579][ T3026] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  131.135018][ T3026] RSP: 002b:00007ffdb4a67c58 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  131.143436][ T3026] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fd85c87c687
[  131.151252][ T3026] RDX: 0000000000000200 RSI: 00007ffdb4a68e00 RDI: 00000000ffffff9c
[  131.159062][ T3026] RBP: 00007fd85c8d9636 R08: 0000000000000000 R09: 0000000000000000
[  131.166875][ T3026] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffdb4a68e00
[  131.174679][ T3026] R13: 00007fd85c8d9636 R14: 000000000001feef R15: 0000000000000007
[  131.182499][ T3026]  </TASK>
[  131.185354][ T3026] 
[  131.187523][ T3026] The buggy address belongs to the physical page:
[  131.193784][ T3026] page:ffffea00052f1880 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x14bc62
[  131.203846][ T3026] flags: 0x4000000000000000(zone=1)
[  131.208890][ T3026] raw: 4000000000000000 ffffea00052f1f88 ffffea0004e08348 0000000000000000
[  131.217307][ T3026] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  131.225714][ T3026] page dumped because: kasan: bad access detected
[  131.231989][ T3026] page_owner tracks the page as freed
[  131.237173][ T3026] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 3365, tgid 3365 (syz-executor.2), ts 130822267607, free_ts 130900631322
[  131.255075][ T3026]  post_alloc_hook+0x213/0x220
[  131.259652][ T3026]  prep_new_page+0x1b/0x110
[  131.263995][ T3026]  get_page_from_freelist+0x27ea/0x2870
[  131.269374][ T3026]  __alloc_pages+0x3a1/0x780
[  131.273795][ T3026]  __folio_alloc+0x15/0x40
[