last executing test programs:

5m58.613232716s ago: executing program 32 (id=1321):
r0 = syz_clone(0x23000100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001080))
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x17, 0x0, 0x0)

5m49.913985582s ago: executing program 33 (id=1198):
r0 = getpgid(0x0)
r1 = gettid()
rt_tgsigqueueinfo(r0, r1, 0x0, &(0x7f00000002c0)={0x2c, 0x20000, 0x2})

5m47.033767954s ago: executing program 34 (id=1272):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, r1)

5m37.743768768s ago: executing program 35 (id=1633):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0\x00', &(0x7f0000000080)=@ethtool_test={0x4e}})
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000022000106"], 0x1c}], 0x1}, 0x0)

5m34.180854658s ago: executing program 36 (id=1487):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000008009b000040"])

5m33.527048697s ago: executing program 37 (id=1710):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rss_stat\x00', r0}, 0x18)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)

5m28.960080214s ago: executing program 38 (id=1784):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000000), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x6611, 0x0)

5m22.124909325s ago: executing program 39 (id=1991):
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f00000000c0)={[{@keep_last_dots}, {@discard}, {@umask={'umask', 0x3d, 0x4ee5}}, {@discard}, {@namecase}, {@fmask={'fmask', 0x3d, 0x2}}, {}, {@allow_utime={'allow_utime', 0x3d, 0x12}}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x3, 0x1507, &(0x7f0000000440)="$eJzs3Au8TtXWMPAx5pyLTdKT5JY55lg8yWWSJLkk5JIkSZIkJCRJkoTkllsSkpB7yD0kt9jJ/X6/J8mRJElISDK/n+q8zvl6z1ffe873ec+7x//3W3vPsdca45lrjb2fdfntvb9pN7By3SoVajMz/FPw109dASAFAPoAwDUAEAFA8SzFs1xan0Fj13/uRcS/1kNTr/QMxJUk/U/bpP9pm/Q/bZP+p23S/7RN+p+2Sf/TNum/EGnZlmk5r5Ul7S5//vm/+z+vluf//4bk/P8/1p/6SZP+p23S/7RN+p+2Sf/TNul/2ib9T9uk/2mb9F+ItOxKP3/+N1j+eqj+cNsrezyj/1LeFf3mE0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRZpwLlxkA+Ov4Ss9LCCGEEEIIIYQQ/zoh/ZWegRBCCCGEEEIIIf7fQwCjwUAE6SA9pEAGyAhXQSa4GjLDNZCAayELXAdZ4XrIBtkhB+SEXHAD5AYLBA4YYsgDeSEJN0I+uAnyQwEoCIXAQ2EoAjdDUbgFisGtUBxmLwS4HUpCKSgNZeAOKAt3QjkoDxXgLqgIlaAyVIG7oSrcA9XgXqgO90ENuB9qwgNQCx6E2vAQ1IGHoS48AvXgUagPj0EDaAiN/kv5L0EneBk6QxfoCt2gO7wCPaAn9ILe0Adehb7wGvSD16E/DICB8AYMgjdhMLwFQ2AoDIO3YTiMgJEwCkbDGBgL78A4GA8T4F2YCJNgMkyBqTANpsN7MANmwix4H2bDBzAH5sI8mA8L4ENYCIsgFT6CxfAxLIGlsAyWwwpYCatgNayBtbAO1sMG2AibYDNsga2wDbbDDtgJu2B3+T3wCeyFT2EffAb74fP/y/yz8Pf57REQUKFCgwbTYTpMwRTMiBkxE2bCzJgZE5jALJgFs2JWzIbZMAfmwFyYC3NjbiQkZGTMg3kwiUnMh/kwP+bHglgQPXosgkWwKN6CxbAYFsfiWAJLYEkshaWwDJbBslgWy2E5rHD7XACsiJWxMt6Nd+M9WA2rYXWsjjWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbABNsJG2BgbYxNsgs2wGTbH5tgCW2BLbImtsBW2xtbYBttgW2yL7bAdtscO2AFfwpfwZXwZu2BF1Q27Y3fsgT2wF/bG3vgq9sXX8DV8HfvjAByIb+Ab+CYOxjM4BIfiMByGZdUIHImjkNUYHItjcRyOwwk4ASfiJJyEU3AqTsPpOB1n4Eycie/jbPwAP8C5OBfn4wJcgAtxEaZiKi7Gs7gEl+IyXI4rcCWuwNW4BlfjOlyP63AjbsTNuBm34lbcjttxJ+7E3bgbP8FP8FP8FPvjftyPB/AAHsSDeAgP4WE8jEfwyNarAPAYHsPjeBxP4Ek8hSfxNJ7GM3gWz+E5PI/n8QK+kOurOrsLrO0P6hKjjEqn0qkUlaIyqowqk8qkMqvMKqESKovKorKqrCqbyqZyqBwql8qlcqvcihQpVrHKo/KopEqqfCqfyq/yq4KqoPLKqyKqiCqqiqpiqpgqrm5TJdTtqqQqpZr6MqqMKqua+XKqvKqgKqiKqpKqrKqoKqqqqqqqqWqquqquaqgaqqZ6QNVS3bAXPqQudaauGoD11ECsrx5TDVRD9SY+rhqrwdhENVXN1JNqKA7BFqqxb6meUa3USGytnlOj8HnVVo3BdupF1V51UB3VS6qTauI7qy5qInZT3dUU7KF6ql6qt5qBldSljlVWr6v+aoAaqN5Q8/FNNVi9pYaooWqYelsNVyPUSDVKjVZj1Fj1jhqnxqsJ6l01UU1Sk9UUNVVNU9PVe2qGmqlmqffVbPWBmqPmqnlqvlqgPlQL1SKVqj5Si9XHaolaqpap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL2qq2qe1qh9qpdqndao/6RO1Vn6p96jO1X32uDqi/qIPqC3VIfakOq6/UEfW1Oqq+UcfUt+q46qJOqJPqlPpenVY/qDPqrDqnflTn1U/qgvpZXVRBgUattNZGRzqdTq9TdAadUV+lM+mrdWZ9jU7oa3UWfZ3Oqq/X2XR2nUPn1Ln0DTq3tpq006xjnUfn1Ul9o86nb9L5dQFdUBfSXhfWRfTNuqi+RRfTt+ri+jZdQt+uS+pSurQuo+/QZfWdupwuryvou3RFXUlX1lX03bqqvkdX0/fq6vo+XUPfr2vqB3Qt/aCurR/SdfTDuq5+RNfTj+r6Ovrt/PW4bqyf0E10U91MP6mb66d0C/20bqmf0a30s7q1fk630c/rtvoF3U6/qNvrDrqj/llf1EF31l10V91Nd9ev6B66p+6le+s++lXdV7+m++nXdX89QA/Ub+hB+k09WL+lh+iheph+Ww/XI/RIPUqP1mP0WP2OHqfH6wn6XT1RT9KT9RQ9VU/TvX6rNOtP5I//T/L7/fLqm/UWvVVv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+ov9en9Q/6jD6rz+of9Xl9Xl/47RiAQaOMNsZEJp1Jb1JMBpPRXGUymatNZnONSZhrTRZznclqrjfZTHaTw+Q0ucwNJrexhowzbGKTx+Q1SXOjyWduMvlNAVPQFDLeFDZFzM3/dP4/mN/yyb823zQyjUxj09g0MU1MM9PMNDfNTQvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U1H09F0Mp1MZwTT1XQ13c0rpofpaXqZ3qaPedX0NX1NP9PP9Df9zUAz0Awyg8xgM9gMMUOMAYDhZrgZaUaa0Wa0GWvGmnFmnJlgJpiJZqKZbCabqWaqmW6mmxlmhpllZpnZZraZY+aYeWaeWWAWmIVmoUk1qWaxWWyWmKVmqVlulpuVZqVZbVabtWatWW/Wm41mo1litpgtZpvZZnaYHWaX2WX2mD1mr9lr9pl9Zr/Zbw6YA+agOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmlDllTpvT5ow5Y86Zc+a8OW8umAvmorl46bIvUpGKTGSidFG6KCVKiTJGGaNMUaYoc5Q5SkSJKEuUJcoaXR9li7JHOaKcUa7ohih3ZCOKXMRRHOWJ8kbJ6MYoX3RTlD8qEBWMCkU+KhwViW6Oika3RMWiW6Pi0W1Riej2qGRUKiodlYnuiMpGd0blovJRheiuqGJUKaocVYnujqpG90TVonuj6tF9UY3o/qhm9EBUK3owqh09FNWJHo7qRo9E9aJHo/rRY1GDqGHU6F9aP4Qz2Z/wnW0Xmx662e72FdvD9rS9bG/bx75q+9rXbD/7uu1vB9iB9g07yL5pB9u37BA71A6zb9vhdoQdaUfZ0XaMHWvfsePseDvBvmsn2kl2sp1ip9ppdrp9z86wM+0s+76dbT+wc+xcO8/Otwvsh3ahXWRT7Ud2sf3YLrFL7TK73K6wK+0qu9qusWvtOrvebrAb7Sa72W6xW+02u93usDvtLrvb7rGf2L32U7vPfmb328/tAZvy2/vjl/aw/coesV/bo/Ybe8x+a4/b7+wJe9Kest/b0/YHe8aetefsj/a8/clesD/bizZcuri/dHonQ4bSUTpKoRTKSBkpE2WizJSZEpSgLJSFslJWykbZKAfloFyUi3JTbrqEiSkP5aEkJSkf5aP8lJ8KUkHy5KkIFaGiVJSKUTEqTsWpBJWgklSSSlNpuoPuoDvpTipP5ekuuosqUSWqQlWoKlWlalSNqlN1qkE1qCbVpFpUi2pTbapDdagu1aV6VI/qU/2zv/0KMzWmxtSEmlAzakbNqTm1oBbUklpSK2pFrak1taE21JbaUjtqR+2pPXWkjtSJOlFn6kxdqSt1p+7Ug3pQL+pFfagP9aW+1I/6UX/qTwNpIA2iQTSYBtMQGkrD6G0aTiNoJI2i0TSGxtJYGkfjaAJNoIk0kSbTZJpKU2k6TacZNINm0SyaTbNpDs2heTSPFtACWkgLKZVSaTEtpiW0hJbRMlpBK2gVraI1tIbW0TraQBtoE22iLbSFttE22kE7aBftoj20h/bSXtpH+2g/7acDdIAO0kE6RIfoMB2mI3SEjtJROkbH6DgdpxN0gk7RKTpNp+kMnaFzdI7O0090gX6mixQoxWVwGd1VLpO72mV217j/Pc7hcrpc7gaX21mXzWX/u5icc/ldAVfQFXLeFXZF3M2/i0u6Uq60K+PucGXdna7c7+Kqa3b82kV3n6vi7nZV3T2umrvXVXf3uRruflfTPeJquUddbfeYq+MaurruEVfPPerqu8dcA9fQNXdPuRbuadfSPeNauWd/Fy90i9wat9atc+vdXvepO+d+dEfdN+68+8l1dl1cH/eq6+tec/3c666/G/C7eJh72w13I9xIN8qNdmN+F092U1wGN81Nd++5GW7mL/HUv4kXuA/dbJfq5ri5bp6b/0t8aU6p7iO32H3slrilbplb7la4lW6VW/0fc13uNrpNbrPb4z5x29x2t8PtdLvc7l/iS/uxz33m9rvP3RH3tTvovnCH3DF32H31S3xp/465b91x95074U66U+57d9r94M64s7/s/6V9/9797C664ICRFWs2HHE6Ts8pnIEz8lWcia/mzHwNJ/hazsLXcVa+nrNxds7BOTkX38C52TKxY+aY83BeTvKNnI9v4vxcgAtyIfZcmIvwzVyUb+FifCsX59u4BN/OJbkUl+YyfAeX5Tu5HJfnCnwXV+RKXJmr8N1cle/hanwvV+f7uAbfzzX5Aa7FD3Jtfojr8MNclx/hevwo1+fHuAE35Eb8ODfmJ7gJN+Vm/CQ356e4BT/NLfkZbsXPcmt+jtvw89yWX+B2/CK35w7ckV/iTvwyd+Yu3JW7cXd+hXtwT+7FvbkPv8p9+TXux69zfx7AA/kNHsRv8mB+i4fwUB7Gb/NwHsEjeRSP5jE8lt/hcTyeJ/C7PJEn8WSewlN5Gk/n93gGz+RZ/D7P5g94Ds/leTyfF/CHvJAXcSp/xIv5Y17CS3kZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJbeRtvZ+SdvIt38x7+hPfyp7yPP+P9/Dkf4L/wQf6CD/GXfJi/4iP8NR/lb/gYf8vH+Ts+wSf5FH/Pp/kHPsNn+Rz/yOf5J77AP/NFDgwxxirWsYmjOF2cPk6JM8QZ46viTPHVceb4mjgRXxtnia+Ls8bXx9ni7HGOOGecK74hzh3bmGIXcxzHeeK8cTK+Mc4X3xTnjwvEBeNCsY8Lx0Xim+Oi8S1xsfjWuHh8W1wivj0uGZeKH7mvTHxHXDa+My4Xl48rxHfFFeNKceW4Snx3XDW+J64W3xtXj++Li8X3xzXjB+Ja8YNx7fihuE78cFw3fiSuFz8a148fixvEDeNG8eNx4/iJuEncNG4WPxk3j5+KW8RPxy3jZ+JW8bN/uL5r3C3uHr8SvxKHcK+el5yfXJD8MLkwuSiZmvwouTj5cXJJcmlyWXJ5ckVyZXJVcnVyTXJtcl1yfXJDcmNyU3JzMoQq6cGjV1574yOfzqf3KT6Dz+iv8pn81T6zv8Yn/LU+i7/OZ/XX+2w+u8/hc/pc/gaf21tP3nn2sc/j8/qkv9Hn8zf5/L6AL+gLee8L+yK+oW/kG/nG/gnfxDf1zfyT/kn/lH/KP+2f9s/4Vv5Z39o/59v4531b/4J/wb/o2/sOvqN/yXfyL4fgu/iuvqvv7rv7Hr6H7+V7+T6+j+/r+/p+vp/v7/v7gX6gH+QH+cF+sB/ih/hhfpgf7of7kX6kH+1H+7F+rB/nx/kJfoKf6Cf6yX6yn+qn+ul+up/hZ/hZfpafnX+2n+Pn+Hl+nl/gF/iFfqFP9al+sV/sl/glfplf5lf4FX6VX+XX+DV+nV/nN/gNfpPf5Lf4LX6b3+Z3+B1+l9/l9/g9fq/f6/f5fX6/3+8P+APngj/oD/kv/WH/lT/iv/ZH/Tf+mP/WH/ff+RP+pD/lv/en/Q/+jD/rz/kf/Xn/k7/gf/YXffBjE+8kxiXGJyYk3k1MTExKTE5MSUxNTEtMT7yXmJGYmZiVeD8xO/FBYk5ibmJeYn5iQeLDxMLEokRq4qPE4sTHiSWJpYllieWJFYmViRBu2BaHPCFvSIYbQ75wU8gfCoSCoVDwoXAoEm4ORcMtoVi4NRQPt4US4fZQMpQKpcOjoX54LDQIDUOj8HhoHJ4ITULT0Cw8GZqHp0KL8HRoGZ4JrcKzoXV4LrQJz4e24YXQLrwY2ocOoWN4KXQKL4fOQYeuoVvoHl4JPULP0Cv0Dn3Cq6FveC30C6+H/mFAGBjeCIPCm2FweCsMCUPDsPB2GB5GhJFhVBgdxoSx4Z0wLowPE8K7YWKYFCaHKWFqmBamh/fCjDAzzArvh9nhgzAnzA3zwvywIHwYFoZFITV8FBaHj8OSsDQsC8sDpKwMq8LqsCasDevC+rAhbAybwuawJWwN28L2sCPsDLvC7rAnfBL2hk/DvvBZ2B8+DwfCX8LB8EU4FL4Mh8NX4Uj4OhwN34Rj4dtwPHwXToST4VT4PpwOP4Qz4Ww4F34M58NP4UL4OVyUv1kTQgghhPhTxv/B+m5/F6n/+Kh++0p3ALh6e87Df7uVBoAN2X4d91S5micA4Jku7R7661KxYteuXX/bdomGKO9cAEhczk8Hl+Ol0AyegpbQFIr+p/PrqTqc5z+on7wNIOPf5KTA5fhy/Vv+Qf0Rs/+w/lyA/Hkv52SAy/Hl+sV+Vzv6pX72xn9QP8MXYwGa/E1eJrgcX65fBJ6AZ6Hl320phBBCCCGEEEL8qqcq3eaP7m8v3Z/nMpdz0sPl+I/uz4UQQgghhBBCCHHlPd+h49OPt2zZtM0/GJT/x6tkkFYG6f57TOPffgDw32Iaf25wpd+ZhBBCCCGEEP9qly/6r/RMhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKItOv/x78Tu9L7KIQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQlxp/ysAAP//OOA13Q==")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x9)

5m14.072026043s ago: executing program 40 (id=2233):
r0 = io_uring_setup(0x17c7, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x2000003, 0x184})
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000001004000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)

5m13.646755352s ago: executing program 41 (id=2239):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009c02"])

4m41.479844623s ago: executing program 42 (id=3155):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = dup3(r1, r0, 0x0)
getsockname$packet(r2, 0x0, &(0x7f0000000fc0))

4m40.890865191s ago: executing program 43 (id=3168):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3590bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d080000000000000014f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bdd277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabaf18647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15283217e03d02a4054f34af3a65ef6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a62bc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b391b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815501681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add38a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889581c750c34586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba3572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7004757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11c39d6fdcf5926d6ad5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a038813f2bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa500a0000000000006a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x77359400}}, 0x0)

4m31.458285884s ago: executing program 44 (id=3468):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x800, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
syz_open_procfs(0xffffffffffffffff, 0x0)

4m30.520652152s ago: executing program 45 (id=3489):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x70bd28, 0x0, {0x7, 0x0, 0x0, r2, 0x86, 0xe6}, [@NDA_LLADDR={0xa, 0x2, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x40001}, 0x0)

4m8.911410542s ago: executing program 46 (id=4076):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000a40)={0x1, 0x0, [{0x40000001, 0x31237648, 0x8, 0x5, 0x3}]})

3m42.265744608s ago: executing program 47 (id=4794):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@bridge_dellink={0x34, 0x13, 0x5, 0x2, 0x0, {0x7, 0x0, 0x0, r2, 0x24100}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x2, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8, 0x7, 0x0, 0x0, 0x347}]}}]}]}, 0x34}}, 0x0)

3m32.951893032s ago: executing program 48 (id=5098):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f0000000900)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setxattr$security_selinux(&(0x7f0000000040)='./cgroup/pids.max\x00', &(0x7f0000000440), &(0x7f0000000140)='system_u:object_r:hald_log_t:s0\x00', 0x20, 0x1)

3m27.205746896s ago: executing program 49 (id=5228):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00')
write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0'}, 0xb)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, 0x0, 0x0)

3m25.318755221s ago: executing program 50 (id=5265):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b24df41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b318e2ec0e1a00897a74a0091ff110026e6d2ef831ab7ea0c34f17efd36ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0cb82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e1019c12a73748b049604fa72c64ed858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6e97180aabc18cae2ed4b4390af9a9ceafd07ed00b0000002cab154ad029a119ca3c972780870014601c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f4b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f19afc91b47683db01a469398685211bbae0e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bde792c88c5b8dcdcc22ee17476d738992533ac2a9b5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffffd7917f23837a6b24db0e067345560942fa629fbef2461c96a08707671315c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e48455b588b90dfae158b94f50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859ac8e3c177b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2498d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d4a3e1a9e90d76c1993e0799d4894ee7f8249dc1e342892129369ee1b85afa1a5be5f6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90501b0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355b17402a500587b603306a5af8d867d80a07f10b854b1c8c768c001496fa99ce5b5040be9194123e918914a71ad5a8521fb956dbc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c6775e19f0b7e70803000000b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989172a1bcd1e30280bc5867dd4e27b6ef206660090bb2164474cef378f97ca33fccf363361dcdba10c1547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2d7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aa0000000000000000532ff181c985f54b7ae20aa5e63055b4d6a36fa98a44e379d2bccf977c3e88538f406b598307c9912fb097601f3f88a2ea6fd1f9320cfe7f09aed4d1e72d26e5c7a93854c8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eafeffffffffffffff000000070000000000000000000000005333c6199c12dcd92689192727a7267c47cf897853d160100b39b613faefe16bd91fc105dddd77ab929b95032d3717fa9fbdc2bdc0e98ae2c3f23a6131e2879f0484ee3bfe30b92dd493be66c2242f8184733b80ba28e824910844df31f3d4bb2f89049c5f6d63956995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99a40b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc1758763f0000009c927da38d83314480b15e23eb8c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab602000000000000000000113a3065a478d1de98be3a66f6fbf68f2f5693050fa56db62e2f99cf916059ee36cdad078fc88d17cbde37a2270f90a60afe8548d4c579b09c333382c6e7a316ac03aa23d379836b96173a5541fa96c27e7fb6d2585d828aa330f3438d8487912bb7742be1502e706644f7a937451beb7a5f6ca3ef21e8cb8f841af6d54334d82a8b816b6daccf0c66162f897623ee325d714f9f10636a7573582ff31c7f9c6f767c806ef4af486cc19a5355bdc814cb5557c6fa6404179c865980b0815b907a7f268e97828c196f5ac033d395a217b4e1e45663023a0292003c36a3b7461fc2c8566e0f3f693bfacae26aa2b7d17962989ccb943633c080aacc9b7d311c251686fc66aa80bf41a5bf6cd72d5aa995820fb318fad61a79a61d0a969fd6018ac9f131fe02fe31d565723cbf9b63841e21417fc29a3e7a03886d80566ae001861799a4aad91c72139e681ced8625b675dfbd6d458d4b2d9e6d565430248172ad942cdb41639f4113896827c8806e049218cd1eef89d6b9b14dd707da40705c07f878263ff9b71ccf28ec50178c7aac83bef7bd10459e2f2e267f82bafd5b4c7b481ea5e4bcb6cfe05e2ac3e17c1f8f12ddf5b6770ce0da8cb3aba3a935a6b737b6d3ebf2c715dcc11c5759bd0acdecf333f2b77c52fb2251336bbd92f73ad1a30bb9162bd9d699c49d824b827f3e7c1096354946e09922db25904c83262c6dcb87457e4abefa0e9dcb17d79c173895b74aae2ed4419662690a16494e7b27d0d2688c69b4be3d21b783195f6a5e5dc5c07c73f0d0f0670db10ac9ef5b8295ff88df734e3c6ab8555c0390f962cbf559bce9c42e1034dba78997b2877b485d9d4ae2fcd3e757b84319879d0337785773c940af6e57d162f4606d101def01199325c8676a32e26303560271b720216d95e0013265a45b02bd2414bebda89b7b5e71e70e0000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x6, 0x3ff}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xfe, 0x10000000, &(0x7f0000000100)="b9ff03006044238cb89e14f088a81bff88a800008100630677fbac141442e934a0a662079f4b4dfe87e5feca6aab845013f288a81a3908020b098da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x6}, 0x2c)

3m16.991468368s ago: executing program 51 (id=5524):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000800100000000000001000000760000000e000000160000002a00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x158, 0x10, 0x133, 0x0, 0x0, {{@in=@loopback, @in6=@remote}, {@in, 0x0, 0x32}, @in6=@mcast2, {}, {}, {}, 0x0, 0x0, 0x2, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4543(rfc4106-gcm-aesni)\x00'}}}, @encap={0x1c, 0x16, {0x0, 0x0, 0x0, @in6=@private1}}]}, 0x158}}, 0x0)

2m25.224178894s ago: executing program 4 (id=7366):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010000d04269d70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002c0001000000080004"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2m25.188563514s ago: executing program 4 (id=7368):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0x7, &(0x7f0000000380)={0x5, 0x10}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd2(0x8000, 0x80001)

2m25.145250904s ago: executing program 4 (id=7370):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x2000)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000280)={0x3, 0x101, 0xfffd, 0x4}, 0xc)

2m25.109012824s ago: executing program 4 (id=7373):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f0000000300), 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000540)={[{@journal_checksum}, {@discard}, {@nomblk_io_submit}, {@test_dummy_encryption_v1}, {@commit={'commit', 0x3d, 0x5e}}, {@noblock_validity}, {@nodiscard}, {@sysvgroups}]}, 0x1, 0x263, &(0x7f0000000600)="$eJzs3T+IHGUYBvBnZmcTN1kkaiMIKoiIHhyxE2zWRiEgRxARVIiI2CiJEBPscp2NhdYqqWyCpDNaSiyCjSJYRU1xNoIeCh4WWqzsn4O7vVXvbm935Ob3g92Zuftm3neYeb6phg3QWCeS9JK0kiwlaScptg64f/Q5Md683LlxJun3n/m1GI4bbY9s7nc8yWqSx5JcL4u8ViUXr72w9sfNpx5650L7wY+uPd9Z6EmOra/denrjw5W3Pzn16MWvv/15pUgv3W3ndfCKKX+riuTOeRT7nyiqujtgN06/dfW7Qe7vSvLAMP/tlBldvHfPH7neziMf/NO+7/3yzT2L7BU4eP1+e/AMXO0DjVMm6aYol5OM1sv25tzwfetY+fq5828uvXruwtlX6p2ngIPTTW49+dnRT49P5P+nVlkuL9fdHTBPg/w/e/rKD4P1jVbd3QCLNMj/0kuXHo78Q+PIPxwOK/vYp9uTf2gqz384ZHq7Hyr/0FzyD80l/9Bc/5b/L2rqCVgMz39ort3l/8hCewIWY2v+AYBm6R+t+w1koC51zz8AAAAAAAAAAAAAAAAAAMBOlzs3zmx+5l+tGH5/+X6y/kSSqphSvzX8PeLktuH3sd+LVBNHqPZadnX75ov37f8Mpvptb8M/rvnt69t/rLf+V/fOuUBrYjnh0tlcHa6crKqd918xvv/2747/+H/75RkLzOjx5+qt/9eVGotXyambyeeD+efk1vmvMx5Q5u7hcvr80x1cvxlbeOPPGQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwvwdAAD//yidbmk=")
mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file1\x00', 0x80b0, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0)

2m24.947359024s ago: executing program 4 (id=7378):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
ustat(0x9, &(0x7f0000000100))

2m24.842030723s ago: executing program 4 (id=7387):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4})
fcntl$lock(r0, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7ae})
fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x2, 0x2, 0x7fff})

2m24.771701843s ago: executing program 52 (id=7387):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4})
fcntl$lock(r0, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x7ae})
fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x2, 0x2, 0x7fff})

1m48.194970591s ago: executing program 7 (id=8473):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r0}, 0x10)
readlink(0x0, 0x0, 0x0)

1m48.162374761s ago: executing program 7 (id=8476):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
process_mrelease(0xffffffffffffffff, 0x700000000000000)

1m48.108178431s ago: executing program 7 (id=8483):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000005bc0)={&(0x7f0000005c40)='sys_enter\x00', r1}, 0x18)
fadvise64(0xffffffffffffffff, 0x2, 0xfffffffffffffffc, 0x4)

1m48.058448611s ago: executing program 7 (id=8486):
syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00')

1m48.003570041s ago: executing program 7 (id=8493):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000180)=0xffff7b6e, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f00000001c0)=0x7, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000280)=""/33, &(0x7f0000000240)=0x21)

1m47.89506182s ago: executing program 7 (id=8498):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x5c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4000}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xaa, 0x0, 0x7, 0x7, 0x1, 0x1, 0xfffffffe}}, {0x4}}]}]}, 0x5c}}, 0x0)

1m47.87036822s ago: executing program 53 (id=8498):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x5c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4000}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xaa, 0x0, 0x7, 0x7, 0x1, 0x1, 0xfffffffe}}, {0x4}}]}]}, 0x5c}}, 0x0)

1m36.277737528s ago: executing program 6 (id=8889):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)

1m36.264847728s ago: executing program 6 (id=8891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r0}, &(0x7f0000000080)=0x20, &(0x7f0000000280)=r1}, 0x20)

1m36.214816398s ago: executing program 6 (id=8895):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xd000, 0x1000, &(0x7f000000f000/0x1000)=nil})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f000000f000/0x2000)=nil})

1m36.035459217s ago: executing program 6 (id=8906):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x1)

1m35.963121237s ago: executing program 6 (id=8910):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @tracing, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x0, 0xed00}, 0x92f5e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)

1m35.914009277s ago: executing program 6 (id=8912):
socket$inet6(0xa, 0x2, 0x3a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0xfffffffffffffffc, 0x0, 0x0, 0x1000000000}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x3c}, 0xa, @in6=@remote, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x1001}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

1m35.810734817s ago: executing program 54 (id=8912):
socket$inet6(0xa, 0x2, 0x3a)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0xfffffffffffffffc, 0x0, 0x0, 0x1000000000}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x3c}, 0xa, @in6=@remote, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffff, 0x1001}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

15.946832045s ago: executing program 2 (id=11725):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x23108000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

15.839747265s ago: executing program 2 (id=11726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fe0006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='sys_enter\x00', r2}, 0x10)
mincore(&(0x7f0000273000/0x3000)=nil, 0x3000, 0x0)

15.828891325s ago: executing program 2 (id=11727):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000004000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000340)="9a96000000c900660f38800d0080000066baf80cb8a04ffa86ef66bafc0cec8fe850ef7fa200369afc1c000005000f0fc6b40f00502f66baf80cb8d4c2f489ef66bafc0ced66ba6100ec2e660f9a23", 0x4f}], 0x1, 0x31, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.781719324s ago: executing program 2 (id=11728):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000600)=ANY=[@ANYBLOB='iocharset=cp850,namecase=1,errors=remount-ro,errors=continue,fmask=00000000000000000000005,iocharset=koi8-ru,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000006000000003,namecase=1,dmask=00000000000000000001777,allow_utime=00000000000000020000000,\x00'], 0x21, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x63)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000480)={{'\x00', 0x41}, {0x800}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0})

15.691165914s ago: executing program 2 (id=11729):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x810, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0xfe, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x200, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00)\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)

15.690960224s ago: executing program 2 (id=11730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
mount$incfs(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0), 0xda, &(0x7f0000000500)={[], [{@pcr={'pcr', 0x3d, 0x19}}]})

15.669568535s ago: executing program 55 (id=11730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r1}, 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
mount$incfs(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0), 0xda, &(0x7f0000000500)={[], [{@pcr={'pcr', 0x3d, 0x19}}]})

13.139663317s ago: executing program 3 (id=11796):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x34, r2, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}]}, 0x34}}, 0x0)

13.138937317s ago: executing program 3 (id=11797):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/mcfilter6\x00')
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x4}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x7, {{0xa, 0xffff, 0x0, @mcast1={0xff, 0x7}, 0x1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/81, 0x51}], 0x1, 0x78, 0x0)

13.123375858s ago: executing program 3 (id=11798):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private0, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x100}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@loopback}}, 0xe8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x802, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)

13.067154587s ago: executing program 3 (id=11799):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000100)='./file0\x00', 0x3000400, &(0x7f0000000000)=ANY=[], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x20, &(0x7f0000000b00)=ANY=[], 0x1, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x58)
creat(&(0x7f0000000200)='./file0\x00', 0x0)

13.066437657s ago: executing program 3 (id=11801):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a000000000000d74619edc700000000000000004cbd302b0000000000fa000000000022", @ANYBLOB], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0)

12.701522986s ago: executing program 3 (id=11815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
setregid(0x0, 0x0)

12.639446886s ago: executing program 56 (id=11815):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
setregid(0x0, 0x0)

3.17908187s ago: executing program 0 (id=12106):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

3.124114409s ago: executing program 0 (id=12107):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="09000000070000000000010005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
syslog(0x4, &(0x7f00000002c0)=""/232, 0xe8)

3.119398059s ago: executing program 0 (id=12108):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000180)={0x1, 0x0, [{0x40000001, 0x6, 0xe, 0x80000000, 0x6, 0x7, 0x2d}]})

3.038307559s ago: executing program 0 (id=12111):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.996263759s ago: executing program 0 (id=12113):
r0 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56e, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0xc6}}, [{{0x9, 0x5, 0x2, 0x3, 0x0, 0x8, 0x39, 0xfd}}]}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000040)='./file0\x00', 0x10000902)
syz_usb_control_io$hid(r0, &(0x7f0000000c00)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)

1.948617216s ago: executing program 9 (id=12124):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000380)='./bus\x00', 0x2200804, &(0x7f0000000100)={[{@keep_last_dots}, {@namecase}, {@sys_tz}, {@time_offset={'time_offset', 0x3d, 0x3ff}}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@allow_utime={'allow_utime', 0x3d, 0x1}}]}, 0x3, 0x151f, &(0x7f0000001900)="$eJzs3AuYTlX7MPD7XmvtMSQ9SQ7DWuvePMlhmSTJIUkOSZIkSU4JoUleSUgMOSUNSUgOQ3IYQnKYmDTO5/MxSZImSUJyStZ3TfHq8PZ/37637/X937l/17Uv695rr7XXfu79eNbaz/XM112G1mhUs2oDIoJ/C/78TyIAxALAQAC4BgACACibu2zuzPrsEhP/vZOwv9ZDKVd6BOxK4vxnbZz/rI3zn7Vx/rM2zn/WxvnP2jj/WRvnn7GsbPP0AtfylnU3fv6flfHn/3+RjFJjP19b6vquf6IJ5z9r4/z/1wr+lYM4/1kb5z9r4/xnbZz/rCDbH9Zw/v/bLfkfazn/jGVlV/r5M29XdrvS9x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsazhjL9MAcCl8pUeF2OMMcYYY4wxxv46PtuVHgFjjDHGGGOMMcb+30MQIEFBADGQDWIhO+QAAQBXQy64BiJwLeSG6yAPXA95IR/khwIQBwWhEGgwYIEghMJQBKJwAxSFG6EYFIcSUBIclIJ4uAlKw81QBm6BsnArlIPboDxUgIpQCW6HynAHVIE7oSrcBdWgOtSAmnA31IJ7oDbcC3XgPqgL90M9eADqw4PQAB6ChvAwNIJHoDE8Ck2gKTSD5tDi/6r989ADXoCe0AsSoTf0gRehL/SD/jAABsJLMAhehsHwCiTBEBgKr8IweA2Gw+swAkbCKHgDRsObMAbGwjgYD8kwASbCWzAJ3obJMAWmwjRIgekwA96BmTALZsO7MAfeg7kwD+bDAkiF92EhLII0+AAWw4eQDktgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAN2wi7YDR/BHvgY9sInsA8+/ZPtT/+mfVcEBBQoUKHCGIzBWIzFHJgDc2JOzIW5Yi/dJHkwD+bFvJgf82McxmEhLIQGDRISFsbCGMUoFsWiWAyLYQksgQ4dxmM8lsabsQyWwbJYFsthOSyPFbACVsJKWBkrYxWsglWxKlbDalgDa+DdeDf2xtpYG+tgHayLdS89nsIG2AAbYkNshI2wMTbGJtgEm2EzbIEtsCW2xFbYCttgG2yLbbE9tscETMAO2AE7YkfshJ2wM3bGLtgFu2I37IbPZwN8AV/AXlhN9MY+2Af7YlK2/jgAB+BLOAhfxpfxFUzCITgUX8VX8TUcjqdwBI7EUTgKK4s3cQyORRLjMRmTcSJOxEk4CSfjFJyC0zAFp+MMnIEzcRbOwndxDr6H7+E8nIcLMBVTcSEuwjRMw8V4GtNxCS7FZbgcV+ByXIWrcRWuxXW4FjfgBtyEm3ALbsFtuA134A7chQoAP8KP8WNMwn24D/fjfjyAB/AgHsQMzMBDeAgP42E8gkfwKB7FY3gcT+BxPIkn8RSexjN4Bs/hOTyPz8Z92XBX8TVJIDIpoUSMiBGxIlbkEDlETpFT5BK5RERERG6RW+QReURekVfkF/lFnIgThUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQT8SJelBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sT8+JDIz00gMwcZiKDYRTYW8eHO2FMOxlWgt2ognxEgcge1FS5cgnhIdxBjsKP4mxuIzorMYj13Ec6Kr6Ca6i+dFD9HK9RS9xGTsLfqIadhX9BP9xQAxE6uLd3FO9hriFZEkhoih4lWxAF8Tw8XrYoQYKUaJN8Ro8aYYI8aKcWK8SBYTxETxlpgk3haTxRQxVUwTKWK6mCHeETPFLDFbvCvmiPfEXDFPzBcLRKp4XywUi0Sa+EAsFh+KdLFELBXLxHKxQqwUq8RqsUasFevEerFBbBSbxGaxRWwV28R2sUPsFLvEbvGR2CM+FnvFJ2Kf+FTsF5+JA+JzcVB8ITLEl+KQ+EocFl+LI+IbcVR8K46J4+KE+E6cFN+LU+K0OCPOinPiB3Fe/CguCC9AohRSSiUDGSOzyViZXeaQV8mcMrj46l4rc8vrZB55vcwr88n8soCMkwVlIamlkVaSDGVhWURG5Q2yqLxRFpPFZQlZUjpZSsbLm2RpebMsI2+RZeWtspy8TZaXFWRFWUneLivLOyREfj5HNVld1pA15d2ylrxH1pb3yjryPllX3i/ryQdkffmgbCAfkg3lw7KRfEQ2lo/KJrKpbCabyxbyMdlSPi5bydayjXxCtpXtZHv5pEyQT8kO0l+8RZ6RneWzsot8TnaV3WR3+aO8IL3sKXtJgN6yj3xR9pX9ZH85QA6UL8lB8mU5WL4ik+QQOVS+KofJ1+Rw+bocIUfKUfINOVq+KcfIsXKcHC+T5QQ5Ub4lJ8m35WQ5RU6V02SKnC77X+xptpT/tP1b/6D94J/OvklullvkVrlNbpc75E65S+6Wu+UeuUfulXvlPrlP7pf75QF5QB6UB2WGzJCH5CF5WB6WR+QReVQelcfkcXlWfidPyu/lKXlanpZn5Tl5Tp6/+BqAQiWUVEoFKkZlU7Equ8qhrlI51dUql7pGRdS1Kre6TuVR16u8Kp/KrwqoOFVQFVJaGWUVqVAVVkVUVN2AF28YVUKVVE6VUvHqpj/TXhVVN6piqviv2l8aX+IfjK+FaqFaqpaqlWql2qg2qq1qq9qr9ipBJagOqoPqqDqqTqqT6qw6qy6qi+qquqruqrvqoXqonqqnSlSJqo96UfVV/VR/NUANVC+pQWqQGqwGqySVpIaqoWqYGqaGq+FqhBqhRqlRarQarcaoMWqcGqeSVbKaqCaqSWqSmqwmq6lqqkpRKWqGmqFmqplqtpqt5qg5aq6aq+ar+SpVpaqFaqFKU2lqsVqs0tUStUQtU8vUCrVCrVKr1Bq1Rq1T69QGtUGlq81qs9qqtqrtarvaqXaq3Wq32qP2qL1qr9qn9qn9ar86oA6og+qgylAZ6pA6pA6rw+qIOqKOqqPqmDqmTqgT6qQ6qU6pU+qMOqPOqXPqvDqvLqgLmdO+QAQiUIEKYoKYIDaIDXIEOYKcQc4gV5AriASRIHeQO8gTXB/kDfIF+YMCQVxQMCgU6MAENhAXkx4NbgiKBjcGxYLiQYmgZOCCUkF8cFNQOrg5KBPcEpQNbg3KBbcF5YMKQcWgUnB7UDm4I6gS3BlUDe4KqgXVgxpBzeDuoFZwT1A7uDeoE9wX1A3uD+oFDwT1gweDBsFDQcPg4aBR8EjQOHg0aBI0DZoFzYMWf2n/3p/K97jrqXvpRN1b99Ev6r66n+6vB+iB+iU9SL+sB+tXdJIeoofqV/Uw/Zoerl/XI/RIPUq/oUfrN/UYPVaP0+N1sp6gJ+q39CT9tp6sp+ipeppO0dP1DP2Onqln6dn6XT1Hv6fn6nl6vl6gU/X7eqFepNP0B3qx/lCn6yV6qV6ml+sVeqVepVfrNXqtXqfX6w16o96kN+steqveprfrHXqn3qV364/0Hv2x3qs/0fv0p3q//kwf0J/rg/oLnaG/1If0V/qw/lof0d/oo/pbfUwf1yf0d/qk/l6f0qf1GX1Wn9M/6PP6R31B+8zJfebHu1FGmRgTY2JNrMlhcpicJqfJZXKZiImY3CZ3u4vpN/lNfhNn4kwhU8hkIkOmsClsoiZqipqippgpZkqYEsYZZ+JNvCltSpsypowpa8qacqacKW/Km4qmornd3G7uMHeYO82d5i5zl6luqpuapqapZWqZ2qa2qWPqmLqmrqln6pn6pr5pYBqYhqahaWQamcamsWlimphmpplpYVqYlqalaWVamTamjWlr2pr2pr1JMAmmg+lgOpqOppPpZDqbzqaL6WK6mq6mu+luepgepqfpaRJNoulj+pi+pq/pb/qbgWagGWQGmcFmsEkySWaoGWqGmWFmuBluRpiRZlTmRNW8acaYsWacGW+STbKZaCaaSWaSmWwmm6lmqkkxKWaGmWFmmplmtplt5pg5Zq6Za+ab+SbVpJqFZqFJM2lmsVls0k26WWqWmuVmuVlpVprVZrVZa9aa9bDebDQbzWaz2Ww1W812s93sNDvNbrPb7DF7zF6z1+wz+8x+s98cMAfMQXPQZJgMc8gcMofNYXPEHDFHzVFzzBwzJ8wJc9KcNKfMKXPGnDHnTL6Ln5fexNrsNoe9yua0V9tc9hr72zi/LWDjbEFbyGqb1+b7VWystcVscVvClrTOlrLx9qbfxeVtBVvRVrK328r2Dlvld3Ete4+tbe+1dex9tqa9+1dxXXu/rWcfsfURAWxT29A2t43sI7axfdQ2sU1tM9vctrXtbHv7pE2wT9kO9unfxQvtIrvarrFr7Tq7x35sz9iz9rD92p6zP9ietpcdaF+yg+zLdrB9xSbZIb+LR9k37Gj7ph1jx9pxdvzv4ql2mk2x0+0M+46daWf9Lk6179s5Ns3OtfPsfLvgpzhzTGn2A7vYfmjT7RK71C6zy+0Ku9Ku+vtYl9kNdqPdZHfbj+xWu81utzvsTrvrpzjzOvbaT+w++6k9ZL+yB+zn9qA9YjPslz/Fmdd3xH5jj9pv7TF73J6w39mT9nt7yp7+6fozr/07+6O9YL0FQgKSpCigGMpGsZSdctBVlJOuplx0DUXoWspN11Eeup7yUj7KTwUojgpSIdJkyBJRSIWpCEXpBro0Ty9BJclRKYqnm6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS+2oPT1JCfQUdaCnqSP9jTrRM9SZnqUu9Bx1pW7UnZ6nHvQC9aRelEi9qQ+9SH2pH/WnATSQXqJB9DINplcoiYbQUHqVhtFrNJxepxE0kkbRGzSa3qQxNJbG0XhKpgk0kd6iSfQ2TaYpNJWmUQpNpxn0Ds2kWTSb3qU59B7NpXk0nxZQKr1PC2kRpdEHtJg+pHRaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacdtJN20W76iPbQx7SXPqF99Cntp8/oAH1OB+kLyqAv6RB9RYfpazpC3/he9C0do+N0gr6jk/Q9naLTdIbO0jn6gc7Tj3SBPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8Pc4XVhnvD6MG+YL8wfFgjjwoJhoVCHJrQhhWFYOCwSRsMbwqLhjWGxsHhYIiwZurBUGB/eFJYObw7LhLeEZcNbw3LhbWH5sEL4yH2VwtvDyuEdYZXwzrBqeFdYLawe1ghrhneHtcJ7wtrhvWGd8L6wTHh/WC98IKwfPhg2CB8KG4YPh43CR8LG4aNhk7Bp2CxsHrYIHwtbho+HrcLWYZvwibBt2C5sHz4ZJoRPhR3Cp3+qv3/RH9cnhr3DPuGL4Yuh9/fK+dEF0dTo+9GF0UXRtOgH0cXRD6Pp0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3RjdFNUe9rZgOHTjjplAtcjMvmYl12l8Nd5XK6q10ud42LuGtdbnedy+Oud3ldPpffFXBxrqAr5LQzzjpyoSvsiriou8EVdTe6Yq64K+FKOudKuXjX3LVwLVxL97hr5Vq7Nu4J94Rr59q5J92T7inXwT3tOrq/uU7uGdfZPeuedc+5rq6b6+6edz3chFw/vycTXR/Xx/V1fV1/198NdAPdIDfIDXaDXZJLckPdUDfMDXPD3XA3wo1wo9woN9qNdmPcGDfOjXPJLtlNdBPdJDfJTXaT3VQ31aW4FDfDzXAz3UxXedbPZ5nr5rr5br5LdaluocucM6a5xW6xS3fpbqlb6pa75W6lW+lWu9VurVvr1rv1bmPmesJtdlvdVrfdbXc73U632+12e/w1P3fq9rn9br874A64g+4Ll+G+dIfcV+6w+9odcd+4o+5bd8wddyfcd+6k+96dcqfdGXfWnXM/uPPuR3fBeZccmRCZGHkrMinydmRyZEpkamRaJCUyPTIj8k5kZmRWZHbk3cicyHuRuZF5kfmRBZHUyPuRhZFFkbTIB5HFkQ8j6ZElkaWRZZHlkRUR7wtuDX1hX8RH/Q2+qL/RF/PFfQlf0jtfysf7m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W9/Ot/dP+gT/lO/gn/Yd/d98J/+M7+yf9V38c76r7+a7++d9D/+C7+l7+UTf2/fxL/q+vp/v7wf4gf4lP8i/7Af7V3ySH+KH+lf9MP+aH+5f9yP8SD8q5g0/+tISGcb7ZD/BT/Rv+Un+bT/ZT/FT/TSf4qf7Gf4dP9PP8rP9u36Of8/P9fP8fL/Ap/r3/UK/yKf5D/xi/6FP90suPVT2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/bf+T3+I/9Xv+J3+c/9fv9Z/6A/9wf9F/4DP+lP+S/8of91/6I/8Yf9d/6Y/64P+G/8yf99/6UP+3P+LP+nP/Bn/c/+gt/9jdrvf7U0Ywxxhhj/zUmXC6Kf1Tf+x/sE784uA8AXL2tQMYv6zNnlOvz/lzuJ+LaRgDgqV5dHrq0VauWeOnLJUiXEBSZB3Dpm6BMMXA5XgJtoB0kQGso/Q/H3090O0e/7z8x8Rf9R28FyPGLNrFwOb7c/2d/0P9jT4xaWC48k/t/6H8eQLEil9tkh7/Hf/91RWso8wf952v5T8af/fNkgFa/aJMTLseXxx8Pj8PTkPCrIxljjDHGGGOMsZ/1ExU7XVp/XlqU/3Z9m7k+j1OX22Quai/F/2x9zhhjjDHGGGOMsSvvmW7dn3wsIaF1p39akADwqz1V/pVWXPhfU/Ae4NIeBQD/Zoe/uVv+E4Ut/5FzJV186/y2avlZH8D/H6n8KwpX+D8mxhhjjDHG2F/u8qT/1/vVlRoQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWBf0n/pzYlb5GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7PwEAAP//To8JBw==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)

1.328152394s ago: executing program 0 (id=12127):
mount$bind(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x89101a, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000086d044fc200000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="0023a1000000a1"], 0x0, 0x0, 0x0, 0x0}, 0x0)

931.870093ms ago: executing program 1 (id=12129):
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x810082, &(0x7f0000000040)=ANY=[@ANYBLOB="756e695f786c6174653d312c726f6469722c757466383d302c73686f72746e616d653d77696e6e742c757466383d302c757466383d312c756e695f786c6174653d302c696f636861727365743d63703433372c756e695f786c6174653d302c6572726f72733d72656d6f756e742d726f2c757466383d312c757466383d312c73686f72746e616d653d77696e39352c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d312c73686f72746e616d653d77696e39352c646973636172642c004338cb8631b26441e86414f461975e105d02960776fcb7ddfd80b96c1b2ffd13d5cc37784797dbc9e26b7c39310b49940995ce6e6ce1c218890b59506de99e2dd234abcde0be50d3de656741fee78f74e94ee73bd6d7162f0d2a8275e0a6125615ce223c21fe303d561d81b2681dce1c0b7061c5a347b2040e7b6c9210507527467dad005f3e38c47d4daa9d76c69f51ffeb2f81123fe54df14c6c02413e51ba63c35f11"], 0x0, 0x2ad, &(0x7f0000000740)="$eJzs3T9vI0UUAPC3jmMbKOyCCiGxEhRUUZKWxgElUoQrkAuggIgkEootpESKxB9hUtHSUPIJkJDoaPkANPcNTrr2pOsuRaQ9rb0bOznHOZ/i5P78fk0ms+/NvJmMHKXYyTfv9g9209g/+fl+NBpJVNrRjtMkWlGJ0q9xQfv3AABeZqdZFo+ykXnykohoLK4sAGCB5v79/8/CSwIAFuzzL778dKPT2fwsTRux1f/tuJv/ZZ9/HT3f2I/vohd7sRrNOIvIzo3aW1mWDapprhUf9AfH3Tyz//X/xfgbDyOG+WvRjNaw62L+dmdzLR2ZyB/kdbxZzN/O89ejGW9PmX+7s7k+JT+6tfjw/Yn6V6IZ976N76MXu8Mixvm/rKXpJ9kfj3/6Ki8vz08Gx936MG4sW7rlHw0AAAAAAAAAAAAAAAAAAAAAAK+wleLunHoM7+/Ju4r7d5bO8m+WIy21Lt7PM8pPyoEu3Q80yOLP8n6d1TRNsyJwnF+Nd6pRvZtVAwAAAAAAAAAAAAAAAAAAwIvl6IcfD3Z6vb3DG2mUtwGUr/U/7zjt857q4XsxO7g+nqtSNGeMHEtlTBIxs4x8ETe0Ldc13riq5r/+nnfAxvUxy+O5olVsxg2vqzxdBzvJ9D2sR9nTKA/Jv5MxtXjGuWpXPcrmOn61qY+ac6+99tawMZgRE8mswj56MNq5oie5vIracFenpi8XjYn0S2djrvP89GdFkiziEwgAAAAAAAAAAAAAAAAAACiNX/qd8vBkZmolqy+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4VeP//z9HY1Akj3r++3hGcC0Oj+54iQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwGngQAAP//4gNebw==")
syz_mount_image$fuse(&(0x7f0000000700), &(0x7f00000000c0)='./file0\x00', 0x30c407e, &(0x7f0000000780)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af25, &(0x7f0000000040)={@host})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

907.146053ms ago: executing program 1 (id=12131):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200f30c0000000000feff00760000000f00001e37000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x740e, &(0x7f0000000440)={0x0, 0x818a, 0x40, 0x1, 0x1002b})
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x15, 0x20000002, r2)

907.017203ms ago: executing program 9 (id=12132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='mp'])

885.953133ms ago: executing program 1 (id=12133):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x10, &(0x7f00000014c0), 0x1, 0x793, &(0x7f0000001700)="$eJzs3c1rXFUbAPDnTpKmb9r3TV4QbF0FBA2UTkyNrYKLigsRLBR0bTtMpqFmkimZSWlCoBYR3AhaXAi66dqPunPrx1b/Bd2ISEvVtFhxISN3PjqTZiadtvloze8Htz3n3jM595l77zln5h7mBrBjjab/ZCL2R8R7ScRwY30SEQO1VH/E0Xq5myvL+XRJolp99bekVubGynI+2l6T2tPI7IuIb96OOJBZW295cWkmVywW5hv58crsmfHy4tLB07O56cJ0Ye7wxOTkoSPPHBncuFj/+H5p79X3X3ry86N/vfXo5Xe/TeJo7G1sa49jo4zGaOM9GUjfwlVe3OjKtlmy3TvAPUkvzb76VR77Yzj6aqne9F4SAHiQnI+IKgCwwyT6fwDYYZrfA9xYWc6nS/X89n4fsdWuvRARu+vxN+9v1rf0N+7Z7a7dBx26kay635FExMgG1D8aER9/+fqn6RKbdB8SoJM3L0TEyZHRZvvfan+SNXMW6nqfkPFUD2VGb8tr/2DrfJWOf55tjf9a11/m1vgnOox/Bjtcu/diNGJXe37t9Z+5sgHVdJWO/54faM1tu9kWf8NIXyP339qYbyA5dbpYSNu2/0XEWAwMpvmJdeoYu/739VUr+lrJ9vHf7xff+CStP/2/VSJzpf+2JncqV8ndb9xN1y5EPNbfKf7k1vFPuox/j/dYx8vPvfNRt21p/Gm8zWV1/Js/q6x6KeKJ6Bx/U7Le/MTD47XTYbx5UnTwxU8fDnWrv/34p0taf/OzwFZIj//Q+vGPJO3zNct3X8d3l4a/7rbtzvF3Pv93Ja/V0s3G41yuUpmfiNiVvLJ2/aHWa5v5Zvk0/rHHO1//653/6WfCkz3G33/118/uPf7NlcY/dVfH/+4Tl2/O9HWrv7fjP1lLjTXW9NL+9bqD9/PeAQAAAAAAAAAAAAAAAAAAAAAAAECvMhGxN5JM9lY6k8lm68/wfiSGMsVSuXLgVGlhbipqz8oeiYFM86cuh9t+D3Wi8Xv4zfyh2/JPR8T/I+KDwf/U8tl8qTi13cEDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMOeLs//T/0yuN17BwBsmt13LHG9sCU7AgBsmTv3/wDAv43+HwB2Hv0/AOw8+n8A2Hn0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyy48eOpUv1z5XlfJqfOru4MFM6e3CqUJ7Jzi7ks/nS/JnsdKk0XSxk86XZtpf+0OnvFUulM5Mxt3BuvFIoV8bLi0snZksLc5UTp2dz04UThYEtiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeldeXJrJFYuFeYmHJVEdrh+6B2V/Nj/x88Ef961X5qLTeOMT290yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwc/gkAAP//skMoxA==")
mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x10b441, 0x63)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, 0x0)

815.223413ms ago: executing program 9 (id=12135):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
pipe2(&(0x7f0000001cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}})

797.331713ms ago: executing program 9 (id=12136):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r1}, 0x10)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

768.826083ms ago: executing program 1 (id=12138):
pipe(&(0x7f0000000100))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

546.080612ms ago: executing program 1 (id=12149):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
unshare(0x22020600)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
pwritev2(r1, 0x0, 0x0, 0x7ff, 0xab, 0x0)

530.978492ms ago: executing program 1 (id=12140):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
open(0x0, 0x133000, 0x9c)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

530.810412ms ago: executing program 9 (id=12141):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x10)
setitimer(0x0, 0x0, 0x0)

442.458372ms ago: executing program 9 (id=12153):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r1, 0x400c4807, &(0x7f0000000000)={0x1, 0x200, 0x2})

258.002821ms ago: executing program 5 (id=12152):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
setfsuid(0x0)

253.570631ms ago: executing program 8 (id=12154):
syz_mount_image$ext4(&(0x7f0000001800)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000540)={[{@norecovery}, {@nobh}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@nobh}, {@data_err_ignore}, {@nombcache}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10}}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r0 = open(&(0x7f0000000300)='./file1\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42)
sendfile(r1, r1, 0x0, 0x80000000)

239.584072ms ago: executing program 5 (id=12155):
pipe(&(0x7f0000005880)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x7, &(0x7f0000000f80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
fsetxattr$security_selinux(r0, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)

224.058101ms ago: executing program 8 (id=12156):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0)

218.174451ms ago: executing program 5 (id=12157):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
unshare(0x22020600)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143041, 0x0)
pwritev2(r1, 0x0, 0x0, 0x7ff, 0xab, 0x0)

170.669032ms ago: executing program 8 (id=12158):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r2, @ANYBLOB="00000a00100000801c001a"], 0x44}, 0x1, 0x10000000}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

170.113951ms ago: executing program 5 (id=12168):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r1}, 0x10)
syz_clone(0x40020000, 0x0, 0x0, 0x0, 0x0, 0x0)

158.917461ms ago: executing program 8 (id=12159):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000001000000000000000000850000003600000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r2, r1, 0x25, 0x2, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0, 0x0, 0x5}}, 0x30)
syz_emit_ethernet(0x5e, &(0x7f0000000300)=ANY=[], 0x0)

137.269471ms ago: executing program 8 (id=12160):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000800000000000000000000000000000000000a"], 0xb8}}, 0x20004800)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)

112.282541ms ago: executing program 8 (id=12161):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x29)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9)
read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020)

97.900161ms ago: executing program 5 (id=12162):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
syz_read_part_table(0x5dc, &(0x7f0000000000)="$eJzs2z9o1GcYB/DnoteADi5OTuogpbgojh5F5e5UFMJpliJFQRHxphOEkx6k6KA3GHJDSLcsaeCW/JlyuSFTQgKZQ8iQEsiQpSVZAlly5dK3Q6FDr00KpZ8PBw/ve8/7ft8X3vUX/Kf1xS+dTicTEZ3+iFM9rh5s5gv3Lg7cKj2OyMSTiPj2hy9/7P6TSR3dXbsup/FmGk+Mn2l/2rubbW482r/ydLHe9/uWQ0e/ODvZGjyG63HCpnJL595/qBQ/V3Ov1ou17Y9rqw+nd/Ol1oN6Y+Z+9s7z1Lec6ulU30Q13sXreBbl+D5eROWY8seaW9cOLxSbcy9vHhTawwvXj7p6fde95R892Ijo5r+9NPJNo3b76uz50RvV+ZXSToou95/YEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEbZWDr3/kOl+Lmae7VerG1/XFt9OL2bL7Ue1Bsz97N3nqe+5VRPp/omqvEuXsezKEc5XkTlb+ZP5f6YP9bcunZ4odice3nzoNAeXrie+gb+4T3/Qn6nm//20sjXjdrtq7PnR29U51dKO6d+6yv3/9nqL07oVAAAAAAAAAAAAAAAAAAAAPzf5Av3Lg7cKj2OyMSTiPjq5+/6uvOd9L17JvVdTnUzzU+Mn2l/2rubbW482r/ydLH+U5ofikwMRcTZydbgv34ZevZrAAAA///YkpIV")

0s ago: executing program 5 (id=12163):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)

kernel console output (not intermixed with test programs):

 has an invalid length.
[  386.085041][T25448] netlink: 56 bytes leftover after parsing attributes in process `syz.2.10767'.
[  386.187994][T25472] loop2: detected capacity change from 0 to 2048
[  386.204927][  T556] usb 10-1: Using ep0 maxpacket: 16
[  386.212397][  T556] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  386.223070][  T556] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  386.232535][T25472] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  386.237641][  T556] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  386.249834][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  386.249853][   T28] audit: type=1400 audit(2134217738.331:3205): avc:  denied  { watch watch_reads } for  pid=25471 comm="syz.2.10778" path="/1116/file1/file0/file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  386.256912][T25481] netlink: 'syz.0.10781': attribute type 3 has an invalid length.
[  386.280798][  T556] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.289300][   T28] audit: type=1400 audit(2134217738.331:3206): avc:  denied  { execute } for  pid=25471 comm="syz.2.10778" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  386.296616][  T556] usb 10-1: Product: syz
[  386.320465][   T28] audit: type=1400 audit(2134217738.331:3207): avc:  denied  { execute_no_trans } for  pid=25471 comm="syz.2.10778" path="/1116/file1/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  386.323207][  T556] usb 10-1: Manufacturer: syz
[  386.348478][T12718] EXT4-fs (loop2): unmounting filesystem.
[  386.357324][  T556] usb 10-1: SerialNumber: syz
[  386.551051][T25506] loop0: detected capacity change from 0 to 128
[  386.559217][T25506] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  386.567804][T25506] ext4 filesystem being mounted at /459/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  386.611919][T21210] EXT4-fs (loop0): unmounting filesystem.
[  386.646874][   T28] audit: type=1400 audit(2134217738.741:3208): avc:  denied  { relabelto } for  pid=25512 comm="syz.2.10795" name="1123" dev="tmpfs" ino=5855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:devicekit_power_exec_t:s0"
[  386.690085][   T28] audit: type=1400 audit(2134217738.741:3209): avc:  denied  { associate } for  pid=25512 comm="syz.2.10795" name="1123" dev="tmpfs" ino=5855 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:devicekit_power_exec_t:s0"
[  386.718591][   T28] audit: type=1400 audit(2134217738.771:3210): avc:  denied  { write } for  pid=12718 comm="syz-executor" name="1123" dev="tmpfs" ino=5855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:devicekit_power_exec_t:s0"
[  386.746840][   T28] audit: type=1400 audit(2134217738.771:3211): avc:  denied  { remove_name } for  pid=12718 comm="syz-executor" name="binderfs" dev="tmpfs" ino=5859 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:devicekit_power_exec_t:s0"
[  386.776647][   T28] audit: type=1400 audit(2134217738.771:3212): avc:  denied  { rmdir } for  pid=12718 comm="syz-executor" name="1123" dev="tmpfs" ino=5855 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:devicekit_power_exec_t:s0"
[  386.777852][  T556] usb 10-1: USB disconnect, device number 11
[  386.975011][   T19] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  387.164971][   T19] usb 1-1: Using ep0 maxpacket: 16
[  387.171235][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  387.182014][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  387.191802][   T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  387.204508][   T19] usb 1-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  387.213447][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.222013][   T19] usb 1-1: config 0 descriptor??
[  387.299369][   T28] audit: type=1400 audit(2134217739.391:3213): avc:  denied  { setopt } for  pid=25522 comm="syz.9.10799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  387.340163][T25527] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  387.577590][T25530] loop5: detected capacity change from 0 to 1024
[  387.607762][T25530] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  387.629655][   T19] ryos 0003:1E7D:31CE.0034: unbalanced delimiter at end of report description
[  387.639052][   T19] ryos 0003:1E7D:31CE.0034: parse failed
[  387.639383][T12639] EXT4-fs (loop5): unmounting filesystem.
[  387.644609][   T19] ryos: probe of 0003:1E7D:31CE.0034 failed with error -22
[  387.830984][   T19] usb 1-1: USB disconnect, device number 18
[  387.844512][T25575] loop9: detected capacity change from 0 to 128
[  387.851369][T25575] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  387.863770][T25575] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  387.878422][   T28] audit: type=1400 audit(2134217739.971:3214): avc:  denied  { append } for  pid=25577 comm="syz.2.10823" name="file2" dev="tmpfs" ino=5905 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  387.901214][   T43] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  387.910035][T25580] syz.2.10825[25580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  387.910208][T25580] syz.2.10825[25580] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  388.104154][T25592] 9p: Unknown access argument 18446744073709551615: -34
[  388.176228][T25598] loop9: detected capacity change from 0 to 256
[  388.326676][T25617] loop2: detected capacity change from 0 to 256
[  388.356773][T25617] FAT-fs (loop2): Directory bread(block 64) failed
[  388.373567][T25617] FAT-fs (loop2): Directory bread(block 65) failed
[  388.385089][T25617] FAT-fs (loop2): Directory bread(block 66) failed
[  388.401639][T25617] FAT-fs (loop2): Directory bread(block 67) failed
[  388.415129][T25617] FAT-fs (loop2): Directory bread(block 68) failed
[  388.431692][T25617] FAT-fs (loop2): Directory bread(block 69) failed
[  388.438674][T25629] loop9: detected capacity change from 0 to 256
[  388.450495][T25617] FAT-fs (loop2): Directory bread(block 70) failed
[  388.467284][T25617] FAT-fs (loop2): Directory bread(block 71) failed
[  388.485006][T25617] FAT-fs (loop2): Directory bread(block 72) failed
[  388.504970][T25617] FAT-fs (loop2): Directory bread(block 73) failed
[  388.577418][T25633] loop9: detected capacity change from 0 to 8192
[  388.600629][T25633] syz.9.10848: attempt to access beyond end of device
[  388.600629][T25633] loop9: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  388.617332][T25633] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  388.625669][T25633] FAT-fs (loop9): Filesystem has been set read-only
[  388.632446][T25633] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  388.645116][T25633] FAT-fs (loop9): error, invalid access to FAT (entry 0x0000e1b1)
[  388.696548][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.703935][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.714267][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.721993][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.730929][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.749097][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.764014][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.775142][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  388.792335][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.802038][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.810182][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.826789][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.837363][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.845681][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.853207][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.861320][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.872845][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.884485][ T3745] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  388.897143][ T3745] hid-generic 0000:0000:0000.0035: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  388.953262][T25662] loop9: detected capacity change from 0 to 2048
[  388.997527][T25662] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  389.037108][T25662] EXT4-fs error (device loop9): __ext4_new_inode:1075: comm syz.9.10861: reserved inode found cleared - inode=1
[  389.067946][T18064] EXT4-fs (loop9): unmounting filesystem.
[  389.097405][T25677] random: crng reseeded on system resumption
[  389.173495][T25681] loop3: detected capacity change from 0 to 1024
[  389.194926][T25660] loop2: detected capacity change from 0 to 40427
[  389.215827][T25660] F2FS-fs (loop2): Found nat_bits in checkpoint
[  389.242735][T25681] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  389.261752][T25681] ext4 filesystem being mounted at /1072/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  389.297510][T12224] EXT4-fs (loop3): unmounting filesystem.
[  389.305076][T25677] Unrecognized hibernate image header format!
[  389.311326][T25677] PM: hibernation: Image mismatch: architecture specific data
[  389.318923][T25660] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  389.395331][T25695] Invalid ELF header magic: != ELF
[  389.402128][T25682] f2fs_ckpt-7:2: attempt to access beyond end of device
[  389.402128][T25682] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  389.422901][T25697] input: syz1 as /devices/virtual/input/input58
[  389.435034][   T19] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  389.624933][   T19] usb 1-1: Using ep0 maxpacket: 16
[  389.630987][   T19] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  389.661295][   T19] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  389.674519][   T19] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  389.693599][   T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.720842][   T19] usb 1-1: Product: syz
[  389.729876][T25730] loop2: detected capacity change from 0 to 512
[  389.739617][T25733] netlink: 'syz.3.10888': attribute type 4 has an invalid length.
[  389.747317][   T19] usb 1-1: Manufacturer: syz
[  389.751742][   T19] usb 1-1: SerialNumber: syz
[  389.789151][T25730] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  389.808423][T25730] ext4 filesystem being mounted at /1152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.812473][T25743] loop3: detected capacity change from 0 to 256
[  389.853829][T12718] EXT4-fs (loop2): unmounting filesystem.
[  389.869221][T25747] loop9: detected capacity change from 0 to 256
[  389.897857][T25675] loop5: detected capacity change from 0 to 131072
[  389.910583][T25675] F2FS-fs (loop5): invalid crc value
[  389.917475][T25675] F2FS-fs (loop5): Found nat_bits in checkpoint
[  389.968401][T25675] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  390.042562][T25759] input: syz0 as /devices/virtual/input/input59
[  390.088502][T25763] device bond_slave_0 entered promiscuous mode
[  390.097098][T25762] device bond_slave_0 left promiscuous mode
[  390.161387][   T19] usb 1-1: 0:2 : does not exist
[  390.296803][T25777] loop5: detected capacity change from 0 to 256
[  390.312135][T25772] loop3: detected capacity change from 0 to 40427
[  390.319328][T25772] F2FS-fs (loop3): fault_injection options not supported
[  390.327187][T25772] F2FS-fs (loop3): invalid crc value
[  390.333593][T25772] F2FS-fs (loop3): Found nat_bits in checkpoint
[  390.382423][T25772] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  390.416002][T25790] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10910'.
[  390.469419][T12224] syz-executor: attempt to access beyond end of device
[  390.469419][T12224] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  390.484355][T25798] random: crng reseeded on system resumption
[  390.719177][T25823] loop9: detected capacity change from 0 to 1024
[  390.737352][T25823] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  390.745732][T25823] ext4 filesystem being mounted at /735/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  390.761275][T25823] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  390.763249][ T3745] usb 1-1: USB disconnect, device number 19
[  390.776824][T25823] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[  390.794335][T25823] EXT4-fs (loop9): This should not happen!! Data will be lost
[  390.794335][T25823] 
[  390.804284][T25823] EXT4-fs (loop9): Total free blocks count 0
[  390.811793][T25823] EXT4-fs (loop9): Free/Dirty block details
[  390.817922][T25823] EXT4-fs (loop9): free_blocks=4293918720
[  390.823524][T25823] EXT4-fs (loop9): dirty_blocks=112
[  390.829056][T25823] EXT4-fs (loop9): Block reservation details
[  390.835149][T25823] EXT4-fs (loop9): i_reserved_data_blocks=7
[  390.860663][T25832] input: syz1 as /devices/virtual/input/input60
[  391.076164][   T43] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28
[  391.301851][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  391.301868][   T28] audit: type=1326 audit(2134217743.391:3221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.332038][   T28] audit: type=1326 audit(2134217743.391:3222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.356492][   T28] audit: type=1326 audit(2134217743.391:3223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.379971][T25844] loop5: detected capacity change from 0 to 40427
[  391.380513][T25844] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  391.386381][   T28] audit: type=1326 audit(2134217743.391:3224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.395107][T25844] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  391.417528][   T28] audit: type=1326 audit(2134217743.391:3225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.428226][T25844] F2FS-fs (loop5): Found nat_bits in checkpoint
[  391.449080][   T28] audit: type=1326 audit(2134217743.391:3226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.485215][   T28] audit: type=1326 audit(2134217743.391:3227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.504702][T25844] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  391.516192][T25844] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  391.523800][   T28] audit: type=1326 audit(2134217743.391:3228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.548551][   T28] audit: type=1326 audit(2134217743.391:3229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.584691][   T28] audit: type=1326 audit(2134217743.451:3230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25849 comm="syz.9.10937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7ffc0000
[  391.601401][T25844] syz.5.10935: attempt to access beyond end of device
[  391.601401][T25844] loop5: rw=2049, sector=45096, nr_sectors = 520 limit=40427
[  391.883691][T25876] loop2: detected capacity change from 0 to 512
[  391.917483][T25876] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.10946: bad orphan inode 15
[  391.921127][T25861] loop0: detected capacity change from 0 to 40427
[  391.937083][T25876] ext4_test_bit(bit=14, block=5) = 0
[  391.942406][T25876] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  391.948696][T25861] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  391.964186][T25876] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  391.968181][T25861] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  391.985938][T25876] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  391.995555][T25861] F2FS-fs (loop0): invalid crc value
[  392.005193][T25876] EXT4-fs (loop2): re-mounted. Quota mode: none.
[  392.020719][T12718] EXT4-fs (loop2): unmounting filesystem.
[  392.029446][T25861] F2FS-fs (loop0): Found nat_bits in checkpoint
[  392.094365][T25902] loop3: detected capacity change from 0 to 1024
[  392.107202][T25902] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  392.116167][T25861] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  392.124925][T25861] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  392.159032][T12224] EXT4-fs (loop3): unmounting filesystem.
[  392.168039][T25911] input: syz0 as /devices/virtual/input/input61
[  392.586214][T25961] loop9: detected capacity change from 0 to 1024
[  392.593870][T25961] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  392.602267][T25961] EXT4-fs (loop9): orphan cleanup on readonly fs
[  392.609295][T25961] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  392.619777][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.626799][T25961] EXT4-fs error (device loop9): ext4_dirty_inode:6091: inode #3: comm syz.9.10980: mark_inode_dirty error
[  392.638328][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.645089][T25961] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:477: comm syz.9.10980: Invalid block bitmap block 3 in block_group 0
[  392.658943][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.665435][T25961] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  392.675167][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.681569][T25961] EXT4-fs error (device loop9): ext4_dirty_inode:6091: inode #3: comm syz.9.10980: mark_inode_dirty error
[  392.693306][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.700323][T25961] EXT4-fs error (device loop9): ext4_map_blocks:634: inode #3: block 1: comm syz.9.10980: lblock 6 mapped to illegal pblock 1 (length 1)
[  392.714760][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.721473][T25961] EXT4-fs error (device loop9): ext4_map_blocks:634: inode #3: block 48: comm syz.9.10980: lblock 0 mapped to illegal pblock 48 (length 1)
[  392.736127][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.742556][T25961] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.10980: Failed to acquire dquot type 0
[  392.754008][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.760624][T25961] EXT4-fs error (device loop9): ext4_map_blocks:634: inode #3: block 49: comm syz.9.10980: lblock 1 mapped to illegal pblock 49 (length 1)
[  392.774991][ T1125] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  392.783062][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.789730][T25961] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.10980: Failed to acquire dquot type 0
[  392.801590][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.808022][T25961] EXT4-fs error (device loop9) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  392.817642][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.823990][T25961] EXT4-fs error (device loop9): ext4_evict_inode:279: inode #15: comm syz.9.10980: mark_inode_dirty error
[  392.835467][T25961] EXT4-fs (loop9): Remounting filesystem read-only
[  392.841801][T25961] EXT4-fs warning (device loop9): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  392.852436][T25961] EXT4-fs (loop9): 1 orphan inode deleted
[  392.858129][T25961] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  392.878641][T18064] EXT4-fs (loop9): unmounting filesystem.
[  392.895504][T25976] loop9: detected capacity change from 0 to 512
[  392.903663][T25976] EXT4-fs (loop9): orphan cleanup on readonly fs
[  392.910687][T25976] EXT4-fs warning (device loop9): ext4_enable_quotas:7023: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  392.925791][T25976] EXT4-fs (loop9): Cannot turn on quotas: error -22
[  392.932675][T25976] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #13: comm syz.9.10986: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  392.950901][T25976] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.10986: couldn't read orphan inode 13 (err -117)
[  392.963806][T25976] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  392.975318][T25976] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  392.985534][T25976] EXT4-fs warning (device loop9): read_mmp_block:115: Error -117 while reading MMP block 2
[  392.995629][ T1125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  393.006509][ T1125] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  393.015813][ T1125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.016073][T18064] EXT4-fs (loop9): unmounting filesystem.
[  393.026300][ T1125] usb 1-1: config 0 descriptor??
[  393.046934][T25984] tap0: tun_chr_ioctl cmd 1074025677
[  393.052179][T25984] tap0: linktype set to 805
[  393.057298][T25984] tap0: tun_chr_ioctl cmd 35111
[  393.145408][T25993] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  393.321009][T26024] netlink: 'syz.5.11007': attribute type 3 has an invalid length.
[  393.402186][T26039] loop5: detected capacity change from 0 to 512
[  393.410827][T26039] EXT4-fs (loop5): orphan cleanup on readonly fs
[  393.418576][T26039] EXT4-fs warning (device loop5): ext4_enable_quotas:7023: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  393.442476][T26039] EXT4-fs (loop5): Cannot turn on quotas: error -22
[  393.449337][T26039] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #13: comm syz.5.11015: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  393.469828][T25953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.478301][T25953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.487229][ T1125] keytouch 0003:0926:3333.0036: fixing up Keytouch IEC report descriptor
[  393.495778][T26039] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.11015: couldn't read orphan inode 13 (err -117)
[  393.509073][ T1125] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0036/input/input62
[  393.520751][T26039] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  393.532317][T26039] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  393.544044][T26039] EXT4-fs warning (device loop5): read_mmp_block:115: Error -117 while reading MMP block 2
[  393.569485][T12639] EXT4-fs (loop5): unmounting filesystem.
[  393.597337][ T1125] keytouch 0003:0926:3333.0036: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  393.610942][T26053] netlink: 'syz.2.11020': attribute type 322 has an invalid length.
[  393.785512][T26083] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  393.924996][ T3745] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  394.000384][T26112] loop9: detected capacity change from 0 to 128
[  394.021383][ T1125] usb 1-1: USB disconnect, device number 20
[  394.106084][ T3745] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  394.116781][ T3745] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  394.127606][ T3745] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  394.137500][ T3745] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  394.147103][ T3745] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 253
[  394.160005][ T3745] usb 3-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  394.168945][ T3745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.177325][ T3745] usb 3-1: config 0 descriptor??
[  394.198793][T26121] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  394.212797][T26121] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  394.277625][T26131] usb usb9: check_ctrlrecip: process 26131 (syz.3.11058) requesting ep 01 but needs 81
[  394.287626][T26131] usb usb9: usbfs: process 26131 (syz.3.11058) did not claim interface 0 before use
[  394.327847][T26139] x_tables: ip6_tables: CT target: only valid in raw table, not memory.swap.current
[  394.427604][  T316] tipc: Subscription rejected, illegal request
[  394.585236][ T3745] elecom 0003:056E:00FE.0037: unknown main item tag 0x0
[  394.593227][ T3745] elecom 0003:056E:00FE.0037: unknown main item tag 0x0
[  394.600656][ T3745] elecom 0003:056E:00FE.0037: unknown main item tag 0x0
[  394.607875][ T3745] elecom 0003:056E:00FE.0037: unknown main item tag 0x0
[  394.615822][T26177] incfs: Options parsing error. -22
[  394.620798][ T3745] elecom 0003:056E:00FE.0037: unknown main item tag 0x0
[  394.622770][T26177] incfs: mount failed -22
[  394.632912][ T3745] elecom 0003:056E:00FE.0037: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.2-1/input0
[  394.658969][T26183] loop3: detected capacity change from 0 to 128
[  394.660788][T26184] loop0: detected capacity change from 0 to 256
[  394.674063][T26184] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d)
[  394.709358][T26188] loop0: detected capacity change from 0 to 512
[  394.711778][T26190] Invalid ELF header magic: != ELF
[  394.721753][T26188] EXT4-fs (loop0): orphan cleanup on readonly fs
[  394.729546][T26188] EXT4-fs warning (device loop0): ext4_enable_quotas:7023: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  394.738436][T26193] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  394.745081][T26188] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  394.764847][T26188] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #13: comm syz.0.11084: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  394.776507][T26193] overlayfs: conflicting lowerdir path
[  394.790274][ T1125] usb 3-1: USB disconnect, device number 21
[  394.793111][T26188] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.11084: couldn't read orphan inode 13 (err -117)
[  394.802997][T26195] overlayfs: invalid origin (0000)
[  394.811844][T26188] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  394.845300][T26188] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  394.855955][T26188] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 2
[  394.892843][T21210] EXT4-fs (loop0): unmounting filesystem.
[  395.036064][T26225] loop0: detected capacity change from 0 to 256
[  395.066566][T26227] loop0: detected capacity change from 0 to 128
[  395.156713][T26243] netlink: 96 bytes leftover after parsing attributes in process `syz.3.11110'.
[  395.604944][ T1125] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  395.796579][ T1125] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  395.807299][ T1125] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  395.820055][ T1125] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  395.830102][ T1125] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  395.843235][ T1125] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  395.852132][ T1125] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.861222][ T1125] usb 3-1: config 0 descriptor??
[  396.129379][T26300] loop0: detected capacity change from 0 to 1024
[  396.138482][T26300] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  396.160413][T21210] EXT4-fs (loop0): unmounting filesystem.
[  396.242717][T26313] loop0: detected capacity change from 0 to 2048
[  396.254925][  T556] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  396.257516][T26313] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  396.271256][T26313] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.283227][ T1125] hid-rmi 0003:17EF:6085.0038: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.2-1/input0
[  396.303791][T26313] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.11141: bg 0: block 440: padding at end of block bitmap is not set
[  396.329636][T21210] EXT4-fs (loop0): unmounting filesystem.
[  396.369268][T26326] loop3: detected capacity change from 0 to 256
[  396.378754][T26326] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc65ab44c, utbl_chksum : 0xe619d30d)
[  396.392493][T26326] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000005)
[  396.401942][T26326] exFAT-fs (loop3): failed to initialize root inode
[  396.408964][T26328] device vlan4 entered promiscuous mode
[  396.434988][  T556] usb 10-1: Using ep0 maxpacket: 16
[  396.441418][  T556] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  396.450298][  T556] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  396.461633][  T556] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  396.483564][  T305] usb 3-1: USB disconnect, device number 22
[  396.484013][T26332] loop0: detected capacity change from 0 to 1024
[  396.490768][  T556] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  396.499265][T26332] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  396.506382][  T556] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.521816][  T556] usb 10-1: Product: syz
[  396.525928][  T556] usb 10-1: Manufacturer: syz
[  396.530417][  T556] usb 10-1: SerialNumber: syz
[  396.540188][T21210] EXT4-fs (loop0): unmounting filesystem.
[  396.579913][T26336] loop0: detected capacity change from 0 to 8192
[  396.587491][T26336] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  396.649524][T26342] loop0: detected capacity change from 0 to 512
[  396.656462][T26342] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  396.667437][T26342] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  396.675358][T26342] System zones: 1-12
[  396.680376][T26342] EXT4-fs (loop0): 1 truncate cleaned up
[  396.685893][T26342] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  396.708110][T21210] EXT4-fs (loop0): unmounting filesystem.
[  396.724449][T26348] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  396.738845][T26348] overlayfs: conflicting lowerdir path
[  396.746791][  T556] usb 10-1: 0:2 : does not exist
[  396.758283][  T556] usb 10-1: 1:0: cannot get min/max values for control 4 (id 1)
[  396.765086][T26350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11156'.
[  396.769957][  T556] usb 10-1: USB disconnect, device number 12
[  396.840395][T26362] loop3: detected capacity change from 0 to 1024
[  396.849984][T26362] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  396.854443][T26364] loop0: detected capacity change from 0 to 256
[  396.859033][T26362] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  396.875302][T26362] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  396.886313][T26362] journal_init_common: Cannot get buffer for journal superblock
[  396.893944][T26362] EXT4-fs (loop3): Could not load journal inode
[  396.975315][T26370] loop3: detected capacity change from 0 to 1024
[  396.983735][T26370] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  397.013635][T12224] EXT4-fs (loop3): unmounting filesystem.
[  397.094783][   T28] kauditd_printk_skb: 100 callbacks suppressed
[  397.094801][   T28] audit: type=1400 audit(2134217749.181:3325): avc:  denied  { read } for  pid=26392 comm="syz.2.11176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  397.127901][   T28] audit: type=1400 audit(2134217749.201:3326): avc:  denied  { write } for  pid=26392 comm="syz.2.11176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  397.132768][T26395] loop0: detected capacity change from 0 to 1024
[  397.154214][T26395] EXT4-fs: Ignoring removed nomblk_io_submit option
[  397.160727][   T28] audit: type=1400 audit(2134217749.251:3327): avc:  denied  { setcurrent } for  pid=26396 comm="syz.2.11178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  397.180494][   T28] audit: type=1401 audit(2134217749.251:3328): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  397.242385][T26407] loop0: detected capacity change from 0 to 1024
[  397.249291][T26407] EXT4-fs: Ignoring removed oldalloc option
[  397.293911][T26418] loop2: detected capacity change from 0 to 1024
[  397.300535][T26418] EXT4-fs: Ignoring removed nobh option
[  397.311225][T26418] EXT4-fs: Ignoring removed bh option
[  397.496233][   T28] audit: type=1400 audit(2134217749.591:3329): avc:  denied  { relabelto } for  pid=26451 comm="syz.3.11202" name="" dev="pipefs" ino=132242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:"
[  397.552282][T26462] overlayfs: maximum fs stacking depth exceeded
[  397.610606][   T28] audit: type=1400 audit(2134217749.701:3330): avc:  denied  { bind } for  pid=26472 comm="syz.3.11210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  397.922375][T26502] loop5: detected capacity change from 0 to 256
[  398.006883][   T28] audit: type=1400 audit(2134217750.101:3331): avc:  denied  { read } for  pid=26517 comm="syz.3.11232" name="cgroup.procs" dev="cgroup" ino=213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  398.044712][   T28] audit: type=1400 audit(2134217750.101:3332): avc:  denied  { open } for  pid=26517 comm="syz.3.11232" path="/syzcgroup/cpu/syz3/cgroup.procs" dev="cgroup" ino=213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:semanage_exec_t:s0"
[  398.089139][T26526] syz.5.11245[26526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  398.089213][T26526] syz.5.11245[26526] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  398.113576][T26528] loop5: detected capacity change from 0 to 512
[  398.136397][T26528] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  398.144397][T26528] System zones: 0-2, 18-18, 34-34
[  398.151047][T26528] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.11236: bg 0: block 248: padding at end of block bitmap is not set
[  398.165720][T26528] Quota error (device loop5): write_blk: dquota write failed
[  398.173057][T26528] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  398.183024][T26528] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.11236: Failed to acquire dquot type 1
[  398.195604][T26528] EXT4-fs (loop5): 1 truncate cleaned up
[  398.201211][T26528] ext4 filesystem being mounted at /1104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.216728][T26528] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.11236: Failed to acquire dquot type 1
[  398.235668][   T43] EXT4-fs error (device loop5): ext4_release_dquot:6811: comm kworker/u4:2: Failed to release dquot type 1
[  398.326281][T26555] input: syz0 as /devices/virtual/input/input63
[  398.425591][T26564] loop9: detected capacity change from 0 to 2048
[  398.574056][T26588] loop9: detected capacity change from 0 to 1024
[  398.580621][T26588] EXT4-fs: Ignoring removed nobh option
[  398.592111][T26588] EXT4-fs: Ignoring removed bh option
[  398.848871][T26557] loop5: detected capacity change from 0 to 131072
[  398.858044][T26557] F2FS-fs (loop5): Found nat_bits in checkpoint
[  398.904959][T26557] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  399.547047][T26615] device gretap0 entered promiscuous mode
[  399.552636][T26615] device vlan2 entered promiscuous mode
[  399.558792][T26615] device gretap0 left promiscuous mode
[  399.655464][T26475] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  399.659432][T26619] 9pnet: p9_errstr2errno: server reported unknown error 
[  399.690348][T26623] loop9: detected capacity change from 0 to 512
[  399.717302][T26623] ext4 filesystem being mounted at /820/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  399.766819][T26639] loop0: detected capacity change from 0 to 512
[  399.774121][T26641] loop2: detected capacity change from 0 to 512
[  399.782242][T26639] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.11281: corrupted inode contents
[  399.794382][T26641] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  399.805421][T26639] EXT4-fs error (device loop0): ext4_dirty_inode:6091: inode #3: comm syz.0.11281: mark_inode_dirty error
[  399.808495][T26641] EXT4-fs (loop2): 1 truncate cleaned up
[  399.817765][T26639] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #3: comm syz.0.11281: corrupted inode contents
[  399.835500][T26639] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #3: comm syz.0.11281: mark_inode_dirty error
[  399.847873][T26639] EXT4-fs error (device loop0): ext4_acquire_dquot:6788: comm syz.0.11281: Failed to acquire dquot type 0
[  399.861019][T26639] EXT4-fs (loop0): 1 orphan inode deleted
[  399.867325][T26639] ext4 filesystem being mounted at /543/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  399.878135][  T316] EXT4-fs error (device loop0): ext4_release_dquot:6811: comm kworker/u4:3: Failed to release dquot type 1
[  399.957514][T26658] loop0: detected capacity change from 0 to 1024
[  399.963908][T26658] EXT4-fs: Ignoring removed oldalloc option
[  399.970172][T26658] EXT4-fs: Ignoring removed bh option
[  400.215243][  T305] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  400.266336][T26698] overlayfs: missing 'lowerdir'
[  400.292268][T26686] loop0: detected capacity change from 0 to 40427
[  400.301419][T26686] F2FS-fs (loop0): fault_injection options not supported
[  400.308910][T26686] F2FS-fs (loop0): Image doesn't support compression
[  400.315911][T26686] F2FS-fs (loop0): Image doesn't support compression
[  400.328797][T26686] F2FS-fs (loop0): invalid crc value
[  400.335760][T26686] F2FS-fs (loop0): Found nat_bits in checkpoint
[  400.394699][T26686] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  400.409736][  T305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.434932][  T305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.455012][  T305] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  400.455918][T26686] syz.0.11300: attempt to access beyond end of device
[  400.455918][T26686] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  400.474952][  T305] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  400.504935][  T305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.514534][  T305] usb 10-1: config 0 descriptor??
[  400.523947][T26686] syz.0.11300: attempt to access beyond end of device
[  400.523947][T26686] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  400.546703][T21210] syz-executor: attempt to access beyond end of device
[  400.546703][T21210] loop0: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  400.591756][T26721] loop2: detected capacity change from 0 to 2048
[  400.622484][T26721] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  400.677841][T26731] netlink: 28 bytes leftover after parsing attributes in process `syz.5.11317'.
[  400.849280][T26733] loop5: detected capacity change from 0 to 40427
[  400.857343][T26733] F2FS-fs (loop5): invalid crc value
[  400.863998][T26733] F2FS-fs (loop5): Found nat_bits in checkpoint
[  400.908160][T26733] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  400.927090][  T305] plantronics 0003:047F:FFFF.0039: unknown main item tag 0x0
[  400.934681][T12639] syz-executor: attempt to access beyond end of device
[  400.934681][T12639] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  400.934736][  T305] plantronics 0003:047F:FFFF.0039: No inputs registered, leaving
[  400.958201][  T305] plantronics 0003:047F:FFFF.0039: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  401.061303][T26748] input: syz0 as /devices/virtual/input/input64
[  401.143543][T26751] loop5: detected capacity change from 0 to 1024
[  401.150947][T26751] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  401.159330][T26751] EXT4-fs (loop5): orphan cleanup on readonly fs
[  401.166096][T26751] EXT4-fs error (device loop5): __ext4_get_inode_loc:4508: comm syz.5.11322: Invalid inode table block 0 in block_group 0
[  401.178878][T26751] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  401.188485][T26751] EXT4-fs error (device loop5): ext4_quota_write:7183: inode #3: comm syz.5.11322: mark_inode_dirty error
[  401.199997][T26751] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.11322: Failed to acquire dquot type 0
[  401.211497][T26751] EXT4-fs error (device loop5): __ext4_get_inode_loc:4508: comm syz.5.11322: Invalid inode table block 0 in block_group 0
[  401.215922][  T305] usb 10-1: USB disconnect, device number 13
[  401.224947][T26751] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  401.239373][T26751] EXT4-fs error (device loop5): ext4_ext_truncate:4453: inode #15: comm syz.5.11322: mark_inode_dirty error
[  401.251542][T26751] EXT4-fs error (device loop5): __ext4_get_inode_loc:4508: comm syz.5.11322: Invalid inode table block 0 in block_group 0
[  401.264605][T26751] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  401.274741][T26751] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  401.283526][T26751] EXT4-fs error (device loop5): __ext4_get_inode_loc:4508: comm syz.5.11322: Invalid inode table block 0 in block_group 0
[  401.296639][T26751] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5887: Corrupt filesystem
[  401.306376][T26751] EXT4-fs error (device loop5): ext4_truncate:4313: inode #15: comm syz.5.11322: mark_inode_dirty error
[  401.317874][T26751] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  401.327370][T26751] EXT4-fs (loop5): 1 truncate cleaned up
[  401.376303][T26754] loop3: detected capacity change from 0 to 40427
[  401.383341][T26754] F2FS-fs (loop3): fault_injection options not supported
[  401.390303][T26754] F2FS-fs (loop3): Image doesn't support compression
[  401.397164][T26754] F2FS-fs (loop3): Image doesn't support compression
[  401.404420][T26754] F2FS-fs (loop3): invalid crc value
[  401.410955][T26754] F2FS-fs (loop3): Found nat_bits in checkpoint
[  401.423355][T26763] loop5: detected capacity change from 0 to 1024
[  401.430497][T26763] EXT4-fs: Ignoring removed orlov option
[  401.436300][T26763] EXT4-fs: Ignoring removed nomblk_io_submit option
[  401.457520][T26754] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  401.495987][T26754] syz.3.11323: attempt to access beyond end of device
[  401.495987][T26754] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  401.510475][T26754] syz.3.11323: attempt to access beyond end of device
[  401.510475][T26754] loop3: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  401.531015][T12224] syz-executor: attempt to access beyond end of device
[  401.531015][T12224] loop3: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  401.577876][T26773] loop2: detected capacity change from 0 to 512
[  401.599215][T26773] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  401.624305][T26773] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  401.642056][T26773] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  401.651180][T26773] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  401.659213][T26773] System zones: 0-2, 18-18, 34-34
[  401.665226][T26773] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  401.679861][T26773] EXT4-fs (loop2): 1 truncate cleaned up
[  401.947035][T26825] loop0: detected capacity change from 0 to 1024
[  401.968464][T26825] ext4 filesystem being mounted at /562/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  401.987241][  T316] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm kworker/u4:3: bg 0: block 393: padding at end of block bitmap is not set
[  402.012374][  T316] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117
[  402.026960][  T316] EXT4-fs (loop0): This should not happen!! Data will be lost
[  402.026960][  T316] 
[  402.039194][T26833] loop3: detected capacity change from 0 to 512
[  402.056725][T26833] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.11357: Unimplemented hash flags: 0x0001
[  402.068958][T26833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.11357: Corrupt directory, running e2fsck is recommended
[  402.082460][T26833] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.11357: path /1194/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  402.121380][T26821] loop9: detected capacity change from 0 to 40427
[  402.130778][T26821] F2FS-fs (loop9): Found nat_bits in checkpoint
[  402.178571][T26821] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  402.178838][T26846] loop0: detected capacity change from 0 to 128
[  402.194297][T26846] ext4 filesystem being mounted at /564/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.194365][T26821] syz.9.11350: attempt to access beyond end of device
[  402.194365][T26821] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  402.211129][   T28] kauditd_printk_skb: 174 callbacks suppressed
[  402.211147][   T28] audit: type=1400 audit(2134217754.301:3499): avc:  denied  { ioctl } for  pid=26845 comm="syz.0.11360" path="/564/file0/cpu.stat" dev="loop0" ino=13 ioctlcmd=0x583b scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  402.252374][T18064] syz-executor: attempt to access beyond end of device
[  402.252374][T18064] loop9: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  402.327126][   T28] audit: type=1400 audit(2134217754.421:3500): avc:  denied  { read } for  pid=26849 comm="syz.0.11361" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=134236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  402.356239][   T28] audit: type=1400 audit(2134217754.451:3501): avc:  denied  { create } for  pid=26852 comm="syz.0.11363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  402.378098][   T28] audit: type=1400 audit(2134217754.451:3502): avc:  denied  { read } for  pid=26852 comm="syz.0.11363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  402.427503][   T28] audit: type=1400 audit(2134217754.521:3503): avc:  denied  { create } for  pid=26856 comm="syz.5.11365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  402.451093][T26859] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11362'.
[  402.462150][   T28] audit: type=1400 audit(2134217754.541:3504): avc:  denied  { write } for  pid=26856 comm="syz.5.11365" path="socket:[133556]" dev="sockfs" ino=133556 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  402.486999][   T28] audit: type=1400 audit(2134217754.541:3505): avc:  denied  { nlmsg_read } for  pid=26856 comm="syz.5.11365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  402.535985][   T28] audit: type=1400 audit(2134217754.631:3506): avc:  denied  { map } for  pid=26862 comm="syz.5.11367" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  402.576560][   T28] audit: type=1400 audit(2134217754.671:3507): avc:  denied  { read } for  pid=26868 comm="syz.9.11370" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  402.578015][T26870] binder: 26868:26870 ioctl c0306201 0 returned -14
[  402.605591][   T28] audit: type=1400 audit(2134217754.671:3508): avc:  denied  { open } for  pid=26868 comm="syz.9.11370" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  402.665476][T26882] loop9: detected capacity change from 0 to 512
[  402.672243][T26882] EXT4-fs warning (device loop9): ext4_multi_mount_protect:298: Invalid MMP block in superblock
[  402.818906][T26882] loop9: detected capacity change from 0 to 40427
[  403.511815][T26909] loop2: detected capacity change from 0 to 512
[  403.518485][T26909] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  403.524309][T26911] loop0: detected capacity change from 0 to 1024
[  403.530906][T26909] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  403.546277][T26909] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.11386: invalid block
[  403.559298][T26909] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.11386: invalid indirect mapped block 4294967295 (level 1)
[  403.573700][T26909] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.11386: invalid indirect mapped block 4294967295 (level 1)
[  403.588303][T26909] EXT4-fs (loop2): 2 truncates cleaned up
[  403.603124][T26918] SELinux:  Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped).
[  403.944943][   T19] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  404.124913][   T19] usb 1-1: Using ep0 maxpacket: 16
[  404.131087][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  404.135215][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  404.142891][   T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  404.159095][   T19] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  404.167962][   T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.176356][   T19] usb 1-1: config 0 descriptor??
[  404.325681][T26938] loop5: detected capacity change from 0 to 256
[  404.332238][T26938] exfat: Deprecated parameter 'utf8'
[  404.337472][T26938] exfat: Deprecated parameter 'utf8'
[  404.342609][T26938] exfat: Deprecated parameter 'utf8'
[  404.351001][T26938] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  404.516645][T26958] devpts: called with bogus options
[  404.586110][   T19] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.003A/input/input65
[  404.633418][T26972] loop5: detected capacity change from 0 to 16
[  404.640064][T26972] erofs: (device loop5): mounted with root inode @ nid 36.
[  404.686555][   T19] appleir 0003:05AC:8241.003A: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  404.745532][T26986] xt_NFQUEUE: number of queues (32773) out of range (got 79881)
[  404.765441][T26988] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  404.793344][   T19] usb 1-1: USB disconnect, device number 21
[  404.823756][T26992] loop5: detected capacity change from 0 to 8192
[  404.831443][T26992] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  404.865499][T26996] loop5: detected capacity change from 0 to 1024
[  404.872522][T26996] EXT4-fs (loop5): filesystem is read-only
[  404.878465][T26996] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  404.889202][T26996] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (50428!=20869)
[  404.896153][T26998] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  404.900149][T26996] EXT4-fs error (device loop5): __ext4_fill_super:5387: inode #2: comm syz.5.11426: iget: bad extra_isize 65535 (inode size 1024)
[  404.908174][T26998] FAT-fs (loop19): unable to read boot sector
[  404.921484][T26996] EXT4-fs (loop5): get root inode failed
[  404.932477][T26996] EXT4-fs (loop5): mount failed
[  404.945000][ T1204] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  405.009066][T27005] loop9: detected capacity change from 0 to 256
[  405.075229][T27017] loop5: detected capacity change from 0 to 256
[  405.084612][T27017] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  405.102004][T27017] syz.5.11436: attempt to access beyond end of device
[  405.102004][T27017] loop5: rw=524288, sector=440, nr_sectors = 256 limit=256
[  405.145043][ T1204] usb 3-1: Using ep0 maxpacket: 8
[  405.151173][ T1204] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.162968][ T1204] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.173110][ T1204] usb 3-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  405.182355][ T1204] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.201239][ T1204] usb 3-1: config 0 descriptor??
[  405.314655][T27044] netlink: 104 bytes leftover after parsing attributes in process `syz.5.11449'.
[  405.512536][T27083] loop0: detected capacity change from 0 to 512
[  405.527188][T27083] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.527665][T27085] loop9: detected capacity change from 0 to 2048
[  405.612904][ T1204] smartjoyplus 0003:6666:8804.003B: bogus close delimiter
[  405.620421][ T1204] smartjoyplus 0003:6666:8804.003B: item 0 1 2 10 parsing failed
[  405.628380][ T1204] smartjoyplus 0003:6666:8804.003B: parse failed
[  405.635482][ T1204] smartjoyplus: probe of 0003:6666:8804.003B failed with error -22
[  405.644583][T27085]  loop9: unable to read partition table
[  405.651185][T27085] loop9: partition table beyond EOD, truncated
[  405.657400][T27085] loop_reread_partitions: partition scan of loop9 () failed (rc=-5)
[  405.735843][T27109] FAT-fs (loop7): bogus number of reserved sectors
[  405.742313][T27109] FAT-fs (loop7): Can't find a valid FAT filesystem
[  405.789778][T27119] loop0: detected capacity change from 0 to 2048
[  405.794593][T27121] loop3: detected capacity change from 0 to 256
[  405.802309][T27121] exfat: Deprecated parameter 'namecase'
[  405.810477][T27121] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xcd8273f8, utbl_chksum : 0xe619d30d)
[  405.827183][T27119] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  405.842754][T27119] overlayfs: failed to set xattr on upper
[  405.855954][  T556] usb 3-1: USB disconnect, device number 23
[  405.932263][T27142] loop0: detected capacity change from 0 to 128
[  405.940528][T27142] ext4 filesystem being mounted at /598/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.092909][T27159] loop0: detected capacity change from 0 to 256
[  406.193779][T27172] loop0: detected capacity change from 0 to 512
[  406.200447][T27172] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  406.212247][T27172] EXT4-fs (loop0): 1 truncate cleaned up
[  406.369863][ T3745] kernel write not supported for file bpf-prog (pid: 3745 comm: kworker/1:5)
[  406.447183][T27199] tun0: tun_chr_ioctl cmd 1074025675
[  406.452366][T27199] tun0: persist enabled
[  406.456498][T27199] tun0: tun_chr_ioctl cmd 1074025675
[  406.461601][T27199] tun0: persist enabled
[  406.510781][T27205] loop0: detected capacity change from 0 to 2048
[  406.547917][T27205] Alternate GPT is invalid, using primary GPT.
[  406.554051][T27205]  loop0: p2 p3 p7
[  406.626846][T27212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11524'.
[  406.635881][T27212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11524'.
[  406.655015][ T1204] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  406.702406][T27224] loop0: detected capacity change from 0 to 512
[  406.708938][T27224] EXT4-fs: Ignoring removed nobh option
[  406.714797][T27224] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  406.736808][T27224] ext4 filesystem being mounted at /629/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.750853][T27224] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.11530: bg 0: block 224: padding at end of block bitmap is not set
[  406.765334][T27224] EXT4-fs (loop0): Remounting filesystem read-only
[  406.816786][T27237] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  406.825913][T27237] FAT-fs (loop3): unable to read boot sector
[  406.854945][ T1204] usb 3-1: Using ep0 maxpacket: 32
[  406.860962][ T1204] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.880072][T27244] loop0: detected capacity change from 0 to 256
[  406.885530][ T1204] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.905984][ T1204] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  406.923396][ T1204] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.932076][ T1204] usb 3-1: Product: syz
[  406.940295][ T1204] usb 3-1: Manufacturer: syz
[  406.950211][ T1204] usb 3-1: SerialNumber: syz
[  406.950618][T27249] loop3: detected capacity change from 0 to 512
[  406.961397][ T1204] usb 3-1: config 0 descriptor??
[  406.967256][T27249] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  406.980298][T27249] EXT4-fs (loop3): external journal has bad superblock
[  407.045166][T27263] loop9: detected capacity change from 0 to 128
[  407.159548][T27274] loop9: detected capacity change from 0 to 256
[  407.177309][  T556] usb 3-1: USB disconnect, device number 24
[  407.476336][T27286] loop9: detected capacity change from 0 to 40427
[  407.485893][T27286] F2FS-fs (loop9): Found nat_bits in checkpoint
[  407.521324][T27286] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  407.548342][T18064] bio_check_eod: 1571 callbacks suppressed
[  407.548365][T18064] syz-executor: attempt to access beyond end of device
[  407.548365][T18064] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  407.632120][   T28] kauditd_printk_skb: 86 callbacks suppressed
[  407.632138][   T28] audit: type=1326 audit(2134217759.721:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27292 comm="syz.9.11557" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x0
[  407.698944][T27295] loop2: detected capacity change from 0 to 2048
[  407.932640][   T28] audit: type=1400 audit(2134217760.021:3596): avc:  denied  { compute_member } for  pid=27312 comm="syz.3.11564" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  407.970259][  T316] Bluetooth: hci0: Frame reassembly failed (-84)
[  407.976478][   T28] audit: type=1400 audit(2134217760.061:3597): avc:  denied  { ioctl } for  pid=27316 comm="syz.0.11566" path="socket:[136527]" dev="sockfs" ino=136527 ioctlcmd=0x48ca scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  408.002936][T27319] tmpfs: Unknown parameter 'mp'
[  408.019267][   T28] audit: type=1400 audit(2134217760.111:3598): avc:  denied  { read } for  pid=27320 comm="syz.3.11568" path="socket:[135648]" dev="sockfs" ino=135648 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  408.450285][T27323] loop5: detected capacity change from 0 to 1024
[  408.456783][T27323] EXT4-fs: Ignoring removed orlov option
[  408.466916][T27323] EXT4-fs mount: 50 callbacks suppressed
[  408.466939][T27323] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  408.484395][   T28] audit: type=1400 audit(2134217760.571:3599): avc:  denied  { execute } for  pid=27322 comm="syz.5.11569" name="file2" dev="loop5" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  408.507019][   T28] audit: type=1400 audit(2134217760.571:3600): avc:  denied  { nnp_transition } for  pid=27322 comm="syz.5.11569" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process2 permissive=1
[  408.507740][T12639] EXT4-fs (loop5): unmounting filesystem.
[  408.528272][   T28] audit: type=1400 audit(2134217760.571:3601): avc:  denied  { transition } for  pid=27322 comm="syz.5.11569" path="/1164/file1/file2" dev="loop5" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  408.557108][   T28] audit: type=1400 audit(2134217760.581:3602): avc:  denied  { entrypoint } for  pid=27322 comm="syz.5.11569" path="/1164/file1/file2" dev="loop5" ino=16 scontext=system_u:object_r:hugetlbfs_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  408.581967][   T28] audit: type=1400 audit(2134217760.581:3603): avc:  denied  { noatsecure } for  pid=27322 comm="syz.5.11569" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=process permissive=1
[  408.602247][   T28] audit: type=1400 audit(2134217760.581:3604): avc:  denied  { module_request } for  pid=27322 comm="syz.5.11569" kmod="binfmt-0000" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  408.677054][T27333] netlink: 24 bytes leftover after parsing attributes in process `syz.5.11572'.
[  408.703360][T27336] loop5: detected capacity change from 0 to 1024
[  408.710045][T27336] EXT4-fs: Ignoring removed nobh option
[  408.715567][T27336] EXT4-fs: Ignoring removed nobh option
[  408.726616][T27336] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  408.736614][T27341] loop2: detected capacity change from 0 to 512
[  408.744003][T27341] EXT4-fs (loop2): Test dummy encryption mode enabled
[  408.752129][T27341] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.11575: inline data xattr refers to an external xattr inode
[  408.767314][T27341] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.11575: couldn't read orphan inode 12 (err -117)
[  408.768031][T12639] EXT4-fs (loop5): unmounting filesystem.
[  408.780206][T27341] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  408.807758][T12718] EXT4-fs (loop2): unmounting filesystem.
[  408.868393][T27356] loop5: detected capacity change from 0 to 128
[  408.879464][T27356] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  408.887371][T27356] System zones: 1-3, 19-19, 35-36
[  408.892878][T27356] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  408.901794][T27356] ext4 filesystem being mounted at /1170/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  408.914253][T27356] EXT4-fs warning (device loop5): ext4_group_extend:1870: can't shrink FS - resize aborted
[  408.960466][T12639] EXT4-fs (loop5): unmounting filesystem.
[  408.998023][T27370] loop3: detected capacity change from 0 to 1024
[  409.005887][T27370] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  409.014251][T27370] EXT4-fs (loop3): orphan cleanup on readonly fs
[  409.021430][T27370] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz.3.11588: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[  409.039926][T27370] EXT4-fs (loop3): Remounting filesystem read-only
[  409.040532][T27374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  409.046924][T27370] EXT4-fs error (device loop3): ext4_quota_enable:6982: comm syz.3.11588: Bad quota inode: 3, type: 0
[  409.072694][T27370] EXT4-fs (loop3): Remounting filesystem read-only
[  409.079458][T27370] EXT4-fs warning (device loop3): ext4_enable_quotas:7023: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  409.094742][T27370] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  409.101624][T27370] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  409.131587][T27382] loop2: detected capacity change from 0 to 256
[  409.138169][T27382] exfat: Deprecated parameter 'namecase'
[  409.138865][T12224] EXT4-fs (loop3): unmounting filesystem.
[  409.147468][T27382] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  409.177532][T27388] loop5: detected capacity change from 0 to 512
[  409.209946][T27388] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  409.223118][T27388] ext4 filesystem being mounted at /1175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  409.245420][T27388] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #2: comm syz.5.11596: corrupted inode contents
[  409.263554][T27388] EXT4-fs error (device loop5): ext4_dirty_inode:6091: inode #2: comm syz.5.11596: mark_inode_dirty error
[  409.277102][T27388] EXT4-fs error (device loop5): ext4_do_update_inode:5226: inode #2: comm syz.5.11596: corrupted inode contents
[  409.290531][T27388] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.11596: mark_inode_dirty error
[  409.328218][T12639] EXT4-fs (loop5): unmounting filesystem.
[  409.501150][T27430] netlink: 'syz.5.11613': attribute type 4 has an invalid length.
[  409.509023][T27430] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.11613'.
[  409.566858][T27441] input: syz1 as /devices/virtual/input/input66
[  409.584303][T27443] loop5: detected capacity change from 0 to 512
[  409.595157][T27443] EXT4-fs: Ignoring removed mblk_io_submit option
[  409.636346][T27443] EXT4-fs error (device loop5): ext4_get_branch:178: inode #13: block 2: comm syz.5.11619: invalid block
[  409.646764][T27453] loop9: detected capacity change from 0 to 256
[  409.663904][T27453] exfat: Unknown parameter '0xffffffffffffffffÿÿ'
[  409.671050][T27443] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.11619: invalid indirect mapped block 10 (level 1)
[  409.694982][T27443] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.11619: invalid indirect mapped block 8 (level 1)
[  409.733296][T27443] EXT4-fs (loop5): 1 truncate cleaned up
[  409.740035][T27460] loop3: detected capacity change from 0 to 256
[  409.743084][T27463] loop2: detected capacity change from 0 to 512
[  409.746289][T27443] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  409.766066][T27460] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  409.782064][T12639] EXT4-fs (loop5): unmounting filesystem.
[  409.788763][T27463] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  409.797850][T27463] ext4 filesystem being mounted at /1262/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.817809][T27463] EXT4-fs (loop2): shut down requested (1)
[  409.836446][T12718] EXT4-fs (loop2): unmounting filesystem.
[  409.842313][   T43] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  409.919878][T27486] loop5: detected capacity change from 0 to 1024
[  409.935402][T27494] SELinux:  Context system_u:object_r:ssh_exec_t:s0 is not valid (left unmapped).
[  409.944662][T27486] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  409.956890][T27486] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  409.974100][T27486] EXT4-fs (loop5): invalid journal inode
[  409.979771][T17634] Bluetooth: hci0: command 0x1003 tx timeout
[  409.985583][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  410.005005][T27501] netlink: 96 bytes leftover after parsing attributes in process `syz.2.11646'.
[  410.013969][T27486] EXT4-fs (loop5): can't get journal size
[  410.029973][T27486] EXT4-fs error (device loop5): ext4_protect_reserved_inode:182: inode #3: comm syz.5.11638: blocks 2-2 from inode overlap system zone
[  410.055255][T27486] EXT4-fs (loop5): failed to initialize system zone (-117)
[  410.062567][T27486] EXT4-fs (loop5): mount failed
[  410.096937][T27528] loop2: detected capacity change from 0 to 512
[  410.120938][T27534] xt_hashlimit: size too large, truncated to 1048576
[  410.121144][T27528] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.11656: casefold flag without casefold feature
[  410.147429][T27532] loop5: detected capacity change from 0 to 512
[  410.154566][T27528] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.11656: couldn't read orphan inode 15 (err -117)
[  410.168890][T27532] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.11657: inode #1: comm syz.5.11657: iget: illegal inode #
[  410.188215][T27532] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.11657: error while reading EA inode 1 err=-117
[  410.205955][T27528] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  410.214588][T27532] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.11657: inode #1: comm syz.5.11657: iget: illegal inode #
[  410.237481][T12718] EXT4-fs (loop2): unmounting filesystem.
[  410.243245][T27532] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.11657: error while reading EA inode 1 err=-117
[  410.261737][T27532] EXT4-fs (loop5): 1 orphan inode deleted
[  410.275013][T27532] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  410.305692][T12639] EXT4-fs (loop5): unmounting filesystem.
[  410.386942][T27541] input: syz0 as /devices/virtual/input/input67
[  410.751333][T27600] netlink: 60 bytes leftover after parsing attributes in process `syz.0.11683'.
[  410.874779][T27613] loop3: detected capacity change from 0 to 256
[  411.074947][ T1204] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  411.116089][T27628] loop3: detected capacity change from 0 to 40427
[  411.122989][T27628] F2FS-fs (loop3): fault_injection options not supported
[  411.130696][T27628] F2FS-fs (loop3): invalid crc value
[  411.137110][T27628] F2FS-fs (loop3): Found nat_bits in checkpoint
[  411.172442][T27628] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  411.190820][T12224] syz-executor: attempt to access beyond end of device
[  411.190820][T12224] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  411.254982][ T1204] usb 1-1: Using ep0 maxpacket: 16
[  411.261490][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  411.261706][T27633] loop5: detected capacity change from 0 to 1024
[  411.279216][T27633] EXT4-fs: Ignoring removed nobh option
[  411.282875][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.284642][T27633] EXT4-fs: Ignoring removed mblk_io_submit option
[  411.301139][T27633] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  411.302574][ T1204] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  411.318207][T27633] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  411.321461][ T1204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.345078][ T1204] usb 1-1: config 0 descriptor??
[  411.351217][T12639] EXT4-fs (loop5): unmounting filesystem.
[  411.422174][T27653] mmap: syz.5.11707 (27653): VmData 24899584 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  411.613185][T27672] loop2: detected capacity change from 0 to 256
[  411.619908][T27672] FAT-fs (loop2): bogus logical sector size 0
[  411.625845][T27672] FAT-fs (loop2): Can't find a valid FAT filesystem
[  411.656920][T27674] random: crng reseeded on system resumption
[  411.683700][T27677] loop2: detected capacity change from 0 to 256
[  411.692508][T27674] loop9: detected capacity change from 0 to 512
[  411.696967][T27677] FAT-fs (loop2): Directory bread(block 64) failed
[  411.699802][T27674] EXT4-fs: Ignoring removed bh option
[  411.705421][T27677] FAT-fs (loop2): Directory bread(block 65) failed
[  411.711084][T27674] EXT4-fs (loop9): failed to open journal device unknown-block(0,0) -6
[  411.716608][T27677] FAT-fs (loop2): Directory bread(block 66) failed
[  411.731114][T27677] FAT-fs (loop2): Directory bread(block 67) failed
[  411.737644][T27677] FAT-fs (loop2): Directory bread(block 68) failed
[  411.744049][T27677] FAT-fs (loop2): Directory bread(block 69) failed
[  411.750443][T27677] FAT-fs (loop2): Directory bread(block 70) failed
[  411.757068][T27677] FAT-fs (loop2): Directory bread(block 71) failed
[  411.758171][ T1204] appleir 0003:05AC:8241.003C: unknown main item tag 0x0
[  411.763483][T27677] FAT-fs (loop2): Directory bread(block 72) failed
[  411.770336][ T1204] appleir 0003:05AC:8241.003C: unknown main item tag 0x0
[  411.770368][ T1204] appleir 0003:05AC:8241.003C: unknown main item tag 0x0
[  411.770458][ T1204] appleir 0003:05AC:8241.003C: unknown main item tag 0x0
[  411.778719][T27677] FAT-fs (loop2): Directory bread(block 73) failed
[  411.786500][ T1204] appleir 0003:05AC:8241.003C: unknown main item tag 0x0
[  411.810721][ T1204] appleir 0003:05AC:8241.003C: No inputs registered, leaving
[  411.820655][ T4604] kworker/u4:7: attempt to access beyond end of device
[  411.820655][ T4604] loop2: rw=1, sector=1224, nr_sectors = 12 limit=256
[  411.835687][ T1204] appleir 0003:05AC:8241.003C: hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  411.874274][T27682] SELinux:  Context system_u:object_r:crypt_device_t:s0 is not valid (left unmapped).
[  411.903544][T27686] device bridge0 entered promiscuous mode
[  411.909437][T27685] device bridge0 left promiscuous mode
[  411.937359][T27691] device vlan3 entered promiscuous mode
[  412.065813][  T556] usb 1-1: USB disconnect, device number 22
[  412.197408][T27704] loop2: detected capacity change from 0 to 256
[  412.203669][T27704] exfat: Deprecated parameter 'namecase'
[  412.209273][T27704] exfat: Deprecated parameter 'namecase'
[  412.217474][T27704] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  412.401793][T27706] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.408787][T27706] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.416344][T27706] device bridge_slave_0 entered promiscuous mode
[  412.423374][T27706] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.430518][T27706] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.437997][T27706] device bridge_slave_1 entered promiscuous mode
[  412.489935][T27717] loop5: detected capacity change from 0 to 2048
[  412.496949][T27717] ext4: Bad value for 'auto_da_alloc'
[  412.510800][T27706] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.517684][T27706] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.524754][T27706] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.531584][T27706] bridge0: port 1(bridge_slave_0) entered forwarding state
[  412.555828][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  412.563413][  T316] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.578153][  T316] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.600575][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  412.609064][T27721] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11737'.
[  412.611303][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.624289][T27721] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11737'.
[  412.624798][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  412.640650][T27721] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11737'.
[  412.640672][T27721] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11737'.
[  412.676303][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  412.684676][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.691650][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.701196][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  412.715491][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  412.736630][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  412.753038][T27706] device veth0_vlan entered promiscuous mode
[  412.761017][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  412.770512][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  412.778236][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  412.793129][T27706] device veth1_macvtap entered promiscuous mode
[  412.802604][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  412.816827][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  412.848488][   T28] kauditd_printk_skb: 40 callbacks suppressed
[  412.848505][   T28] audit: type=1400 audit(2134217764.941:3644): avc:  denied  { mounton } for  pid=27706 comm="syz-executor" path="/root/syzkaller.t9WKGp/syz-tmp" dev="sda1" ino=2000 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  412.879085][T27737] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11745'.
[  412.897872][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  412.907709][   T28] audit: type=1400 audit(2134217764.981:3645): avc:  denied  { mounton } for  pid=27706 comm="syz-executor" path="/root/syzkaller.t9WKGp/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=138713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  412.940657][T27738] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=210 sclass=netlink_route_socket pid=27738 comm=syz.0.11744
[  412.953854][   T28] audit: type=1400 audit(2134217764.981:3646): avc:  denied  { mounton } for  pid=27706 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=522 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  412.977175][   T28] audit: type=1400 audit(2134217764.981:3647): avc:  denied  { mounton } for  pid=27706 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  412.990998][T27724] loop5: detected capacity change from 0 to 40427
[  413.008219][T27724] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  413.021618][   T28] audit: type=1400 audit(2134217765.111:3648): avc:  denied  { read write } for  pid=27739 comm="syz.1.11731" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  413.021782][T27724] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  413.045339][   T28] audit: type=1400 audit(2134217765.111:3649): avc:  denied  { open } for  pid=27739 comm="syz.1.11731" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  413.079998][T27724] F2FS-fs (loop5): invalid crc value
[  413.097539][T27724] F2FS-fs (loop5): Found nat_bits in checkpoint
[  413.121083][T27752] device vlan2 entered promiscuous mode
[  413.147127][   T28] audit: type=1400 audit(2134217765.241:3650): avc:  denied  { map } for  pid=27753 comm="syz.0.11750" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=137776 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  413.174607][   T28] audit: type=1400 audit(2134217765.261:3651): avc:  denied  { write } for  pid=27753 comm="syz.0.11750" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=137776 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  413.209596][T27724] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  413.219445][T27724] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  413.244669][T12639] syz-executor: attempt to access beyond end of device
[  413.244669][T12639] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  413.413094][T27758] loop9: detected capacity change from 0 to 40427
[  413.422366][T27758] F2FS-fs (loop9): Found nat_bits in checkpoint
[  413.446789][T27773] loop1: detected capacity change from 0 to 1024
[  413.453501][T27773] EXT4-fs: Ignoring removed nobh option
[  413.458970][T27773] EXT4-fs: Ignoring removed mblk_io_submit option
[  413.465518][T27773] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  413.474062][T27774] netlink: 60 bytes leftover after parsing attributes in process `syz.5.11752'.
[  413.477487][T27758] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  413.504567][T18064] syz-executor: attempt to access beyond end of device
[  413.504567][T18064] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  413.520909][T27773] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  413.543002][T27773] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.11756: Allocating blocks 497-513 which overlap fs metadata
[  413.572895][T27772] EXT4-fs (loop1): pa ffff888145f011f8: logic 32, phys. 177, len 21
[  413.580875][T27772] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  413.603827][T27706] EXT4-fs (loop1): unmounting filesystem.
[  413.665134][T27787] binder: 27786:27787 unknown command 24
[  413.670666][T27787] binder: 27786:27787 ioctl c0306201 200003c0 returned -22
[  413.709586][T27792] loop9: detected capacity change from 0 to 512
[  413.715443][T27783] futex_wake_op: syz.1.11759 tries to shift op by -1; fix this program
[  413.716017][T27792] EXT4-fs: Ignoring removed i_version option
[  413.730501][T27792] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  413.744585][T27792] EXT4-fs (loop9): 1 truncate cleaned up
[  413.750614][T27792] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  413.762462][   T28] audit: type=1400 audit(2134217765.851:3652): avc:  denied  { map } for  pid=27790 comm="syz.9.11762" path="/916/bus/cpu.stat" dev="loop9" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  413.788215][T18064] EXT4-fs (loop9): unmounting filesystem.
[  413.806597][T27797] loop9: detected capacity change from 0 to 1024
[  413.813051][T27797] EXT4-fs: Ignoring removed nobh option
[  413.817734][T27799] loop1: detected capacity change from 0 to 512
[  413.822699][T27797] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #11: comm syz.9.11763: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  413.827006][T27799] EXT4-fs (loop1): failed to initialize system zone (-117)
[  413.844161][T27797] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.11763: couldn't read orphan inode 11 (err -117)
[  413.850153][T27799] EXT4-fs (loop1): mount failed
[  413.862740][T27797] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  413.878829][T27797] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:477: comm syz.9.11763: Invalid block bitmap block 0 in block_group 0
[  413.892551][T27797] Quota error (device loop9): write_blk: dquota write failed
[  413.900234][T27797] EXT4-fs error (device loop9): ext4_acquire_dquot:6788: comm syz.9.11763: Failed to acquire dquot type 0
[  413.912620][T27797] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.11763: Invalid inode bitmap blk 137438953472 in block_group 0
[  413.931513][ T4604] EXT4-fs error (device loop9): __ext4_get_inode_loc:4508: comm kworker/u4:7: Invalid inode table block 8589934593 in block_group 0
[  413.946262][T18064] EXT4-fs (loop9): unmounting filesystem.
[  414.092676][T27805] loop1: detected capacity change from 0 to 40427
[  414.099514][T27805] F2FS-fs (loop1): fault_type options not supported
[  414.106928][T27805] F2FS-fs (loop1): invalid crc value
[  414.113118][T27805] F2FS-fs (loop1): Found nat_bits in checkpoint
[  414.155645][T27805] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  414.193686][T27805] netlink: 'syz.1.11767': attribute type 11 has an invalid length.
[  414.341771][T27827] loop1: detected capacity change from 0 to 2048
[  414.356523][T27827] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  414.378183][T27706] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  414.405445][T27706] EXT4-fs (loop1): unmounting filesystem.
[  414.447753][T27837] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[  414.459656][T27839] loop3: detected capacity change from 0 to 256
[  414.472290][T27839] exfat: Deprecated parameter 'utf8'
[  414.481963][T27839] exfat: Deprecated parameter 'namecase'
[  414.487963][T27839] exfat: Deprecated parameter 'utf8'
[  414.496759][T27839] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  414.516281][T27839] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  414.524573][T27839] exFAT-fs (loop3): hint_cluster is invalid (1)
[  414.531854][T27839] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000)
[  414.540848][T27839] exFAT-fs (loop3): error, failed to bmap (inode : ffff888118375150 iblock : 9, err : -5)
[  414.562996][T27839] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  414.570772][T27839] exFAT-fs (loop3): error, tried to truncate zeroed cluster.
[  414.592323][  T316] kworker/u4:3: attempt to access beyond end of device
[  414.592323][  T316] loop3: rw=1, sector=34359738494, nr_sectors = 1 limit=256
[  414.612104][  T316] buffer_io_error: 14 callbacks suppressed
[  414.612127][  T316] Buffer I/O error on dev loop3, logical block 34359738494, lost async page write
[  414.628991][T27848] binder: 27847:27848 ioctl 4018620d 0 returned -22
[  414.635648][  T316] kworker/u4:3: attempt to access beyond end of device
[  414.635648][  T316] loop3: rw=1, sector=34359738495, nr_sectors = 1 limit=256
[  414.650432][  T316] Buffer I/O error on dev loop3, logical block 34359738495, lost async page write
[  414.870105][T27876] loop3: detected capacity change from 0 to 128
[  414.876844][T27876] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  414.890160][T27878] loop9: detected capacity change from 0 to 256
[  414.900595][T27878] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  414.906536][T12224] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  414.922323][T12224] FAT-fs (loop3): Filesystem has been set read-only
[  414.929771][T12224] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  414.952780][T12224] bridge0: port 4(syz_tun) entered disabled state
[  414.960358][T12224] device syz_tun left promiscuous mode
[  414.967182][T12224] bridge0: port 4(syz_tun) entered disabled state
[  415.005666][  T363] tipc: Disabling bearer <udp:syz2>
[  415.010902][  T363] tipc: Left network mode
[  415.144678][T27894] loop9: detected capacity change from 0 to 1024
[  415.159580][T27894] EXT4-fs: Ignoring removed orlov option
[  415.175569][T27894] EXT4-fs: Ignoring removed oldalloc option
[  415.188315][T27894] EXT4-fs (loop9): Test dummy encryption mode enabled
[  415.217028][T27894] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  415.229707][T12224] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  415.271338][T18064] EXT4-fs (loop9): unmounting filesystem.
[  415.336831][  T363] device gretap0 left promiscuous mode
[  415.347391][  T363] bridge0: port 3(vlan2) entered disabled state
[  415.361474][  T363] device vlan2 left promiscuous mode
[  415.373181][  T363] bridge0: port 3(vlan2) entered disabled state
[  415.395103][T27912] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11819'.
[  415.404911][T27914] loop5: detected capacity change from 0 to 512
[  415.449743][T27914] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  415.458650][T27914] ext4 filesystem being mounted at /1214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.469709][T27914] EXT4-fs (loop5): unmounting filesystem.
[  415.529235][  T363] device bridge_slave_1 left promiscuous mode
[  415.535367][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.543130][  T363] device bridge_slave_0 left promiscuous mode
[  415.549948][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.558984][  T363] device veth1_macvtap left promiscuous mode
[  415.565156][  T363] device veth0_vlan left promiscuous mode
[  415.829544][T27949] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  415.894936][  T556] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  415.919990][T27929] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.927575][T27929] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.935335][T27929] device bridge_slave_0 entered promiscuous mode
[  415.944323][T27929] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.951616][T27929] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.959310][T27929] device bridge_slave_1 entered promiscuous mode
[  415.967864][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x1
[  415.990172][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.002189][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.023788][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.044187][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.064108][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.083641][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.091281][  T556] usb 2-1: Using ep0 maxpacket: 16
[  416.097462][  T556] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  416.114918][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.126032][  T556] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  416.137795][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.145843][  T556] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.162926][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x2
[  416.183100][  T556] usb 2-1: Product: syz
[  416.187189][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.194396][  T556] usb 2-1: Manufacturer: syz
[  416.199242][  T556] usb 2-1: SerialNumber: syz
[  416.211138][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  416.214661][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.225987][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  416.234573][  T556] usb 2-1: config 0 descriptor??
[  416.243218][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  416.245351][  T556] snd-usb-audio: probe of 2-1:0.0 failed with error -2
[  416.257948][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.259116][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  416.265208][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.281117][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.285522][  T363] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.288397][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.295191][  T363] bridge0: port 1(bridge_slave_0) entered forwarding state
[  416.302473][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.316778][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.323984][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.331394][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.338762][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  416.346291][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.353498][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.361123][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.371202][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  416.379692][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  416.387664][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.395144][  T363] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.402030][  T363] bridge0: port 2(bridge_slave_1) entered forwarding state
[  416.409312][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.416797][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.434309][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  416.444751][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.452338][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  416.460209][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.467821][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  416.476068][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.483291][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.501465][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  416.510118][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  416.517740][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.524500][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  416.532328][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.532840][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  416.542631][ T3745] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0
[  416.555206][T27929] device veth0_vlan entered promiscuous mode
[  416.567792][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  416.576293][ T3745] hid-generic 0000:0000:0000.003D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  416.577902][T27929] device veth1_macvtap entered promiscuous mode
[  416.595221][  T305] usb 2-1: USB disconnect, device number 19
[  416.622227][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  416.650872][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  416.666963][T27976] syz.5.11842[27976] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.667046][T27976] syz.5.11842[27976] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  416.682212][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  416.709495][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  416.804339][T27988] binder: 27987:27988 ioctl 40046205 0 returned -22
[  417.156202][T28001] loop8: detected capacity change from 0 to 40427
[  417.163990][T28001] F2FS-fs (loop8): invalid crc value
[  417.170997][T28001] F2FS-fs (loop8): Found nat_bits in checkpoint
[  417.227069][T28001] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  417.282784][T27929] syz-executor: attempt to access beyond end of device
[  417.282784][T27929] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  417.429295][T28047] loop8: detected capacity change from 0 to 1024
[  417.450285][T28047] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  417.458983][T28047] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  417.480893][  T316] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm kworker/u4:3: bg 0: block 393: padding at end of block bitmap is not set
[  417.496321][  T316] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117
[  417.510962][  T316] EXT4-fs (loop8): This should not happen!! Data will be lost
[  417.510962][  T316] 
[  417.521713][T27929] EXT4-fs (loop8): unmounting filesystem.
[  417.768286][T28097] loop5: detected capacity change from 0 to 1024
[  417.791122][T28097] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  417.799862][T28097] ext4 filesystem being mounted at /1243/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  417.824343][  T363] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm kworker/u4:4: bg 0: block 393: padding at end of block bitmap is not set
[  417.838995][  T363] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 117
[  417.853799][  T363] EXT4-fs (loop5): This should not happen!! Data will be lost
[  417.853799][  T363] 
[  417.865769][T12639] EXT4-fs (loop5): unmounting filesystem.
[  417.875133][  T305] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  417.981762][T28125] binder: 28124:28125 ioctl c0306201 0 returned -14
[  418.075396][  T305] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  418.094943][  T305] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  418.098970][T28141] loop9: detected capacity change from 0 to 1024
[  418.110427][  T305] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  418.124717][  T305] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  418.138630][  T305] usb 9-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  418.147605][  T305] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.156267][  T305] usb 9-1: config 0 descriptor??
[  418.173867][T28141] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none.
[  418.271409][T28157] loop1: detected capacity change from 0 to 1024
[  418.278943][T18064] EXT4-fs (loop9): unmounting filesystem.
[  418.285839][T28157] EXT4-fs: Ignoring removed orlov option
[  418.291984][T28157] EXT4-fs: Ignoring removed nomblk_io_submit option
[  418.340057][T28157] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  418.372135][T27706] EXT4-fs (loop1): unmounting filesystem.
[  418.455976][T28183] syz.0.11943[28183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  418.456081][T28183] syz.0.11943[28183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  418.472403][T28185] loop5: detected capacity change from 0 to 1024
[  418.511879][T28185] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  418.565350][T12639] EXT4-fs (loop5): unmounting filesystem.
[  418.574377][  T305] hid-rmi 0003:17EF:6085.003E: hidraw0: USB HID v0.00 Device [HID 17ef:6085] on usb-dummy_hcd.8-1/input0
[  418.574733][T28195] syz.9.11947[28195] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  418.586623][T28195] syz.9.11947[28195] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  418.637527][T28177] loop1: detected capacity change from 0 to 40427
[  418.659427][T28177] F2FS-fs (loop1): Found nat_bits in checkpoint
[  418.707672][T28177] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  418.748399][T28177] syz.1.11937: attempt to access beyond end of device
[  418.748399][T28177] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  418.774341][T27706] syz-executor: attempt to access beyond end of device
[  418.774341][T27706] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  418.780956][ T3745] usb 9-1: USB disconnect, device number 7
[  418.844957][ T1204] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  418.907733][T28207] loop9: detected capacity change from 0 to 512
[  418.917399][T28207] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  418.926245][T28207] ext4 filesystem being mounted at /955/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  418.951637][T18064] EXT4-fs (loop9): unmounting filesystem.
[  419.046148][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.057369][T28232] devpts: called with bogus options
[  419.057400][ T1204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.076943][ T1204] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  419.090158][ T1204] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  419.105889][ T1204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.114553][ T1204] usb 1-1: config 0 descriptor??
[  419.369554][T28242] loop1: detected capacity change from 0 to 512
[  419.387184][T28242] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  419.396122][T28242] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  419.401418][T28247] loop8: detected capacity change from 0 to 512
[  419.412800][T28247] EXT4-fs: Ignoring removed nomblk_io_submit option
[  419.419645][T28247] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  419.432338][T28247] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  419.432911][T27706] EXT4-fs (loop1): unmounting filesystem.
[  419.440730][T28247] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[  419.454027][T28247] EXT4-fs (loop8): couldn't mount RDWR because of unsupported optional features (80)
[  419.463532][T28247] EXT4-fs (loop8): Skipping orphan cleanup due to unknown ROCOMPAT features
[  419.472346][T28247] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[  419.481169][T28247] EXT4-fs (loop8): unmounting filesystem.
[  419.524035][ T1204] plantronics 0003:047F:FFFF.003F: unknown main item tag 0x0
[  419.537672][ T1204] plantronics 0003:047F:FFFF.003F: No inputs registered, leaving
[  419.555106][ T1204] plantronics 0003:047F:FFFF.003F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  419.635584][T28268] xt_NFQUEUE: number of queues (32773) out of range (got 79881)
[  419.795825][  T305] usb 1-1: USB disconnect, device number 23
[  419.825524][T28299] overlayfs: missing 'lowerdir'
[  419.843534][T28301] loop1: detected capacity change from 0 to 512
[  419.850231][T28301] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  419.861640][T28301] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  419.879189][T28301] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.11981: invalid block
[  419.880856][T28304] loop5: detected capacity change from 0 to 256
[  419.891423][T28301] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.11981: invalid indirect mapped block 4294967295 (level 1)
[  419.911330][T28301] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.11981: invalid indirect mapped block 4294967295 (level 1)
[  419.925539][T28301] EXT4-fs (loop1): 2 truncates cleaned up
[  419.931074][T28301] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  420.014911][ T3745] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  420.194906][ T3745] usb 9-1: Using ep0 maxpacket: 16
[  420.200961][ T3745] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.211709][ T3745] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.221209][ T3745] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  420.230072][ T3745] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.238332][ T3745] usb 9-1: config 0 descriptor??
[  420.311568][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  420.311586][   T28] audit: type=1400 audit(2134217772.401:3675): avc:  denied  { bind } for  pid=28306 comm="syz.9.11984" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  420.593118][T28334] netlink: 104 bytes leftover after parsing attributes in process `syz.9.11995'.
[  420.614976][ T1125] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  420.647003][ T3745] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0040/input/input68
[  420.681729][T27706] EXT4-fs (loop1): unmounting filesystem.
[  420.718508][T28345] devpts: called with bogus options
[  420.727300][ T3745] appleir 0003:05AC:8241.0040: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  420.759150][T28352] loop1: detected capacity change from 0 to 2048
[  420.804906][ T1125] usb 1-1: Using ep0 maxpacket: 16
[  420.811200][ T1125] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  420.820701][ T1125] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  420.826613][T28352] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  420.830798][ T1125] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  420.854957][ T1125] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  420.865776][ T1125] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.865821][T28352] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  420.888144][ T1125] usb 1-1: Product: syz
[  420.892166][ T1125] usb 1-1: Manufacturer: syz
[  420.896650][ T1125] usb 1-1: SerialNumber: syz
[  420.903476][T28352] overlayfs: failed to set xattr on upper
[  420.908648][T19610] usb 9-1: USB disconnect, device number 8
[  420.931312][T27706] EXT4-fs (loop1): unmounting filesystem.
[  420.951942][   T28] audit: type=1401 audit(2134217773.041:3676): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  420.968721][T28380] loop5: detected capacity change from 0 to 512
[  420.992262][T28380] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  421.001335][T28380] ext4 filesystem being mounted at /1269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.014350][T28388] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  421.024052][T28388] FAT-fs (loop19): unable to read boot sector
[  421.055316][T12639] EXT4-fs (loop5): unmounting filesystem.
[  421.105867][ T1125] usb 1-1: 0:2 : does not exist
[  421.115657][ T1125] usb 1-1: 1:0: cannot get min/max values for control 4 (id 1)
[  421.131995][ T1125] usb 1-1: USB disconnect, device number 24
[  421.234647][T28411] loop9: detected capacity change from 0 to 256
[  421.243791][T28411] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  421.270766][T28411] syz.9.12029: attempt to access beyond end of device
[  421.270766][T28411] loop9: rw=524288, sector=440, nr_sectors = 256 limit=256
[  421.286103][T28411] syz.9.12029: attempt to access beyond end of device
[  421.286103][T28411] loop9: rw=524288, sector=696, nr_sectors = 256 limit=256
[  421.300094][T28411] syz.9.12029: attempt to access beyond end of device
[  421.300094][T28411] loop9: rw=0, sector=440, nr_sectors = 8 limit=256
[  421.313893][T28411] syz.9.12029: attempt to access beyond end of device
[  421.313893][T28411] loop9: rw=0, sector=440, nr_sectors = 8 limit=256
[  421.328132][T28411] syz.9.12029: attempt to access beyond end of device
[  421.328132][T28411] loop9: rw=0, sector=440, nr_sectors = 8 limit=256
[  421.408961][T28431] loop5: detected capacity change from 0 to 128
[  421.420482][T28433] loop1: detected capacity change from 0 to 16
[  421.424946][T28431] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  421.428035][T28433] erofs: (device loop1): mounted with root inode @ nid 36.
[  421.436840][T28431] ext4 filesystem being mounted at /1276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.476814][T12639] EXT4-fs (loop5): unmounting filesystem.
[  421.515830][T28448] loop1: detected capacity change from 0 to 512
[  421.522706][T28448] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  421.555814][T28448] EXT4-fs (loop1): 1 truncate cleaned up
[  421.561295][T28448] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  421.597649][T27706] EXT4-fs (loop1): unmounting filesystem.
[  421.631977][T28466] loop8: detected capacity change from 0 to 256
[  421.715818][  T316] Bluetooth: hci0: Frame reassembly failed (-84)
[  421.874933][T19610] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  421.904925][ T1125] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  422.054901][T19610] usb 2-1: Using ep0 maxpacket: 16
[  422.060923][T19610] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.071731][T19610] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  422.081350][T19610] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  422.090193][T19610] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.094970][ T1125] usb 10-1: Using ep0 maxpacket: 8
[  422.098681][T19610] usb 2-1: config 0 descriptor??
[  422.104258][ T1125] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.118538][ T1125] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  422.128274][ T1125] usb 10-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  422.137434][ T1125] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.147064][ T1125] usb 10-1: config 0 descriptor??
[  422.512071][T19610] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:05AC:8241.0041/input/input69
[  422.555984][ T1125] smartjoyplus 0003:6666:8804.0042: bogus close delimiter
[  422.562990][ T1125] smartjoyplus 0003:6666:8804.0042: item 0 1 2 10 parsing failed
[  422.570768][ T1125] smartjoyplus 0003:6666:8804.0042: parse failed
[  422.577006][ T1125] smartjoyplus: probe of 0003:6666:8804.0042 failed with error -22
[  422.586698][T19610] appleir 0003:05AC:8241.0041: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  422.716689][ T1125] usb 2-1: USB disconnect, device number 20
[  422.760918][   T19] usb 10-1: USB disconnect, device number 14
[  423.314149][T28493] loop1: detected capacity change from 0 to 512
[  423.331295][T28493] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  423.343614][T28493] EXT4-fs (loop1): 1 truncate cleaned up
[  423.349905][T28493] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  423.371846][T27706] EXT4-fs (loop1): unmounting filesystem.
[  423.556478][   T28] audit: type=1326 audit(2134217775.651:3677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28502 comm="syz.9.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b15785d29 code=0x7fc00000
[  423.734931][T17633] Bluetooth: hci0: command 0x1003 tx timeout
[  423.740781][T27505] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  423.747258][T28481] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  423.774934][T19610] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  423.964925][T19610] usb 2-1: Using ep0 maxpacket: 8
[  423.970831][T19610] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  423.981649][T19610] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  423.991233][T19610] usb 2-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  424.000083][T19610] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.008433][T19610] usb 2-1: config 0 descriptor??
[  424.237375][   T28] audit: type=1326 audit(2134217776.331:3678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28502 comm="syz.9.12069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5b15785d29 code=0x7fc00000
[  424.274001][T28527] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  424.283298][T28527] FAT-fs (loop8): unable to read boot sector
[  424.341159][   T28] audit: type=1400 audit(2134217776.431:3679): avc:  denied  { bind } for  pid=28534 comm="syz.0.12083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  424.377235][T28541] loop8: detected capacity change from 0 to 256
[  424.415694][T19610] logitech 0003:046D:C24F.0043: unbalanced collection at end of report description
[  424.425580][T19610] logitech 0003:046D:C24F.0043: parse failed
[  424.431418][T19610] logitech: probe of 0003:046D:C24F.0043 failed with error -22
[  424.458609][T28553] xt_hashlimit: size too large, truncated to 1048576
[  424.487312][   T28] audit: type=1400 audit(2134217776.581:3680): avc:  denied  { mount } for  pid=28557 comm="syz.8.12093" name="/" dev="ramfs" ino=141920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  424.534984][  T305] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  424.599055][T28566] loop5: detected capacity change from 0 to 256
[  424.605482][T28566] exfat: Deprecated parameter 'namecase'
[  424.613442][T28566] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  424.626148][   T19] usb 2-1: USB disconnect, device number 21
[  424.630375][   T28] audit: type=1400 audit(2134217776.721:3681): avc:  denied  { rename } for  pid=28565 comm="syz.5.12096" name="file1" dev="loop5" ino=1049463 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  424.711838][T28574] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12100'.
[  424.720888][T28574] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12100'.
[  424.724978][  T305] usb 10-1: Using ep0 maxpacket: 16
[  424.743142][  T305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.767364][  T305] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.778920][  T305] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  424.789678][  T305] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.799827][  T305] usb 10-1: config 0 descriptor??
[  424.871066][T28592] loop5: detected capacity change from 0 to 512
[  424.877404][T28592] EXT4-fs: Ignoring removed nobh option
[  424.883342][T28592] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  424.907095][T28592] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  424.916164][T28592] ext4 filesystem being mounted at /1283/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.933292][T28592] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.12109: bg 0: block 224: padding at end of block bitmap is not set
[  424.948273][T28592] EXT4-fs (loop5): Remounting filesystem read-only
[  424.966519][T12639] EXT4-fs (loop5): unmounting filesystem.
[  424.984003][   T43] Bluetooth: hci0: Frame reassembly failed (-84)
[  425.210166][  T305] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.0044/input/input70
[  425.254920][ T1125] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  425.286581][  T305] appleir 0003:05AC:8241.0044: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0
[  425.417343][  T305] usb 10-1: USB disconnect, device number 15
[  425.446073][ T1125] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  425.456872][ T1125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  425.467790][ T1125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.477409][ T1125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  425.486932][ T1125] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 253
[  425.500021][ T1125] usb 1-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  425.509029][ T1125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.517721][ T1125] usb 1-1: config 0 descriptor??
[  425.576460][T28608] loop1: detected capacity change from 0 to 131072
[  425.586116][T28608] F2FS-fs (loop1): Found nat_bits in checkpoint
[  425.626364][T28608] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  425.839305][T28618] loop1: detected capacity change from 0 to 128
[  425.930711][ T1125] elecom 0003:056E:00FE.0045: unknown main item tag 0x0
[  425.937699][ T1125] elecom 0003:056E:00FE.0045: unknown main item tag 0x0
[  425.944627][ T1125] elecom 0003:056E:00FE.0045: unknown main item tag 0x0
[  425.952337][ T1125] elecom 0003:056E:00FE.0045: unknown main item tag 0x0
[  425.961922][ T1125] elecom 0003:056E:00FE.0045: unknown main item tag 0x0
[  425.964649][T28627] loop1: detected capacity change from 0 to 256
[  425.976710][ T1125] elecom 0003:056E:00FE.0045: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.0-1/input0
[  426.029181][T28634] loop9: detected capacity change from 0 to 256
[  426.035569][T28634] exfat: Deprecated parameter 'namecase'
[  426.043590][T28634] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xcd8273f8, utbl_chksum : 0xe619d30d)
[  426.124930][   T19] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  426.134239][T19610] usb 1-1: USB disconnect, device number 25
[  426.314909][   T19] usb 9-1: Using ep0 maxpacket: 16
[  426.320912][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  426.331694][   T19] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  426.341267][   T19] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  426.350391][   T19] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.358806][   T19] usb 9-1: config 0 descriptor??
[  426.766989][   T19] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0046/input/input71
[  426.846541][   T19] appleir 0003:05AC:8241.0046: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  426.915190][  T305] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  426.970306][   T19] usb 9-1: USB disconnect, device number 9
[  427.015433][T17633] Bluetooth: hci0: command 0x1003 tx timeout
[  427.021329][T27505] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  427.027680][T28604] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[  427.046216][T28650] loop1: detected capacity change from 0 to 256
[  427.076563][T28654] tmpfs: Unknown parameter 'mp'
[  427.094920][  T305] usb 1-1: Using ep0 maxpacket: 8
[  427.101060][  T305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  427.117206][T28659] loop1: detected capacity change from 0 to 2048
[  427.123428][  T305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  427.133201][  T305] usb 1-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  427.142577][  T305] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.151090][  T305] usb 1-1: config 0 descriptor??
[  427.222274][T28670] device gretap0 entered promiscuous mode
[  427.228079][T28670] device vlan2 entered promiscuous mode
[  427.234217][T28670] device gretap0 left promiscuous mode
[  427.310322][T28663] loop5: detected capacity change from 0 to 40427
[  427.319447][T28663] F2FS-fs (loop5): Found nat_bits in checkpoint
[  427.357838][T28663] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  427.410977][T12639] syz-executor: attempt to access beyond end of device
[  427.410977][T12639] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  427.449826][   T28] audit: type=1326 audit(2134217779.541:3682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28679 comm="syz.1.12140" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9123b85d29 code=0x0
[  427.558467][  T305] logitech 0003:046D:C24F.0047: unbalanced collection at end of report description
[  427.567980][  T305] logitech 0003:046D:C24F.0047: parse failed
[  427.573827][  T305] logitech: probe of 0003:046D:C24F.0047 failed with error -22
[  427.761714][T28629] usb 1-1: USB disconnect, device number 26
[  427.769689][T28714] netlink: 24 bytes leftover after parsing attributes in process `syz.8.12156'.
[  427.816097][   T19] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  427.842527][T28724] netlink: 104 bytes leftover after parsing attributes in process `syz.8.12160'.
[  427.885669][T28729] loop5: detected capacity change from 0 to 2048
[  427.932363][T28729]  loop5: unable to read partition table
[  427.938009][T28729] loop5: partition table beyond EOD, truncated
[  427.944034][T28729] loop_reread_partitions: partition scan of loop5 () failed (rc=-5)
[  428.004903][   T19] usb 10-1: Using ep0 maxpacket: 16
[  428.011381][   T19] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.022300][   T19] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.032310][   T19] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  428.041278][   T19] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.049700][   T19] usb 10-1: config 0 descriptor??
[  428.054919][    C1] ==================================================================
[  428.063082][    C1] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480
[  428.069936][    C1] Write of size 8 at addr ffff888117b4ca00 by task swapper/1/0
[  428.077316][    C1] 
[  428.079484][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G        W          6.1.118-syzkaller-00015-g770852bf7d99 #0
[  428.090411][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  428.100273][    C1] Call Trace:
[  428.103397][    C1]  <IRQ>
[  428.106091][    C1]  dump_stack_lvl+0x151/0x1b7
[  428.110596][    C1]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  428.115892][    C1]  ? _printk+0xd1/0x111
[  428.119883][    C1]  ? __virt_addr_valid+0x242/0x2f0
[  428.124829][    C1]  print_report+0x158/0x4e0
[  428.129179][    C1]  ? __virt_addr_valid+0x242/0x2f0
[  428.134123][    C1]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  428.140192][    C1]  ? enqueue_timer+0xa6/0x480
[  428.144705][    C1]  kasan_report+0x13c/0x170
[  428.149047][    C1]  ? enqueue_timer+0xa6/0x480
[  428.153561][    C1]  __asan_report_store8_noabort+0x17/0x20
[  428.159116][    C1]  enqueue_timer+0xa6/0x480
[  428.163455][    C1]  __mod_timer+0x8d3/0xcf0
[  428.167706][    C1]  ? __kasan_check_write+0x14/0x20
[  428.172659][    C1]  ? mod_timer_pending+0x30/0x30
[  428.177426][    C1]  ? __kasan_check_write+0x14/0x20
[  428.182372][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  428.187239][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  428.192271][    C1]  ? wg_packet_send_staged_packets+0x34e/0x1510
[  428.198347][    C1]  mod_timer+0x1f/0x30
[  428.202252][    C1]  tipc_disc_timeout+0x681/0x8b0
[  428.207026][    C1]  ? tipc_disc_init_msg+0x640/0x640
[  428.212059][    C1]  ? __kasan_check_write+0x14/0x20
[  428.217003][    C1]  ? _raw_spin_lock_irq+0xa5/0x1b0
[  428.221951][    C1]  ? _raw_spin_lock_irqsave+0x210/0x210
[  428.227336][    C1]  ? tipc_disc_init_msg+0x640/0x640
[  428.232368][    C1]  call_timer_fn+0x3b/0x2d0
[  428.236707][    C1]  ? tipc_disc_init_msg+0x640/0x640
[  428.241742][    C1]  __run_timers+0x72a/0xa10
[  428.246084][    C1]  ? calc_index+0x270/0x270
[  428.250420][    C1]  ? sched_clock+0x9/0x10
[  428.254586][    C1]  ? sched_clock_cpu+0x71/0x2b0
[  428.259277][    C1]  run_timer_softirq+0x69/0xf0
[  428.263874][    C1]  handle_softirqs+0x1db/0x650
[  428.268473][    C1]  ? irqtime_account_irq+0xdc/0x260
[  428.273509][    C1]  __irq_exit_rcu+0x52/0xf0
[  428.277857][    C1]  irq_exit_rcu+0x9/0x10
[  428.281925][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  428.287394][    C1]  </IRQ>
[  428.290172][    C1]  <TASK>
[  428.292952][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  428.298766][    C1] RIP: 0010:acpi_idle_enter+0x416/0x760
[  428.304146][    C1] Code: 89 de 48 83 e6 08 31 ff e8 97 bb 53 fc 48 83 e3 08 0f 85 b1 00 00 00 0f 1f 44 00 00 e8 43 b7 53 fc 0f 00 2d 5c 8e ce 00 fb f4 <fa> e9 e3 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[  428.323585][    C1] RSP: 0018:ffffc90000147c50 EFLAGS: 000002d3
[  428.329491][    C1] RAX: ffffffff8521cefd RBX: 0000000000000000 RCX: ffff8881003ad100
[  428.337303][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  428.345112][    C1] RBP: ffffc90000147c90 R08: ffffffff8521cee9 R09: ffffed1020075a21
[  428.352937][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[  428.360735][    C1] R13: ffff88810a0c4004 R14: dffffc0000000000 R15: ffff88810973e864
[  428.368553][    C1]  ? acpi_idle_enter+0x3f9/0x760
[  428.373321][    C1]  ? acpi_idle_enter+0x40d/0x760
[  428.378106][    C1]  ? intel_idle_xstate+0xa0/0xa0
[  428.382873][    C1]  cpuidle_enter_state+0x5eb/0x17f0
[  428.387908][    C1]  ? cpuidle_enter_s2idle+0x600/0x600
[  428.393113][    C1]  ? menu_enable_device+0x380/0x380
[  428.398149][    C1]  ? __sched_text_start+0x8/0x8
[  428.402833][    C1]  cpuidle_enter+0x5f/0xa0
[  428.407086][    C1]  do_idle+0x3d1/0x580
[  428.410991][    C1]  ? irqentry_exit+0x37/0x40
[  428.415426][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  428.420453][    C1]  ? schedule_idle+0x5b/0x90
[  428.424886][    C1]  ? do_idle+0x572/0x580
[  428.428967][    C1]  cpu_startup_entry+0x44/0x60
[  428.433557][    C1]  start_secondary+0xe3/0xf0
[  428.437990][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[  428.443714][    C1]  </TASK>
[  428.446577][    C1] 
[  428.448746][    C1] Allocated by task 28604:
[  428.453004][    C1]  kasan_set_track+0x4b/0x70
[  428.457429][    C1]  kasan_save_alloc_info+0x1f/0x30
[  428.462375][    C1]  __kasan_kmalloc+0x9c/0xb0
[  428.466806][    C1]  __kmalloc+0xb4/0x1e0
[  428.470796][    C1]  hci_alloc_dev_priv+0x27/0x1c00
[  428.475758][    C1]  hci_uart_tty_ioctl+0x401/0xa70
[  428.480615][    C1]  tty_ioctl+0x903/0xc50
[  428.484697][    C1]  __se_sys_ioctl+0x114/0x190
[  428.489209][    C1]  __x64_sys_ioctl+0x7b/0x90
[  428.493631][    C1]  x64_sys_call+0x98/0x9a0
[  428.497884][    C1]  do_syscall_64+0x3b/0xb0
[  428.502165][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  428.507865][    C1] 
[  428.510040][    C1] Freed by task 28604:
[  428.513954][    C1]  kasan_set_track+0x4b/0x70
[  428.518367][    C1]  kasan_save_free_info+0x2b/0x40
[  428.523231][    C1]  ____kasan_slab_free+0x131/0x180
[  428.528179][    C1]  __kasan_slab_free+0x11/0x20
[  428.532778][    C1]  __kmem_cache_free+0x21d/0x410
[  428.537550][    C1]  kfree+0x7a/0xf0
[  428.541114][    C1]  hci_release_dev+0x14d3/0x1640
[  428.545883][    C1]  bt_host_release+0x83/0xa0
[  428.550308][    C1]  device_release+0x95/0x1c0
[  428.554737][    C1]  kobject_put+0x178/0x260
[  428.559029][    C1]  put_device+0x1f/0x30
[  428.562978][    C1]  hci_dev_cmd+0x2be/0x9b0
[  428.567236][    C1]  hci_sock_ioctl+0x415/0x7f0
[  428.571745][    C1]  sock_do_ioctl+0x152/0x450
[  428.576178][    C1]  sock_ioctl+0x455/0x740
[  428.580358][    C1]  __se_sys_ioctl+0x114/0x190
[  428.584853][    C1]  __x64_sys_ioctl+0x7b/0x90
[  428.589278][    C1]  x64_sys_call+0x98/0x9a0
[  428.593530][    C1]  do_syscall_64+0x3b/0xb0
[  428.597788][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  428.603517][    C1] 
[  428.605686][    C1] Last potentially related work creation:
[  428.611239][    C1]  kasan_save_stack+0x3b/0x60
[  428.615751][    C1]  __kasan_record_aux_stack+0xb4/0xc0
[  428.621075][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  428.626708][    C1]  insert_work+0x56/0x310
[  428.630893][    C1]  __queue_work+0x9b6/0xd70
[  428.635217][    C1]  queue_work_on+0x105/0x170
[  428.639639][    C1]  __hci_cmd_sync_sk+0xc2a/0xf70
[  428.644415][    C1]  hci_cmd_sync_status+0x52/0x130
[  428.649273][    C1]  hci_dev_cmd+0x39e/0x9b0
[  428.653525][    C1]  hci_sock_ioctl+0x415/0x7f0
[  428.658041][    C1]  sock_do_ioctl+0x152/0x450
[  428.662464][    C1]  sock_ioctl+0x455/0x740
[  428.666633][    C1]  __se_sys_ioctl+0x114/0x190
[  428.671145][    C1]  __x64_sys_ioctl+0x7b/0x90
[  428.675570][    C1]  x64_sys_call+0x98/0x9a0
[  428.679823][    C1]  do_syscall_64+0x3b/0xb0
[  428.684082][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  428.689822][    C1] 
[  428.691974][    C1] Second to last potentially related work creation:
[  428.698398][    C1]  kasan_save_stack+0x3b/0x60
[  428.702911][    C1]  __kasan_record_aux_stack+0xb4/0xc0
[  428.708117][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[  428.713760][    C1]  insert_work+0x56/0x310
[  428.717926][    C1]  __queue_work+0x9b6/0xd70
[  428.722267][    C1]  queue_work_on+0x105/0x170
[  428.726692][    C1]  hci_cmd_timeout+0x199/0x200
[  428.731294][    C1]  process_one_work+0x73d/0xcb0
[  428.735982][    C1]  worker_thread+0xa60/0x1260
[  428.740491][    C1]  kthread+0x26d/0x300
[  428.744401][    C1]  ret_from_fork+0x1f/0x30
[  428.748658][    C1] 
[  428.750827][    C1] The buggy address belongs to the object at ffff888117b4c000
[  428.750827][    C1]  which belongs to the cache kmalloc-8k of size 8192
[  428.764713][    C1] The buggy address is located 2560 bytes inside of
[  428.764713][    C1]  8192-byte region [ffff888117b4c000, ffff888117b4e000)
[  428.777991][    C1] 
[  428.780160][    C1] The buggy address belongs to the physical page:
[  428.786413][    C1] page:ffffea00045ed200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117b48
[  428.796477][    C1] head:ffffea00045ed200 order:3 compound_mapcount:0 compound_pincount:0
[  428.804642][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[  428.810555][    C1] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043500
[  428.818962][    C1] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  428.827374][    C1] page dumped because: kasan: bad access detected
[  428.833641][    C1] page_owner tracks the page as allocated
[  428.839187][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 24095, tgid 24094 (syz.9.10174), ts 368595651656, free_ts 357579371062
[  428.862011][    C1]  post_alloc_hook+0x213/0x220
[  428.866607][    C1]  prep_new_page+0x1b/0x110
[  428.870949][    C1]  get_page_from_freelist+0x2f41/0x2fc0
[  428.876325][    C1]  __alloc_pages+0x234/0x610
[  428.880751][    C1]  alloc_slab_page+0x6c/0xf0
[  428.885180][    C1]  new_slab+0x90/0x3e0
[  428.889085][    C1]  ___slab_alloc+0x6f9/0xb80
[  428.893510][    C1]  __slab_alloc+0x5d/0xa0
[  428.897678][    C1]  __kmem_cache_alloc_node+0x207/0x2a0
[  428.902972][    C1]  __kmalloc+0xa3/0x1e0
[  428.906967][    C1]  mb_cache_create+0x171/0x620
[  428.911563][    C1]  ext4_xattr_create_cache+0x13/0x20
[  428.916684][    C1]  ext4_fill_super+0x61c9/0x8460
[  428.921461][    C1]  get_tree_bdev+0x440/0x680
[  428.925888][    C1]  ext4_get_tree+0x1c/0x20
[  428.930138][    C1]  vfs_get_tree+0x88/0x290
[  428.934391][    C1] page last free stack trace:
[  428.938904][    C1]  free_unref_page_prepare+0x83d/0x850
[  428.944285][    C1]  free_unref_page+0xb2/0x5c0
[  428.948811][    C1]  __free_pages+0x61/0xf0
[  428.952968][    C1]  __free_slab+0xce/0x1a0
[  428.957130][    C1]  discard_slab+0x29/0x40
[  428.961297][    C1]  __slab_free+0x205/0x280
[  428.965553][    C1]  ___cache_free+0xc6/0xd0
[  428.969806][    C1]  qlist_free_all+0xc5/0x140
[  428.974236][    C1]  kasan_quarantine_reduce+0x15a/0x180
[  428.979525][    C1]  __kasan_slab_alloc+0x24/0x80
[  428.984221][    C1]  slab_post_alloc_hook+0x53/0x2c0
[  428.989159][    C1]  kmem_cache_alloc+0x175/0x320
[  428.993858][    C1]  getname_flags+0xba/0x520
[  428.998186][    C1]  __x64_sys_symlinkat+0x7c/0xb0
[  429.002968][    C1]  x64_sys_call+0x6fe/0x9a0
[  429.007308][    C1]  do_syscall_64+0x3b/0xb0
[  429.011558][    C1] 
[  429.013720][    C1] Memory state around the buggy address:
[  429.019197][    C1]  ffff888117b4c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  429.027094][    C1]  ffff888117b4c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  429.034991][    C1] >ffff888117b4ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  429.042894][    C1]                    ^
[  429.046797][    C1]  ffff888117b4ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  429.054696][    C1]  ffff888117b4cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  429.062587][    C1] ==================================================================
[  429.070485][    C1] Disabling lock debugging due to kernel taint
[  429.095257][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  429.106806][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  429.115050][    C1] CPU: 1 PID: 91 Comm: klogd Tainted: G    B   W          6.1.118-syzkaller-00015-g770852bf7d99 #0
[  429.125548][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  429.135444][    C1] RIP: 0010:__queue_work+0x4f1/0xd70
[  429.140565][    C1] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 a0 df 71 00 49 8b 3e e8 98 cc d6
[  429.160007][    C1] RSP: 0018:ffffc900001b0c78 EFLAGS: 00010046
[  429.165910][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810ff72880
[  429.173716][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  429.181526][    C1] RBP: ffffc900001b0d00 R08: ffffffff814b186b R09: 0000000000000007
[  429.189339][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888117b4c9c8
[  429.197153][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888117b4c9e0
[  429.204969][    C1] FS:  00007f5a053e4380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  429.213734][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  429.220155][    C1] CR2: 0000001b2c41dff8 CR3: 000000010fdb4000 CR4: 00000000003506a0
[  429.227967][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  429.235778][    C1] DR3: 0000000000000074 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  429.243593][    C1] Call Trace:
[  429.246713][    C1]  <IRQ>
[  429.249410][    C1]  ? __die_body+0x62/0xb0
[  429.253571][    C1]  ? die_addr+0x9f/0xd0
[  429.257565][    C1]  ? exc_general_protection+0x317/0x4c0
[  429.262947][    C1]  ? asm_exc_general_protection+0x27/0x30
[  429.268503][    C1]  ? __queue_work+0x28b/0xd70
[  429.273149][    C1]  ? __queue_work+0x4f1/0xd70
[  429.277661][    C1]  ? __queue_work+0x29c/0xd70
[  429.282177][    C1]  delayed_work_timer_fn+0x61/0x80
[  429.287122][    C1]  ? queue_work_node+0x1d0/0x1d0
[  429.291896][    C1]  call_timer_fn+0x3b/0x2d0
[  429.296235][    C1]  ? queue_work_node+0x1d0/0x1d0
[  429.296756][   T19] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.0048/input/input72
[  429.301002][    C1]  __run_timers+0x756/0xa10
[  429.301040][    C1]  ? calc_index+0x270/0x270
[  429.321143][    C1]  ? sched_clock+0x9/0x10
[  429.325304][    C1]  ? sched_clock_cpu+0x71/0x2b0
[  429.329994][    C1]  run_timer_softirq+0x69/0xf0
[  429.334593][    C1]  handle_softirqs+0x1db/0x650
[  429.339195][    C1]  __irq_exit_rcu+0x52/0xf0
[  429.343535][    C1]  irq_exit_rcu+0x9/0x10
[  429.347616][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[  429.353081][    C1]  </IRQ>
[  429.355857][    C1]  <TASK>
[  429.358641][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  429.364452][    C1] RIP: 0010:__sys_socket+0x1ca/0x3a0
[  429.369575][    C1] Code: 44 89 ff e8 18 21 cc fd 41 89 c4 31 ff 89 c6 e8 ec 81 73 fd 45 85 e4 0f 88 81 00 00 00 4c 89 f7 44 89 fe 31 d2 e8 a6 bf ff ff <48> 89 c3 48 3d 00 f0 ff ff 76 12 e8 16 7e 73 fd 44 89 e7 e8 5e 21
[  429.389016][    C1] RSP: 0018:ffffc900009d7e20 EFLAGS: 00000246
[  429.394915][    C1] RAX: ffff88810fefa300 RBX: 0000000000000000 RCX: dffffc0000000000
[  429.402727][    C1] RDX: 0000000000000000 RSI: ffff88810fefa300 RDI: ffff888150fe78c0
[  429.406951][   T19] appleir 0003:05AC:8241.0048: input,hiddev96,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0
[  429.410537][    C1] RBP: ffffc900009d7ee0 R08: ffffffff81c684c2 R09: ffffed1021fdf464
[  429.410559][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000003
[  429.438486][    C1] R13: dffffc0000000000 R14: ffff888150fe7840 R15: 0000000000080000
[  429.446301][    C1]  ? alloc_file+0x432/0x5e0
[  429.450646][    C1]  ? __sys_socket_file+0x1d0/0x1d0
[  429.455587][    C1]  ? debug_smp_processor_id+0x17/0x20
[  429.460792][    C1]  ? fpregs_assert_state_consistent+0xb6/0xe0
[  429.466694][    C1]  __x64_sys_socket+0x7a/0x90
[  429.471207][    C1]  x64_sys_call+0x147/0x9a0
[  429.475546][    C1]  do_syscall_64+0x3b/0xb0
[  429.479799][    C1]  ? clear_bhb_loop+0x55/0xb0
[  429.484312][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  429.490041][    C1] RIP: 0033:0x7f5a05546bd7
[  429.494300][    C1] Code: 73 01 c3 48 8b 0d 51 c2 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 21 c2 0c 00 f7 d8 64 89 01 48
[  429.507290][   T19] usb 10-1: USB disconnect, device number 16
[  429.513743][    C1] RSP: 002b:00007fffa646c108 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[  429.513777][    C1] RAX: ffffffffffffffda RBX: 000000000000006f RCX: 00007f5a05546bd7
[  429.535613][    C1] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[  429.543421][    C1] RBP: 0000000000000002 R08: 0000000000000000 R09: bf788923271f86bb
[  429.551231][    C1] R10: 0000000000000008 R11: 0000000000000202 R12: 00007f5a055d2bc0
[  429.559042][    C1] R13: 00007f5a056d4212 R14: 00007fffa646c238 R15: 0000000000000000
[  429.566881][    C1]  </TASK>
[  429.569724][    C1] Modules linked in:
[  429.573457][    C1] ---[ end trace 0000000000000000 ]---
[  429.578746][    C1] RIP: 0010:__queue_work+0x4f1/0xd70
[  429.583868][    C1] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 a0 df 71 00 49 8b 3e e8 98 cc d6
[  429.603310][    C1] RSP: 0018:ffffc900001b0c78 EFLAGS: 00010046
[  429.609210][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810ff72880
[  429.617022][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[  429.624838][    C1] RBP: ffffc900001b0d00 R08: ffffffff814b186b R09: 0000000000000007
[  429.632648][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888117b4c9c8
[  429.640468][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888117b4c9e0
[  429.648275][    C1] FS:  00007f5a053e4380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[  429.657034][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  429.663457][    C1] CR2: 0000001b2c41dff8 CR3: 000000010fdb4000 CR4: 00000000003506a0
[  429.671271][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  429.679086][    C1] DR3: 0000000000000074 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  429.686895][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  429.694253][    C1] Kernel Offset: disabled
[  429.698383][    C1] Rebooting in 86400 seconds..