last executing test programs:

6.537460348s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x54, &(0x7f0000000040)={[{@bh}, {@noinit_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@barrier_val={'barrier', 0x3d, 0x8}}, {@delalloc}, {@noload}, {@nojournal_checksum}]}, 0x1, 0x477, &(0x7f00000002c0)="$eJzs209sFNUfAPDvzG4LP/hBK6IIolbR2Ki0tKBy8KLRxIMmJnrAi0ltC0EWamhNhBCtxuDRkHhXjyYm3jx4Ug9GPZl41bshIcoF9FQzuzPLdrv9s7TdUvbzSaZ5b+ZN3/vuzJt5M283gK41kP1JIv4fEb9HRF8tWzeXF8rKXb96YfyfqxfGk5ibe/WvpFru2tUL40XZYr/teWYwjUg/SvJK5ps+d/7UWKUyeTbPD8+cfnt4+tz5gydPj52YPDF5ZvTo0SOHR55+avTJdkPa2mplFt+1fe9N7d/74uuXXh4/dunNn79K8vXRFMdK9KygzEAW+N9zVc3bHmmnsk1gR0M6KTduKXe+MaxYKT9CPdX+3xelhuPVFy98uGCHtMMNBNZNdm/asvjm2TngNpbERrcA2BjFjT57/i2WDg09bglXnq09AGVxX8+X2pZy/VGnp+n5di0NRMSx2X8/y5a4ifcQAADt+i4b/zzRavyXRuMYcWc+N9QfEXdExK6IuDMidkfEXRFxd0TsiYh72qy/eWpo4fgnvbya+JaTjf+eyee25o//6i+6+0t5bkc1/p7k+MnK5KH8MxmMni1ZfmSJOr5//rdPFtvWOP7Llqz+Y/Mml9LL5aYXdBNjM2PZoPSNgzcfd+HKBxH7yq3iT+ozAUlE7I2Ife39651F4uRjX+5frFDL+POx8LLWYGpp7ouIR2vHfzaa4i8kS89PDm+NyuSh4eKsWOiXXy++slj9q4p/DWTHf9v887+5SH/SOF873X4dF//4eNFnmuXjb33+9yavVa9Hvfm6d8dmZs6ORPQmL9X2alw/emPfIl+Uz+IfPNC6/+/K98nivzcispP4voi4PyIeyNv+YEQ8FBEHloj/p+cefuvm419fWfwTLa9/9fO/6fi3nyid+vHbxeqvxv/Nzoglj/+RamowX1O9/i2jMrCyBq7mswMAAIDNIq1+Bz5Jh+rpNB0aqn2Hf3dsSytT0zOPH59658xE7bvy/dGTFm+6+hreh44ks/l/rOVH83fFxfbD+XvjT0v/q+aHxqcqExscO3S77Q39f9eeG/0/82epXuzrHxpnRPykA24f+jN0r+b+7zd+0D3c/6F76f/QvfR/6F6t+v/7TflSh9oCdJb7P3Qv/R+6l/4P3Uv/h660mt/1dyzxefmWaIZEkUinz52PdMObsZ6J3s3UQdYjsfBaUTZOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANqH/AgAA//89t/CN")

6.534135279s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=@framed={{}, [@map_idx_val, @tail_call, @printk={@ld}, @initr0]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = getpgid(0x0)
r3 = gettid()
tgkill(r2, r3, 0x0)

6.430892635s ago: executing program 3:
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, 0x0)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x4, 0x400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0)

6.236207216s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
getgid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
sendmsg$netlink(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {&(0x7f0000000580)=ANY=[], 0x1f88}], 0x2}, 0x0)

4.920002721s ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000b00)={[{@orlov}, {@usrjquota}, {@noblock_validity}, {@norecovery}, {@bsdgroups}, {@i_version}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0)

3.735672867s ago: executing program 2:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x18, 0x5, 0x2)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000001f00)="2600000022004701050000000000000000000020002b1f0000639cd505c934ffffffff554a431ec4e59747f6fb0e4708c0925bc0b07af1f36be97ffde677e2f261d311d723965ba4bbf09a37f264b2e16839b9bd922da7ff818e421484bc0b08d1b873ffab94c3d9bf7e52ade4a710c822a85bbfb7c2125c693514479f1eae0acff1d639415d874a0e70fb43ca24e33ff7377b6051a417a65c1c160b3331698e3ea2027f14c3ca1f320accdc4e0883d5", 0xb0)
write(r0, &(0x7f0000000000)='\"', 0x1)
prctl$PR_GET_DUMPABLE(0x3)

3.386186042s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000181100000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f0000000280)=0x11)

3.300901845s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='block_bio_remap\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='block_bio_remap\x00', r1}, 0x10)
write$cgroup_type(r3, &(0x7f0000000000), 0x9)

2.210823155s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000b00)={[{@orlov}, {@usrjquota}, {@noblock_validity}, {@norecovery}, {@bsdgroups}, {@i_version}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0)

1.996166639s ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000800)={'syz1\x00'}, 0x45c)

1.853629591s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000ec0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e8ba639a67880141cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3b423cdacfa7e32fe0231368b2264f9c504c9f1f65515b2e1a38d522be18bd10a48b0bf224e5160f3090b4320002646d25dfd73bb6d7535f7866907dc6751dfced1fd8accae660010000053419e173a649c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcffffffff3173d566a0f06c54c3a4903ef31c4d4acef2ce3599f455c7a3a48a01010000009f2f0517e4ca0e1803a2971a50f713d4e21b3336f1ae0796f23526ec0fd97f734c4c815bf697e6bd009d2e7dfbffff72ba8972f39dc09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f392865cd81f2b77fdd76c677f812d249c8130b9fae93466e9dd8018d430054ffdca8b7fbc254f4348c8d7305000000000000593d60abc9b3e656f3d3759dcfeb820634fd4d419efaefb24305b2bea20007840484511b6efaad206335a30ef7b9e00546a6285f4665a7fe37da2349f8bf4064726dc32add75e0f435f28fbeda75cf971d54a9698cf3270fd0bcade611b895e3fff7909413f3fbd3ced3284db730b368ddca654dd7836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be5cb0417d33d3ab25493418494d9d10d76e603129e9a726579ac7d672cacd581b7e2fc7a5758fcfb822de1da3c357341e000cc34c49914f1aa198a77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66d91254a6f911b1449c62a6e1e3f9ce19a9d1715c009a58e6eadac8f61b45853673df72dc812f7454ae22d79ac48034282f030408895886e9644179dcf66d97907cedd49e0c5752f755849953957143a0380d1f62acbf18b251ce63b29fe17925770fac12cf9e291200df6bb669d5a57dd74dd817ef2f8848f710c359afe73947afebdf5536ee2b9f3b19c5c90bbe7e93e425999a6542434350fe35a8cbdece7b06bdf3a676b406df18850df50eec8517b3530796ff61c096cf1f571ab9737f4b1f7e9650823ca025a3ef04d97a5b7d92d3a29c2128513da5b483fa5da21b1459d0943665dc11d039bd5e0718577c95cb37b99974bc8be5c9c42d4da0a080e380fa7fe601552d4bf000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
clock_adjtime(0x0, &(0x7f0000000700))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fb, &(0x7f00000004c0)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIcZEuBOCP26eKi0EKZTQGi2SWBK8mBgvHkw8eRD/CyXx6sGrBy+eDAkxhoMYImtmO1Om293SX7tbup9PMnSeme48z5R++5199nlmAuhYI9k/acT+iLiaRAyV9nVHvnNk6fvu/3njXLYkUam8/UcSNz5JFsvHSvKvg/mL/xmK5Oc0Yl/X6nrnFq5fmpyZmb6Wl8fmL18dm1u4fvji5ckL0xemr0y8OnHi+LHjJ8aPbOn8ylWfvvX+h0OfnXn3268fJuPf/XomiZPxKP+G7LxqX9u3pZqzn9lIVJY8KG/Pfq4ntnjsneKvoeL35LGkdgM71vn897EnIp6Noegq/W8OxadvtrVxQFNVkihyFNBxkk3Ff//2NwRoseI6oHhvX+998Gppk69KgFa4d2qpA2Ap9nsiooj/7qW+weiv9g0M3E9W9PMkEbG1nrklWR0//XjmVrZEg344oDkWbxa93LX5P6nG5nD0V0sD99MV8Z+Wlmz7W5usf6SmLP6hdRZvRsRzef7vjQ3F/0gp/t/bZP3iHwAAAAAAALbPnVMR8Uq98X/p8vif3jrjfwYj4uQ21P/kz//Su/lKsg3VASX3TkW8Xnf87/IY3+GuvPTf6niAnuT8xZnpIxHxv4g4FD19WXm85rjlEcKHP9/3VaP6y+P/siWrvxgLmB/pbnfNRNypyfnJrZ43EHHvZsTz1fG/B/ItK8f/ZPk/qZP/s/i+us469r10+2yjfU+Of6BZKt9EHKyb/x9fbidr359jrHo9MFZcFaz2wsdffN+ofvEP7ZPl/4G1478vKd+vZ25jx++NiKML3ZVG+zd7/d+bvNNVHD/z0eT8/LXxiN7k9OrtExtrM+xWRTwU8ZLF/6EX1+7/W77+L8XhnohYXGedzzwa/K3RPvkf2ieL/6m18//wyvy/8ZWJ28M/NKr/7Lry/7FqTj+Ub9H/B2Wr78ex3gBtS3MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CmXRsR/IklHl9fTdHQ0YjAi/h8D6czs3PzL52c/uDKV7as+/z8tnvQ7tFROiuf/D5fKEzXloxGxNyK+7NpTLY+em52ZavfJAwAAAAAAAAAAAAAAAAAAwA4xWJ3zX+mrnf+f+b2r3a0Dmq47/yreofN0b/qVlb5tbQjQcpuPf+Bpt/7472lqO4DWaxz/Dx5WqlraHKCFXP9D59pk/Pu4AHYB+R861Tr79Pqb3Q6gHeR/AAAAAADYVfYeuPNLEhGLr+2pLpnefJ/B/rC7pe1uANA2xvBC5+qebXcLgHbxHh9Iltf+rjvZv/Ho/6Q5DQIAAAAAAAAAAAAAVjm43/x/6FRrz/83th92szXm/9cLfrcLgF2k8aM/5H7Y7bzHB56U7c3/BwAAAAAAAAAAAIAdoP/6pcmZmelrcwtP38obO6MZG1tZnNwRzdjWlUfNOXJPROyME2z1SnELjjY2o81/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGX/BgAA//+dGid+")

1.618904708s ago: executing program 1:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0xc8, &(0x7f0000000040), 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa04000000ffff8100000086dd604f3bf500303a0020010000000000000000000000000002ff05"], 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)

794.817066ms ago: executing program 1:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x18, 0x5, 0x2)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000001f00)="2600000022004701050000000000000000000020002b1f0000639cd505c934ffffffff554a431ec4e59747f6fb0e4708c0925bc0b07af1f36be97ffde677e2f261d311d723965ba4bbf09a37f264b2e16839b9bd922da7ff818e421484bc0b08d1b873ffab94c3d9bf7e52ade4a710c822a85bbfb7c2125c693514479f1eae0acff1d639415d874a0e70fb43ca24e33ff7377b6051a417a65c1c160b3331698e3ea2027f14c3ca1f320accdc4e0883d5", 0xb0)
write(r0, &(0x7f0000000000)='\"', 0x1)
prctl$PR_GET_DUMPABLE(0x3)

756.292032ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000181100000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f0000000280)=0x11)

745.130084ms ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x5, 0xffffff84}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x64}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x7, 0x1, 0x201}, 0x14}}, 0x0)

713.815559ms ago: executing program 1:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {0x3, 0x0}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

702.817521ms ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0)

615.020864ms ago: executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
listen(r0, 0x0)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080), 0x4)

604.512146ms ago: executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)={0x1c, r1, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

586.724969ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd63"], 0xfdef)

512.2607ms ago: executing program 1:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000002d007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
splice(r2, 0x0, r1, 0x0, 0x10000008ebc, 0x0)
splice(r0, 0x0, r3, 0x0, 0x25a5, 0x0)

495.379993ms ago: executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

465.359628ms ago: executing program 0:
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0xc8, &(0x7f0000000040), 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa04000000ffff8100000086dd604f3bf500303a0020010000000000000000000000000002ff05"], 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchown(0xffffffffffffffff, 0x0, 0x0)

437.916742ms ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

386.30939ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000ec0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e8ba639a67880141cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3b423cdacfa7e32fe0231368b2264f9c504c9f1f65515b2e1a38d522be18bd10a48b0bf224e5160f3090b4320002646d25dfd73bb6d7535f7866907dc6751dfced1fd8accae660010000053419e173a649c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcffffffff3173d566a0f06c54c3a4903ef31c4d4acef2ce3599f455c7a3a48a01010000009f2f0517e4ca0e1803a2971a50f713d4e21b3336f1ae0796f23526ec0fd97f734c4c815bf697e6bd009d2e7dfbffff72ba8972f39dc09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f392865cd81f2b77fdd76c677f812d249c8130b9fae93466e9dd8018d430054ffdca8b7fbc254f4348c8d7305000000000000593d60abc9b3e656f3d3759dcfeb820634fd4d419efaefb24305b2bea20007840484511b6efaad206335a30ef7b9e00546a6285f4665a7fe37da2349f8bf4064726dc32add75e0f435f28fbeda75cf971d54a9698cf3270fd0bcade611b895e3fff7909413f3fbd3ced3284db730b368ddca654dd7836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be5cb0417d33d3ab25493418494d9d10d76e603129e9a726579ac7d672cacd581b7e2fc7a5758fcfb822de1da3c357341e000cc34c49914f1aa198a77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66d91254a6f911b1449c62a6e1e3f9ce19a9d1715c009a58e6eadac8f61b45853673df72dc812f7454ae22d79ac48034282f030408895886e9644179dcf66d97907cedd49e0c5752f755849953957143a0380d1f62acbf18b251ce63b29fe17925770fac12cf9e291200df6bb669d5a57dd74dd817ef2f8848f710c359afe73947afebdf5536ee2b9f3b19c5c90bbe7e93e425999a6542434350fe35a8cbdece7b06bdf3a676b406df18850df50eec8517b3530796ff61c096cf1f571ab9737f4b1f7e9650823ca025a3ef04d97a5b7d92d3a29c2128513da5b483fa5da21b1459d0943665dc11d039bd5e0718577c95cb37b99974bc8be5c9c42d4da0a080e380fa7fe601552d4bf000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
clock_adjtime(0x0, &(0x7f0000000700))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="02"], 0xfe44, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fb, &(0x7f00000004c0)="$eJzs3c9vFGUfAPDvTH/Svu/bQt6oeJAmxkCitLSAIcZEuBOCP26eKi0EKZTQGi2SWBK8mBgvHkw8eRD/CyXx6sGrBy+eDAkxhoMYImtmO1Om293SX7tbup9PMnSeme48z5R++5199nlmAuhYI9k/acT+iLiaRAyV9nVHvnNk6fvu/3njXLYkUam8/UcSNz5JFsvHSvKvg/mL/xmK5Oc0Yl/X6nrnFq5fmpyZmb6Wl8fmL18dm1u4fvji5ckL0xemr0y8OnHi+LHjJ8aPbOn8ylWfvvX+h0OfnXn3268fJuPf/XomiZPxKP+G7LxqX9u3pZqzn9lIVJY8KG/Pfq4ntnjsneKvoeL35LGkdgM71vn897EnIp6Noegq/W8OxadvtrVxQFNVkihyFNBxkk3Ff//2NwRoseI6oHhvX+998Gppk69KgFa4d2qpA2Ap9nsiooj/7qW+weiv9g0M3E9W9PMkEbG1nrklWR0//XjmVrZEg344oDkWbxa93LX5P6nG5nD0V0sD99MV8Z+Wlmz7W5usf6SmLP6hdRZvRsRzef7vjQ3F/0gp/t/bZP3iHwAAAAAAALbPnVMR8Uq98X/p8vif3jrjfwYj4uQ21P/kz//Su/lKsg3VASX3TkW8Xnf87/IY3+GuvPTf6niAnuT8xZnpIxHxv4g4FD19WXm85rjlEcKHP9/3VaP6y+P/siWrvxgLmB/pbnfNRNypyfnJrZ43EHHvZsTz1fG/B/ItK8f/ZPk/qZP/s/i+us469r10+2yjfU+Of6BZKt9EHKyb/x9fbidr359jrHo9MFZcFaz2wsdffN+ofvEP7ZPl/4G1478vKd+vZ25jx++NiKML3ZVG+zd7/d+bvNNVHD/z0eT8/LXxiN7k9OrtExtrM+xWRTwU8ZLF/6EX1+7/W77+L8XhnohYXGedzzwa/K3RPvkf2ieL/6m18//wyvy/8ZWJ28M/NKr/7Lry/7FqTj+Ub9H/B2Wr78ex3gBtS3MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CmXRsR/IklHl9fTdHQ0YjAi/h8D6czs3PzL52c/uDKV7as+/z8tnvQ7tFROiuf/D5fKEzXloxGxNyK+7NpTLY+em52ZavfJAwAAAAAAAAAAAAAAAAAAwA4xWJ3zX+mrnf+f+b2r3a0Dmq47/yreofN0b/qVlb5tbQjQcpuPf+Bpt/7472lqO4DWaxz/Dx5WqlraHKCFXP9D59pk/Pu4AHYB+R861Tr79Pqb3Q6gHeR/AAAAAADYVfYeuPNLEhGLr+2pLpnefJ/B/rC7pe1uANA2xvBC5+qebXcLgHbxHh9Iltf+rjvZv/Ho/6Q5DQIAAAAAAAAAAAAAVjm43/x/6FRrz/83th92szXm/9cLfrcLgF2k8aM/5H7Y7bzHB56U7c3/BwAAAAAAAAAAAIAdoP/6pcmZmelrcwtP38obO6MZG1tZnNwRzdjWlUfNOXJPROyME2z1SnELjjY2o81/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGX/BgAA//+dGid+")

369.683573ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000b00)={[{@orlov}, {@usrjquota}, {@noblock_validity}, {@norecovery}, {@bsdgroups}, {@i_version}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0)

331.499949ms ago: executing program 3:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x18, 0x5, 0x2)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000001f00)="2600000022004701050000000000000000000020002b1f0000639cd505c934ffffffff554a431ec4e59747f6fb0e4708c0925bc0b07af1f36be97ffde677e2f261d311d723965ba4bbf09a37f264b2e16839b9bd922da7ff818e421484bc0b08d1b873ffab94c3d9bf7e52ade4a710c822a85bbfb7c2125c693514479f1eae0acff1d639415d874a0e70fb43ca24e33ff7377b6051a417a65c1c160b3331698e3ea2027f14c3ca1f320accdc4e0883d5", 0xb0)
write(r0, &(0x7f0000000000)='\"', 0x1)
prctl$PR_GET_DUMPABLE(0x3)

271.453078ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)
mremap(&(0x7f00008d5000/0x3000)=nil, 0x3000, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
readv(r1, &(0x7f0000000040)=[{&(0x7f0000000180)=""/80, 0x50}], 0x7)
setreuid(0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
pipe2$9p(0x0, 0x0)

581.75µs ago: executing program 0:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {0x3, 0x0}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0)

kernel console output (not intermixed with test programs):

ected capacity change from 0 to 512
[  459.866065][  T316] cdc_mbim 5-1:1.0: MBIM functional descriptor missing
[  459.877307][  T316] cdc_mbim 5-1:1.0: bind() failure
[  459.891550][T10077] serio: Serial port pts0
[  459.907518][T10071] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  459.995195][   T30] audit: type=1107 audit(1718695612.025:4688): pid=10082 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  460.071773][T10071] EXT4-fs (loop3): 1 truncate cleaned up
[  460.077449][T10071] EXT4-fs (loop3): mounted filesystem without journal. Opts: noinit_itable,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,bsdgroups,nombcache,noload,,errors=continue. Quota mode: none.
[  460.093357][  T316] usb 5-1: USB disconnect, device number 18
[  460.123797][   T30] audit: type=1400 audit(1718695612.205:4689): avc:  denied  { watch watch_reads } for  pid=10070 comm="syz-executor.3" path="/root/syzkaller-testdir282274002/syzkaller.nge27B/157/bus" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  460.318694][T10093] loop2: detected capacity change from 0 to 128
[  460.378667][T10093] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  460.967717][   T30] audit: type=1326 audit(1718695613.055:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10096 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80bdfd0f29 code=0x0
[  461.951349][T10089] loop1: detected capacity change from 0 to 40427
[  462.046662][T10089] F2FS-fs (loop1): invalid crc value
[  462.077474][T10089] F2FS-fs (loop1): Found nat_bits in checkpoint
[  462.336044][T10089] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  462.514866][T10136] loop3: detected capacity change from 0 to 128
[  462.522728][  T316] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  462.609635][T10136] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  462.835241][  T316] usb 5-1: Using ep0 maxpacket: 16
[  463.241223][ T8203] attempt to access beyond end of device
[  463.241223][ T8203] loop1: rw=2049, want=45104, limit=40427
[  463.267676][   T30] audit: type=1326 audit(1718695615.355:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10137 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f5489cf29 code=0x0
[  463.291513][  T316] usb 5-1: unable to get BOS descriptor or descriptor too short
[  463.375103][  T316] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  463.555212][  T316] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  463.574496][  T316] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.584619][  T316] usb 5-1: Product: syz
[  463.594728][  T316] usb 5-1: Manufacturer: syz
[  463.599255][  T316] usb 5-1: SerialNumber: syz
[  463.646012][  T316] cdc_mbim 5-1:1.0: MBIM functional descriptor missing
[  463.652755][  T316] cdc_mbim 5-1:1.0: bind() failure
[  463.861941][   T60] usb 5-1: USB disconnect, device number 19
[  463.880593][T10158] loop1: detected capacity change from 0 to 16
[  463.926832][T10158] erofs: (device loop1): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  463.991848][T10141] loop3: detected capacity change from 0 to 40427
[  464.035042][T10141] F2FS-fs (loop3): invalid crc value
[  464.042348][T10141] F2FS-fs (loop3): Found nat_bits in checkpoint
[  464.095296][  T316] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  464.112958][T10163] serio: Serial port pts0
[  464.160915][T10141] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  464.472013][T10173] loop0: detected capacity change from 0 to 128
[  464.539125][  T316] usb 3-1: Using ep0 maxpacket: 8
[  464.546368][T10173] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  464.785849][  T316] usb 3-1: config index 0 descriptor too short (expected 30482, got 18)
[  464.816705][  T316] usb 3-1: config 0 has too many interfaces: 101, using maximum allowed: 32
[  464.868469][T10172] overlayfs: failed to resolve './file1': -2
[  464.900282][  T316] usb 3-1: config 0 has an invalid interface number: 191 but max is 100
[  465.093247][  T316] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 101
[  465.102208][  T316] usb 3-1: config 0 has no interface number 0
[  465.245388][  T316] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 5.00
[  465.248028][T10182] syz-executor.1[10182] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.254484][T10182] syz-executor.1[10182] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.254713][ T8155] attempt to access beyond end of device
[  465.254713][ T8155] loop3: rw=2049, want=45112, limit=40427
[  465.296100][  T316] usb 3-1: New USB device strings: Mfr=253, Product=255, SerialNumber=0
[  465.314554][  T316] usb 3-1: Product: syz
[  465.330947][  T316] usb 3-1: Manufacturer: syz
[  465.338638][  T316] usb 3-1: config 0 descriptor??
[  465.378566][  T316] ftdi_sio 3-1:0.191: FTDI USB Serial Device converter detected
[  465.397192][  T316] usb 3-1: Detected FT232BM
[  465.949289][T10204] loop4: detected capacity change from 0 to 1024
[  466.148373][T10204] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  466.414180][  T337] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  466.935165][  T316] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  466.955131][  T316] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  466.973302][  T316] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  467.001675][  T316] usb 3-1: USB disconnect, device number 20
[  467.019167][  T316] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  467.049141][  T316] ftdi_sio 3-1:0.191: device disconnected
[  467.203745][T10221] loop3: detected capacity change from 0 to 512
[  467.215019][  T337] usb 1-1: Using ep0 maxpacket: 16
[  467.261720][T10221] EXT4-fs (loop3): 1 truncate cleaned up
[  467.267910][T10221] EXT4-fs (loop3): mounted filesystem without journal. Opts: prjquota,grpquota,debug_want_extra_isize=0x000000000000005c,sysvgroups,nolazytime,errors=continue,grpjquota=,,errors=continue. Quota mode: writeback.
[  467.298518][T10221] EXT4-fs error (device loop3): ext4_lookup:1855: inode #13: comm syz-executor.3: iget: checksum invalid
[  467.322300][ T8155] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor.3: path /root/syzkaller-testdir282274002/syzkaller.nge27B/166/file2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  467.348979][ T8155] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  467.361383][ T8155] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  467.385259][  T337] usb 1-1: unable to get BOS descriptor or descriptor too short
[  467.439243][T10210] loop2: detected capacity change from 0 to 40427
[  467.455082][   T20] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  467.465150][  T337] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  467.493310][T10210] F2FS-fs (loop2): invalid crc value
[  467.506929][T10210] F2FS-fs (loop2): Found nat_bits in checkpoint
[  467.630736][T10210] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  467.635233][  T337] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  467.655003][  T337] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.673024][  T337] usb 1-1: Product: syz
[  467.677087][  T337] usb 1-1: Manufacturer: syz
[  467.681475][  T337] usb 1-1: SerialNumber: syz
[  467.746070][  T337] cdc_mbim 1-1:1.0: MBIM functional descriptor missing
[  467.752915][  T337] cdc_mbim 1-1:1.0: bind() failure
[  467.815128][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  467.835025][   T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  467.854821][   T20] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  467.863849][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.877781][   T20] usb 2-1: config 0 descriptor??
[  467.927395][T10228] bridge0: port 1(bridge_slave_0) entered blocking state
[  467.934355][T10228] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.942277][T10228] device bridge_slave_0 entered promiscuous mode
[  467.951155][T10228] bridge0: port 2(bridge_slave_1) entered blocking state
[  467.957855][  T337] usb 1-1: USB disconnect, device number 22
[  467.959042][T10228] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.971919][T10228] device bridge_slave_1 entered promiscuous mode
[  467.980027][ T9488] device bridge_slave_1 left promiscuous mode
[  467.986381][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.997950][T10232] overlayfs: failed to resolve './file1': -2
[  468.005678][ T9488] device veth1_macvtap left promiscuous mode
[  468.011747][ T9488] device veth0_vlan left promiscuous mode
[  468.051724][   T30] audit: type=1400 audit(1718695620.135:4692): avc:  denied  { setopt } for  pid=10233 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  468.277574][ T8677] attempt to access beyond end of device
[  468.277574][ T8677] loop2: rw=2049, want=45112, limit=40427
[  468.647586][T10242] loop4: detected capacity change from 0 to 1024
[  468.774890][T10242] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  469.335151][   T20] usb 2-1: string descriptor 0 read error: -71
[  469.355227][   T20] uclogic 0003:256C:006D.0034: failed retrieving string descriptor #200: -71
[  469.399592][   T20] uclogic 0003:256C:006D.0034: failed retrieving pen parameters: -71
[  469.425022][   T20] uclogic 0003:256C:006D.0034: failed probing pen v2 parameters: -71
[  469.450976][   T20] uclogic 0003:256C:006D.0034: failed probing parameters: -71
[  469.462209][   T20] uclogic: probe of 0003:256C:006D.0034 failed with error -71
[  469.463983][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  469.478191][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  469.496878][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  469.505492][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  469.505963][   T20] usb 2-1: USB disconnect, device number 27
[  469.513820][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.525972][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.533877][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  469.544406][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  469.552770][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.559791][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.575205][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  469.593354][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  469.601845][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  469.611300][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  469.619534][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  469.645570][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  469.655612][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  469.682431][T10228] device veth0_vlan entered promiscuous mode
[  469.698886][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  469.707581][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  469.735255][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  469.742923][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  469.748745][T10255] loop0: detected capacity change from 0 to 512
[  469.756198][T10228] device veth1_macvtap entered promiscuous mode
[  469.791265][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  469.801024][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  469.816284][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  469.836996][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  469.848844][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  469.857161][T10255] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  469.857474][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  469.875883][T10255] ext4 filesystem being mounted at /root/syzkaller-testdir3465839964/syzkaller.LD9LJi/122/bus supports timestamps until 2038 (0x7fffffff)
[  469.892412][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  470.826990][   T30] audit: type=1400 audit(1718695622.915:4693): avc:  denied  { listen } for  pid=10281 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  470.851889][   T30] audit: type=1326 audit(1718695622.935:4694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  470.912657][   T30] audit: type=1326 audit(1718695622.935:4695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  470.950160][   T30] audit: type=1326 audit(1718695622.935:4696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  470.985281][   T30] audit: type=1326 audit(1718695622.935:4697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  471.045622][   T30] audit: type=1326 audit(1718695622.935:4698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  471.062971][T10269] loop3: detected capacity change from 0 to 40427
[  471.073568][   T30] audit: type=1326 audit(1718695622.935:4699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  471.104577][   T30] audit: type=1400 audit(1718695622.965:4700): avc:  denied  { accept } for  pid=10281 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  471.110107][T10269] F2FS-fs (loop3): invalid crc value
[  471.124647][   T30] audit: type=1326 audit(1718695622.965:4701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10279 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  471.165589][T10269] F2FS-fs (loop3): Found nat_bits in checkpoint
[  471.234192][T10306] syz-executor.1[10306] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.234350][T10306] syz-executor.1[10306] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.295274][T10269] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  471.309234][T10311] loop0: detected capacity change from 0 to 512
[  471.337693][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  471.382400][T10228] attempt to access beyond end of device
[  471.382400][T10228] loop3: rw=2049, want=45104, limit=40427
[  471.425771][T10311] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  471.444068][T10311] ext4 filesystem being mounted at /root/syzkaller-testdir3465839964/syzkaller.LD9LJi/125/bus supports timestamps until 2038 (0x7fffffff)
[  471.483524][T10316] device pim6reg1 entered promiscuous mode
[  471.692568][T10325] device syzkaller0 entered promiscuous mode
[  471.971203][T10325] syzkaller0: create flow: hash 1417123634 index 1
[  471.993399][T10324] syzkaller0: delete flow: hash 1417123634 index 1
[  472.114497][T10331] IPv6: Can't replace route, no match found
[  472.333717][T10342] pim6reg0: tun_chr_ioctl cmd 1074025677
[  472.346151][T10342] pim6reg0: linktype set to 776
[  472.413005][T10352] tipc: Started in network mode
[  472.418106][T10352] tipc: Node identity ac1414aa, cluster identity 4711
[  472.425055][T10352] tipc: New replicast peer: 100.1.1.1
[  472.431657][T10352] tipc: Enabled bearer <udp:s>, priority 10
[  472.442065][T10356] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  472.540229][T10364] IPv6: Can't replace route, no match found
[  473.049577][T10366] tipc: Failed to remove unknown binding: 66,1,1/0:3372285372/3372285374
[  473.147654][T10366] tipc: Failed to remove unknown binding: 66,1,1/0:3372285372/3372285374
[  473.475981][T10374] loop1: detected capacity change from 0 to 512
[  473.507370][T10379] loop4: detected capacity change from 0 to 256
[  473.526485][T10374] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  473.543894][T10374] ext4 filesystem being mounted at /root/syzkaller-testdir889356924/syzkaller.s7X9Pp/156/bus supports timestamps until 2038 (0x7fffffff)
[  473.545288][   T60] tipc: Node number set to 2886997162
[  473.642053][T10385] pim6reg0: tun_chr_ioctl cmd 1074025677
[  473.661405][T10385] pim6reg0: linktype set to 776
[  473.729932][T10391] loop2: detected capacity change from 0 to 256
[  473.798924][T10398] IPv6: Can't replace route, no match found
[  474.115259][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  474.115316][   T30] audit: type=1400 audit(1718695626.135:4732): avc:  denied  { rename } for  pid=10390 comm="syz-executor.2" name="file1" dev="loop2" ino=1048884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  474.587316][   T30] audit: type=1400 audit(1718695626.145:4733): avc:  denied  { reparent } for  pid=10390 comm="syz-executor.2" name="file1" dev="loop2" ino=1048884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  474.819460][T10416] loop2: detected capacity change from 0 to 256
[  474.946739][T10425] IPv6: Can't replace route, no match found
[  474.986058][T10428] pim6reg0: tun_chr_ioctl cmd 1074025677
[  475.000502][T10428] pim6reg0: linktype set to 776
[  475.205039][  T335] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  475.232013][T10395] loop0: detected capacity change from 0 to 40427
[  475.294409][T10395] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  475.302107][T10395] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  475.316885][T10395] F2FS-fs (loop0): invalid crc value
[  475.325315][T10395] F2FS-fs (loop0): Found nat_bits in checkpoint
[  475.366155][T10447] overlayfs: failed to get inode (-116)
[  475.371807][T10447] overlayfs: failed to get inode (-116)
[  475.422590][T10395] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  475.431982][T10395] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  475.446841][T10450] loop2: detected capacity change from 0 to 256
[  475.476607][  T335] usb 2-1: Using ep0 maxpacket: 16
[  475.502269][ T8498] attempt to access beyond end of device
[  475.502269][ T8498] loop0: rw=2049, want=45104, limit=40427
[  475.591285][T10455] IPv6: Can't replace route, no match found
[  475.614807][T10457] netlink: 'syz-executor.2': attribute type 12 has an invalid length.
[  475.675117][  T335] usb 2-1: unable to get BOS descriptor or descriptor too short
[  475.690679][T10461] pim6reg0: tun_chr_ioctl cmd 1074025677
[  475.712687][T10461] pim6reg0: linktype set to 776
[  475.765500][  T335] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  475.861977][T10472] overlayfs: failed to get inode (-116)
[  475.875454][T10472] overlayfs: failed to get inode (-116)
[  475.965299][  T335] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  475.974654][  T335] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.015124][  T335] usb 2-1: Product: syz
[  476.019172][  T335] usb 2-1: Manufacturer: syz
[  476.023603][  T335] usb 2-1: SerialNumber: syz
[  476.116153][  T335] cdc_mbim 2-1:1.0: MBIM functional descriptor missing
[  476.130673][  T335] cdc_mbim 2-1:1.0: bind() failure
[  476.170161][T10482] loop0: detected capacity change from 0 to 256
[  476.278471][T10486] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  476.323462][  T935] usb 2-1: USB disconnect, device number 28
[  476.430018][   T30] audit: type=1400 audit(1718695628.515:4734): avc:  denied  { remount } for  pid=10497 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  476.464057][T10475] loop3: detected capacity change from 0 to 40427
[  476.518482][T10475] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  476.535939][T10475] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  476.553846][T10475] F2FS-fs (loop3): invalid crc value
[  476.576667][T10475] F2FS-fs (loop3): Found nat_bits in checkpoint
[  476.694401][T10514] netem: change failed
[  476.772241][T10475] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  476.779356][T10475] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  476.913125][T10525] loop1: detected capacity change from 0 to 128
[  476.919940][T10228] attempt to access beyond end of device
[  476.919940][T10228] loop3: rw=2049, want=45104, limit=40427
[  477.136627][T10535] loop1: detected capacity change from 0 to 256
[  477.164241][T10535] exfat: Deprecated parameter 'utf8'
[  477.173223][T10535] exfat: Deprecated parameter 'utf8'
[  477.185119][T10535] exfat: Deprecated parameter 'utf8'
[  477.211294][T10535] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  477.443107][T10557] overlayfs: failed to get inode (-116)
[  477.485258][T10557] overlayfs: failed to get inode (-116)
[  478.341225][T10571] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  478.365357][   T20] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  478.400984][T10574] loop3: detected capacity change from 0 to 256
[  478.433755][T10576] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3601737358/3601737360
[  478.445120][T10574] exfat: Deprecated parameter 'utf8'
[  478.450308][T10574] exfat: Deprecated parameter 'utf8'
[  478.456471][T10574] exfat: Deprecated parameter 'utf8'
[  478.458413][T10576] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3601737358/3601737360
[  478.468761][T10574] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  478.577018][T10587] overlayfs: failed to get inode (-116)
[  478.582674][T10587] overlayfs: failed to get inode (-116)
[  478.615217][   T20] usb 5-1: Using ep0 maxpacket: 16
[  478.649197][T10593] syz-executor.3[10593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.649353][T10593] syz-executor.3[10593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.662121][T10593] syz-executor.3[10593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.674479][T10593] syz-executor.3[10593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  478.715204][   T60] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  478.790268][   T20] usb 5-1: unable to get BOS descriptor or descriptor too short
[  478.875193][   T20] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  479.710450][T10608] syz-executor.2[10608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  479.710613][T10608] syz-executor.2[10608] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  479.785447][   T20] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  479.832860][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.845252][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.857863][   T30] audit: type=1400 audit(1718695631.945:4735): avc:  denied  { ioctl } for  pid=10609 comm="syz-executor.1" path="socket:[60366]" dev="sockfs" ino=60366 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  479.897104][T10611] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=10611 comm=syz-executor.1
[  479.915446][   T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  479.925182][   T20] usb 5-1: Product: syz
[  479.929454][   T20] usb 5-1: Manufacturer: syz
[  479.933926][   T20] usb 5-1: SerialNumber: syz
[  479.938474][   T60] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  479.948674][   T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.413528][   T60] usb 1-1: config 0 descriptor??
[  480.423136][T10615] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=37 sclass=netlink_tcpdiag_socket pid=10615 comm=syz-executor.1
[  480.437253][   T20] usb 5-1: can't set config #1, error -71
[  480.446794][   T20] usb 5-1: USB disconnect, device number 20
[  480.625906][T10621] netem: change failed
[  480.673002][T10628] syz-executor.3[10628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  480.673158][T10628] syz-executor.3[10628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  480.716286][T10628] syz-executor.3[10628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  480.740265][T10628] syz-executor.3[10628] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  480.851686][T10644] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pid=10644 comm=syz-executor.3
[  480.895606][   T60] hid (null): bogus close delimiter
[  480.947222][T10645] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=37 sclass=netlink_tcpdiag_socket pid=10645 comm=syz-executor.3
[  481.072011][T10631] loop1: detected capacity change from 0 to 40427
[  481.116650][T10631] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  481.124512][T10631] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  481.135672][T10631] F2FS-fs (loop1): invalid crc value
[  481.143777][T10631] F2FS-fs (loop1): Found nat_bits in checkpoint
[  481.257315][T10631] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  481.267586][T10631] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  481.418520][ T9488] attempt to access beyond end of device
[  481.418520][ T9488] loop1: rw=1, want=45104, limit=40427
[  481.435207][   T60] uclogic 0003:256C:006D.0035: failed retrieving Huion firmware version: -71
[  481.452198][   T60] uclogic 0003:256C:006D.0035: failed probing parameters: -71
[  481.471570][   T60] uclogic: probe of 0003:256C:006D.0035 failed with error -71
[  481.495793][   T60] usb 1-1: USB disconnect, device number 23
[  482.409025][T10674] loop2: detected capacity change from 0 to 256
[  482.463660][T10674] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  482.630416][T10686] loop0: detected capacity change from 0 to 512
[  482.662589][T10690] netem: change failed
[  482.689737][T10692] input: syz0 as /devices/virtual/input/input47
[  482.721989][T10686] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #16: comm syz-executor.0: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  482.795998][T10686] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 16 (err -117)
[  482.822113][T10686] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  482.855342][T10686] ext4 filesystem being mounted at /root/syzkaller-testdir3465839964/syzkaller.LD9LJi/147/file1 supports timestamps until 2038 (0x7fffffff)
[  483.117102][T10722] netlink: 184 bytes leftover after parsing attributes in process `syz-executor.0'.
[  484.154682][T10749] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  484.179968][T10749] FAT-fs (loop9): unable to read boot sector
[  484.280566][T10765] loop4: detected capacity change from 0 to 512
[  484.325011][T10765] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  484.340608][T10765] ext4 filesystem being mounted at /root/syzkaller-testdir3672247262/syzkaller.8e2Mvb/120/bus supports timestamps until 2038 (0x7fffffff)
[  484.440286][T10775] loop1: detected capacity change from 0 to 16
[  484.457414][T10768] loop2: detected capacity change from 0 to 8192
[  484.507137][T10775] erofs: (device loop1): mounted with root inode @ nid 36.
[  486.209489][T10788] ------------[ cut here ]------------
[  486.214834][T10788] Please remove unsupported %[  486.219575][T10788] WARNING: CPU: 1 PID: 10788 at lib/vsprintf.c:2667 format_decode+0x12d2/0x1f10
[  486.228614][T10788] Modules linked in:
[  486.232318][T10788] CPU: 1 PID: 10788 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  486.242528][T10788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  486.252424][T10788] RIP: 0010:format_decode+0x12d2/0x1f10
[  486.257917][T10788] Code: 7b 04 01 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 07 84 c0 0f 85 30 0c 00 00 41 0f be 36 48 c7 c7 80 79 84 85 e8 0e 27 b9 fe <0f> 0b e9 01 fa ff ff 48 8b 4c 24 18 80 e1 07 38 c1 0f 8c e3 ed ff
[  486.277341][T10788] RSP: 0018:ffffc900009d7620 EFLAGS: 00010246
[  486.283219][T10788] RAX: 48b2bc2cbe3c4e00 RBX: 00000000ffffffdb RCX: 0000000000040000
[  486.291070][T10788] RDX: ffffc90002737000 RSI: 00000000000004e7 RDI: 00000000000004e8
[  486.298868][T10788] RBP: ffffc900009d7710 R08: ffffffff81576225 R09: fffff5200013aded
[  486.306672][T10788] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff0a00ffffff00
[  486.314547][T10788] R13: ffff0000ffffff00 R14: ffffc900009d794c R15: 1ffff9200013af29
[  486.322385][T10788] FS:  00007f6f53c176c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  486.331691][T10788] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  486.338108][T10788] CR2: 00000000207fe000 CR3: 00000001260bd000 CR4: 00000000003506a0
[  486.345947][T10788] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  486.353714][T10788] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  486.361577][T10788] Call Trace:
[  486.362109][T10789] loop0: detected capacity change from 0 to 256
[  486.364651][T10788]  <TASK>
[  486.364671][T10788]  ? show_regs+0x58/0x60
[  486.377830][T10788]  ? __warn+0x160/0x2f0
[  486.381859][T10788]  ? format_decode+0x12d2/0x1f10
[  486.386688][T10788]  ? report_bug+0x3d9/0x5b0
[  486.390975][T10788]  ? format_decode+0x12d2/0x1f10
[  486.395780][T10788]  ? handle_bug+0x41/0x70
[  486.399913][T10788]  ? exc_invalid_op+0x1b/0x50
[  486.404429][T10788]  ? asm_exc_invalid_op+0x1b/0x20
[  486.409324][T10788]  ? __wake_up_klogd+0xd5/0x110
[  486.413982][T10788]  ? format_decode+0x12d2/0x1f10
[  486.418774][T10788]  ? __kernel_text_address+0x9b/0x110
[  486.423972][T10788]  ? vsnprintf+0x1c70/0x1c70
[  486.428414][T10788]  ? bstr_printf+0x1b6/0x10c0
[  486.432898][T10788]  ? memcpy+0x56/0x70
[  486.436785][T10788]  bstr_printf+0x130/0x10c0
[  486.441202][T10788]  ? bpf_bprintf_cleanup+0xc0/0xc0
[  486.446202][T10788]  ? vbin_printf+0x1bc0/0x1bc0
[  486.451645][T10788]  ? bpf_trace_printk+0x122/0x330
[  486.456601][T10788]  ? memcpy+0x56/0x70
[  486.460376][T10788]  bpf_trace_printk+0x1b5/0x330
[  486.465384][T10788]  ? kmem_cache_alloc+0xf5/0x200
[  486.470214][T10788]  ? ktime_get+0xf1/0x160
[  486.474379][T10788]  ? bpf_probe_write_user+0xf0/0xf0
[  486.479582][T10788]  ? do_syscall_64+0x3d/0xb0
[  486.484057][T10788]  ? ktime_get+0xf1/0x160
[  486.488255][T10788]  bpf_prog_12183cdb1cd51dab+0x2e/0xef4
[  486.493601][T10788]  bpf_test_run+0x478/0xa10
[  486.498000][T10788]  ? convert___skb_to_skb+0x570/0x570
[  486.503252][T10788]  ? eth_type_trans+0x2c6/0x600
[  486.507965][T10788]  ? eth_get_headlen+0x240/0x240
[  486.512712][T10788]  ? convert___skb_to_skb+0x44/0x570
[  486.518017][T10788]  bpf_prog_test_run_skb+0xb41/0x1420
[  486.523310][T10788]  ? anon_inode_getfd+0x33/0x40
[  486.528037][T10788]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  486.533729][T10788]  ? __kasan_check_write+0x14/0x20
[  486.538832][T10788]  ? fput_many+0x160/0x1b0
[  486.543139][T10788]  ? __bpf_prog_test_run_raw_tp+0x1d0/0x1d0
[  486.549608][T10788]  bpf_prog_test_run+0x3b0/0x630
[  486.554482][T10788]  ? bpf_prog_query+0x220/0x220
[  486.559183][T10788]  ? selinux_bpf+0xd2/0x100
[  486.563525][T10788]  ? security_bpf+0x82/0xb0
[  486.568315][T10788]  __sys_bpf+0x525/0x760
[  486.572354][T10788]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  486.577736][T10788]  ? __kasan_check_read+0x11/0x20
[  486.582667][T10788]  __x64_sys_bpf+0x7c/0x90
[  486.586936][T10788]  do_syscall_64+0x3d/0xb0
[  486.591162][T10788]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  486.596920][T10788] RIP: 0033:0x7f6f5489cf29
[  486.601150][T10788] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  486.614223][T10791] device sit0 entered promiscuous mode
[  486.620832][T10788] RSP: 002b:00007f6f53c170c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  486.634469][T10788] RAX: ffffffffffffffda RBX: 00007f6f549d3f80 RCX: 00007f6f5489cf29
[  486.642348][T10788] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a
[  486.650229][T10788] RBP: 00007f6f5490c074 R08: 0000000000000000 R09: 0000000000000000
[  486.658029][T10788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  486.665843][T10788] R13: 000000000000000b R14: 00007f6f549d3f80 R15: 00007ffc5279fcb8
[  486.673649][T10788]  </TASK>
[  486.676523][T10788] ---[ end trace be4a27ddd0b0997b ]---
[  486.695796][T10793] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  486.707343][T10793] FAT-fs (loop7): unable to read boot sector
[  486.762930][   T30] audit: type=1400 audit(1718695638.845:4736): avc:  denied  { wake_alarm } for  pid=10785 comm="syz-executor.0" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  487.106887][T10804] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22
[  487.282338][T10804] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev bpf, type bpf) errno=-22
[  488.173133][T10815] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.186020][T10815] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.201924][T10815] device bridge_slave_0 entered promiscuous mode
[  488.218193][T10815] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.226761][T10815] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.234837][T10815] device bridge_slave_1 entered promiscuous mode
[  489.431828][   T45] device bridge_slave_1 left promiscuous mode
[  489.446119][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.485894][   T45] device bridge_slave_0 left promiscuous mode
[  489.491959][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.507404][T10849] bpf_get_probe_write_proto: 10 callbacks suppressed
[  489.507452][T10849] syz-executor.0[10849] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.523691][   T45] device veth1_macvtap left promiscuous mode
[  489.541746][T10849] syz-executor.0[10849] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.562110][   T45] device veth0_vlan left promiscuous mode
[  489.643666][T10863] syz-executor.0[10863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.643819][T10863] syz-executor.0[10863] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  489.900638][T10851] device sit0 entered promiscuous mode
[  490.916122][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  490.933414][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  490.974011][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  490.983114][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  491.016678][ T8345] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.023647][ T8345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  491.035990][T10890] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  491.056328][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  491.064661][T10890] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-avx2)"
[  491.075184][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  491.083454][ T8345] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.090428][ T8345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  491.135376][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  491.167320][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  491.202941][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  491.234770][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  491.257539][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  491.324367][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  491.340657][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  491.350294][   T30] audit: type=1326 audit(1718695643.445:4737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10898 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  491.395166][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  491.409072][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  491.421403][   T30] audit: type=1326 audit(1718695643.465:4738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10898 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  491.454060][T10815] device veth0_vlan entered promiscuous mode
[  491.470752][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  491.481867][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  491.520170][T10815] device veth1_macvtap entered promiscuous mode
[  491.527186][   T30] audit: type=1326 audit(1718695643.465:4739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10898 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9936dbf29 code=0x7ffc0000
[  491.556233][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  491.565469][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  491.573941][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  491.591467][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  491.600669][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  491.621301][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  491.630852][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  491.708882][T10906] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  491.735520][T10906] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  491.778349][T10912] syz-executor.1[10912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  491.778516][T10912] syz-executor.1[10912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  491.989026][T10918] syz-executor.3[10918] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  492.279249][T10918] syz-executor.3[10918] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  492.834150][  T333] Bluetooth: hci0: command 0x1003 tx timeout
[  492.852680][ T1361] Bluetooth: hci0: sending frame failed (-49)
[  493.522059][T10941] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  493.539777][T10941] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  494.236857][T10952] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  494.683512][   T30] audit: type=1326 audit(1718695646.765:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  494.764238][   T30] audit: type=1326 audit(1718695646.765:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  494.813963][   T30] audit: type=1326 audit(1718695646.765:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  494.855572][T10970] SELinux: security_context_str_to_sid(user_u) failed for (dev ?, type ?) errno=-22
[  494.883554][T10970] SELinux: security_context_str_to_sid(user_u) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  494.883758][   T30] audit: type=1326 audit(1718695646.765:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  494.920033][  T333] Bluetooth: hci0: command 0x1001 tx timeout
[  494.926228][ T1361] Bluetooth: hci0: sending frame failed (-49)
[  494.961598][   T30] audit: type=1326 audit(1718695646.765:4744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  494.986379][   T30] audit: type=1326 audit(1718695646.765:4745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  495.010372][   T30] audit: type=1326 audit(1718695646.805:4746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  495.034618][   T30] audit: type=1326 audit(1718695646.805:4747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  495.083573][   T30] audit: type=1326 audit(1718695646.805:4748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  495.145591][   T30] audit: type=1326 audit(1718695646.805:4749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10960 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  495.411986][T10999] loop3: detected capacity change from 0 to 8192
[  495.426650][T11006] loop1: detected capacity change from 0 to 128
[  495.450117][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  495.492144][T11006] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  495.503002][T11006] ext4 filesystem being mounted at /root/syzkaller-testdir889356924/syzkaller.s7X9Pp/212/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  495.542825][T11006] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #2: comm syz-executor.1: Directory block failed checksum
[  496.670661][T11019] loop2: detected capacity change from 0 to 8192
[  496.720297][T11032] loop3: detected capacity change from 0 to 256
[  498.555315][ T8345] Bluetooth: hci0: command 0x1009 tx timeout
[  498.856902][T11057] loop2: detected capacity change from 0 to 8192
[  499.913894][   T30] kauditd_printk_skb: 38 callbacks suppressed
[  499.913926][   T30] audit: type=1400 audit(1718695651.995:4788): avc:  denied  { write } for  pid=11091 comm="syz-executor.2" path="socket:[62509]" dev="sockfs" ino=62509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  500.140557][T11099] xt_SECMARK: invalid security context 'system_u:object_r:devicekit_exec_t:s0'
[  500.344157][T11116] loop1: detected capacity change from 0 to 512
[  500.443655][T11116] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  500.485971][T11116] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz-executor.1: missing EA_INODE flag
[  500.542286][T11128] loop2: detected capacity change from 0 to 256
[  500.548871][T11129] fuse: Bad value for 'fd'
[  500.561177][T11116] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 2 err=-117
[  500.630065][T11116] EXT4-fs (loop1): 1 orphan inode deleted
[  500.648181][T11116] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  502.695103][   T30] audit: type=1326 audit(1718695654.775:4789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  502.803526][   T30] audit: type=1326 audit(1718695654.775:4790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  502.861627][   T30] audit: type=1326 audit(1718695654.775:4791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  502.885766][   T30] audit: type=1326 audit(1718695654.775:4792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  502.910429][   T30] audit: type=1326 audit(1718695654.775:4793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  502.951047][   T30] audit: type=1326 audit(1718695654.775:4794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  503.244012][   T30] audit: type=1326 audit(1718695654.775:4795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  503.634591][   T30] audit: type=1326 audit(1718695654.775:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  503.685066][   T30] audit: type=1326 audit(1718695654.775:4797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11140 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  506.179655][T11201] loop4: detected capacity change from 0 to 512
[  506.246191][T11201] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  506.386813][T11198] bridge0: port 1(bridge_slave_0) entered blocking state
[  506.393720][T11198] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.433602][T11198] device bridge_slave_0 entered promiscuous mode
[  506.468010][T11198] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.480364][T11198] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.496479][T11198] device bridge_slave_1 entered promiscuous mode
[  506.586075][ T9488] device bridge_slave_1 left promiscuous mode
[  506.593367][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.607741][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  506.607776][   T30] audit: type=1326 audit(1718695658.695:4806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11233 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  506.642969][ T9488] device bridge_slave_0 left promiscuous mode
[  506.655137][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[  506.662740][   T30] audit: type=1326 audit(1718695658.695:4807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11233 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  506.688222][   T30] audit: type=1326 audit(1718695658.695:4808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11233 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  506.712533][ T9488] device veth1_macvtap left promiscuous mode
[  506.718732][   T30] audit: type=1326 audit(1718695658.725:4809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11233 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  506.719866][ T9488] device veth0_vlan left promiscuous mode
[  506.756788][T11235] loop4: detected capacity change from 0 to 8192
[  508.174684][T11259] syz-executor.1[11259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  508.174840][T11259] syz-executor.1[11259] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  508.993828][T11267] syz-executor.4[11267] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  509.036381][T11267] syz-executor.4[11267] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  509.059523][T11267] tmpfs: Unknown parameter 'nolazytimeÿÿ'
[  509.083293][ T9488] tipc: Disabling bearer <udp:s>
[  509.105085][ T9488] tipc: Left network mode
[  509.263958][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  509.272660][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  509.305047][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  509.314569][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  509.326721][ T2255] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.331309][T11282] loop1: detected capacity change from 0 to 8192
[  509.333638][ T2255] bridge0: port 1(bridge_slave_0) entered forwarding state
[  509.364550][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  509.372878][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  509.381593][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  509.389813][ T8345] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.396697][ T8345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  509.456517][T11264] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.464014][T11264] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.472553][T11264] device bridge_slave_0 entered promiscuous mode
[  509.482205][T11264] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.490170][T11264] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.499237][T11264] device bridge_slave_1 entered promiscuous mode
[  509.594520][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  509.606437][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  509.672241][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  510.799336][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  510.820809][T11302] syz-executor.3[11302] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  510.821033][T11302] syz-executor.3[11302] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  510.884525][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  510.915189][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  510.944115][T11198] device veth0_vlan entered promiscuous mode
[  510.973947][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  510.985932][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  511.023747][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  511.031652][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  511.080927][T11198] device veth1_macvtap entered promiscuous mode
[  511.100625][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  511.117113][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  511.151336][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  511.242552][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  511.261148][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  511.341082][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  511.350276][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  511.418800][ T9488] device bridge_slave_1 left promiscuous mode
[  511.424880][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.657589][ T9488] device bridge_slave_0 left promiscuous mode
[  511.674534][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.954804][ T9488] device veth1_macvtap left promiscuous mode
[  511.999396][ T9488] device veth0_vlan left promiscuous mode
[  512.374008][T11332] 9pnet: p9_errstr2errno: server reported unknown error œæøýÓ®
[  512.635058][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  512.643059][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  512.663602][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  512.673437][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  512.682063][  T611] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.688981][  T611] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.696525][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  512.705746][  T611] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  512.714974][  T611] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.721893][  T611] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.752005][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  512.762878][T11346] loop0: detected capacity change from 0 to 8192
[  512.763876][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  512.777616][  T935] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  512.789531][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  512.798373][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  512.845462][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  512.854922][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  512.874317][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  512.883259][ T2255] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  512.893456][T11264] device veth0_vlan entered promiscuous mode
[  512.901794][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  512.912048][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  512.947904][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  512.962113][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  512.979918][T11264] device veth1_macvtap entered promiscuous mode
[  513.014839][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  513.039940][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  513.048585][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  513.061800][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  513.071998][  T335] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  514.197388][T11362] syz-executor.2[11362] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.197556][T11362] syz-executor.2[11362] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.709579][T11377] syz-executor.1[11377] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.745490][T11377] syz-executor.1[11377] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  514.985481][T11385] input: syz0 as /devices/virtual/input/input48
[  515.127433][T11388] loop2: detected capacity change from 0 to 8192
[  515.165375][T11400] loop1: detected capacity change from 0 to 512
[  515.275890][T11400] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  515.299133][T11400] ext4 filesystem being mounted at /root/syzkaller-testdir889356924/syzkaller.s7X9Pp/255/file0 supports timestamps until 2038 (0x7fffffff)
[  516.356182][T11412] syz-executor.1[11412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.356352][T11412] syz-executor.1[11412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.475692][T11418] syz-executor.2[11418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.619902][T11418] syz-executor.2[11418] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.453939][T11446] input: syz0 as /devices/virtual/input/input49
[  518.547493][   T30] audit: type=1400 audit(1718695670.635:4810): avc:  denied  { create } for  pid=11447 comm="syz-executor.0" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:fusefs_t tclass=blk_file permissive=1
[  518.568688][T11442] loop1: detected capacity change from 0 to 8192
[  518.927376][T11463] syz-executor.3[11463] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  518.927620][T11463] syz-executor.3[11463] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  519.988718][T11489] syz-executor.3[11489] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  520.038755][T11489] syz-executor.3[11489] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  520.267881][T11503] input: syz0 as /devices/virtual/input/input50
[  520.981143][T11512] input: syz0 as /devices/virtual/input/input51
[  521.490925][T11519] syz-executor.2[11519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  521.491081][T11519] syz-executor.2[11519] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  521.843311][T11544] loop4: detected capacity change from 0 to 256
[  522.707721][T11556] input: syz0 as /devices/virtual/input/input52
[  522.817649][T11564] tipc: Enabling of bearer <euh:v> rejected, media not registered
[  523.285314][T11584] loop1: detected capacity change from 0 to 256
[  524.420613][T11630] loop4: detected capacity change from 0 to 512
[  524.447034][T11630] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  524.459582][T11630] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.4: inline data xattr refers to an external xattr inode
[  524.475507][T11630] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 12 (err -117)
[  524.488408][T11630] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,mblk_io_submit,grpjquota=,resuid=0x0000000000000000,prjquota,usrjquota=,usrjquota=,min_batch_time=0x000000000100409e,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  524.523477][   T30] audit: type=1400 audit(1718695676.605:4811): avc:  denied  { link } for  pid=11629 comm="syz-executor.4" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  524.532025][T11630] EXT4-fs error (device loop4): ext4_find_dest_de:2112: inode #2: block 255: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0
[  524.567104][  T935] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  524.595168][ T2255] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  524.965223][ T2255] usb 1-1: config 0 has an invalid interface number: 18 but max is 0
[  524.977417][ T2255] usb 1-1: config 0 has no interface number 0
[  524.990435][ T2255] usb 1-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.004810][ T2255] usb 1-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  525.008644][  T935] usb 3-1: unable to get BOS descriptor or descriptor too short
[  525.065280][  T935] usb 3-1: not running at top speed; connect to a high speed hub
[  525.095182][ T2255] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[  525.107478][ T2255] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  525.122455][ T2255] usb 1-1: Manufacturer: syz
[  525.131841][ T2255] usb 1-1: config 0 descriptor??
[  525.145120][  T935] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  525.165768][   T30] audit: type=1326 audit(1718695677.255:4812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.225168][   T30] audit: type=1326 audit(1718695677.285:4813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.281423][   T30] audit: type=1326 audit(1718695677.285:4814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.306210][   T30] audit: type=1326 audit(1718695677.285:4815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.328480][T11643] loop4: detected capacity change from 0 to 40427
[  525.331156][   T30] audit: type=1326 audit(1718695677.285:4816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.360768][   T30] audit: type=1326 audit(1718695677.285:4817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.385209][  T935] usb 3-1: New USB device found, idVendor=056a, idProduct=0017, bcdDevice= 0.40
[  525.385568][   T30] audit: type=1326 audit(1718695677.285:4818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.394134][  T935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.419007][   T30] audit: type=1326 audit(1718695677.285:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0ebb5e8f29 code=0x7ffc0000
[  525.451686][   T30] audit: type=1326 audit(1718695677.285:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11656 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0ebb5e8f63 code=0x7ffc0000
[  525.475403][  T935] usb 3-1: Product: syz
[  525.475452][  T935] usb 3-1: Manufacturer: syz
[  525.475494][  T935] usb 3-1: SerialNumber: syz
[  525.496738][T11643] F2FS-fs (loop4): Found nat_bits in checkpoint
[  525.516956][  T935] usbhid 3-1:1.0: couldn't find an input interrupt endpoint
[  525.594513][T11643] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  525.662562][ T2255] input: syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.18/0003:054C:03D5.0036/input/input53
[  525.678009][ T2255] sony 0003:054C:03D5.0036: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.0-1/input18
[  525.721483][  T935] usb 3-1: USB disconnect, device number 21
[  525.861502][ T2255] usb 1-1: USB disconnect, device number 24
[  525.930934][T11677] SELinux:  Context $ is not valid (left unmapped).
[  525.984136][T11681] loop1: detected capacity change from 0 to 256
[  526.205168][  T935] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  526.565096][T11697] loop0: detected capacity change from 0 to 512
[  526.906944][  T935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  526.948595][  T935] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  526.983147][T11697] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #16: comm syz-executor.0: iget: bad extended attribute block 128
[  527.029632][  T935] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  527.054027][T11697] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 16 (err -117)
[  527.085610][  T935] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.224345][T11697] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  527.236523][T11697] ext4 filesystem being mounted at /root/syzkaller-testdir3165260272/syzkaller.LETrDW/22/file1 supports timestamps until 2038 (0x7fffffff)
[  527.359177][  T935] usb 5-1: config 0 descriptor??
[  527.541393][T11717] incfs: Error accessing: ./file0/file0.
[  527.548356][T11717] incfs: mount failed -20
[  527.826914][  T935] hid-thrustmaster 0003:044F:B65D.0037: unknown main item tag 0x0
[  527.836511][  T935] hid-thrustmaster 0003:044F:B65D.0037: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0
[  527.848817][  T935] hid-thrustmaster 0003:044F:B65D.0037: Wrong number of endpoints?
[  527.885155][   T20] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  527.963727][  T611] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  528.052196][T11738] loop2: detected capacity change from 0 to 512
[  528.096692][T11738] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  528.105836][T11676] UDC core: couldn't find an available UDC or it's busy: -16
[  528.109083][T11738] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz-executor.2: inline data xattr refers to an external xattr inode
[  528.113254][T11676] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  528.128728][T11738] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 12 (err -117)
[  528.141235][T11676] UDC core: couldn't find an available UDC or it's busy: -16
[  528.147973][T11738] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,mblk_io_submit,grpjquota=,resuid=0x0000000000000000,prjquota,usrjquota=,usrjquota=,min_batch_time=0x000000000100409e,max_dir_size_kb=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  528.154621][T11676] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  528.216942][T11738] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 255: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=1633771873, rec_len=1024, size=1024 fake=0
[  528.220119][  T935] usb 5-1: USB disconnect, device number 21
[  528.236742][    C1] hid-thrustmaster 0003:044F:B65D.0037: URB to get model id failed with error -71
[  528.335158][   T20] usb 2-1: unable to get BOS descriptor or descriptor too short
[  528.349392][T11747] incfs: Error accessing: ./file0/file0.
[  528.355395][T11747] incfs: mount failed -20
[  528.375158][   T20] usb 2-1: not running at top speed; connect to a high speed hub
[  528.475293][  T611] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  528.476726][   T20] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  528.494743][  T611] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  528.509624][  T611] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  528.519017][  T611] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.565306][   T20] usb 2-1: New USB device found, idVendor=056a, idProduct=0017, bcdDevice= 0.40
[  529.582382][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  529.598531][   T20] usb 2-1: Product: syz
[  529.605047][   T20] usb 2-1: Manufacturer: syz
[  529.609541][   T20] usb 2-1: SerialNumber: syz
[  529.635163][  T611] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  529.652348][  T611] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input54
[  529.664099][  T611] input: failed to attach handler kbd to device input54, error: -5
[  529.676305][   T20] usbhid 2-1:1.0: couldn't find an input interrupt endpoint
[  529.690031][  T611] usb 1-1: USB disconnect, device number 25
[  529.912962][  T611] usb 2-1: USB disconnect, device number 29
[  530.660122][T11790] loop2: detected capacity change from 0 to 16
[  530.726640][T11790] erofs: (device loop2): mounted with root inode @ nid 36.
[  530.739618][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  530.739654][   T30] audit: type=1326 audit(1718695682.825:4879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  530.814915][   T30] audit: type=1326 audit(1718695682.825:4880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  530.841263][   T30] audit: type=1326 audit(1718695682.855:4881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  530.867945][   T30] audit: type=1326 audit(1718695682.855:4882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  530.910494][   T30] audit: type=1326 audit(1718695682.855:4883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  530.965069][   T30] audit: type=1326 audit(1718695682.865:4884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  531.021660][   T30] audit: type=1326 audit(1718695682.865:4885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  531.045945][   T30] audit: type=1326 audit(1718695682.865:4886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f707e1a16a7 code=0x7ffc0000
[  531.070123][   T30] audit: type=1326 audit(1718695682.865:4887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f707e167379 code=0x7ffc0000
[  531.110209][T11808] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'.
[  531.129140][   T30] audit: type=1326 audit(1718695682.865:4888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f707e1a3f29 code=0x7ffc0000
[  531.165118][ T2255] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  531.329141][T11777] loop0: detected capacity change from 0 to 40427
[  531.418894][T11777] F2FS-fs (loop0): Found nat_bits in checkpoint
[  531.555177][ T2255] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  531.560007][T11777] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  531.584912][ T2255] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  531.604905][ T2255] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  531.605508][T11198] attempt to access beyond end of device
[  531.605508][T11198] loop0: rw=2049, want=45104, limit=40427
[  531.635721][ T2255] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.135418][ T2255] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  532.154567][ T2255] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input55
[  532.177744][ T2255] input: failed to attach handler kbd to device input55, error: -5
[  532.195728][ T2255] usb 2-1: USB disconnect, device number 30
[  532.300511][T11867] loop2: detected capacity change from 0 to 16
[  532.354355][T11867] erofs: (device loop2): mounted with root inode @ nid 36.
[  532.836482][T11903] syz-executor.2[11903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  532.836643][T11903] syz-executor.2[11903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  533.976147][T11935] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'.
[  534.302950][T11921] loop2: detected capacity change from 0 to 40427
[  534.427538][T11921] F2FS-fs (loop2): Found nat_bits in checkpoint
[  534.662862][T11974] fscrypt (sda1, inode 1966): Can't use IV_INO_LBLK_32 policy on filesystem 'sda1' because it doesn't have stable inode numbers
[  534.686000][T11921] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  534.826721][T11979] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22
[  534.868339][T11979] SELinux: security_context_str_to_sid(root) failed for (dev incremental-fs, type incremental-fs) errno=-22
[  535.045427][T11983] overlayfs: missing 'lowerdir'
[  535.831907][T11264] attempt to access beyond end of device
[  535.831907][T11264] loop2: rw=2049, want=45104, limit=40427
[  536.511022][ T2255] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  536.965469][ T2255] usb 2-1: unable to get BOS descriptor or descriptor too short
[  537.056041][ T2255] usb 2-1: not running at top speed; connect to a high speed hub
[  537.296474][ T2255] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  538.385909][ T2255] usb 2-1: New USB device found, idVendor=056a, idProduct=0017, bcdDevice= 0.40
[  538.394835][ T2255] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.410516][ T2255] usb 2-1: Product: syz
[  538.414568][ T2255] usb 2-1: Manufacturer: syz
[  538.425067][ T2255] usb 2-1: SerialNumber: syz
[  538.486332][ T2255] usbhid 2-1:1.0: couldn't find an input interrupt endpoint
[  538.711465][ T2255] usb 2-1: USB disconnect, device number 31
[  538.728153][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  538.831793][   T30] kauditd_printk_skb: 95 callbacks suppressed
[  538.831835][   T30] audit: type=1326 audit(1718695690.915:4984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.863434][   T30] audit: type=1326 audit(1718695690.915:4985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.890299][   T30] audit: type=1326 audit(1718695690.945:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.915347][   T30] audit: type=1326 audit(1718695690.945:4987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.942684][   T30] audit: type=1326 audit(1718695690.945:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.967218][   T30] audit: type=1326 audit(1718695690.955:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  538.992018][   T30] audit: type=1326 audit(1718695690.955:4990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  539.016254][   T30] audit: type=1326 audit(1718695690.955:4991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  539.095278][   T30] audit: type=1326 audit(1718695690.975:4992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  539.121185][   T30] audit: type=1326 audit(1718695690.975:4993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12063 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f569026ff29 code=0x7ffc0000
[  539.145865][T12073] overlayfs: missing 'lowerdir'
[  539.530442][T12113] overlayfs: missing 'lowerdir'
[  541.495724][T12129] overlayfs: statfs failed on './file0'
[  541.582000][T12137] incfs: Options parsing error. -22
[  541.595212][T12137] incfs: mount failed -22
[  541.743564][T12149] ------------[ cut here ]------------
[  541.759880][T12149] WARNING: CPU: 1 PID: 12149 at mm/page_alloc.c:5751 __alloc_pages+0x770/0x8f0
[  541.769198][T12152] loop4: detected capacity change from 0 to 1024
[  541.775727][T12149] Modules linked in:
[  541.779586][T12149] CPU: 0 PID: 12149 Comm: syz-executor.0 Tainted: G        W         5.15.149-syzkaller-00165-g85445b5a2107 #0
[  541.791756][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  541.801923][T12149] RIP: 0010:__alloc_pages+0x770/0x8f0
[  541.807345][T12149] Code: df e9 aa fb ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ba fb ff ff e8 5f 11 05 00 48 ba 00 00 00 00 00 fc ff df e9 a6 fb ff ff <0f> 0b 45 31 e4 e9 73 fc ff ff 48 8d 4c 24 40 80 e1 07 80 c1 03 38
[  541.828348][T12149] RSP: 0018:ffffc90000a87a20 EFLAGS: 00010246
[  541.834401][T12149] RAX: 0000000000000004 RBX: 0000000000040dc0 RCX: ffffc90000a87a03
[  541.842623][T12149] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000a87ab8
[  541.850576][T12149] RBP: ffffc90000a87b30 R08: dffffc0000000000 R09: ffffc90000a87a90
[  541.858859][T12149] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  541.867632][T12149] R13: 1ffff92000150f4c R14: 1ffff92000150f4e R15: 1ffff92000150f48
[  541.875757][T12149] FS:  00007fe6daa9c6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  541.884755][T12149] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  541.891612][T12149] CR2: 00007f39541b4b38 CR3: 00000001083d2000 CR4: 00000000003506b0
[  541.899838][T12149] Call Trace:
[  541.903150][T12149]  <TASK>
[  541.906053][T12149]  ? show_regs+0x58/0x60
[  541.910293][T12149]  ? __warn+0x160/0x2f0
[  541.914487][T12149]  ? __alloc_pages+0x770/0x8f0
[  541.919222][T12149]  ? report_bug+0x3d9/0x5b0
[  541.923706][T12149]  ? __alloc_pages+0x770/0x8f0
[  541.928647][T12149]  ? handle_bug+0x41/0x70
[  541.932920][T12149]  ? exc_invalid_op+0x1b/0x50
[  541.937616][T12149]  ? asm_exc_invalid_op+0x1b/0x20
[  541.942718][T12149]  ? __alloc_pages+0x770/0x8f0
[  541.947567][T12149]  ? prep_new_page+0x110/0x110
[  541.952339][T12149]  ? do_vfs_ioctl+0xbc1/0x2a80
[  541.957443][T12149]  ? memcpy+0x56/0x70
[  541.961426][T12149]  ? __x64_compat_sys_ioctl+0x90/0x90
[  541.966748][T12149]  kmalloc_order+0x4a/0x160
[  541.971298][T12149]  kmalloc_order_trace+0x1a/0xb0
[  541.976245][T12149]  __kmalloc+0x19c/0x270
[  541.981489][T12149]  input_mt_init_slots+0xcf/0xa50
[  541.986546][T12149]  ? mutex_lock_interruptible+0xb6/0x1e0
[  541.992286][T12149]  uinput_create_device+0x522/0x630
[  541.997552][T12149]  uinput_ioctl_handler+0xa63/0x16a0
[  542.002934][T12149]  ? uinput_release+0x50/0x50
[  542.007650][T12149]  ? selinux_file_ioctl+0x3cc/0x540
[  542.012848][T12149]  ? __fget_files+0x31e/0x380
[  542.017761][T12149]  uinput_ioctl+0x28/0x30
[  542.022359][T12149]  ? uinput_poll+0x120/0x120
[  542.027058][T12149]  __se_sys_ioctl+0x114/0x190
[  542.031746][T12149]  __x64_sys_ioctl+0x7b/0x90
[  542.036341][T12149]  do_syscall_64+0x3d/0xb0
[  542.040879][T12149]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  542.046898][T12149] RIP: 0033:0x7fe6db721f29
[  542.051388][T12149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  542.071155][T12149] RSP: 002b:00007fe6daa9c0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  542.079589][T12149] RAX: ffffffffffffffda RBX: 00007fe6db858f80 RCX: 00007fe6db721f29
[  542.088059][T12149] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003
[  542.096029][T12149] RBP: 00007fe6db791074 R08: 0000000000000000 R09: 0000000000000000
[  542.104200][T12149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  542.113639][T12149] R13: 000000000000000b R14: 00007fe6db858f80 R15: 00007ffc2ad5d4e8
[  542.121822][T12149]  </TASK>
[  542.124790][T12149] ---[ end trace be4a27ddd0b0997c ]---
[  542.135587][T12152] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  542.161988][T12152] EXT4-fs (loop4): barriers disabled
[  542.194867][T12152] JBD2: no valid journal superblock found
[  542.207495][T12152] EXT4-fs (loop4): error loading journal
[  542.226145][T12165] syz-executor.2[12165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  542.226305][T12165] syz-executor.2[12165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  543.444084][T12183] loop2: detected capacity change from 0 to 512
[  543.461964][T12181] overlayfs: statfs failed on './file0'
[  543.548336][T12183] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  543.560414][T12183] ext4 filesystem being mounted at /root/syzkaller-testdir2150021487/syzkaller.HMCL0o/62/file0 supports timestamps until 2038 (0x7fffffff)
[  543.583572][T12183] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents
[  543.596173][T12183] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error
[  543.609669][T12183] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents
[  543.622247][T12183] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error
[  543.649491][T12183] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  543.704744][T12196] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  543.735408][T12196] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  543.815139][  T333] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  543.843668][T12207] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  543.881839][T12209] loop2: detected capacity change from 0 to 1024
[  543.949715][T12209] EXT4-fs (loop2): dax option not supported
[  544.011607][T12222] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[  544.145555][T12233] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  544.175347][  T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.195748][  T333] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.224708][  T333] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  544.252931][  T333] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.264000][  T333] usb 2-1: config 0 descriptor??
[  544.342869][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  544.342904][   T30] audit: type=1326 audit(1718695696.425:5017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  544.377193][   T30] audit: type=1326 audit(1718695696.425:5018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  545.973378][   T30] audit: type=1326 audit(1718695696.425:5019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  546.017665][   T30] audit: type=1326 audit(1718695696.445:5020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  546.044358][   T30] audit: type=1326 audit(1718695696.445:5021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  546.085082][   T30] audit: type=1326 audit(1718695696.445:5022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  546.115739][   T30] audit: type=1326 audit(1718695696.465:5023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39540abf29 code=0x7ffc0000
[  546.149442][   T30] audit: type=1326 audit(1718695696.465:5024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f39540a96a7 code=0x7ffc0000
[  546.196737][   T30] audit: type=1326 audit(1718695696.465:5025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f395406f379 code=0x7ffc0000
[  546.221623][   T30] audit: type=1326 audit(1718695696.465:5026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12240 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f39540a96a7 code=0x7ffc0000
[  546.250809][  T333] hid-thrustmaster 0003:044F:B65D.0038: unknown main item tag 0x0
[  546.260785][T12253] netlink: 'syz-executor.4': attribute type 16 has an invalid length.
[  546.270437][  T333] hid-thrustmaster 0003:044F:B65D.0038: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.1-1/input0
[  546.291093][  T333] hid-thrustmaster 0003:044F:B65D.0038: Wrong number of endpoints?
[  546.381877][T12262] fscrypt (sda1, inode 1974): Can't use IV_INO_LBLK_32 policy on filesystem 'sda1' because it doesn't have stable inode numbers
[  546.473750][T12257] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  546.525741][T12192] UDC core: couldn't find an available UDC or it's busy: -16
[  546.532994][T12192] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  546.551231][T12192] UDC core: couldn't find an available UDC or it's busy: -16
[  546.564734][T12192] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  546.586528][  T820] usb 2-1: USB disconnect, device number 32
[  546.595013][    C0] hid-thrustmaster 0003:044F:B65D.0038: URB to get model id failed with error -2
[  547.293162][T12275] overlayfs: missing 'lowerdir'
[  547.361268][T12278] loop0: detected capacity change from 0 to 512
[  548.300841][T12278] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  548.319088][T12278] ext4 filesystem being mounted at /root/syzkaller-testdir3165260272/syzkaller.LETrDW/89/file0 supports timestamps until 2038 (0x7fffffff)
[  548.383722][T12278] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents
[  548.408006][T12278] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error
[  548.420478][T12278] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents
[  548.433320][T12278] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz-executor.0: mark_inode_dirty error
[  548.469206][T12278] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  548.482689][T12295] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  548.503604][T12278] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  548.555634][T12278] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  548.845044][   T20] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  549.965365][T12327] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  549.975276][   T20] usb 2-1: Using ep0 maxpacket: 32
[  550.005216][  T333] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  550.012748][ T8345] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  550.082859][T12331] fuse: Bad value for 'fd'
[  550.188457][T12339] device syzkaller0 entered promiscuous mode
[  550.275197][   T20] usb 2-1: New USB device found, idVendor=257a, idProduct=260c, bcdDevice=a6.30
[  550.284236][   T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.292402][   T20] usb 2-1: Product: syz
[  550.296574][   T20] usb 2-1: Manufacturer: syz
[  550.301027][   T20] usb 2-1: SerialNumber: syz
[  550.307950][   T20] usb 2-1: config 0 descriptor??
[  550.385343][  T333] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  550.394372][  T333] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.403602][  T333] usb 5-1: config 0 descriptor??
[  550.408661][ T8345] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.419597][ T8345] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.429740][ T8345] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  550.438875][ T8345] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.447955][ T8345] usb 3-1: config 0 descriptor??
[  550.547505][  T935] usb 2-1: USB disconnect, device number 33
[  550.927322][ T8345] hid-thrustmaster 0003:044F:B65D.0039: unknown main item tag 0x0
[  550.942046][ T8345] hid-thrustmaster 0003:044F:B65D.0039: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[  550.964092][ T8345] hid-thrustmaster 0003:044F:B65D.0039: Wrong number of endpoints?
[  551.196301][T12320] UDC core: couldn't find an available UDC or it's busy: -16
[  551.207163][T12320] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  551.231182][T12320] UDC core: couldn't find an available UDC or it's busy: -16
[  551.245052][T12320] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  551.264085][  T935] usb 3-1: USB disconnect, device number 22
[  551.275034][    C0] hid-thrustmaster 0003:044F:B65D.0039: URB to get model id failed with error -2
[  551.291298][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  551.291333][   T30] audit: type=1400 audit(1718695703.375:5089): avc:  denied  { search } for  pid=12375 comm="syz-executor.3" name="/" dev="configfs" ino=12410 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  551.293404][T12376] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  551.565508][   T45] Bluetooth: hci0: Frame reassembly failed (-84)
[  551.615274][  T333] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  551.625757][  T333] asix: probe of 5-1:0.0 failed with error -71
[  551.633456][  T333] usb 5-1: USB disconnect, device number 22
[  551.968805][T12419] sit: Dst spoofed 0.0.0.0/2002::bfd8:a5dd -> 224.0.0.1/2002:c021:42c4:3911:45ba:dd28:fd7f:ffc
[  552.177767][T12422] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'.
[  552.438648][T12445] /dev/loop0: Can't open blockdev
[  552.525218][  T820] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  552.675046][  T316] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  552.765196][  T935] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  552.885517][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.904682][  T820] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  552.923547][  T820] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  552.933341][  T820] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.943934][  T820] usb 2-1: config 0 descriptor??
[  552.997017][T12488] SELinux:  Context d is not valid (left unmapped).
[  553.004421][   T30] audit: type=1400 audit(1718695705.085:5090): avc:  denied  { create } for  pid=12487 comm="syz-executor.2" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.026459][   T30] audit: type=1400 audit(1718695705.095:5091): avc:  denied  { write } for  pid=12487 comm="syz-executor.2" name="file1" dev="sda1" ino=1953 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.035389][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  553.055264][   T30] audit: type=1400 audit(1718695705.095:5092): avc:  denied  { rename } for  pid=12487 comm="syz-executor.2" name="file0" dev="sda1" ino=1949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.081682][  T316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  553.088642][   T30] audit: type=1400 audit(1718695705.095:5093): avc:  denied  { reparent } for  pid=12487 comm="syz-executor.2" name="file0" dev="sda1" ino=1949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.118244][   T30] audit: type=1400 audit(1718695705.095:5094): avc:  denied  { add_name } for  pid=12487 comm="syz-executor.2" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.118950][  T316] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  553.140395][   T30] audit: type=1400 audit(1718695705.105:5095): avc:  denied  { rmdir } for  pid=11264 comm="syz-executor.2" name="file0" dev="sda1" ino=1949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="d"
[  553.149616][  T935] usb 1-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  553.184323][  T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.195045][  T935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.203102][T12477] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.212011][  T935] usb 1-1: config 0 descriptor??
[  553.217309][T12477] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.224819][  T316] usb 5-1: config 0 descriptor??
[  553.230921][T12477] device bridge_slave_0 entered promiscuous mode
[  553.239560][T12477] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.246927][T12477] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.255270][T12477] device bridge_slave_1 entered promiscuous mode
[  553.430381][T12477] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.437280][T12477] bridge0: port 2(bridge_slave_1) entered forwarding state
[  553.444472][T12477] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.451460][T12477] bridge0: port 1(bridge_slave_0) entered forwarding state
[  553.513060][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  553.523098][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.531104][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.557930][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  553.566759][  T337] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.573648][  T337] bridge0: port 1(bridge_slave_0) entered forwarding state
[  553.581793][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  553.590274][  T337] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.597176][  T337] bridge0: port 2(bridge_slave_1) entered forwarding state
[  553.620162][  T612] device bridge_slave_1 left promiscuous mode
[  553.627667][  T612] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.636056][  T612] device bridge_slave_0 left promiscuous mode
[  553.642110][  T612] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.651926][  T612] device veth1_macvtap left promiscuous mode
[  553.657950][  T612] device veth0_vlan left promiscuous mode
[  553.720670][  T316] hid-thrustmaster 0003:044F:B65D.003B: unknown main item tag 0x0
[  553.739042][  T316] hid-thrustmaster 0003:044F:B65D.003B: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0
[  553.763568][  T316] hid-thrustmaster 0003:044F:B65D.003B: Wrong number of endpoints?
[  553.806167][  T820] usb 2-1: string descriptor 0 read error: -71
[  553.826727][  T820] uclogic 0003:256C:006D.003A: failed retrieving string descriptor #200: -71
[  553.839634][  T820] uclogic 0003:256C:006D.003A: failed retrieving pen parameters: -71
[  553.850009][T12504] loop2: detected capacity change from 0 to 40427
[  553.850541][  T820] uclogic 0003:256C:006D.003A: failed probing pen v2 parameters: -71
[  553.865482][  T820] uclogic 0003:256C:006D.003A: failed probing parameters: -71
[  553.872884][  T820] uclogic: probe of 0003:256C:006D.003A failed with error -71
[  553.882809][  T820] usb 2-1: USB disconnect, device number 34
[  553.896435][T12504] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  553.904195][T12504] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  553.921045][T12504] F2FS-fs (loop2): Found nat_bits in checkpoint
[  554.013245][T12504] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  554.031816][T12504] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  554.039058][T12504] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  554.039921][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  554.054865][T12441] UDC core: couldn't find an available UDC or it's busy: -16
[  554.062322][T12441] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  554.070385][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  554.078983][T12441] UDC core: couldn't find an available UDC or it's busy: -16
[  554.079854][T12504] attempt to access beyond end of device
[  554.079854][T12504] loop2: rw=2049, want=45224, limit=40427
[  554.097697][T12441] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  554.105024][   T20] usb 5-1: USB disconnect, device number 23
[  554.115051][    C1] hid-thrustmaster 0003:044F:B65D.003B: URB to get model id failed with error -71
[  554.132882][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  554.143460][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  554.147493][T11264] f2fs_fill_dentries: 4 callbacks suppressed
[  554.147527][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.157380][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.158195][T12477] device veth0_vlan entered promiscuous mode
[  554.164809][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.164846][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.173310][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  554.184993][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.187000][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  554.192968][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.202679][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  554.207870][T11264] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix.
[  554.240418][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  554.269986][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  554.274259][ T9488] attempt to access beyond end of device
[  554.274259][ T9488] loop2: rw=1, want=45232, limit=40427
[  554.279271][ T8345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  554.301148][T12477] device veth1_macvtap entered promiscuous mode
[  554.330952][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  554.347449][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  554.360826][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  554.388522][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  554.397611][  T337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  554.439446][ T9488] Bluetooth: hci0: Frame reassembly failed (-84)
[  554.515157][  T935] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  554.535491][  T935] asix: probe of 1-1:0.0 failed with error -71
[  554.545144][  T935] usb 1-1: USB disconnect, device number 26
[  554.775256][T12536] incfs: Error accessing: ./file0.
[  554.780358][T12536] incfs: mount failed -20
[  555.915211][  T820] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  556.040310][T12569] incfs: Error accessing: ./file0.
[  556.046272][T12569] incfs: mount failed -20
[  556.096743][   T30] audit: type=1400 audit(1718695708.185:5096): avc:  denied  { connect } for  pid=12576 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  556.271326][T12596] incfs: Error accessing: ./file0.
[  556.277258][T12596] incfs: mount failed -20
[  556.295208][  T820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  556.311077][  T820] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  556.475606][  T820] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99
[  556.489016][  T820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.497269][  T820] usb 4-1: Product: syz
[  556.501469][  T820] usb 4-1: Manufacturer: syz
[  556.506718][  T820] usb 4-1: SerialNumber: syz
[  556.514167][  T820] usb 4-1: config 0 descriptor??
[  556.535221][  T935] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  556.575864][T12623] incfs: Error accessing: ./file0.
[  556.580930][T12623] incfs: mount failed -20
[  556.847078][T12649] loop3: detected capacity change from 0 to 512
[  556.913138][T12651] incfs: Error accessing: ./file0.
[  556.928682][T12651] incfs: mount failed -20
[  556.980239][T12649] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  557.003140][T12658] loop2: detected capacity change from 0 to 512
[  557.013509][T12649] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #16: comm syz-executor.3: invalid indirect mapped block 83886080 (level 1)
[  557.028033][T12649] EXT4-fs (loop3): Remounting filesystem read-only
[  557.035678][  T935] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  557.048256][T12649] EXT4-fs (loop3): 1 orphan inode deleted
[  557.053896][T12649] EXT4-fs (loop3): 1 truncate cleaned up
[  557.061521][T12658] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  557.070455][T12658] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  557.081541][T12649] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000000000,block_validity,quota,. Quota mode: writeback.
[  557.781361][T12658] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  557.790908][T12658] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  557.798940][T12658] System zones: 0-2, 18-18, 34-34
[  557.805732][T12658] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  557.821296][T12658] EXT4-fs (loop2): 1 truncate cleaned up
[  557.826837][T12658] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  558.011033][  T820] snd-usb-audio: probe of 4-1:0.0 failed with error -12
[  558.019468][  T935] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.029335][  T820] usb 4-1: USB disconnect, device number 27
[  558.038604][  T935] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  558.047686][  T935] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.056895][  T935] usb 1-1: config 0 descriptor??
[  558.198015][T12669] EXT4-fs error (device loop2): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.2: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  558.878583][  T935] lg-g15 0003:046D:C222.003C: item fetching failed at offset 10/11
[  558.894478][  T935] lg-g15: probe of 0003:046D:C222.003C failed with error -22
[  559.070939][T12682] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[  559.095425][  T351] usb 1-1: USB disconnect, device number 27
[  559.757667][T12711] loop3: detected capacity change from 0 to 512
[  559.807049][T12711] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  559.820915][T12719] input: syz0 as /devices/virtual/input/input57
[  559.825113][T12711] ext4 filesystem being mounted at /root/syzkaller-testdir1511091431/syzkaller.pixXOU/11/file0 supports timestamps until 2038 (0x7fffffff)
[  560.496940][T12736] loop0: detected capacity change from 0 to 512
[  560.504337][   T30] audit: type=1400 audit(1718695712.485:5097): avc:  denied  { remount } for  pid=12728 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  560.531844][T12736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  560.640395][T12736] EXT4-fs (loop0): 1 orphan inode deleted
[  560.646134][T12736] EXT4-fs (loop0): 1 truncate cleaned up
[  560.651736][T12736] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback.
[  560.966140][T12740] netem: change failed
[  561.652546][T12774] device veth0_to_bridge entered promiscuous mode
[  561.675147][T12774] device macsec1 entered promiscuous mode
[  561.683772][T12774] device veth0_to_bridge left promiscuous mode
[  561.717665][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  561.735070][  T351] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  561.886844][T12784] syz-executor.2[12784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  561.887002][T12784] syz-executor.2[12784] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  561.972794][T12681] loop1: detected capacity change from 0 to 131072
[  562.105305][  T351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.125055][  T351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.134693][  T351] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  562.165075][  T351] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.182355][  T351] usb 1-1: config 0 descriptor??
[  562.430535][T12803] device veth0_vlan left promiscuous mode
[  562.456244][T12803] device veth0_vlan entered promiscuous mode
[  562.586796][T12814] x_tables: unsorted underflow at hook 3
[  562.803308][T12820] syz-executor.3[12820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  562.803467][T12820] syz-executor.3[12820] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  562.899210][T12822] bridge1: the hash_elasticity option has been deprecated and is always 16
[  562.975153][  T351] usb 1-1: string descriptor 0 read error: -71
[  562.995213][  T351] uclogic 0003:256C:006D.003D: failed retrieving string descriptor #200: -71
[  563.009308][  T351] uclogic 0003:256C:006D.003D: failed retrieving pen parameters: -71
[  563.026441][  T351] uclogic 0003:256C:006D.003D: failed probing pen v2 parameters: -71
[  563.039985][T12831] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  563.050306][  T351] uclogic 0003:256C:006D.003D: failed probing parameters: -71
[  563.067528][  T351] uclogic: probe of 0003:256C:006D.003D failed with error -71
[  563.089440][  T351] usb 1-1: USB disconnect, device number 28
[  563.157142][T12833] loop3: detected capacity change from 0 to 512
[  563.206693][T12833] EXT4-fs (loop3): Ignoring removed bh option
[  563.236744][T12833] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #11614: comm syz-executor.3: iget: illegal inode #
[  563.255451][T12833] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 11614 err=-117
[  563.295935][T12833] EXT4-fs (loop3): 1 truncate cleaned up
[  563.308914][T12833] EXT4-fs (loop3): mounted filesystem without journal. Opts: bh,noinit_itable,debug_want_extra_isize=0x000000000000005e,barrier=0x0000000000000008,delalloc,noload,nojournal_checksum,,errors=continue. Quota mode: none.
[  563.412422][T12843] syz-executor.4[12843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  563.412586][T12843] syz-executor.4[12843] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  563.473799][T12847] loop4: detected capacity change from 0 to 512
[  563.525468][T12850] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  563.557231][T12847] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  563.577181][T12847] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz-executor.4: iget: bad i_size value: -67835469387268086
[  563.595124][T12847] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz-executor.4: couldn't read orphan inode 15 (err -117)
[  563.612263][T12847] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  563.629641][T12847] ext2 filesystem being mounted at /root/syzkaller-testdir3672247262/syzkaller.8e2Mvb/267/file0 supports timestamps until 2038 (0x7fffffff)
[  563.673687][T12862] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  563.773536][T12866] device veth0_vlan left promiscuous mode
[  563.780545][T12866] device veth0_vlan entered promiscuous mode
[  563.945049][  T333] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  563.965484][T12856] loop2: detected capacity change from 0 to 40427
[  564.021735][T12856] F2FS-fs (loop2): Mismatch valid blocks 0 vs. 6
[  564.028116][T12856] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[  564.300997][T12856] ªªªªªª: renamed from vlan0
[  564.315301][  T333] usb 5-1: config 0 has no interfaces?
[  564.409056][T12877] syz-executor.3[12877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.409228][T12877] syz-executor.3[12877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.423004][T12875] loop2: detected capacity change from 0 to 512
[  564.475216][  T333] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  564.486468][T12875] EXT4-fs (loop2): Ignoring removed bh option
[  564.505661][  T333] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.513575][  T333] usb 5-1: Product: syz
[  564.523791][  T333] usb 5-1: Manufacturer: syz
[  564.532842][T12875] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #11614: comm syz-executor.2: iget: illegal inode #
[  564.547569][  T333] usb 5-1: SerialNumber: syz
[  564.563695][  T333] usb 5-1: config 0 descriptor??
[  564.569031][T12875] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 11614 err=-117
[  564.591774][T12875] EXT4-fs (loop2): 1 truncate cleaned up
[  564.603153][T12875] EXT4-fs (loop2): mounted filesystem without journal. Opts: bh,noinit_itable,debug_want_extra_isize=0x000000000000005e,barrier=0x0000000000000008,delalloc,noload,nojournal_checksum,,errors=continue. Quota mode: none.
[  564.817653][T12890] syz-executor.0[12890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.817815][T12890] syz-executor.0[12890] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  564.831788][  T333] usb 5-1: USB disconnect, device number 24
[  564.849503][   T20] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  564.927833][T12893] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  566.023035][T12901] loop2: detected capacity change from 0 to 512
[  566.075103][T12901] EXT4-fs (loop2): Ignoring removed orlov option
[  566.095158][   T20] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  566.106074][   T20] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  566.116408][T12901] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  566.124165][T12901] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e11c, mo2=0002]
[  566.213110][T12901] EXT4-fs (loop2): orphan cleanup on readonly fs
[  566.286166][T12901] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  566.370627][T12901] EXT4-fs warning (device loop2): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  566.518520][T12901] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  566.592941][T12901] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 40: padding at end of block bitmap is not set
[  566.917584][T12901] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6153: Corrupt filesystem
[  566.995439][T12901] EXT4-fs (loop2): 1 truncate cleaned up
[  567.010568][T12912] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  567.019877][T12901] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,usrjquota=,noblock_validity,norecovery,bsdgroups,i_version,,errors=continue. Quota mode: writeback.
[  567.035830][   T20] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  567.045504][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  567.053384][   T20] usb 4-1: SerialNumber: syz
[  567.096561][   T30] audit: type=1400 audit(1718695719.185:5098): avc:  denied  { mounton } for  pid=12900 comm="syz-executor.2" path="/root/syzkaller-testdir2150021487/syzkaller.HMCL0o/138/file2/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  567.098022][T12901] fscrypt (loop2, inode 16): Error -61 getting encryption context
[  567.155104][   T30] audit: type=1400 audit(1718695719.185:5099): avc:  denied  { read } for  pid=12900 comm="syz-executor.2" name="file2" dev="overlay" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  567.205541][   T30] audit: type=1400 audit(1718695719.185:5100): avc:  denied  { read } for  pid=12900 comm="syz-executor.2" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  567.356673][   T20] usb 4-1: 0:2 : does not exist
[  567.376495][   T20] usb 4-1: USB disconnect, device number 28
[  568.777991][T12943] loop3: detected capacity change from 0 to 512
[  568.820256][T12945] loop0: detected capacity change from 0 to 512
[  568.836665][T12943] EXT4-fs (loop3): Ignoring removed orlov option
[  568.866851][T12945] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  568.875981][T12945] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  568.876670][T12943] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  568.904914][T12945] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  568.904930][T12943] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e11c, mo2=0002]
[  568.921851][T12945] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  568.930102][T12945] System zones: 0-2, 18-18, 34-34
[  568.946215][T12943] EXT4-fs (loop3): orphan cleanup on readonly fs
[  568.952483][T12943] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[  568.964463][T12945] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  568.980222][T12945] EXT4-fs (loop0): 1 truncate cleaned up
[  568.985138][T12943] EXT4-fs warning (device loop3): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  568.986171][T12945] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  569.015845][ T9488] device bridge_slave_1 left promiscuous mode
[  569.021992][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.036844][ T9488] device bridge_slave_0 left promiscuous mode
[  569.049481][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.065331][T12943] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  569.082116][ T9488] device veth1_macvtap left promiscuous mode
[  569.092478][T12943] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 40: padding at end of block bitmap is not set
[  569.147715][T12943] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6153: Corrupt filesystem
[  569.171853][T12943] EXT4-fs (loop3): 1 truncate cleaned up
[  569.183881][T12955] loop4: detected capacity change from 0 to 1024
[  569.193991][T12943] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,usrjquota=,noblock_validity,norecovery,bsdgroups,i_version,,errors=continue. Quota mode: writeback.
[  569.269948][T12955] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  569.299801][T12955] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,resgid=0x0000000000000000,norecovery,commit=0x0000000000000005,nombcache,,errors=continue. Quota mode: writeback.
[  569.452723][T12962] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #2: block 3: comm syz-executor.0: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  570.106221][T12943] fscrypt (loop3, inode 16): Error -61 getting encryption context
[  570.330665][   T30] audit: type=1400 audit(1718695722.415:5101): avc:  denied  { accept } for  pid=12971 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  570.371049][T12974] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  570.477328][T12940] bridge0: port 1(bridge_slave_0) entered blocking state
[  570.484240][T12940] bridge0: port 1(bridge_slave_0) entered disabled state
[  570.491968][T12989] loop0: detected capacity change from 0 to 1024
[  570.493410][T12940] device bridge_slave_0 entered promiscuous mode
[  570.520050][T12940] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.527292][T12940] bridge0: port 2(bridge_slave_1) entered disabled state
[  570.535467][T12940] device bridge_slave_1 entered promiscuous mode
[  570.558173][T12989] EXT4-fs (loop0): Ignoring removed orlov option
[  570.564553][T12989] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  570.593773][T12992] loop1: detected capacity change from 0 to 512
[  570.619199][T12992] EXT4-fs (loop1): Ignoring removed orlov option
[  570.646003][T12989] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  570.693910][T12992] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  570.735692][T12992] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e11c, mo2=0002]
[  570.744942][T12992] EXT4-fs (loop1): orphan cleanup on readonly fs
[  570.785689][T12989] EXT4-fs error (device loop0): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.0: corrupt xattr in inline inode
[  570.804388][T12992] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  570.812253][T12989] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.0: corrupted in-inode xattr
[  570.826753][T12992] EXT4-fs warning (device loop1): ext4_enable_quotas:6410: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  570.841456][T12992] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  570.848757][T12992] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 40: padding at end of block bitmap is not set
[  570.863859][T12992] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6153: Corrupt filesystem
[  570.886422][T12992] EXT4-fs (loop1): 1 truncate cleaned up
[  570.891950][T12992] EXT4-fs (loop1): mounted filesystem without journal. Opts: orlov,usrjquota=,noblock_validity,norecovery,bsdgroups,i_version,,errors=continue. Quota mode: writeback.
[  570.915948][T11198] ==================================================================
[  570.923884][T11198] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  570.926213][T12992] fscrypt (loop1, inode 16): Error -61 getting encryption context
[  570.931690][T11198] Read of size 4 at addr ffff888135d55000 by task syz-executor.0/11198
[  570.931757][T11198] 
[  570.949573][T11198] CPU: 1 PID: 11198 Comm: syz-executor.0 Tainted: G        W         5.15.149-syzkaller-00165-g85445b5a2107 #0
[  570.961118][T11198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  570.971016][T11198] Call Trace:
[  570.974143][T11198]  <TASK>
[  570.976910][T11198]  dump_stack_lvl+0x151/0x1b7
[  570.981429][T11198]  ? io_uring_drop_tctx_refs+0x190/0x190
[  570.986904][T11198]  ? panic+0x751/0x751
[  570.990822][T11198]  print_address_description+0x87/0x3b0
[  570.996188][T11198]  kasan_report+0x179/0x1c0
[  571.000528][T11198]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  571.005998][T11198]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  571.011466][T11198]  __asan_report_load4_noabort+0x14/0x20
[  571.016930][T11198]  ext4_xattr_delete_inode+0xcd0/0xce0
[  571.022236][T11198]  ? sb_end_intwrite+0x120/0x120
[  571.027002][T11198]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  571.032909][T11198]  ? ext4_journal_check_start+0x16c/0x230
[  571.038568][T11198]  ? __kasan_check_read+0x11/0x20
[  571.043422][T11198]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  571.049155][T11198]  ? ext4_evict_inode+0xb8d/0x14e0
[  571.054106][T11198]  ext4_evict_inode+0xea1/0x14e0
[  571.058993][T11198]  ? _raw_spin_unlock+0x4d/0x70
[  571.063691][T11198]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  571.069492][T11198]  ? _raw_spin_unlock+0x4d/0x70
[  571.074191][T11198]  ? inode_io_list_del+0x18b/0x1a0
[  571.079129][T11198]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  571.084861][T11198]  evict+0x2a3/0x630
[  571.088595][T11198]  iput+0x63b/0x7e0
[  571.092245][T11198]  vfs_rmdir+0x359/0x470
[  571.096318][T11198]  do_rmdir+0x3ab/0x630
[  571.100313][T11198]  ? d_delete_notify+0x160/0x160
[  571.105094][T11198]  __x64_sys_unlinkat+0xdf/0xf0
[  571.109771][T11198]  do_syscall_64+0x3d/0xb0
[  571.114033][T11198]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  571.119922][T11198] RIP: 0033:0x7fe6db721707
[  571.124183][T11198] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  571.143625][T11198] RSP: 002b:00007ffc2ad5a4d8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  571.151880][T11198] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fe6db721707
[  571.159683][T11198] RDX: 0000000000000200 RSI: 00007ffc2ad5b680 RDI: 00000000ffffff9c
[  571.167491][T11198] RBP: 00007fe6db77e6c6 R08: 0000000000000000 R09: 0000000000000000
[  571.175299][T11198] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffc2ad5b680
[  571.183114][T11198] R13: 00007fe6db77e6c6 R14: 000000000008b456 R15: 0000000000000008
[  571.190948][T11198]  </TASK>
[  571.193796][T11198] 
[  571.196049][T11198] The buggy address belongs to the page:
[  571.201528][T11198] page:ffffea0004d75540 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x135d55
[  571.211586][T11198] flags: 0x4000000000000000(zone=1)
[  571.216647][T11198] raw: 4000000000000000 ffffea0004e55c88 ffffea0004b9db88 0000000000000000
[  571.225069][T11198] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  571.233459][T11198] page dumped because: kasan: bad access detected
[  571.239715][T11198] page_owner tracks the page as freed
[  571.244919][T11198] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 12899, ts 565972137723, free_ts 567006815200
[  571.259511][T11198]  post_alloc_hook+0x1a3/0x1b0
[  571.264095][T11198]  prep_new_page+0x1b/0x110
[  571.268435][T11198]  get_page_from_freelist+0x3550/0x35d0
[  571.273830][T11198]  __alloc_pages+0x27e/0x8f0
[  571.278247][T11198]  shmem_alloc_and_acct_page+0x4bd/0xa80
[  571.283718][T11198]  shmem_getpage_gfp+0x1388/0x23c0
[  571.288664][T11198]  shmem_fault+0x1b8/0x6c0
[  571.292912][T11198]  __do_fault+0x273/0x300
[  571.297086][T11198]  handle_pte_fault+0x167b/0x24d0
[  571.301947][T11198]  do_handle_mm_fault+0x1ea9/0x23a0
[  571.306973][T11198]  __get_user_pages+0x379/0xee0
[  571.311671][T11198]  __mm_populate+0x38d/0x560
[  571.316090][T11198]  vm_mmap_pgoff+0x271/0x450
[  571.320515][T11198]  ksys_mmap_pgoff+0xed/0x1e0
[  571.325035][T11198]  __x64_sys_mmap+0x103/0x120
[  571.329546][T11198]  do_syscall_64+0x3d/0xb0
[  571.333804][T11198] page last free stack trace:
[  571.338314][T11198]  free_unref_page_prepare+0x7c8/0x7d0
[  571.343606][T11198]  free_unref_page_list+0x14b/0xa60
[  571.348651][T11198]  release_pages+0x1310/0x1370
[  571.353248][T11198]  __pagevec_release+0x84/0x100
[  571.357935][T11198]  shmem_undo_range+0x604/0x1560
[  571.362706][T11198]  shmem_evict_inode+0x215/0x9d0
[  571.367480][T11198]  evict+0x2a3/0x630
[  571.371212][T11198]  iput+0x63b/0x7e0
[  571.374854][T11198]  dentry_unlink_inode+0x34f/0x440
[  571.379817][T11198]  __dentry_kill+0x447/0x660
[  571.384229][T11198]  dentry_kill+0xc0/0x2a0
[  571.388392][T11198]  dput+0x45/0x80
[  571.391870][T11198]  __fput+0x662/0x910
[  571.395690][T11198]  ____fput+0x15/0x20
[  571.399505][T11198]  task_work_run+0x129/0x190
[  571.403931][T11198]  do_exit+0xc48/0x2ca0
[  571.407929][T11198] 
[  571.410091][T11198] Memory state around the buggy address:
[  571.415580][T11198]  ffff888135d54f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  571.423478][T11198]  ffff888135d54f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  571.431381][T11198] >ffff888135d55000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
2024/06/18 07:28:43 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  571.439266][T11198]                    ^
[  571.443182][T11198]  ffff888135d55080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  571.451087][T11198]  ffff888135d55100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  571.458966][T11198] ==================================================================
[  571.466861][T11198] Disabling lock debugging due to kernel taint