last executing test programs:

2m21.316942316s ago: executing program 4 (id=1852):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00), &(0x7f0000001c40)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4, 0xff, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r8, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @private}})
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
connect$inet6(r9, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x800, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x70bd26, 0x0, {0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2900}}, 0x1c}}, 0x8c0)

2m20.41383261s ago: executing program 4 (id=1865):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000000000010000000000000000000000000a4c000000060a09"], 0x74}}, 0x80)

2m19.967694836s ago: executing program 4 (id=1867):
syz_usb_connect$uac1(0x1, 0x71, &(0x7f00000002c0)=ANY=[@ANYBLOB="12014003000000086b1d010140000102030909025f000301068008090400000001"], &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)

2m17.377826296s ago: executing program 4 (id=1890):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

2m16.499503878s ago: executing program 4 (id=1897):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @short={0x2, 0x3, 0xaaa3}}, 0x14)

2m15.720753311s ago: executing program 4 (id=1915):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
setpgid(0x0, 0x0)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r7, 0x0, 0x0, 0x7fff, 0x1, 0x0)
write$P9_RWALK(r7, &(0x7f00000004c0)={0x3d, 0x6f, 0x1, {0x4, [{0x80, 0x4, 0x7}, {0x20, 0x3, 0x4}, {0x1, 0x3, 0x4}, {0x0, 0x0, 0x6}]}}, 0x3d)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x1, 0xfffc}, 0x20)

2m15.36330734s ago: executing program 32 (id=1915):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x1, 0x0, &(0x7f0000000000))
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r5}, 0x10)
setpgid(0x0, 0x0)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
pwritev2(r7, 0x0, 0x0, 0x7fff, 0x1, 0x0)
write$P9_RWALK(r7, &(0x7f00000004c0)={0x3d, 0x6f, 0x1, {0x4, [{0x80, 0x4, 0x7}, {0x20, 0x3, 0x4}, {0x1, 0x3, 0x4}, {0x0, 0x0, 0x6}]}}, 0x3d)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x1, 0xfffc}, 0x20)

1m58.207361684s ago: executing program 5 (id=2089):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x1, &(0x7f0000000000)={[{@abort}]}, 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000540)={0x9, 0xffdffffffffffffd, 0xc7, 0x43, 0x0, 0x9})

1m57.798142777s ago: executing program 5 (id=2094):
r0 = io_uring_setup(0x7d30, &(0x7f0000002380)={0x0, 0xffffffff, 0x1046})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)

1m57.663662338s ago: executing program 5 (id=2096):
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xa, 0x0, &(0x7f0000000040))

1m57.610632623s ago: executing program 5 (id=2098):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x800800, &(0x7f00000014c0)={[{@fmask={'fmask', 0x3d, 0x200}}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@errors_continue}, {@namecase}, {@fmask={'fmask', 0x3d, 0x6}}, {@gid}, {@keep_last_dots}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x7}}, {@time_offset={'time_offset', 0x3d, 0x9635}}]}, 0x1, 0x152e, &(0x7f0000003e40)="$eJzs3AuYjtX6MPD7Xms9Y0zS2ySHYa11P7xJLJMkOSTJIUmSJMkpIWmSLQmJIaekSRJyHJLDEJLDxKRxPp8PCUnSJElITsn6LuFTu/p2+7/3f/uuPffvup7Lut/13OtZ73s/7/uu5zEz33YaVL1hjSr1iQj+JXjhn2QAiAWA/gBwDQAEAFAmvkz8+f6cEpP/tYOwf6+H0670DNiVxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2capBa7lLftufP//v1/dP+3h7///IlklR3+5uuT1nQFi/moK1z974/r/1wr+yk5c/+yN659dxV7pCbD/D/D7PzvI8ac9XP/sjevPWHZ2pe8/X+kNItn7NbjS5x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsezhlL9MAcCl9pWeF2OMMcYYY4wxxv59fI4rPQPGGGOMMcYYY4z970MQIEFBADGQA2IhJ8SBAICrITdcAxG4FuLhOsgD10NeyAf5oQAkQEEoBBoMWCAIoTAUgSjcAEXhRigGN0FxKAEOSkIi3Ayl4BYoDbdCGbgNysLtUA7KQwWoCHdAJbgTKsNdUAXuhqpQDapDDbgHasK9UAvug9pwP9SBB6AuPAj14CGoDw9DA3gEGsKj0Ageg8bQBJpCM2j+P8p/EbrBS9AdekAy9IRe8DL0hj7QF/pBf3gFBsCrMBBegxR4HQbBGzAY3oQh8BYMhWEwHN6GETASRsFoGANjIRXGwXh4BybAuzARJsFkmAJpMBWmwXswHWbATHgfZsEHMBvmwFyYB+nwIcyHBZABH8FC+BgyYREshiWwFJbBclgBK2EVrIY1sBbWwXrYABthE2yGLbAVtsF2+AR2wKewE3bBbvgM9sDn/2T+yb/L74yAgAIFKlQYgzEYi7EYh3GYC3NhbsyNEYxgPMZjHsyDeTEv5sf8mIAJWAgLoUGDhISFsTBGMYpFsSgWw2JYHIujQ4eJmIil8BYsjaWxDJbBslgWy2F5LI8VsSJWwkpYGStjFayCVbEqVsfqeA/egz2xFtbC2lgb62CdS7ensD7WxwbYABtiQ2yEjbAxNsam2BSbY3NsgS2wJbbE1tga22AbbIttMQmTsB22w/bYHjtgB+yIHbETdsLO2AW7ZL2YA/AlfAl7YFXRE3thL+yNKTn6Yj/sh6/gAHwVX8XXMAVfx0H4Br6Bb+IQPIFDcRgOx+FYSYzEUTgaSYzFVEzF8TgeJ+AEnIiTcBJOwTScitNwGk7HGTgD38dZ+AF+gHNwDs7DdEzH+bgAMzADF+JJzMRFuBiX4FJchktxBa7EFbga1+BqXIfrcANuwE24CbfgFtyG2/ATVAD4Ke7CXZiCe3AP7sW9uA/34X7cj1mYhQfwAB7Eg3gID+FhPIxH8Cgew6N4HI/jCTyJp/AUnsEzeBafT/i6wSc3rUoBcZ4SSsSIGBErYkWciBO5RC6RW+QWERER8SJe5BF5RF6RV+QX+UWCSBCFRCFhhBEkwhgAEFERFUVFUVFMFBPFRXHhhBOJIlGUEqVEaVFalBG3ibLidlFOlBetXEVRUVQSrV1lcZeoIqqIqqKaqC5qiBqipqgpaolaoraoLeqIOqKueFDUEz2xLz4szlemoXgdG4lB2Fg0EfLiJ1gLMQRbilaitXhSDMOh2Fa0cEniGdFOjML24m9iND4nOoqx2Em8IDqLLqKreFF0Ey1dd9FDTMSeopeYgr1FH9FX9BPTsZp4H2flrC5eEynidTFIvCHm4ZtiiHhLDBXDxHDxthghRopRYrQYI8aKVDFOjBfviAniXTFRTBKTxRSRJqaKaeI9MV3MEDPF+2KW+EDMFnPEXDFPpIsPxXyxQGSIj8RC8bHIFIvEYrFELBXLxHKxQqwUq8RqsUasFevEerFBbBSbxGaxRWwV28R28YnYIT4VO8UusVt8JvaIz8Ve8YXYJ74U+8VXIkt8LQ6Ib8RB8a04JL4Th8X34og4Ko6JH8Rx8aM4IU6KU+K0OCN+EmfFz+Kc8AIkSiGlVDKQMTKHjJU5ZZy8SuaSwcVX91oZL6+TeeT1Mq/MJ/PLAjJBFpSFpJZGWkkylIVlERmVN8ii8kZZTN4ki8sS0smSMlHeLEvJW2RpeassI2+TZeXtspwsLyvIivIOWUneKSFy4RhVZTVZXdaQ98hkuFfWkvfJ2vJ+WUc+IOvKB2U9+ZCsLx+WDeQjsqF8VDaSj8nGsolsKpvJ5vJx2UI+IVvKVrK1fFK2kU/JtvJpmSSfke2kv3iKPCc7yudlJ/mC7Cy7yK7yZ3lOetld9pDQE2Qv+bLsLfvIvrKf7C9fkQPkq3KgfE2myNflIPmGHCzflEPkW3KoHCaHy7flCDlSjpKj5Rg5VqbKcXK8fEdOkO/KiXKSnCynyDQ5Vfa9ONJMKf9h/jt/kD/wl6NvkBvlJrlZbpFb5Ta5XX4id8gdcqfcKXfL3XKP3CP3yr1yn9wn98v9MktmyQPygDwoD8pD8pA8LA/LI/KoPC1/kMflj/KEPClPytPyjDwjz158DUChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiCaOKqxLKqZIqUd38z+SroupGVUzd9Jv8S/NL/pP5NVfNVQvVQrVULVVr1Vq1UW1UW9VWJakk1U61U+1Ve9VBdVAdVUfVSXVS50+Irqqr6qa6qe6qu0pWyaqXeln1Vn1UX9VP9VevqAFqgBqoBqoUlaIGqUFqsBqshqghaqgaqoar4WqEGqFGqVFqjBqjUlWqGq/GqwlqgpqoJqrJarJKU2lqmpqmpqvpaqaaqWapWWq2mq3mqrkqXaWr+Wq+ylAZaqFaqDLVIrVILVFL1DK1TK1QK9QqtUqtUWvUOrVOZaqNaqParDarrWqr2q62qx1qh9qpdqrdarfao/aovWqv2qf2qf1qv8pSWSr2YhEOqUPqsDqsjqgj6pg6po6r4+qEOqFOqVPqjDqjzqqz6pw6d37ZF4hABCpQQUwQE8QGsUFcEBfkCnIFuYPcQSSIBPFBfJAnuD7IG+QL8gcFgoSgYFAo0IEJbCAuHi8a3BAUDW4MigU3BcWDEoELSgaJwc1BqeCWoHRwa1AmuC0oG9welAvKBxWCisEdQaXgzqBycFdQJbg7qBpUC6oHNYJ7gprBvUGt4L6gdnB/UCd4IKgbPBjUCx4K6gcPBw2CR4KGwaNBo+CxoHHQJGgaNAua/4XxL52Y/3h870/ke8J11z10su6pe+mXdW/dR/fV/XR//YoeoF/VA/VrOkW/rgfpN/Rg/aYeot/SQ/UwPVy/rUfokXqUHq3H6LE6VY/T4/U7eoJ+V0/Uk/RkPUWn6al6mn5PT9cz9Ez9vp6lP9Cz9Rw9V8/T6fpDPV8v0Bn6I71Qf6wz9SK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1Nr1df6J36E/1Tr1L79af6T36c71Xf6H36S/1fv2VztJf6wP6G31Qf6sP6e/0Yf29PqKP6mP6B31c/6hP6JP6lD6tz+if9FkNcE7784v781/vRhllYkyMiTWxJs7EmVwml8ltcpuIiZh4E2/ymDwmr8lr8pv8JsEkmEKmkDmPDJnCprCJmqgpaoqaYqaYKW6KG2ecSTSJppQpZUqb0qaMKWPKmrKmnClnKpgK5g5zh7nT3GnuMneZu83dppqpZmqYGqamqWlqmVqmtqlt6pg6pq6pa+qZeqa+qW8amAamoWloGplGprFpbJqapqa5aW5amBampWlpWpvWpo1pY9qatibJJJl2pp1pb9qbDqaD6Wg6mk6mk+lsOpuupqvpZrqZ7qa7STbJppfpZXqb3qav6Wv6m/5mgBlgBpqBJsWkmEFmkBlsBpshZogZaoaZ4ecXqmakGWVGmzFmrEk1qWa8GW8mmAlmoploJpvJJs2kmWlmmpluppuZZqaZZWaZ2Wa2mWvmmnSTbuab+SbDZJiFZqHJNJlmsVlslpqlZrlZblaalWa1WW3Wwlqz3qw3G81Gs9lsNlvNVrPdbDc7zA6z0+w0u81us8fsMXvNXrPP7DP7zX6TZbLMAXPAHDQHzSFzyBw2h80Rc8QcM8fMcXPcnDAnzClzypwx+S5+X3oTa3PaOHuVzWWvtrntNfbv4/y2gE2wBW0hq21em+83sbHWFrM32eK2hHW2pE20N/8uLmfL2wq2or3DVrJ32sq/i2vae20te5+tbe+3New9v4nr2AdsXfuorYcIYJvYBraZbWgftY3sY7axbWKb2ma2jX3KtrVP2yT7jG1nn/1dPN8usCvtKrvarrE77S57yp62B+239oz9yXa3PWx/+4odYF+1A+1rNsW+/rt4uH3bjrAj7Sg72o6xY38XT7ZTbJqdaqfZ9+x0O+N3cbr90M6yGXa2nWPn2nm/xOfnlGE/sgvtxzbTBrDYLrFL7TK73K74v3NdYtfZ9XaD3WE/tZvtFrvVbrPbLy2E7S67235m99jP7QH7jd1nv7T77SGbZb/+JT7//A7Z7+xh+709Yo/aY/YHe9z+qH7JHdkbwP5kf7A/23PWWyAkIEmKAoqhHBRLOSmOrqJcdDXlpmsoQtdSPF1Heeh6ykv5KD8VoAQqSIVIkyFLRCEVpiIUpRvo0vSKUwlyVJIS6WYqRbdQabqVytBtVJZup3JUnipQRbqDKtGdVJnuoip0N1WlalSdatA9VJPupVp0H9Wm+6kOPUB16UGqRw9RfXqYGtAj1JAepUb0GDWmJtSUmlFzepxa0BPUklpRa3qS2tBT1JaepiR6htrRs9Se/kYd6DnqSM9TJ3qBOlMX6kovUjd6ibpTD0qmntSLXqbe1If6Uj/qT6/QAHqVBtJrlEKv0yB6gwbTmzSE3qKhNIyG09s0gkbSKBpNY2gspdI4Gk/v0AR6lybSJJpMUyiNptI0eo+m0wyaSe/TLPqAZtMcmkvzKJ0+pPm0gDLoI1pIH1MmLaLFtISW0jJaTitoJa2i1bSG1tI6Wk8baCNtos20hbbSNtpOn9AO+pR20i7aTZ/RHvqc9tIXtI++pP30FWXR13SAvqGD9C0dou98D/qejtBROkY/0HH6kU7QSTpFp+kM/URn6Wc6R54gxFCEMlRhEMaEOcLYMGcYF14V5gqvDnOH14SR8NowPrwuzBNeH+YN84X5wwJhQlgwLBTq0IQ2pDAMC4dFwmh4Q1g0vDEsFmJYPCwRurBkmBjeHJYKbwlLh7eGZcLbwrLh7WG5sHz46P0VwzvCSuGdYeXwrrBKeHdYNawWVg9rhPeENcN7w1rhfWHt8P6wdPhAWDd8MKwXPhTWDx8OG4SPhA3DR8NG4WNh47BJ2DRsFjYPHw9bhE+ELcNWYevwybBN+FTYNnw6TAqfCduFz/7S/8CCP+9PDnuGvcKXw5dD7++Tc6PzounRD6PzowuiGdGPogujH0czo4uii6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbot7XyAEOnXDSKRe4GJfDxbqcLs5d5XK5q11ud42LuGtdvLvO5XHXu7wun8vvCrgEV9AVctoZZx250BV2RVzU3eCKuhtdMXeTK+5KOOdKukTXzDV3zV0L94Rr6Vq51u5J96R7yj3lnnZPu2dcO/esa+/+5jq451xH97x73r3gOrsurqt70XVz43JfeE8mu16ul+vteru+rq/r7/q7AW6AG+gGuhSX4ga5QW6wG+yGuCFuqBvqhrvhboQb4Ua5UW6MG+NSXaob78a7CW6Cm+gmuslusktzaW6am+amu+mu0owLR5ntZru5bq5Ld+luvju/ZsxwC91Cl+ky3WK32C11S91yt9ytdCvdarfarXVr3Xq33m10G91mt9ltdVvddrfd7XA73E5/zYVB3R631+11+9w+t9995bLc1+6A+8YddN+6Q+47d9h97464o+6Y+8Eddz+6E+6kO+VOuzPuJ3fW/ezOOe9SI+Mi4yPvRCZE3o1MjEyKTI5MiaRFpkamRd6LTI/MiMyMvB+ZFfkgMjsyJzI3Mi+SHvkwMj+yIJIR+SiyMPJxJDOyKLI4siSyNLIs4n3BzaEv7Iv4qL/BF/U3+mL+Jl/cl/DOl/SJ/mZfyt/iS/tbfRl/my/rb/flfHlfwT/mG/smvqlv5pv7x30L/4Rv6Vv51v5J38Y/5dv6p32Sf8a388/69v5vvoN/znf0z/tO/gXf2XfxXf2Lvpt/yXf3PXyy7+l7+Zd9b9/H9/X9fH//ih/gX/UD/Wu/XAgP8m/4wf5NP8S/5Yf6YX54zNt+xKVLZBjrU/04P96/4yf4d/1EP8lP9lN8mp/qp/n3/HQ/w8/07/tZ/gM/28/xc/08n+4/9PP9Ap/hP/IL/cc+0y+6dFPZL/cr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3n/gd/lO/0+/yu/1nfo//3O/1X/h9/ku/33/ls/zX/oD/xh/03/pD/jt/2H/vj/ij/pj/wR/3P/oT/qQ/5U/7M/4nf9b/7M/x76wxxhhjjP0l4y43xW97Ltw17fkHOeJXO/cCgKu3FMj6df/5FeXavBfafURCmwgAPNOj08OXtqpVk5OTL+6bKSEoMgfg0v8EnRcDl+NF0BqegiRoBaX+cP59RJcz9A/Gj94GEPernFi4HF8e/wsATP6D8R9/cvj8suGp+P/H+HMAihW5nJMTLseLoPUv91daQek/mX++Fr+ef+zvx8/5ZSpAy1/l5ILL8eX5J8IT8Cwk/WZPxhhjjDHGGGPsgj6iQodL15+XfuLzj67PE9TlnBxwOf5H1+eMMcYYY4wxxhi78p7r0vXpx5OSWnX45xuV/0dZf7nRCP63RubGHza8B7j0iAKAf3FAgPMN+Z98Fpv+I8dKufjW+fuupad9AFe+lGn/pnGu8AcTY4wxxhhj7N/u8qL/t4+rKzUhxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/pP/FmyK/0cGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsSvt/wQAAP//tuf5PQ==")
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)

1m57.442248077s ago: executing program 5 (id=2102):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, 0x0, &(0x7f0000001c40)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4, 0xff, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r8, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @private}})
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
connect$inet6(r9, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x800, 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x70bd26, 0x0, {0x2, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2900}}, 0x1c}}, 0x8c0)

1m57.215771465s ago: executing program 5 (id=2104):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x80, &(0x7f0000000180)={[{@xattr}]})

1m56.885275482s ago: executing program 33 (id=2104):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000100), 0x80, &(0x7f0000000180)={[{@xattr}]})

1m49.956049455s ago: executing program 6 (id=2266):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, 0x0)

1m49.859728453s ago: executing program 6 (id=2268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
setreuid(0x0, 0xee01)

1m49.804811077s ago: executing program 6 (id=2269):
r0 = socket$key(0xf, 0x3, 0x2)
recvfrom(r0, 0x0, 0x0, 0x100, 0x0, 0x0)

1m49.680148087s ago: executing program 6 (id=2271):
syz_mount_image$exfat(&(0x7f00000001c0), &(0x7f0000000000)='./bus\x00', 0x800, &(0x7f0000000200)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c6b6565705f6c6173745f646f74732c696f636861727365743d63703835302c7379735f747a2c696f636861727365743d69736f383835392d31352c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303030382c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c646d61736b3d30303030303030303030303030303030303030303031332c646973636172642c646973636172642c00e0669f62a389f94dcc2fda2101686c10656f728020f5a616130a1fc56df99c298f3ad694c74a629be0af8c838281"], 0x1, 0x152a, &(0x7f0000003000)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC")
mount$bind(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0xa1c08, 0x0)

1m49.456833295s ago: executing program 6 (id=2273):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff0001}, [@call={0x85, 0x0, 0x0, 0x7b}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)

1m49.358491483s ago: executing program 6 (id=2274):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x1000}, 0x20)

1m49.126052002s ago: executing program 34 (id=2274):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x0, 0x1000}, 0x20)

5.189637978s ago: executing program 0 (id=3749):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000005000000095"], &(0x7f0000002140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)=ANY=[@ANYBLOB="1201000021275710570bbd2bcce70102030109021b000100000000090400000103010200090503"], 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x8402, 0x0, 0x0, 0x0, 0x0)

4.656160561s ago: executing program 3 (id=3750):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000002580)=ANY=[@ANYBLOB="0100000000007da40100000000fdff0000000d000000000000000000ff"])
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000340)={{0x7, 0x0, 0x80, {0xf000, 0x2, 0x2}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca52d6a648ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238bb28f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa3590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d167494466e00d97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a874a14818b9dae534559c2c5a542a12949a22fddb9060e8a400f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc97c22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898be60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f3dbbf0b2cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af0ff59b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8681015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748bb8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49b750000005e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f423c32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff519d2407214c02e7020ca479e93c3fb2b867ad73e69ba10e92f329cd54c4c80d227d0710cf384fd9a39d4c4053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a0100aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe52a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe59e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f44437918005356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db410c0000000fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda3d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d5600", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c511d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0f00040000000000009b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"})

4.098977957s ago: executing program 7 (id=3767):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x20083, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000080)="f20f2241c9cc31010ec0260fc40f01650f283de6900000b8820000000f23d00f21f835200000000f23f80f001d041200003e808db49d004409fa0fcf466b5e4262c5", 0x42}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.093440437s ago: executing program 3 (id=3770):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000001240)='./file2\x00', 0x8410, &(0x7f0000000480)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc0800000000000000f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a2d47aff43355f9d23a606e1a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a808e9a51cc0d73e298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbb16e002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYBLOB="d23c17f6ec95b3b820b1161ffa233394c6007d8285b061be4d1d842e4a63ec77a08347691f71d1e4132f09405a5b81867a01cf3df73c16fd31622d37a921bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6ab8e225d1"], 0x1, 0x2a0, &(0x7f00000001c0)="$eJzs3T9rA2UYAPDnkjSNOqSIiyJ4oINTaV1dGqWC2EmJoA4abAuShEILASsYO/UTOPo9/AguLn4DwVVwa4fKyeXumtSmf2hjCvb3m57ee8/zPrkX0inPffX6sL97kMTJ2e/RaiVR24qtOE9iLWpR+SEaAQD8f5xnWfyVPSSzUVt8NwDAMhT//wtP3QsAsByffPb5R52dne2P07QVr7ZPR90kIoano26x3tmPb2IQe7ER7biIyC4V8Qcf7mxHI82txVvD8aibZw6//LWs3/kzYpK/Ge1Ym5+/mRYu81+sukujs79S/dGOV+bnv/Pv/BiOo9uMt9+c6X892vHb13EQg9iNPHea//1mmr6f/Xj23Rf5Nnl+Uovu6uS+qay+pCMBAAAAAAAAAAAAAAAAAAAAAOAZWE/TpBjfM5nfk1+azM8ZdesXk/X1tDI732dczQdKqkLFfKAsyhE94yx+qubrbKRpmpU3TvMb8VrDiwUAAAAAAAAAAAAAAAAAAAAgd/Ttcb83GOwdLiSopgFUP+t/aJ2tmStvxHG/V7+54Or995qdNpD3euvN0WjEgh7LXcELeT8Lr7w6PdxPowiqg1noXi+/VxQ97vfScql6yP1ectderergfp5dasYjG2uWHWRXz7R12erVrOaCnkbzpblLf2dZdr867/5RnFF5JZmM2Ljf7itlMPcD5kHr+ln8cnPBG78y6o/+0gEAAAAAAAAAAAAAAAAAAOaa/uh3zuLJram1/6wpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFiy6fv/q6AVEVevXAvGZfJt95RBMw6PnvgjAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Az8EwAA//9I2EsX")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
umount2(&(0x7f0000000040)='.\x00', 0x2)

3.955673008s ago: executing program 7 (id=3771):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1)
getdents(r1, &(0x7f0000000180)=""/48, 0x30)
getdents(r1, 0x0, 0x58)

3.955128438s ago: executing program 7 (id=3772):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e1, &(0x7f0000000300))

3.560149411s ago: executing program 3 (id=3773):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

3.050046452s ago: executing program 3 (id=3776):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100), 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000000))
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@mcast1, @in6=@private2}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55f, &(0x7f0000000d00)="$eJzs3c9vHFcdAPDvjH9t0zROoAeogAQoBBRlN960UdVLwwWEqkqIigPikBp7Y5nsZkN2XWoTCfdvAAkkTvAncEDigNQTB24cEELigBDlgFTAAsVIHBbN7Njd2rvNNl7v1t7PR5rMj/dmvu+ts/PevrXnBTC1LkXEdkTMR8RrEbFYHE+KJW52lyzfw50HK7s7D1aS6HRe/WeSp2fHoueczJPFNUsR8fWvRHw7ORy3tbl1Z7ler90v9ivtxr1Ka3Pr6npjea22Vrtbrd5YunHthevPVw+c+Ydzj1vXi41fvPPl9Ze/8etfffLt321/8ftZsc4Wab31GKVu1ef242RmI+Ll4wg2ATPFen7C5eDxpBHxkYj4TP7+X4yZ/H8nAHCadTqL0Vns3R+gNDAFADhh0nwMLEnLEZGmRSeg3B3DezrOpPVmq33ldnPj7mp3rOx8zKW31+u1axcW/vTdPPNcku0v5Wl5er5fPbB/PSIuRMSPFp7I98srzfrqZLo8ADD1nuxt/yPiPwtpWi4PdWqfb/UAgBOjNOkCAABjp/0HgOmj/QeA6TNE+1982b997GUBAMbD538AmD7afwCYPtp/AJgqX3vllWzp7BbPv159fXPjTvP1q6u11p1yY2OlvNK8f6+81myu5c/saTzqevVm897Sc7HxRqVda7Urrc2tW43mxt32rfy53rdqc2OpFQDwfi5cfOuPSURsv/hEvkTPXA7aajjd0hHmAk6WmaOcrIMAJ5rZvmB6DdWE552E3x57WYDJ6Psw71Lfzff6yQcI4veM4EPl8seHH/83xzOcLh9wZP/3xzJJPjARjzf+/9LIywGMn/F/mF6dTnJwzv/5/SQA4FQ6wq/wdX4wqk4IMFGPmsx7JN//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwClzNiK+E0lazucCT7N/03I54qmIOB9zye31eu1aRJyLixExt5DtL0260ADAEaV/T4r5vy4vPnv2YOp88t+FfB0R3/vpqz9+Y7ndvr+UHf/X/vGFvenDqu+ed4R5BQGA4f11mEx5+10t1j0f5B/uPFjZW46xjIe886X9yUdXdnce5Es3ZTY6nU4nopT3Jc78O4nZ4pxSRDwTETMjiL/9ZkR8rF/9k3xs5Hwx82lv/ChiPzXW+Ol74qd5WnedvXwfHUFZYNq8ld1/bvZ7/6VxKV/3f/+X8jvU0eX3v1LE3r1vtyf+bBFppk/87D1/adgYz/3mq4cOdha7aW9GPDPbL36yHz8ZEP/ZIeP/+ROf+uFLA9I6P4u4HP3j98aqtBv3Kq3NravrjeW12lrtbrV6Y+nGtReuP1+t5GPUlb2R6sP+8eKVc4PKltX/zID4pb71n98/93ND1v/n/3vtW59+d3fhYPwvfLb/z//pvvG7sjbx80PGXz7zy4HTd2fxVwfU/1E//ytDxn/7b1urQ2YFAMagtbl1Z7ler90/0kb2KXQU1zm0kRVxuMx73cXBeYoMN9/vOn+JfGNEL8uAjawzNkzmueN6VY99Y3a/rzjaK38zu+KYq5OOvBZH2ng4rliTuR8B43OoeQQAAAAAAAAAAAAAAD50xvGnS5OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX/wMAAP//8RXBxA==")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e40316"], 0x40c}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)

2.478539758s ago: executing program 2 (id=3782):
socket$inet6(0xa, 0x80001, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'ip_vti0\x00', &(0x7f0000000400)={'gre0\x00', 0x0, 0x8, 0x40, 0x7, 0x2fa1, {{0x5, 0x4, 0x0, 0x4, 0x14, 0x65, 0x0, 0xfc, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x38}, @local}}}})
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

2.422154373s ago: executing program 2 (id=3783):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffffff}]})
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000100)={'lo\x00'})

2.317261482s ago: executing program 2 (id=3784):
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000a00)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0x40045506, 0x0)

2.140985116s ago: executing program 0 (id=3786):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000140)=0x7fffffff, 0x4)
syz_emit_ethernet(0x11d, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x10f, 0x800, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xfb, 0x0, @gue={{0x1, 0x0, 0x1, 0x3, 0x0, @void}, "925e7d86dadb13afca11f5ee71b7423d487b622a536fed34f975deedba3b6a4a44cce3b6c6c2414bcf74dbb9ca1c17418de3ce2e5db87126d31286093a50eb080a5bd6f9c84002000e132f599b4a952f39fb03ff97bd12d46d656345ff089e1fa1a76da5b65d499481eb3f597f5d5672990ed29a8590b6fc45a9a5a8a26ceba6775d95891e26d1abbbfed8f30ec858cfdc672d75a2390a15907f9cd11322395a1eb3a16e123a9ea342dfdd97882761d2f9fa2531e70d0cfda6828ca77f0656a1d884e064d932440f030c7a04c81e8d30b30b3e5b45800b855f5b358b0ee33db971b80bcaa5426a77676b8ff10d2257"}}}}}}, 0x0)

2.137153266s ago: executing program 0 (id=3788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

2.023368855s ago: executing program 1 (id=3791):
r0 = socket$inet6(0xa, 0x3, 0xff)
bind$inet6(r0, &(0x7f0000000880)={0xa, 0x80, 0x0, @local, 0x14}, 0x1c)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r1 = dup2(r0, r0)
write$P9_RSTATFS(r1, &(0x7f0000000240)={0x43, 0x9, 0xfffd, {0x0, 0x0, 0x2000000000000, 0x2, 0x6, 0x10001, 0x0, 0x986, 0x4a}}, 0x43)

2.007891257s ago: executing program 1 (id=3792):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
write$binfmt_misc(r3, 0x0, 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000000))
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@mcast1, @in6=@private2}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55f, &(0x7f0000000d00)="$eJzs3c9vHFcdAPDvjH9t0zROoAeogAQoBBRlN960UdVLwwWEqkqIigPikBp7Y5nsZkN2XWoTCfdvAAkkTvAncEDigNQTB24cEELigBDlgFTAAsVIHBbN7Njd2rvNNl7v1t7PR5rMj/dmvu+ts/PevrXnBTC1LkXEdkTMR8RrEbFYHE+KJW52lyzfw50HK7s7D1aS6HRe/WeSp2fHoueczJPFNUsR8fWvRHw7ORy3tbl1Z7ler90v9ivtxr1Ka3Pr6npjea22Vrtbrd5YunHthevPVw+c+Ydzj1vXi41fvPPl9Ze/8etfffLt321/8ftZsc4Wab31GKVu1ef242RmI+Ll4wg2ATPFen7C5eDxpBHxkYj4TP7+X4yZ/H8nAHCadTqL0Vns3R+gNDAFADhh0nwMLEnLEZGmRSeg3B3DezrOpPVmq33ldnPj7mp3rOx8zKW31+u1axcW/vTdPPNcku0v5Wl5er5fPbB/PSIuRMSPFp7I98srzfrqZLo8ADD1nuxt/yPiPwtpWi4PdWqfb/UAgBOjNOkCAABjp/0HgOmj/QeA6TNE+1982b997GUBAMbD538AmD7afwCYPtp/AJgqX3vllWzp7BbPv159fXPjTvP1q6u11p1yY2OlvNK8f6+81myu5c/saTzqevVm897Sc7HxRqVda7Urrc2tW43mxt32rfy53rdqc2OpFQDwfi5cfOuPSURsv/hEvkTPXA7aajjd0hHmAk6WmaOcrIMAJ5rZvmB6DdWE552E3x57WYDJ6Psw71Lfzff6yQcI4veM4EPl8seHH/83xzOcLh9wZP/3xzJJPjARjzf+/9LIywGMn/F/mF6dTnJwzv/5/SQA4FQ6wq/wdX4wqk4IMFGPmsx7JN//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwClzNiK+E0lazucCT7N/03I54qmIOB9zye31eu1aRJyLixExt5DtL0260ADAEaV/T4r5vy4vPnv2YOp88t+FfB0R3/vpqz9+Y7ndvr+UHf/X/vGFvenDqu+ed4R5BQGA4f11mEx5+10t1j0f5B/uPFjZW46xjIe886X9yUdXdnce5Es3ZTY6nU4nopT3Jc78O4nZ4pxSRDwTETMjiL/9ZkR8rF/9k3xs5Hwx82lv/ChiPzXW+Ol74qd5WnedvXwfHUFZYNq8ld1/bvZ7/6VxKV/3f/+X8jvU0eX3v1LE3r1vtyf+bBFppk/87D1/adgYz/3mq4cOdha7aW9GPDPbL36yHz8ZEP/ZIeP/+ROf+uFLA9I6P4u4HP3j98aqtBv3Kq3NravrjeW12lrtbrV6Y+nGtReuP1+t5GPUlb2R6sP+8eKVc4PKltX/zID4pb71n98/93ND1v/n/3vtW59+d3fhYPwvfLb/z//pvvG7sjbx80PGXz7zy4HTd2fxVwfU/1E//ytDxn/7b1urQ2YFAMagtbl1Z7ler90/0kb2KXQU1zm0kRVxuMx73cXBeYoMN9/vOn+JfGNEL8uAjawzNkzmueN6VY99Y3a/rzjaK38zu+KYq5OOvBZH2ng4rliTuR8B43OoeQQAAAAAAAAAAAAAAD50xvGnS5OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX/wMAAP//8RXBxA==")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e40316"], 0x40c}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)

1.893596436s ago: executing program 7 (id=3793):
r0 = socket$inet6(0xa, 0x3, 0x26)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x2400c8c0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xae}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1, 0x4000, 0x0, 0x0, 0x0, 0x9}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

1.830752201s ago: executing program 3 (id=3794):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x42210e0, &(0x7f00000005c0)=ANY=[@ANYBLOB='codepage=874,nodots,dots,tz=UTC,dots,nodots,codepage=862,dots,dots,check=strict,allow_utime=000000000000000000001,sys_immutable,nodots,nfs,quiet,dots,nodots,nodots,debugee,tz=UTC,flush,nodots,\x00\x00\x00\x00\x00\x00\x00'], 0xfd, 0x1c4, &(0x7f0000000380)="$eJzs3U+LEnEYB/BHs3XsEHsLomCgS6elegULsUGwEBQe6lSwddmJoL1MXXZfRi+wFxCevE1MMzr5B1JBR+zzufiM3/np8wMdvfj4/sHny4svV59+3vsRSdKJ7mmcxrgTx9GNiZsAAA7JuCjiV1FpuxcAYDf+8fl/3UJLAMCWvXn7rhcRZ6/TNIkY3eTDfFjdVvmLl+dnT9I/jptVozwf3prmT9P57w5lfjvu1Pmzan06mx/F40dVXmbPX52X+d0m78fF9rcPAAAAAAAAAAAAAAAAAAAAAACteBjpxNL5Picn8/mgzqujv+YDzc336cX9Xn3YjAcqDBQEAAAAAAAAAAAAAAAAAACARVffvl9+yLKPX5uiHxGz96xTdOoH3nD5rotu7EUbirIYLH9Brl+ke7GdLNvwXXAUEdtqbFwUxUonN9eIflsXJwAAAAAAAAAAAAAAAAAA+M80P/pdzJI2GgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAFjT//79BcR0RK5w8fbJBq1sFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADggP0OAAD//wxbMqQ=")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="c40000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00"], 0xc4}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@dioread_lock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}]}, 0xff, 0x756, &(0x7f0000001e40)="$eJzs3c2LW1UbAPDnpvP1tn2dKbiwIjjQhYXSjJ3WUkGkogspVoq6c9GmM+lQJmnKJFM6Q6VWFMGVSHHtx8qd/4Aogu5cCq5dSaFIqRtBiNzMzZg2SScznUyq+f3glnPuvek5z/04OZlzuDeAoTWd/pOL2B8RHycRk9n6JCJGG6mRiJNr+929c20uXZKo19/8PWnsk+aj5TOpPVnmiYj4/oOIQ7n2cqsrq4uFUqm4lOVnauXLM9WV1cMXy4WF4kLx0uzx54/Onph97sTstsX65/uvnz/19Stf3nzvp1/feOfU00mcjL3ZttY4tst0TGfHZDQ9hPd4ebsLG7Bk0BVgS9Jbc9faXR77YzJ2NVIAwH/Z9YioAwBDJvH9DwBDpvl3gObYXj/GwR5lt1+KiImIsZZjsLZlJBuzm2iMg+6+m9wzMpJExNQ2lD8dEVff/vCbdIk+jUMCdPLujYg4NzXd3v4nbXMWNuvZHvaZvi+v/YOd813a/znRqf+XW+//RIf+z3iHe3crNr7/c7e2oZiu0v7fCx37v+uT1qZ2Zbn/N/p8o8mFi6Vi2rY9FhEHY3Q8zR95QBnHPnnxx27bWvt/6ZKW3+wLZvW4NTJ+72fmC7XCw8Tc6vaNiCdHOsWfrJ//pEv/90yPZdR+eOqLbts2jr+/6p9HPNPx/P8zoy1pmZ84Hm3zE2ca18NM86pol/9ocl+38gcdf3r+dz84/qmkdb5mdfNl/PzpX69227bV638seauRHsvWXS3UaktHIsaS19rXt0whbeab+6fxHzzw4Pav0/Wf/iY812P8i599dX7r8fdXGv/8ps7/5hMHfvm2czz1bLbxhuf/WCN1MFvTS/vXawUf5tgBAAAAAAAAAAAAAAAAAAAAAAAAQK9yEbE3klx+PZ3L5fNr7/B+PHbnSpVq7dCFyvKl+Wi8K3sqRnPNJ11OtjwP9Uj2PPxmfva+/NGI2BcRN8f/18jn5yql+UEHDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACZPV3e/5/6bXzQtQMA+mbi+qBrAADstIlBVwAA2HG+/wFg+Pj+B4ChctocPwAYTn7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GdnTp9Ol/ofd67Npfn5KyvLi5Urh+eL1cV8eXkuP1dZupxfqFQWSsX8XKW80f9XqlQuzx6P5asztWK1NlNdWT1brixfqp29WC4sFM8WR3ckKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYnOrK6mKhVCouPWKJiax+j0p9JCSGKzHghgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX+LvAAAA///A4xmC")
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updpolicy={0xb8, 0x14, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)

1.830138521s ago: executing program 0 (id=3795):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
getrlimit(0xd, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)

1.787639824s ago: executing program 0 (id=3796):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x439, 0x80000000, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e24}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40080d5}, 0x0)

1.310399663s ago: executing program 7 (id=3797):
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @loopback, @loopback, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x9}}}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)

1.297459364s ago: executing program 2 (id=3798):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x400448e0, &(0x7f0000000040))

1.060892183s ago: executing program 0 (id=3799):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ptrace$PTRACE_SETSIGMASK(0x420b, r0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000100)="2db3c86300", 0x5)
ioctl$sock_SIOCINQ(r3, 0x541b, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@mcast1, @in6=@private2}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55f, &(0x7f0000000d00)="$eJzs3c9vHFcdAPDvjH9t0zROoAeogAQoBBRlN960UdVLwwWEqkqIigPikBp7Y5nsZkN2XWoTCfdvAAkkTvAncEDigNQTB24cEELigBDlgFTAAsVIHBbN7Njd2rvNNl7v1t7PR5rMj/dmvu+ts/PevrXnBTC1LkXEdkTMR8RrEbFYHE+KJW52lyzfw50HK7s7D1aS6HRe/WeSp2fHoueczJPFNUsR8fWvRHw7ORy3tbl1Z7ler90v9ivtxr1Ka3Pr6npjea22Vrtbrd5YunHthevPVw+c+Ydzj1vXi41fvPPl9Ze/8etfffLt321/8ftZsc4Wab31GKVu1ef242RmI+Ll4wg2ATPFen7C5eDxpBHxkYj4TP7+X4yZ/H8nAHCadTqL0Vns3R+gNDAFADhh0nwMLEnLEZGmRSeg3B3DezrOpPVmq33ldnPj7mp3rOx8zKW31+u1axcW/vTdPPNcku0v5Wl5er5fPbB/PSIuRMSPFp7I98srzfrqZLo8ADD1nuxt/yPiPwtpWi4PdWqfb/UAgBOjNOkCAABjp/0HgOmj/QeA6TNE+1982b997GUBAMbD538AmD7afwCYPtp/AJgqX3vllWzp7BbPv159fXPjTvP1q6u11p1yY2OlvNK8f6+81myu5c/saTzqevVm897Sc7HxRqVda7Urrc2tW43mxt32rfy53rdqc2OpFQDwfi5cfOuPSURsv/hEvkTPXA7aajjd0hHmAk6WmaOcrIMAJ5rZvmB6DdWE552E3x57WYDJ6Psw71Lfzff6yQcI4veM4EPl8seHH/83xzOcLh9wZP/3xzJJPjARjzf+/9LIywGMn/F/mF6dTnJwzv/5/SQA4FQ6wq/wdX4wqk4IMFGPmsx7JN//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwClzNiK+E0lazucCT7N/03I54qmIOB9zye31eu1aRJyLixExt5DtL0260ADAEaV/T4r5vy4vPnv2YOp88t+FfB0R3/vpqz9+Y7ndvr+UHf/X/vGFvenDqu+ed4R5BQGA4f11mEx5+10t1j0f5B/uPFjZW46xjIe886X9yUdXdnce5Es3ZTY6nU4nopT3Jc78O4nZ4pxSRDwTETMjiL/9ZkR8rF/9k3xs5Hwx82lv/ChiPzXW+Ol74qd5WnedvXwfHUFZYNq8ld1/bvZ7/6VxKV/3f/+X8jvU0eX3v1LE3r1vtyf+bBFppk/87D1/adgYz/3mq4cOdha7aW9GPDPbL36yHz8ZEP/ZIeP/+ROf+uFLA9I6P4u4HP3j98aqtBv3Kq3NravrjeW12lrtbrV6Y+nGtReuP1+t5GPUlb2R6sP+8eKVc4PKltX/zID4pb71n98/93ND1v/n/3vtW59+d3fhYPwvfLb/z//pvvG7sjbx80PGXz7zy4HTd2fxVwfU/1E//ytDxn/7b1urQ2YFAMagtbl1Z7ler90/0kb2KXQU1zm0kRVxuMx73cXBeYoMN9/vOn+JfGNEL8uAjawzNkzmueN6VY99Y3a/rzjaK38zu+KYq5OOvBZH2ng4rliTuR8B43OoeQQAAAAAAAAAAAAAAD50xvGnS5OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX/wMAAP//8RXBxA==")
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e40316"], 0x40c}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)

998.609168ms ago: executing program 2 (id=3800):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f0001140000ff840600ac141430e0000003808a8972bd0b72e4108296a3d206163944f8afc1bf505602da9168d6f9ce320068ff1f7e345a170d1423c2e18c8ed410c8aab9a20b514d2b583b90a86da4483488c0fdc6c2"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000}, 0x1)

362.92632ms ago: executing program 3 (id=3801):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380100001800800010000000000040003"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)

362.28343ms ago: executing program 1 (id=3802):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000300)={r2}, 0xc)

227.764381ms ago: executing program 1 (id=3803):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0x6}]}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9", 0xe, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
readv(r1, &(0x7f0000000440)=[{&(0x7f0000000580)=""/100, 0x64}], 0x1)

83.108333ms ago: executing program 2 (id=3804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000340)='console\x00', r1}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'macsec0\x00', @random="06517dc2e6ea"})

26.738217ms ago: executing program 7 (id=3805):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0xdcf8, 0x0, 0x0, 0x0, 0x2}]}, 0x0, 0xd, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0x8004, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

26.267947ms ago: executing program 1 (id=3806):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000580)={'veth0_macvtap\x00', <r3=>0x0})
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000a40)={r0, r3, 0x25, 0x0, @val=@netkit}, 0x1c)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r4, r1, 0x4, r0}, 0x10)

0s ago: executing program 1 (id=3807):
syz_clone3(&(0x7f0000000080)={0x801400, 0x0, 0x0, 0x0, {0xe}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = gettid()
timer_create(0x2, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000880)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)

kernel console output (not intermixed with test programs):

-usb-audio: probe of 5-1:1.0 failed with error -22
[ 1019.460595][ T1114] usb 5-1: USB disconnect, device number 7
[ 1019.827003][   T28] audit: type=1400 audit(2000000237.730:1130): avc:  denied  { bind } for  pid=8721 comm="syz.1.1845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1019.897143][   T28] audit: type=1400 audit(2000000237.750:1131): avc:  denied  { name_bind } for  pid=8721 comm="syz.1.1845" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1019.960324][ T8532] udevd[8532]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1019.996556][   T28] audit: type=1400 audit(2000000237.750:1132): avc:  denied  { node_bind } for  pid=8721 comm="syz.1.1845" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1021.873420][   T28] audit: type=1400 audit(2000000239.780:1133): avc:  denied  { getopt } for  pid=8787 comm="syz.1.1872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1021.919579][   T24] usb 5-1: new low-speed USB device number 8 using dummy_hcd
[ 1022.036529][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1022.093533][ T8798] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1876'.
[ 1022.111005][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1022.118789][   T24] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1022.132037][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.142800][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.210190][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.220485][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.230184][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.240390][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.250620][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.260881][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.352893][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.363835][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.393260][ T1114] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1022.410547][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.446858][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.478907][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.489587][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.499407][ T8811] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1881'.
[ 1022.508639][ T8811] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1881'.
[ 1022.517768][ T8811] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1881'.
[ 1022.526974][   T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1022.537391][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1022.554450][   T24] usb 5-1: string descriptor 0 read error: -22
[ 1022.611545][   T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1022.620852][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1022.642051][ T1114] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[ 1022.651427][ T1114] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1022.659504][ T1114] usb 4-1: Product: syz
[ 1022.663950][ T1114] usb 4-1: Manufacturer: syz
[ 1022.668771][ T1114] usb 4-1: SerialNumber: syz
[ 1022.679703][ T1114] usb 4-1: config 0 descriptor??
[ 1022.700678][ T1114] usb 4-1: Waiting for MOTU Microbook II to boot up...
[ 1022.707684][ T1114] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[ 1022.752632][ T1114] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[ 1022.933864][   T24] usb 5-1: USB disconnect, device number 8
[ 1023.144846][ T1114] usb 4-1: USB disconnect, device number 8
[ 1023.900779][   T28] audit: type=1400 audit(2000000241.810:1134): avc:  denied  { ioctl } for  pid=8831 comm="syz.3.1888" path="/dev/uinput" dev="devtmpfs" ino=262 ioctlcmd=0x55c8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1023.961564][ T8836] loop4: detected capacity change from 0 to 512
[ 1023.971649][ T8836] EXT4-fs: Ignoring removed i_version option
[ 1024.125364][ T8836] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1024.351503][ T8836] EXT4-fs (loop4): 1 truncate cleaned up
[ 1024.381280][ T8836] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1024.768476][   T28] audit: type=1400 audit(2000000242.670:1135): avc:  denied  { mounton } for  pid=8835 comm="syz.4.1890" path="/316/file1/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1024.855883][  T285] EXT4-fs error (device loop4): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[ 1024.903503][   T28] audit: type=1400 audit(2000000242.700:1136): avc:  denied  { ioctl } for  pid=8844 comm="syz.2.1893" path="socket:[36829]" dev="sockfs" ino=36829 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1024.946686][  T285] EXT4-fs error (device loop4): ext4_lookup:1858: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[ 1025.024576][   T28] audit: type=1400 audit(2000000242.730:1137): avc:  denied  { setopt } for  pid=8846 comm="syz.3.1894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1025.076404][   T28] audit: type=1400 audit(2000000242.980:1138): avc:  denied  { rmdir } for  pid=2023 comm="syz.4.361" name=".index" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1025.191236][ T2023] EXT4-fs (loop4): unmounting filesystem.
[ 1025.930480][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1026.001324][ T8899] cgroup: Unexpected value for 'cpuset_v2_mode'
[ 1026.022273][ T8903] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1920'.
[ 1026.031409][ T8903] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1920'.
[ 1026.136472][   T28] audit: type=1400 audit(2000000244.040:1139): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1026.214548][ T8915] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1925'.
[ 1026.937443][ T8910] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.957802][ T8910] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.965562][ T8910] device bridge_slave_0 entered promiscuous mode
[ 1026.973347][ T8910] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.980601][ T8910] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1026.988306][ T8910] device bridge_slave_1 entered promiscuous mode
[ 1028.065483][ T7047] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1028.071531][ T1423] Bluetooth: hci0: command 0x1003 tx timeout
[ 1028.081918][ T6975] device 
30ªX¹¦D left promiscuous mode
[ 1028.087593][ T6975] bridge0: port 3(
30ªX¹¦D) entered disabled state
[ 1028.088909][   T28] audit: type=1400 audit(2000000245.990:1140): avc:  denied  { name_bind } for  pid=8942 comm="syz.2.1930" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1028.167403][ T8910] device veth0_vlan entered promiscuous mode
[ 1028.188225][ T8910] device veth1_macvtap entered promiscuous mode
[ 1028.215224][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1028.236583][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1028.253596][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1028.263286][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1028.272782][ T6003] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1028.279896][ T6003] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1028.534864][ T8959] loop3: detected capacity change from 0 to 512
[ 1028.545467][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1028.555577][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1028.586205][ T6003] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1028.593328][ T6003] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1028.615112][ T8959] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1028.624391][ T8959] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1028.644900][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1028.654206][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1028.665632][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1028.675204][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1028.688827][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1028.698209][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1028.778270][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1028.788634][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1028.805950][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1028.814535][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1028.822909][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1029.160068][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1029.168610][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1029.177401][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1029.203677][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1029.282895][ T8986] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1917'.
[ 1029.300787][   T28] audit: type=1400 audit(2000000247.170:1141): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/root/syzkaller.V3VjSG/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1030.510270][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1030.519216][ T5684] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1030.539143][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1030.555839][ T6003] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1030.604958][   T28] audit: type=1400 audit(2000000247.170:1142): avc:  denied  { mount } for  pid=8910 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1030.613163][ T6975] device bridge_slave_1 left promiscuous mode
[ 1030.634103][   T28] audit: type=1400 audit(2000000247.170:1143): avc:  denied  { mount } for  pid=8910 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1030.656162][   T28] audit: type=1400 audit(2000000247.170:1144): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/root/syzkaller.V3VjSG/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1030.656793][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1030.689314][   T28] audit: type=1400 audit(2000000247.170:1145): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/root/syzkaller.V3VjSG/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=38069 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1030.717494][ T6975] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1030.725420][   T28] audit: type=1400 audit(2000000247.180:1146): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=570 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1030.725650][ T6975] device bridge_slave_0 left promiscuous mode
[ 1030.754894][   T28] audit: type=1400 audit(2000000247.180:1147): avc:  denied  { mounton } for  pid=8910 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1030.779881][ T6975] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1030.788673][ T6975] device veth0_vlan left promiscuous mode
[ 1030.838792][   T28] audit: type=1400 audit(2000000248.740:1148): avc:  denied  { read } for  pid=9015 comm="syz.1.1950" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1031.129736][  T577] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1031.629793][ T1423] Bluetooth: hci0: command 0x1003 tx timeout
[ 1031.629830][ T7047] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1031.868942][ T9039] loop5: detected capacity change from 0 to 1024
[ 1031.881442][  T577] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1031.895808][ T9039] EXT4-fs (loop5): revision level too high, forcing read-only mode
[ 1031.903982][  T577] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1031.913962][ T9039] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1031.921086][ T9039] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #11: comm syz.5.1959: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 5(4), depth 0(0)
[ 1031.923471][  T577] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1031.940793][ T9039] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1959: couldn't read orphan inode 11 (err -117)
[ 1031.964274][ T9039] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1031.968462][  T577] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[ 1031.983971][ T9050] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1963'.
[ 1031.990263][ T9039] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.1959: iget: bad i_size value: 1970324836974602
[ 1032.006004][  T577] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1032.019527][  T577] usb 4-1: Product: syz
[ 1032.023749][  T577] usb 4-1: Manufacturer: syz
[ 1032.028857][ T8910] EXT4-fs (loop5): unmounting filesystem.
[ 1032.030912][  T577] usb 4-1: SerialNumber: syz
[ 1032.045370][  T577] usb 4-1: config 0 descriptor??
[ 1032.063461][  T577] usb 4-1: Found UVC 34.00 device syz (8086:0b5b)
[ 1032.070278][  T577] usb 4-1: No valid video chain found.
[ 1032.710937][ T9075] loop5: detected capacity change from 0 to 4096
[ 1032.735019][  T577] usb 4-1: USB disconnect, device number 9
[ 1032.816313][ T9075] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1032.979575][   T28] audit: type=1400 audit(2000000250.860:1149): avc:  denied  { rename } for  pid=9074 comm="syz.5.1970" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1033.005195][ T8910] EXT4-fs (loop5): unmounting filesystem.
[ 1033.045329][   T28] audit: type=1400 audit(2000000250.860:1150): avc:  denied  { unlink } for  pid=9074 comm="syz.5.1970" name="file0" dev="loop5" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1034.624905][ T9138] loop3: detected capacity change from 0 to 128
[ 1034.632128][ T9138] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1034.638844][ T9138] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1035.464575][ T9138] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1035.606193][ T9138] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1035.616148][ T9138] ext4 filesystem being mounted at /340/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1035.877362][ T9144] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1997'.
[ 1035.908001][ T9146] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9146 comm=syz.1.1998
[ 1036.005795][ T9144] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1997'.
[ 1036.018474][ T9146] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17 sclass=netlink_tcpdiag_socket pid=9146 comm=syz.1.1998
[ 1036.038006][ T9144] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1997'.
[ 1036.056117][ T9144] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1997'.
[ 1036.140023][ T9160] loop5: detected capacity change from 0 to 128
[ 1036.176773][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1036.187375][   T28] audit: type=1400 audit(2000000254.090:1151): avc:  denied  { read } for  pid=9166 comm="syz.0.2008" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1036.188814][ T9167] binder: 9166:9167 ioctl 40046210 0 returned -14
[ 1036.224956][ T9160] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1036.238614][   T28] audit: type=1400 audit(2000000254.090:1152): avc:  denied  { open } for  pid=9166 comm="syz.0.2008" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1036.263557][   T28] audit: type=1400 audit(2000000254.090:1153): avc:  denied  { ioctl } for  pid=9166 comm="syz.0.2008" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x6210 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1036.277841][ T9160] ext4 filesystem being mounted at /12/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1036.311391][   T28] audit: type=1400 audit(2000000254.210:1154): avc:  denied  { bind } for  pid=9173 comm="syz.3.2007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1036.371310][ T9181] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1036.380582][ T9181] netlink: 'syz.0.2011': attribute type 1 has an invalid length.
[ 1036.400603][ T8910] EXT4-fs (loop5): unmounting filesystem.
[ 1036.443891][   T28] audit: type=1400 audit(2000000254.350:1155): avc:  denied  { write } for  pid=9183 comm="syz.0.2014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1036.950499][   T10] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1037.222028][ T9209] loop5: detected capacity change from 0 to 512
[ 1037.274455][ T9209] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1037.284299][ T9209] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1037.634114][ T9222] loop3: detected capacity change from 0 to 512
[ 1037.859548][ T9222] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1037.869048][ T9222] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1038.449557][   T28] audit: type=1400 audit(2000000256.330:1156): avc:  denied  { getopt } for  pid=9231 comm="syz.1.2024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1038.470207][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1038.519913][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1039.133203][ T1423] Bluetooth: hci0: command 0x1003 tx timeout
[ 1039.134026][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1039.444502][ T9216] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 328: padding at end of block bitmap is not set
[ 1039.994368][   T28] audit: type=1400 audit(2000000257.900:1157): avc:  denied  { nlmsg_read } for  pid=9287 comm="syz.2.2049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1040.015614][ T9288] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2049'.
[ 1040.148096][ T9304] loop3: detected capacity change from 0 to 128
[ 1040.168446][ T9304] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1040.190869][ T9304] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1040.219031][ T9304] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1040.279325][ T9304] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1040.713338][ T9304] ext4 filesystem being mounted at /350/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1040.953219][ T8910] EXT4-fs (loop5): unmounting filesystem.
[ 1041.825635][ T9340] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2067'.
[ 1042.303689][ T9353] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2073'.
[ 1042.331925][ T9353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2073'.
[ 1042.350435][ T9353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2073'.
[ 1042.448925][ T9364] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2077'.
[ 1042.548299][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1043.454301][ T9390] loop5: detected capacity change from 0 to 128
[ 1043.473852][ T9390] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1043.555364][ T8910] EXT4-fs (loop5): unmounting filesystem.
[ 1043.569402][ T9400] loop3: detected capacity change from 0 to 256
[ 1043.617490][ T9400] FAT-fs (loop3): Directory bread(block 64) failed
[ 1043.636014][   T28] audit: type=1400 audit(2000000261.540:1158): avc:  denied  { sqpoll } for  pid=9402 comm="syz.5.2094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1043.655511][ T9400] FAT-fs (loop3): Directory bread(block 65) failed
[ 1043.680956][ T9400] FAT-fs (loop3): Directory bread(block 66) failed
[ 1043.701538][   T28] audit: type=1400 audit(2000000261.610:1159): avc:  denied  { getopt } for  pid=9408 comm="syz.5.2096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1043.721835][ T9400] FAT-fs (loop3): Directory bread(block 67) failed
[ 1043.728438][ T9400] FAT-fs (loop3): Directory bread(block 68) failed
[ 1043.758115][ T9400] FAT-fs (loop3): Directory bread(block 69) failed
[ 1043.766940][ T9413] loop5: detected capacity change from 0 to 256
[ 1043.773515][ T9400] FAT-fs (loop3): Directory bread(block 70) failed
[ 1043.793845][ T9413] exfat: Deprecated parameter 'namecase'
[ 1043.800475][ T9400] FAT-fs (loop3): Directory bread(block 71) failed
[ 1043.807607][ T9400] FAT-fs (loop3): Directory bread(block 72) failed
[ 1043.816546][ T9400] FAT-fs (loop3): Directory bread(block 73) failed
[ 1043.826713][ T9413] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x18d51376, utbl_chksum : 0xe619d30d)
[ 1043.867039][   T28] audit: type=1400 audit(2000000261.770:1160): avc:  denied  { mounton } for  pid=9412 comm="syz.5.2098" path="/24/bus/file0" dev="loop5" ino=1048698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1043.937454][   T28] audit: type=1400 audit(2000000261.840:1161): avc:  denied  { write } for  pid=8910 comm="syz-executor" name="file0" dev="loop5" ino=1048698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1043.980712][   T28] audit: type=1400 audit(2000000261.840:1162): avc:  denied  { remove_name } for  pid=8910 comm="syz-executor" name="file0" dev="loop5" ino=1048704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1044.016285][   T28] audit: type=1400 audit(2000000261.840:1163): avc:  denied  { unlink } for  pid=8910 comm="syz-executor" name="file0" dev="loop5" ino=1048704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1044.059561][   T28] audit: type=1400 audit(2000000261.870:1164): avc:  denied  { rmdir } for  pid=8910 comm="syz-executor" name="file0" dev="loop5" ino=1048698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1044.625214][ T9436] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.632800][ T9436] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.641068][ T9436] device bridge_slave_0 entered promiscuous mode
[ 1044.648833][ T9436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1044.656150][ T9436] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.663889][ T9436] device bridge_slave_1 entered promiscuous mode
[ 1044.755264][ T9436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1044.762437][ T9436] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1044.769826][ T9436] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.776888][ T9436] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1044.818145][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1044.828503][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1044.840134][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.864400][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1044.875673][ T9470] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2117'.
[ 1044.880082][  T372] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.891843][  T372] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1044.904665][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1044.913175][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1044.920257][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1044.942996][ T6975] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1044.954237][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1044.962714][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1044.981609][ T9436] device veth0_vlan entered promiscuous mode
[ 1044.995350][ T9436] device veth1_macvtap entered promiscuous mode
[ 1045.043595][ T9474] loop3: detected capacity change from 0 to 128
[ 1045.050415][ T9474] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1045.057042][ T9474] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1045.064682][ T9474] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1045.074637][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1045.090280][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1045.099818][ T9474] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1045.108766][ T9474] ext4 filesystem being mounted at /355/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1045.163408][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1045.170488][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1045.205672][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1045.240123][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1045.256325][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1045.275601][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1045.553619][   T28] audit: type=1400 audit(2000000263.460:1165): avc:  denied  { read } for  pid=9490 comm="syz.3.2124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1045.677435][ T9499] loop3: detected capacity change from 0 to 16
[ 1045.695445][ T9499] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1045.722092][ T9499] erofs: (device loop3): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[ 1045.740198][ T9499] erofs: (device loop3): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36
[ 1045.752142][ T9499] erofs: (device loop3): z_erofs_read_folio: failed to read, err [-117]
[ 1045.899400][ T9520] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2136'.
[ 1045.975839][ T9525] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2138'.
[ 1046.020572][ T5684] device bridge_slave_1 left promiscuous mode
[ 1046.027914][ T5684] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1046.050603][ T5684] device bridge_slave_0 left promiscuous mode
[ 1046.058545][ T5684] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1046.076718][ T5684] device veth1_macvtap left promiscuous mode
[ 1046.083365][ T5684] device veth0_vlan left promiscuous mode
[ 1046.242374][ T9541] loop3: detected capacity change from 0 to 512
[ 1046.275816][   T28] audit: type=1400 audit(2000000264.180:1166): avc:  denied  { nlmsg_write } for  pid=9546 comm="syz.6.2147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1046.363871][ T9541] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1046.373096][ T9541] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1046.438446][ T9571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2157'.
[ 1046.451596][ T9571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2157'.
[ 1047.019509][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1047.019783][ T1423] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1047.260414][ T9559] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 328: padding at end of block bitmap is not set
[ 1047.740163][   T28] audit: type=1400 audit(2000000265.650:1167): avc:  denied  { getopt } for  pid=9607 comm="syz.0.2173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1047.788374][ T9616] xt_bpf: check failed: parse error
[ 1047.829922][ T9472] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1047.993545][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1048.030850][ T9472] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1048.052893][ T9472] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1048.063040][ T9472] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1048.076201][ T9472] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1048.085432][ T9472] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.141822][ T9472] usb 7-1: config 0 descriptor??
[ 1048.149134][ T9472] hub 7-1:0.0: USB hub found
[ 1048.278047][ T9689] loop3: detected capacity change from 0 to 1024
[ 1048.296358][ T9689] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1048.640701][ T9472] hub 7-1:0.0: 14 ports detected
[ 1048.647220][ T9472] hub 7-1:0.0: insufficient power available to use all downstream ports
[ 1048.660182][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1048.700692][ T9472] hub 7-1:0.0: hub_hub_status failed (err = -71)
[ 1048.707469][ T9472] hub 7-1:0.0: config failed, can't get hub status (err -71)
[ 1048.725840][ T9709] netlink: 448 bytes leftover after parsing attributes in process `syz.2.2216'.
[ 1048.750132][ T9472] usb 7-1: USB disconnect, device number 2
[ 1049.355098][ T5684] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1049.379534][  T577] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1049.827792][ T9739] 8021q: VLANs not supported on lo
[ 1049.871673][  T577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1049.888223][  T577] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[ 1049.911120][  T577] usb 4-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18
[ 1049.926081][  T577] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1049.939508][  T577] usb 4-1: Product: syz
[ 1049.946840][  T577] usb 4-1: Manufacturer: syz
[ 1049.955862][  T577] usb 4-1: SerialNumber: syz
[ 1049.974902][  T577] usb 4-1: config 0 descriptor??
[ 1050.265720][   T28] kauditd_printk_skb: 3 callbacks suppressed
[ 1050.265740][   T28] audit: type=1400 audit(2000000268.170:1171): avc:  denied  { getopt } for  pid=9748 comm="syz.6.2231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1050.351331][ T9755] netlink: 'syz.6.2234': attribute type 3 has an invalid length.
[ 1050.374158][ T9758] loop6: detected capacity change from 0 to 256
[ 1050.388962][ T9758] FAT-fs (loop6): Directory bread(block 64) failed
[ 1050.395742][ T9758] FAT-fs (loop6): Directory bread(block 65) failed
[ 1050.402742][ T9758] FAT-fs (loop6): Directory bread(block 66) failed
[ 1050.409379][ T9758] FAT-fs (loop6): Directory bread(block 67) failed
[ 1050.416274][ T9758] FAT-fs (loop6): Directory bread(block 68) failed
[ 1050.422959][ T9758] FAT-fs (loop6): Directory bread(block 69) failed
[ 1050.430076][ T9758] FAT-fs (loop6): Directory bread(block 70) failed
[ 1050.436705][ T9758] FAT-fs (loop6): Directory bread(block 71) failed
[ 1050.444001][ T9758] FAT-fs (loop6): Directory bread(block 72) failed
[ 1050.450902][ T9758] FAT-fs (loop6): Directory bread(block 73) failed
[ 1050.485370][ T8795] usb 4-1: USB disconnect, device number 10
[ 1051.116375][ T9782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2247'.
[ 1051.136033][   T28] audit: type=1400 audit(2000000269.040:1172): avc:  denied  { ioctl } for  pid=9784 comm="syz.2.2248" path="socket:[40196]" dev="sockfs" ino=40196 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1051.342789][ T9817] loop3: detected capacity change from 0 to 256
[ 1051.419588][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1051.419701][ T1423] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1051.589173][   T28] audit: type=1400 audit(2000000269.490:1173): avc:  denied  { read } for  pid=9829 comm="syz.6.2269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1051.720424][ T9835] loop6: detected capacity change from 0 to 256
[ 1051.792245][ T9835] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[ 1051.842146][   T28] audit: type=1400 audit(2000000269.750:1174): avc:  denied  { mounton } for  pid=9833 comm="syz.6.2271" path="/41/bus/file0/file0" dev="loop6" ino=1048711 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1052.489600][ T9860] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2281'.
[ 1052.521365][ T9860] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2281'.
[ 1052.561822][  T372] device bridge_slave_1 left promiscuous mode
[ 1052.568077][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1052.630561][  T372] device bridge_slave_0 left promiscuous mode
[ 1052.637139][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1052.652755][  T372] device veth1_macvtap left promiscuous mode
[ 1052.659007][  T372] device veth0_vlan left promiscuous mode
[ 1053.600317][ T9889] loop3: detected capacity change from 0 to 1024
[ 1053.607465][ T9855] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1053.627562][ T9855] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1053.636548][ T9855] device bridge_slave_0 entered promiscuous mode
[ 1053.638740][   T28] audit: type=1400 audit(2000000271.540:1175): avc:  denied  { getopt } for  pid=9895 comm="syz.2.2293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1053.651050][ T9855] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.667605][ T9889] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.2291: Invalid block bitmap block 0 in block_group 0
[ 1053.679733][ T9855] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.690822][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.704640][ T9889] Quota error (device loop3): write_blk: dquota write failed
[ 1053.718886][ T9855] device bridge_slave_1 entered promiscuous mode
[ 1053.726273][ T9889] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1053.797893][ T9889] EXT4-fs error (device loop3): ext4_acquire_dquot:6801: comm syz.3.2291: Failed to acquire dquot type 0
[ 1053.813414][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.820586][ T9889] EXT4-fs error (device loop3): ext4_free_blocks:6210: comm syz.3.2291: Freeing blocks not in datazone - block = 0, count = 4096
[ 1053.827337][ T9855] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.834383][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.841130][ T9855] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1053.841254][ T9855] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1053.848287][ T9889] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.2291: Invalid inode bitmap blk 0 in block_group 0
[ 1053.854901][ T9855] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1053.882497][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1053.886700][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.897598][  T441] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.898073][ T9889] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem
[ 1053.904843][ T6003] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-7
[ 1053.913803][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.923698][ T6003] EXT4-fs error (device loop3): ext4_release_dquot:6837: comm kworker/u4:2: Failed to release dquot type 0
[ 1053.929032][ T9889] EXT4-fs (loop3): 1 orphan inode deleted
[ 1053.941372][ T6003] EXT4-fs (loop3): Remounting filesystem read-only
[ 1053.952708][ T9889] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1053.967888][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1053.977249][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1053.987630][ T9889] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.2291: iget: bad extra_isize 65535 (inode size 256)
[ 1054.002228][ T9889] EXT4-fs (loop3): Remounting filesystem read-only
[ 1054.012920][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1054.022909][  T441] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1054.023857][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1054.030002][  T441] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1054.046687][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1054.116696][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1054.276651][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1055.040707][ T9915] loop3: detected capacity change from 0 to 128
[ 1055.047547][ T9915] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1055.054218][ T9915] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1055.221013][ T9915] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1055.374474][ T9915] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1055.384800][ T9915] ext4 filesystem being mounted at /391/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1055.534955][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1055.657081][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1055.839644][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1055.847303][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1056.012718][ T9855] device veth0_vlan entered promiscuous mode
[ 1056.037255][ T9855] device veth1_macvtap entered promiscuous mode
[ 1056.153241][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1056.210776][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1056.239838][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1056.253580][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1056.281062][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1056.290838][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1056.300673][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1056.310434][  T441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1056.602501][ T9952] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2308'.
[ 1056.622739][ T9952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2308'.
[ 1056.641712][ T9958] loop3: detected capacity change from 0 to 512
[ 1056.707850][ T9958] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 33619980: comm syz.3.2311: invalid block
[ 1056.724029][ T9958] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2311: bg 0: block 127: padding at end of block bitmap is not set
[ 1056.779307][ T9958] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1056.790198][ T9958] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.2311: attempt to clear invalid blocks 983260 len 1
[ 1056.812526][ T9958] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2311: invalid indirect mapped block 2683928664 (level 0)
[ 1056.830384][ T9958] EXT4-fs error (device loop3): __ext4_get_inode_loc:4509: comm syz.3.2311: Invalid inode table block 0 in block_group 0
[ 1056.844141][ T9958] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5917: Corrupt filesystem
[ 1056.854244][ T9958] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[ 1056.868312][ T9958] EXT4-fs error (device loop3): __ext4_get_inode_loc:4509: comm syz.3.2311: Invalid inode table block 0 in block_group 0
[ 1056.882719][ T9958] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5917: Corrupt filesystem
[ 1056.892945][ T9958] EXT4-fs error (device loop3): ext4_truncate:4314: inode #13: comm syz.3.2311: mark_inode_dirty error
[ 1056.904577][ T9958] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[ 1056.914014][ T9958] EXT4-fs (loop3): 1 truncate cleaned up
[ 1056.919852][ T9958] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1057.474934][   T28] audit: type=1400 audit(2000000275.380:1176): avc:  denied  { setattr } for  pid=9957 comm="syz.3.2311" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1057.496984][ T9958] EXT4-fs error (device loop3): __ext4_get_inode_loc:4509: comm syz.3.2311: Invalid inode table block 0 in block_group 0
[ 1057.515599][ T9958] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5917: Corrupt filesystem
[ 1057.539258][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1058.142962][T10021] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2336'.
[ 1058.159546][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2336'.
[ 1058.181096][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2336'.
[ 1059.163505][T10100] loop7: detected capacity change from 0 to 512
[ 1059.194009][T10100] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1059.201507][T10100] EXT4-fs: Ignoring removed bh option
[ 1059.256099][T10100] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1059.283001][T10100] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1059.458191][T10100] EXT4-fs (loop7): 1 truncate cleaned up
[ 1059.464064][T10100] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1059.518319][  T441] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1059.947377][T10122] binder: 10121:10122 ioctl 400c620e 200000000400 returned -22
[ 1060.060730][  T441] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1060.522474][T10143] loop3: detected capacity change from 0 to 128
[ 1060.529663][T10143] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1060.536370][T10143] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1060.544738][T10143] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1060.561131][T10143] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1060.570552][T10143] ext4 filesystem being mounted at /408/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1060.868799][T10160] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2391'.
[ 1061.008399][T10168] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2395'.
[ 1061.180425][T10175] cgroup: Name too long
[ 1061.740312][ T1423] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1061.791932][T10184] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2401'.
[ 1062.139567][ T7047] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1062.163728][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1062.198042][T10194] loop3: detected capacity change from 0 to 128
[ 1062.289883][   T28] audit: type=1400 audit(2000000280.200:1177): avc:  denied  { setopt } for  pid=10198 comm="syz.3.2407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1062.340404][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1062.360364][T10203] netlink: 'syz.3.2410': attribute type 27 has an invalid length.
[ 1062.472939][T10207] usb usb8: usbfs: process 10207 (syz.3.2411) did not claim interface 0 before use
[ 1062.551061][T10215] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2415'.
[ 1062.569614][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2415'.
[ 1062.579017][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2415'.
[ 1062.590269][T10217] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2416'.
[ 1062.600126][T10217] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2416'.
[ 1062.756128][   T28] audit: type=1400 audit(2000000280.660:1178): avc:  denied  { accept } for  pid=10226 comm="syz.7.2423" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1062.758359][T10223] loop3: detected capacity change from 0 to 512
[ 1062.834735][T10223] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1062.843833][T10223] ext4 filesystem being mounted at /418/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1062.890130][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1063.033375][T10248] loop7: detected capacity change from 0 to 512
[ 1063.044847][T10248] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1063.051487][T10248] EXT4-fs: Ignoring removed bh option
[ 1063.062831][T10248] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1063.076632][T10248] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1063.244005][T10252] loop3: detected capacity change from 0 to 512
[ 1063.266697][T10248] EXT4-fs (loop7): 1 truncate cleaned up
[ 1063.278114][T10248] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1063.328766][T10252] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1063.366171][T10252] EXT4-fs: Ignoring removed bh option
[ 1063.372093][T10252] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1063.378891][T10252] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1063.410520][T10252] EXT4-fs (loop3): 1 truncate cleaned up
[ 1063.416215][T10252] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1063.450570][  T441] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1063.460358][  T372] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1063.466799][  T441] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1063.871026][T10278] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2440'.
[ 1064.888220][T10304] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2450'.
[ 1065.499578][ T1423] Bluetooth: hci1: command 0x1003 tx timeout
[ 1065.499594][ T7047] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1065.499640][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1065.517940][  T693] Bluetooth: hci0: command 0x1003 tx timeout
[ 1065.565593][T10320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2457'.
[ 1065.574940][T10320] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2457'.
[ 1066.094031][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1066.207802][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1066.271400][T10356] loop7: detected capacity change from 0 to 128
[ 1066.289139][T10356] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1066.299069][T10356] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1066.335381][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1066.445189][T10377] sch_fq: defrate 4294967295 ignored.
[ 1066.508785][T10382] loop7: detected capacity change from 0 to 512
[ 1066.516878][T10382] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1066.523939][T10382] EXT4-fs: Ignoring removed bh option
[ 1066.530157][T10382] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1066.537007][T10382] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1066.548680][T10382] EXT4-fs (loop7): 1 truncate cleaned up
[ 1066.554411][ T5898] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[ 1066.560416][T10382] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1066.588889][  T372] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1066.750842][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1066.762131][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1066.772393][ T5898] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1066.785505][ T5898] usb 4-1: New USB device found, idVendor=046d, idProduct=c101, bcdDevice= 0.00
[ 1066.795202][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.808660][ T5898] usb 4-1: config 0 descriptor??
[ 1067.218878][ T5898] logitech 0003:046D:C101.0002: hidraw0: USB HID v0.01 Device [HID 046d:c101] on usb-dummy_hcd.3-1/input0
[ 1067.418600][ T5898] usb 4-1: USB disconnect, device number 11
[ 1068.290275][ T4966] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1068.489634][ T4966] usb 4-1: Using ep0 maxpacket: 32
[ 1068.552723][ T4966] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[ 1068.561103][ T4966] usb 4-1: config 0 has no interface number 0
[ 1068.567236][ T4966] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1068.578408][ T4966] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1068.588362][ T4966] usb 4-1: config 0 interface 85 has no altsetting 0
[ 1068.599719][ T4966] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1068.608900][ T4966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.619531][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1068.673339][ T4966] usb 4-1: Product: syz
[ 1068.677822][ T4966] usb 4-1: Manufacturer: syz
[ 1068.683624][ T4966] usb 4-1: SerialNumber: syz
[ 1068.690215][ T4966] usb 4-1: config 0 descriptor??
[ 1069.066626][T10422] __nla_validate_parse: 1 callbacks suppressed
[ 1069.066649][T10422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2497'.
[ 1069.133569][  T577] usb 4-1: USB disconnect, device number 12
[ 1069.201946][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1069.404117][T10442] loop7: detected capacity change from 0 to 128
[ 1069.411291][T10442] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1069.417933][T10442] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1069.429986][T10442] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1069.439135][T10442] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1069.448044][T10442] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1069.501658][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1069.519584][T10447] netlink: 'syz.7.2507': attribute type 32 has an invalid length.
[ 1069.527455][T10447] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2507'.
[ 1069.593285][T10452] loop7: detected capacity change from 0 to 128
[ 1069.677385][T10454] loop7: detected capacity change from 0 to 512
[ 1069.695678][T10454] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1069.705352][T10454] EXT4-fs: Ignoring removed bh option
[ 1069.721568][T10454] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1069.732486][T10454] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1069.749036][T10460] loop3: detected capacity change from 0 to 512
[ 1069.759010][T10460] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1069.766171][T10460] EXT4-fs: Ignoring removed bh option
[ 1069.775978][T10454] EXT4-fs (loop7): 1 truncate cleaned up
[ 1069.782092][T10460] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1069.788886][T10460] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1069.789594][T10454] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1069.830751][T10460] EXT4-fs (loop3): 1 truncate cleaned up
[ 1069.836485][T10460] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1069.891081][ T6003] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1069.931096][ T6003] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1069.974674][T10468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2515'.
[ 1069.984281][T10468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2515'.
[ 1071.899512][ T7047] Bluetooth: hci0: command 0x1003 tx timeout
[ 1071.899500][ T1423] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1071.964536][T10509] syz.2.2530[10509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1071.964603][T10509] syz.2.2530[10509] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1071.979585][ T1423] Bluetooth: hci1: command 0x1003 tx timeout
[ 1071.979926][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1072.054632][   T28] audit: type=1400 audit(2000000289.960:1179): avc:  denied  { ioctl } for  pid=10518 comm="syz.2.2535" path="socket:[41890]" dev="sockfs" ino=41890 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1072.552442][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1072.553028][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1074.624769][T10574] loop7: detected capacity change from 0 to 128
[ 1074.631600][T10574] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1074.638400][T10574] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1074.747173][T10574] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1074.914397][T10574] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1074.924351][T10574] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1075.221980][   T28] audit: type=1400 audit(2000000293.130:1180): avc:  denied  { shutdown } for  pid=10586 comm="syz.2.2559" laddr=fe80::16a4:eeff:fe1e:e438 lport=55736 faddr=fe80::7 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1075.761380][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1076.862549][T10636] xt_hashlimit: size too large, truncated to 1048576
[ 1077.027077][T10642] loop3: detected capacity change from 0 to 128
[ 1077.033982][T10642] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1077.040655][T10642] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1077.048033][T10642] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1077.073112][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2579'.
[ 1077.103775][T10644] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2579'.
[ 1077.118059][T10642] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1077.127630][T10642] ext4 filesystem being mounted at /434/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1077.417031][T10652] device erspan0 entered promiscuous mode
[ 1077.913322][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1078.693273][T10708] device wireguard0 entered promiscuous mode
[ 1078.819518][ T5898] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1078.887643][   T28] audit: type=1400 audit(2000000296.790:1181): avc:  denied  { write } for  pid=10717 comm="syz.7.2608" name="binder1" dev="binder" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1079.717827][ T5898] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1079.728151][ T5898] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1079.737912][ T5898] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1079.747052][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1079.755534][ T5898] usb 4-1: SerialNumber: syz
[ 1079.779510][  T751] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1080.127929][ T5898] usb 4-1: 0:2 : does not exist
[ 1080.138905][ T5898] usb 4-1: USB disconnect, device number 13
[ 1080.147484][T10737] udevd[10737]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1080.229494][  T751] usb 8-1: Using ep0 maxpacket: 32
[ 1080.236244][  T751] usb 8-1: config 0 has no interfaces?
[ 1080.241906][  T751] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1080.251136][  T751] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1080.260136][  T751] usb 8-1: config 0 descriptor??
[ 1080.466820][T10718] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1080.475616][T10718] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1080.484173][  T751] usb 8-1: USB disconnect, device number 2
[ 1080.615241][T10746] device erspan0 entered promiscuous mode
[ 1080.621165][T10746] device vlan2 entered promiscuous mode
[ 1081.087499][T10759] loop3: detected capacity change from 0 to 512
[ 1081.141155][T10759] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1081.150412][T10759] ext4 filesystem being mounted at /439/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1081.256722][T10763] tipc: Started in network mode
[ 1081.261852][T10763] tipc: Node identity , cluster identity 4711
[ 1081.268074][T10763] tipc: Failed to set node id, please configure manually
[ 1081.275361][T10763] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1081.829086][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1081.889537][  T751] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[ 1082.500681][  T751] usb 8-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 1082.512701][  T751] usb 8-1: config 0 has an invalid interface number: 2 but max is -1
[ 1082.530313][  T751] usb 8-1: config 0 has an invalid interface number: 2 but max is -1
[ 1082.538794][  T751] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1082.549801][  T751] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1082.564767][  T751] usb 8-1: config 0 has no interface number 0
[ 1082.578223][  T751] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1082.594836][  T751] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.609261][  T751] usb 8-1: Product: syz
[ 1082.617740][  T751] usb 8-1: Manufacturer: syz
[ 1082.626940][  T751] usb 8-1: SerialNumber: syz
[ 1082.648627][  T751] usb 8-1: config 0 descriptor??
[ 1083.179988][  T751] usb 8-1: MIDIStreaming interface descriptor not found
[ 1083.201000][  T751] usb 8-1: USB disconnect, device number 3
[ 1083.217138][ T8532] udevd[8532]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.2/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1083.536934][T10837] loop7: detected capacity change from 0 to 2048
[ 1083.602979][T10837] Alternate GPT is invalid, using primary GPT.
[ 1083.610169][T10837]  loop7: p1 p2 p3
[ 1085.542232][T10866] loop7: detected capacity change from 0 to 512
[ 1085.589943][T10866] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1085.599230][T10866] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1085.628566][T10866] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1085.635884][T10866] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1085.689574][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1085.879968][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1085.900233][   T24] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1085.908945][   T24] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1086.049845][   T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1086.058884][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1086.069174][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1086.079632][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1086.096102][   T24] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1086.129501][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1086.148866][   T24] usb 4-1: config 0 descriptor??
[ 1086.363918][   T24] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1086.398823][   T24] usb 4-1: USB disconnect, device number 14
[ 1086.417845][   T24] usblp0: removed
[ 1086.699978][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1087.219527][   T24] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1087.278080][   T28] audit: type=1400 audit(2000000305.180:1182): avc:  denied  { write } for  pid=10936 comm="syz.0.2681" name="ppp" dev="devtmpfs" ino=157 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1087.306720][   T28] audit: type=1400 audit(2000000305.210:1183): avc:  denied  { ioctl } for  pid=10936 comm="syz.0.2681" path="/dev/ppp" dev="devtmpfs" ino=157 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1087.459513][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1087.466020][   T24] usb 4-1: config 0 has an invalid interface number: 180 but max is 0
[ 1087.474544][   T24] usb 4-1: config 0 has no interface number 0
[ 1087.480762][   T24] usb 4-1: config 0 interface 180 has no altsetting 0
[ 1087.492220][   T24] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0113, bcdDevice=f0.8f
[ 1087.501647][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.509952][   T24] usb 4-1: Product: syz
[ 1087.514355][   T24] usb 4-1: Manufacturer: syz
[ 1087.518976][   T24] usb 4-1: SerialNumber: syz
[ 1087.532642][   T24] usb 4-1: config 0 descriptor??
[ 1087.589558][ T8795] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1087.779629][ T8795] usb 8-1: Using ep0 maxpacket: 16
[ 1087.786537][ T8795] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1087.807975][ T8795] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1087.828236][ T8795] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1087.835361][ T8795] usb 8-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[ 1087.844793][ T8795] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1087.863539][ T8795] usb 8-1: config 0 descriptor??
[ 1087.960563][ T4966] usb 4-1: USB disconnect, device number 15
[ 1088.280788][ T8795] hid-generic 0003:060B:500A.0003: unexpected long global item
[ 1088.288744][ T8795] hid-generic: probe of 0003:060B:500A.0003 failed with error -22
[ 1088.486231][ T4966] usb 8-1: USB disconnect, device number 4
[ 1088.959493][ T5898] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1088.981510][   T28] audit: type=1400 audit(2000000306.890:1184): avc:  denied  { getattr } for  pid=10998 comm="syz.2.2706" name="/" dev="dax" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1089.140644][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1089.153127][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1089.163921][ T5898] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[ 1089.177523][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.189578][ T5898] usb 4-1: config 0 descriptor??
[ 1089.387616][T11022] loop7: detected capacity change from 0 to 512
[ 1089.411113][T11022] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1089.420391][T11022] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1089.524548][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1089.603437][ T5898] arvo 0003:1E7D:30D4.0004: unknown main item tag 0x0
[ 1089.619575][ T5898] arvo 0003:1E7D:30D4.0004: item fetching failed at offset 6/7
[ 1089.641984][ T5898] arvo 0003:1E7D:30D4.0004: parse failed
[ 1089.651280][ T5898] arvo: probe of 0003:1E7D:30D4.0004 failed with error -22
[ 1089.811848][ T5898] usb 4-1: USB disconnect, device number 16
[ 1089.971196][T11043] loop7: detected capacity change from 0 to 128
[ 1089.977896][T11043] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1089.984671][T11043] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1089.991858][T11043] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1090.003793][T11043] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1090.012556][T11043] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1090.510150][T11058] loop3: detected capacity change from 0 to 512
[ 1090.573759][T11058] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1090.582876][T11058] ext4 filesystem being mounted at /448/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1090.632046][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1091.074995][   T28] audit: type=1400 audit(2000000308.980:1185): avc:  denied  { connect } for  pid=11091 comm="syz.3.2740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1091.165920][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1091.483322][ T8795] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1091.668995][  T751] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1091.709326][   T28] audit: type=1400 audit(2000000309.610:1186): avc:  denied  { bind } for  pid=11115 comm="syz.2.2750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1091.805172][ T8795] usb 8-1: Using ep0 maxpacket: 32
[ 1091.816196][ T8795] usb 8-1: config 0 has an invalid interface number: 180 but max is 0
[ 1091.824957][ T8795] usb 8-1: config 0 has no interface number 0
[ 1091.831240][ T8795] usb 8-1: config 0 interface 180 has no altsetting 0
[ 1091.839584][ T8795] usb 8-1: New USB device found, idVendor=0bfd, idProduct=0113, bcdDevice=f0.8f
[ 1091.848658][ T8795] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1091.852332][  T751] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[ 1091.856748][ T8795] usb 8-1: Product: syz
[ 1091.866462][  T751] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1091.878148][ T8795] usb 8-1: Manufacturer: syz
[ 1091.878632][  T751] usb 4-1: Product: syz
[ 1091.887133][ T8795] usb 8-1: SerialNumber: syz
[ 1091.887571][  T751] usb 4-1: Manufacturer: syz
[ 1091.900906][  T751] usb 4-1: SerialNumber: syz
[ 1091.908489][ T8795] usb 8-1: config 0 descriptor??
[ 1091.914554][  T751] usb 4-1: config 0 descriptor??
[ 1091.934793][  T751] usb 4-1: Waiting for MOTU Microbook II to boot up...
[ 1091.942729][  T751] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[ 1091.951096][  T751] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[ 1092.255112][  T751] usb 4-1: USB disconnect, device number 17
[ 1092.489958][ T8795] usb 8-1: USB disconnect, device number 5
[ 1092.630535][ T6003] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1092.817059][   T28] audit: type=1400 audit(2000000310.720:1187): avc:  denied  { mounton } for  pid=11134 comm="syz.3.2757" path="/461/file0" dev="tmpfs" ino=2561 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1092.842004][T11135] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1092.851452][T11135] FAT-fs (loop7): unable to read boot sector
[ 1093.084877][   T28] audit: type=1400 audit(2000000310.990:1188): avc:  denied  { bind } for  pid=11149 comm="syz.2.2764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1093.183614][T11143] loop3: detected capacity change from 0 to 40427
[ 1093.211768][T11143] F2FS-fs (loop3): fault_injection options not supported
[ 1093.232287][T11143] F2FS-fs (loop3): fault_type options not supported
[ 1093.244172][T11143] F2FS-fs (loop3): invalid crc value
[ 1093.258437][T11143] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1093.297614][T11143] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1093.338414][   T28] audit: type=1400 audit(2000000311.240:1189): avc:  denied  { link } for  pid=11142 comm="syz.3.2761" name="file1" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1093.360841][  T282] syz-executor: attempt to access beyond end of device
[ 1093.360841][  T282] loop3: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[ 1093.828065][T11182] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1093.837624][T11182] FAT-fs (loop7): unable to read boot sector
[ 1093.933388][T11181] loop7: detected capacity change from 0 to 1024
[ 1093.964549][T11181] ext4: Unknown parameter 'smackfsdef'
[ 1094.206898][T11188] loop7: detected capacity change from 0 to 512
[ 1094.232809][T11188] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1094.254329][T11188] EXT4-fs: Ignoring removed bh option
[ 1094.270034][T11188] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1094.279697][T11188] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1094.298887][T11186] loop3: detected capacity change from 0 to 40427
[ 1094.327621][T11188] EXT4-fs (loop7): 1 truncate cleaned up
[ 1094.333581][T11188] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1094.343727][T11186] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1094.513174][T11186] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1094.540903][ T6003] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1094.760930][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1094.767115][ T7047] Bluetooth: hci0: command 0x1003 tx timeout
[ 1094.833231][  T282] syz-executor: attempt to access beyond end of device
[ 1094.833231][  T282] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1096.009830][T11245] netlink: 182 bytes leftover after parsing attributes in process `syz.1.2799'.
[ 1096.549976][  T693] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1096.964344][T11264] random: crng reseeded on system resumption
[ 1097.125284][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1097.182007][T11282] loop7: detected capacity change from 0 to 256
[ 1097.210018][   T28] audit: type=1400 audit(2000000315.120:1190): avc:  denied  { bind } for  pid=11287 comm="syz.3.2819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1097.211507][T11282] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[ 1097.252135][   T28] audit: type=1400 audit(2000000315.160:1191): avc:  denied  { add_name } for  pid=11281 comm="syz.7.2814" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1097.273357][   T28] audit: type=1400 audit(2000000315.160:1192): avc:  denied  { associate } for  pid=11281 comm="syz.7.2814" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1097.398595][   T28] audit: type=1400 audit(2000000315.240:1193): avc:  denied  { map } for  pid=11293 comm="syz.7.2821" path="/dev/ashmem" dev="devtmpfs" ino=269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1097.499281][T11302] loop7: detected capacity change from 0 to 512
[ 1097.514767][T11302] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1097.522819][T11302] EXT4-fs: Ignoring removed bh option
[ 1097.528753][T11302] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1097.536049][T11302] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1097.560848][T11302] EXT4-fs (loop7): 1 truncate cleaned up
[ 1097.565579][   T28] audit: type=1400 audit(2000000315.470:1194): avc:  denied  { shutdown } for  pid=11311 comm="syz.3.2828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1097.566599][T11302] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1100.561197][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1100.564824][T11320] /dev/loop0: Can't open blockdev
[ 1100.576712][T11320] /dev/loop0: Can't open blockdev
[ 1100.581563][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1100.815648][  T334] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1101.549374][T11348] netlink: 89 bytes leftover after parsing attributes in process `syz.3.2840'.
[ 1102.053730][   T28] audit: type=1400 audit(2000000319.960:1195): avc:  denied  { execute } for  pid=11393 comm="syz.2.2860" path="/710/memory.current" dev="tmpfs" ino=3806 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1102.629575][ T7047] Bluetooth: hci0: command 0x1003 tx timeout
[ 1102.629636][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1102.682222][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1102.859501][  T693] Bluetooth: hci1: command 0x1003 tx timeout
[ 1102.859550][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1102.914268][T11422] loop7: detected capacity change from 0 to 512
[ 1102.931616][T11422] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1102.940753][T11422] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1103.054429][T11435] loop3: detected capacity change from 0 to 512
[ 1103.062877][T11435] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[ 1103.071170][T11435] System zones: 1-12
[ 1103.075608][T11435] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.2873: Directory hole found for htree index block 0
[ 1103.088320][T11435] EXT4-fs (loop3): Remounting filesystem read-only
[ 1103.095146][T11435] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[ 1103.103632][T11435] EXT4-fs error (device loop3): dx_probe:823: inode #2: comm syz.3.2873: Directory hole found for htree index block 0
[ 1103.116602][T11435] EXT4-fs (loop3): Remounting filesystem read-only
[ 1103.123298][T11435] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[ 1103.131689][T11435] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1103.159339][T11435] EXT4-fs (loop3): shut down requested (1)
[ 1103.170012][   T28] audit: type=1400 audit(2000000321.080:1196): avc:  denied  { read } for  pid=84 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 1103.192075][   T28] audit: type=1400 audit(2000000321.080:1197): avc:  denied  { search } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1103.192774][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1103.214371][   T28] audit: type=1400 audit(2000000321.080:1198): avc:  denied  { write } for  pid=84 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1103.251101][   T28] audit: type=1400 audit(2000000321.080:1199): avc:  denied  { add_name } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1103.281102][   T28] audit: type=1400 audit(2000000321.080:1200): avc:  denied  { create } for  pid=84 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1103.302812][   T28] audit: type=1400 audit(2000000321.080:1201): avc:  denied  { append open } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1103.326106][   T28] audit: type=1400 audit(2000000321.080:1202): avc:  denied  { getattr } for  pid=84 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1103.566711][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1103.578761][T11448] loop3: detected capacity change from 0 to 40427
[ 1103.609558][T11448] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1103.617344][T11448] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1103.647597][T11448] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1103.846437][T11448] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1103.927673][T11448] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1104.046820][T11480] overlayfs: failed to clone upperpath
[ 1104.189884][   T28] audit: type=1400 audit(2000000322.100:1203): avc:  denied  { mount } for  pid=11489 comm="syz.7.2893" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1104.220334][   T28] audit: type=1400 audit(2000000322.120:1204): avc:  denied  { mounton } for  pid=11489 comm="syz.7.2893" path="/83/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[ 1104.222793][T11492] loop3: detected capacity change from 0 to 1024
[ 1104.258436][T11492] EXT4-fs: Ignoring removed bh option
[ 1104.546438][T11492] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1105.211378][T11492] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.2892: Allocating blocks 497-513 which overlap fs metadata
[ 1105.240281][T11492] EXT4-fs (loop3): Remounting filesystem read-only
[ 1105.296716][T11492] EXT4-fs (loop3): pa ffff8881054b51f8: logic 256, phys. 385, len 8
[ 1105.304844][T11492] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[ 1105.319867][T11492] EXT4-fs (loop3): Remounting filesystem read-only
[ 1105.381208][T11513] loop7: detected capacity change from 0 to 512
[ 1105.403131][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1105.417694][T11513] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1105.426767][T11513] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1105.910818][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1106.942866][   T24] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[ 1107.132432][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1107.192182][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1107.275188][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1107.294465][   T28] kauditd_printk_skb: 1 callbacks suppressed
[ 1107.294495][   T28] audit: type=1400 audit(2000000325.200:1206): avc:  denied  { validate_trans } for  pid=11557 comm="syz.7.2916" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1107.398216][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1107.476899][   T24] usb 4-1: Product: syz
[ 1107.519962][   T24] usb 4-1: Manufacturer: syz
[ 1107.565620][   T24] usb 4-1: SerialNumber: syz
[ 1108.076922][   T24] usb 4-1: cannot find UAC_HEADER
[ 1108.092664][   T24] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[ 1108.138820][   T24] usb 4-1: USB disconnect, device number 18
[ 1108.147766][T10737] udevd[10737]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 1108.747514][   T28] audit: type=1326 audit(2000000326.650:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11578 comm="syz.7.2924" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fba1958eb69 code=0x0
[ 1108.910968][T11594] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2931'.
[ 1108.920132][T11594] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2931'.
[ 1108.929146][T11594] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2931'.
[ 1109.209535][T11614] tipc: New replicast peer: 255.255.255.255
[ 1109.216742][T11614] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1110.198967][T11648] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2950'.
[ 1110.209503][  T577] tipc: Node number set to 1347153531
[ 1110.931683][ T1760] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1110.971669][T11680] loop7: detected capacity change from 0 to 512
[ 1110.978424][T11684] loop3: detected capacity change from 0 to 1024
[ 1111.006521][T11680] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1111.027964][T11684] EXT4-fs: Ignoring removed nobh option
[ 1111.049516][T11680] EXT4-fs: Ignoring removed bh option
[ 1111.055229][T11684] EXT4-fs: Ignoring removed bh option
[ 1111.061331][T11680] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1111.077522][T11680] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1111.102054][T11684] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1111.111969][T11684] ext4 filesystem being mounted at /515/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1111.124725][T11680] EXT4-fs (loop7): 1 truncate cleaned up
[ 1111.130578][T11680] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1111.159178][   T28] audit: type=1400 audit(2000000329.060:1208): avc:  denied  { ioctl } for  pid=11683 comm="syz.3.2965" path="/515/file1/file1" dev="loop3" ino=15 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1111.191705][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1111.207673][  T334] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1111.283657][T11705] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2972'.
[ 1111.292817][T11705] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2972'.
[ 1111.302404][T11705] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2972'.
[ 1111.832617][T11732] loop3: detected capacity change from 0 to 512
[ 1111.855277][T11732] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1111.864762][T11732] ext4 filesystem being mounted at /522/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1112.939461][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1112.939465][ T7047] Bluetooth: hci0: command 0x1003 tx timeout
[ 1112.978177][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1113.259600][   T45] Bluetooth: hci1: command 0x1003 tx timeout
[ 1113.259645][  T693] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1113.281595][T11757] loop3: detected capacity change from 0 to 512
[ 1113.301354][T11757] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1113.310602][T11757] ext4 filesystem being mounted at /523/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1113.389204][   T28] audit: type=1400 audit(2000000331.290:1209): avc:  denied  { watch } for  pid=11767 comm="syz.1.2993" path="/714/file1" dev="tmpfs" ino=3889 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1113.691641][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1113.840427][T11784] loop7: detected capacity change from 0 to 40427
[ 1113.851101][T11784] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504)
[ 1113.858133][T11784] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1113.868439][T11784] F2FS-fs (loop7): heap/no_heap options were deprecated
[ 1113.879790][T11784] F2FS-fs (loop7): invalid crc value
[ 1113.894832][T11784] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1113.906174][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1113.924349][   T28] audit: type=1400 audit(2000000331.830:1210): avc:  denied  { ioctl } for  pid=11793 comm="syz.3.3004" path="socket:[45874]" dev="sockfs" ino=45874 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1113.955999][T11796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3005'.
[ 1113.960194][T11784] F2FS-fs (loop7): Start checkpoint disabled!
[ 1113.965500][T11796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3005'.
[ 1113.972211][T11784] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1113.982267][T11796] netlink: 2 bytes leftover after parsing attributes in process `syz.3.3005'.
[ 1113.987161][T11784] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1114.090054][ T1760] kworker/u4:10: attempt to access beyond end of device
[ 1114.090054][ T1760] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1114.123992][T11811] overlayfs: workdir and upperdir must be separate subtrees
[ 1114.214365][T11821] loop7: detected capacity change from 0 to 512
[ 1114.224593][T11821] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1114.231430][T11821] EXT4-fs: Ignoring removed bh option
[ 1114.237359][T11821] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1114.244770][T11821] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1114.281758][T11821] EXT4-fs (loop7): 1 truncate cleaned up
[ 1114.288561][T11821] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1114.318134][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1114.433937][T11837] loop3: detected capacity change from 0 to 16
[ 1114.444274][T11837] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1114.453134][T11837] erofs: (device loop3): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1114.463268][T11837] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop3 ino=46
[ 1114.472530][T11837] erofs: (device loop3): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1114.482847][T11837] SELinux: inode_doinit_use_xattr:  getxattr returned 95 for dev=loop3 ino=46
[ 1114.492100][T11837] erofs: (device loop3): init_inode_xattrs: xattr_isize 12 of nid 46 is not supported yet
[ 1114.770370][  T577] kernel write not supported for file /uinput (pid: 577 comm: kworker/0:5)
[ 1115.512888][T11865] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1115.522222][T11865] FAT-fs (loop3): unable to read boot sector
[ 1115.639946][  T577] usb 4-1: new low-speed USB device number 19 using dummy_hcd
[ 1116.121000][  T577] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1116.129663][  T577] usb 4-1: config 0 has no interfaces?
[ 1116.137309][  T577] usb 4-1: string descriptor 0 read error: -22
[ 1116.143683][  T577] usb 4-1: New USB device found, idVendor=0499, idProduct=1015, bcdDevice= 9.28
[ 1116.152821][  T577] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1116.164312][  T577] usb 4-1: config 0 descriptor??
[ 1116.371723][   T24] usb 4-1: USB disconnect, device number 19
[ 1116.379502][ T1423] Bluetooth: hci0: command 0x1003 tx timeout
[ 1116.385609][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1116.906491][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1117.067376][   T28] audit: type=1400 audit(2000000334.970:1211): avc:  denied  { read } for  pid=11910 comm="syz.3.3049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1117.114049][T11908] loop7: detected capacity change from 0 to 256
[ 1117.205978][   T28] audit: type=1400 audit(2000000335.040:1212): avc:  denied  { connect } for  pid=11910 comm="syz.3.3049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1117.226804][T11908] FAT-fs (loop7): Directory bread(block 64) failed
[ 1117.234829][T11908] FAT-fs (loop7): Directory bread(block 65) failed
[ 1117.241944][T11908] FAT-fs (loop7): Directory bread(block 66) failed
[ 1117.250513][T11908] FAT-fs (loop7): Directory bread(block 67) failed
[ 1117.257360][T11908] FAT-fs (loop7): Directory bread(block 68) failed
[ 1117.264471][T11908] FAT-fs (loop7): Directory bread(block 69) failed
[ 1117.271335][T11908] FAT-fs (loop7): Directory bread(block 70) failed
[ 1117.278045][T11908] FAT-fs (loop7): Directory bread(block 71) failed
[ 1117.285324][T11908] FAT-fs (loop7): Directory bread(block 72) failed
[ 1117.292811][T11908] FAT-fs (loop7): Directory bread(block 73) failed
[ 1117.353504][T11923] loop7: detected capacity change from 0 to 512
[ 1117.360521][T11923] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1117.367157][T11923] EXT4-fs: Ignoring removed bh option
[ 1117.374026][T11923] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1117.381300][T11923] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1117.398523][T11923] EXT4-fs (loop7): 1 truncate cleaned up
[ 1117.404617][T11923] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1117.453070][  T334] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1119.499484][ T1423] Bluetooth: hci0: command 0x1003 tx timeout
[ 1119.506108][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1119.533853][T11986] input: syz0 as /devices/virtual/input/input13
[ 1119.545147][T11972] loop3: detected capacity change from 0 to 40427
[ 1119.570538][   T28] audit: type=1400 audit(2000000337.480:1213): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=1698 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1119.609069][T11972] F2FS-fs (loop3): invalid crc value
[ 1119.621874][   T28] audit: type=1400 audit(2000000337.480:1214): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1698 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1119.650755][   T28] audit: type=1400 audit(2000000337.480:1215): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1698 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1119.680141][T11972] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1119.682191][T11997] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1119.693541][T11997] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1119.742951][T11972] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1119.806017][  T282] syz-executor: attempt to access beyond end of device
[ 1119.806017][  T282] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1119.887256][   T28] audit: type=1326 audit(2000000337.790:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12008 comm="syz.2.3082" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f215dd8eb69 code=0x0
[ 1120.135776][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1120.255801][  T577] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1121.549790][  T577] usb 4-1: Using ep0 maxpacket: 32
[ 1121.557603][  T577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1121.592501][  T577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1121.623337][  T577] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1121.659066][  T577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1121.693885][  T577] usb 4-1: config 0 descriptor??
[ 1121.706073][  T577] hub 4-1:0.0: USB hub found
[ 1121.904130][   T28] audit: type=1400 audit(2000000339.810:1217): avc:  denied  { unmount } for  pid=12050 comm="syz.7.3095" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1121.928107][  T577] hub 4-1:0.0: config failed, can't read hub descriptor (err -90)
[ 1121.966028][T12057] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1122.003243][T12063] device sit0 entered promiscuous mode
[ 1122.030272][T12063] netlink: 'syz.1.3101': attribute type 1 has an invalid length.
[ 1122.038045][T12063] netlink: 9 bytes leftover after parsing attributes in process `syz.1.3101'.
[ 1122.149947][  T577] usbhid 4-1:0.0: can't add hid device: -71
[ 1122.155963][  T577] usbhid: probe of 4-1:0.0 failed with error -71
[ 1122.202911][T12085] loop7: detected capacity change from 0 to 1024
[ 1122.211302][  T577] usb 4-1: USB disconnect, device number 20
[ 1122.211580][T12085] EXT4-fs: Ignoring removed i_version option
[ 1122.225262][T12085] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1122.901146][T12085] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1123.109489][   T28] audit: type=1400 audit(2000000340.980:1218): avc:  denied  { write } for  pid=12084 comm="syz.7.3111" name="bus" dev="loop7" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1123.133111][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1123.158591][   T28] audit: type=1400 audit(2000000340.980:1219): avc:  denied  { add_name } for  pid=12084 comm="syz.7.3111" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1123.185063][   T28] audit: type=1400 audit(2000000340.980:1220): avc:  denied  { setattr } for  pid=12084 comm="syz.7.3111" name="work" dev="loop7" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1123.245124][   T28] audit: type=1400 audit(2000000340.980:1221): avc:  denied  { remove_name } for  pid=12084 comm="syz.7.3111" name="#49" dev="loop7" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1123.402732][   T28] audit: type=1400 audit(2000000340.980:1222): avc:  denied  { rename } for  pid=12084 comm="syz.7.3111" name="#49" dev="loop7" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 1124.230456][T12177] device batadv_slave_0 entered promiscuous mode
[ 1124.271056][T12176] device batadv_slave_0 left promiscuous mode
[ 1125.099639][   T28] kauditd_printk_skb: 5 callbacks suppressed
[ 1125.099659][   T28] audit: type=1400 audit(2000000343.000:1228): avc:  denied  { write } for  pid=12194 comm="syz.0.3154" path="/559/file0/file0" dev="incremental-fs" ino=3098 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1125.299495][   T24] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1125.464492][ T1760] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1125.581552][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1125.651942][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1125.693362][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1125.746795][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1125.774462][   T24] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1125.784640][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1125.804708][   T24] usb 4-1: config 0 descriptor??
[ 1126.263235][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.272199][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.279770][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.287106][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.294567][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.301910][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.309169][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.316468][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.323774][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.331109][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.338382][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.345751][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.353050][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.360395][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.367726][   T24] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1126.379191][   T24] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0005/input/input14
[ 1126.392654][   T24] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1126.474465][   T24] usb 4-1: USB disconnect, device number 21
[ 1127.259502][  T577] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1127.646239][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1127.654645][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1127.700676][  T577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1127.712112][  T577] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1127.722028][  T577] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1127.735076][  T577] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1127.744255][  T577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1127.753125][  T577] usb 4-1: config 0 descriptor??
[ 1127.771685][   T28] audit: type=1400 audit(2000000345.680:1229): avc:  denied  { write } for  pid=12306 comm="syz.1.3199" path="socket:[47535]" dev="sockfs" ino=47535 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1127.819717][ T5898] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1128.000600][ T5898] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1128.010513][ T5898] usb 8-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 1128.019620][ T5898] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1128.028554][ T5898] usb 8-1: config 0 descriptor??
[ 1128.161462][  T577] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd
[ 1128.171506][  T577] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[ 1128.181944][  T577] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1128.276857][T12330] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3211'.
[ 1128.411026][ T1760] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1128.432731][ T4966] usb 4-1: USB disconnect, device number 22
[ 1128.441427][ T5898] lg-g15 0003:046D:C222.0007: collection stack underflow
[ 1128.449027][ T5898] lg-g15 0003:046D:C222.0007: item 0 4 0 12 parsing failed
[ 1128.456851][ T5898] lg-g15: probe of 0003:046D:C222.0007 failed with error -22
[ 1128.645831][ T5898] usb 8-1: USB disconnect, device number 6
[ 1129.359510][ T5898] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1129.479534][ T8795] usb 8-1: new low-speed USB device number 7 using dummy_hcd
[ 1129.542100][ T5898] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[ 1129.551250][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.559324][ T5898] usb 4-1: Product: syz
[ 1129.563536][ T5898] usb 4-1: Manufacturer: syz
[ 1129.568144][ T5898] usb 4-1: SerialNumber: syz
[ 1129.573674][ T5898] usb 4-1: config 0 descriptor??
[ 1129.579748][ T5898] usb 4-1: Waiting for MOTU Microbook II to boot up...
[ 1129.586664][ T5898] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[ 1129.594821][ T5898] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[ 1129.670927][ T8795] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1129.679674][ T8795] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1129.694734][ T8795] usb 8-1: string descriptor 0 read error: -22
[ 1129.701032][ T8795] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1129.710178][ T8795] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.725490][ T8795] cdc_ether: probe of 8-1:1.0 failed with error -22
[ 1129.781586][ T5898] usb 4-1: USB disconnect, device number 23
[ 1129.927681][ T8795] usb 8-1: USB disconnect, device number 7
[ 1130.314400][T12417] loop3: detected capacity change from 0 to 256
[ 1130.332116][T12417] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[ 1130.366612][   T28] audit: type=1400 audit(2000000348.270:1230): avc:  denied  { rename } for  pid=12416 comm="syz.3.3246" name="control" dev="loop3" ino=1048742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1130.459524][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1130.465667][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1130.520554][T12425] loop3: detected capacity change from 0 to 512
[ 1130.535551][T12425] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1130.547067][T12425] EXT4-fs: Ignoring removed bh option
[ 1130.553599][T12425] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1130.560698][T12425] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1130.586938][T12425] EXT4-fs (loop3): 1 truncate cleaned up
[ 1130.594927][T12425] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1130.833702][T12454] loop7: detected capacity change from 0 to 1024
[ 1130.852276][T12454] EXT4-fs: Ignoring removed orlov option
[ 1130.867492][T12454] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1130.895262][T12454] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1131.077380][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1131.163950][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1131.243949][T12517] loop7: detected capacity change from 0 to 512
[ 1131.250927][T12517] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1131.257394][T12517] EXT4-fs: Ignoring removed bh option
[ 1131.264541][T12517] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1131.271510][T12517] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1131.615147][T12517] EXT4-fs (loop7): 1 truncate cleaned up
[ 1131.621094][T12517] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1131.699684][  T372] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1131.712866][T12531] loop3: detected capacity change from 0 to 1024
[ 1131.727965][T12531] EXT4-fs: Ignoring removed orlov option
[ 1131.735831][T12531] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1131.747068][T12531] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1131.800004][T12531] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[ 1132.068339][T12537] EXT4-fs (loop3): re-mounted. Quota mode: writeback.
[ 1132.102695][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1133.028958][T12573] netem: change failed
[ 1133.037159][T12572] netlink: 'syz.1.3302': attribute type 1 has an invalid length.
[ 1133.516946][   T28] audit: type=1400 audit(1133.489:1231): avc:  denied  { bind } for  pid=12593 comm="syz.0.3314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1133.723250][T12609] loop3: detected capacity change from 0 to 512
[ 1133.739481][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1133.745577][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1133.863393][T12609] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1133.891458][   T28] audit: type=1400 audit(1133.869:1232): avc:  denied  { mount } for  pid=12614 comm="syz.2.3321" name="/" dev="ramfs" ino=48742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1134.266088][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1134.325057][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1134.399366][T12650] overlayfs: failed to clone upperpath
[ 1134.878612][T12694] loop7: detected capacity change from 0 to 512
[ 1135.018531][T12694] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1135.659769][   T28] audit: type=1400 audit(1135.639:1233): avc:  denied  { mount } for  pid=12698 comm="+}[@" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1135.814907][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1136.472301][T12741] loop3: detected capacity change from 0 to 512
[ 1136.776463][T12741] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1136.946263][T12756] loop7: detected capacity change from 0 to 512
[ 1137.239828][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1137.449524][T12756] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1137.907047][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1137.949569][ T8795] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1137.957261][   T28] audit: type=1400 audit(1137.929:1234): avc:  denied  { setopt } for  pid=12789 comm="syz.0.3392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1138.025643][T12801] 9pnet_fd: Insufficient options for proto=fd
[ 1138.113387][   T28] audit: type=1400 audit(1138.089:1235): avc:  denied  { setattr } for  pid=12816 comm="syz.7.3404" name="file0" dev="tmpfs" ino=783 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1138.182099][ T8795] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[ 1138.199541][ T8795] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1138.214365][ T8795] usb 4-1: Product: syz
[ 1138.225992][ T8795] usb 4-1: Manufacturer: syz
[ 1138.233377][ T8795] usb 4-1: SerialNumber: syz
[ 1138.248211][ T8795] usb 4-1: config 0 descriptor??
[ 1138.261974][ T8795] usb 4-1: Waiting for MOTU Microbook II to boot up...
[ 1138.344626][ T8795] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[ 1138.353368][ T8795] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[ 1138.517638][ T8795] usb 4-1: USB disconnect, device number 24
[ 1138.699661][   T28] audit: type=1400 audit(1138.629:1236): avc:  denied  { create } for  pid=12843 comm="syz.0.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1139.568491][T12856] loop7: detected capacity change from 0 to 128
[ 1139.704562][T12856] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1139.746661][T12866] loop3: detected capacity change from 0 to 512
[ 1139.756224][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1139.763290][   T28] audit: type=1400 audit(1139.739:1237): avc:  denied  { mount } for  pid=12867 comm="syz.2.3426" name="/" dev="pstore" ino=14041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[ 1139.772202][T12866] EXT4-fs: Ignoring removed oldalloc option
[ 1139.799762][T12866] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1139.830338][T12866] EXT4-fs (loop3): 1 truncate cleaned up
[ 1139.850403][T12866] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1140.040199][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1140.340903][T12894] loop7: detected capacity change from 0 to 512
[ 1140.511264][T12894] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1141.066082][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1141.245351][T12921] loop3: detected capacity change from 0 to 512
[ 1141.295199][T12921] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1141.303700][T12921] EXT4-fs: Ignoring removed bh option
[ 1141.315558][T12921] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1141.332409][T12921] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1141.345359][T12921] EXT4-fs (loop3): 1 truncate cleaned up
[ 1141.351559][T12921] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1141.596432][  T372] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1141.659561][   T28] audit: type=1400 audit(1141.629:1238): avc:  denied  { write } for  pid=12955 comm="syz.7.3461" path="socket:[49317]" dev="sockfs" ino=49317 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1141.788013][T12968] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3463'.
[ 1141.804414][T12968] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3463'.
[ 1141.813767][T12968] netlink: 'syz.2.3463': attribute type 6 has an invalid length.
[ 1141.822450][T12968] netlink: 'syz.2.3463': attribute type 5 has an invalid length.
[ 1141.830566][T12968] netlink: 43 bytes leftover after parsing attributes in process `syz.2.3463'.
[ 1142.021001][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1142.087866][   T28] audit: type=1400 audit(1142.059:1239): avc:  denied  { shutdown } for  pid=13007 comm="syz.3.3484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1142.114915][T13010] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3485'.
[ 1142.172392][T13014] loop3: detected capacity change from 0 to 512
[ 1142.183712][T13014] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1142.194550][ T5898] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1142.203190][T13014] EXT4-fs: Ignoring removed bh option
[ 1142.209354][T13014] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1142.216620][T13014] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1142.230378][T13014] EXT4-fs (loop3): 1 truncate cleaned up
[ 1142.236138][T13014] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1142.273218][ T1760] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1142.339383][   T28] audit: type=1400 audit(1142.309:1240): avc:  denied  { connect } for  pid=13035 comm="syz.1.3496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1142.367184][T13039] syz.1.3497[13039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1142.367246][T13039] syz.1.3497[13039] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1142.379980][ T5898] usb 8-1: Using ep0 maxpacket: 16
[ 1142.401880][ T5898] usb 8-1: config 4 has an invalid interface number: 51 but max is 0
[ 1142.410058][ T5898] usb 8-1: config 4 has no interface number 0
[ 1142.416172][ T5898] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[ 1142.430546][ T5898] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1142.440785][ T5898] usb 8-1: config 4 interface 51 has no altsetting 0
[ 1142.451931][ T5898] usb 8-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[ 1142.465207][ T5898] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1142.473630][ T5898] usb 8-1: Product: syz
[ 1142.477962][ T5898] usb 8-1: Manufacturer: syz
[ 1142.482832][ T5898] usb 8-1: SerialNumber: syz
[ 1142.491861][T12991] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1142.499073][T12991] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1142.620959][T13059] raw_sendmsg: syz.1.3506 forgot to set AF_INET. Fix it!
[ 1142.711871][T12991] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1142.721542][T12991] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1142.732391][ T5898] cdc_eem 8-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.7-1, CDC EEM Device, 4a:fa:3b:d6:b4:08
[ 1142.753503][   T28] audit: type=1400 audit(1142.729:1241): avc:  denied  { read } for  pid=141 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[ 1142.783442][   T28] audit: type=1400 audit(1142.729:1242): avc:  denied  { search } for  pid=141 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1142.808358][   T28] audit: type=1400 audit(1142.729:1243): avc:  denied  { read } for  pid=141 comm="dhcpcd" name="n15" dev="tmpfs" ino=12714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1142.832522][   T28] audit: type=1400 audit(1142.729:1244): avc:  denied  { open } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=12714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1142.856400][   T28] audit: type=1400 audit(1142.729:1245): avc:  denied  { getattr } for  pid=141 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=12714 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1142.883511][   T28] audit: type=1400 audit(1142.809:1246): avc:  denied  { read } for  pid=13080 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1142.906539][   T28] audit: type=1400 audit(1142.809:1247): avc:  denied  { open } for  pid=13080 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1142.950532][ T8795] usb 8-1: USB disconnect, device number 8
[ 1142.967216][ T8795] cdc_eem 8-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.7-1, CDC EEM Device
[ 1143.659477][ T7047] Bluetooth: hci0: command 0x1003 tx timeout
[ 1143.665655][   T45] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1144.299459][   T45] Bluetooth: hci1: command 0x1003 tx timeout
[ 1144.305631][  T693] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1144.737765][T13494] loop7: detected capacity change from 0 to 128
[ 1144.748425][T13494] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1144.755256][T13494] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1144.840713][T13494] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1144.941514][T13494] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1145.543615][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1145.696677][T13505] binder: 13502:13505 ioctl c0306201 200000000040 returned -14
[ 1145.741047][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1145.801408][T13516] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1145.817889][T13516] FAT-fs (loop7): unable to read boot sector
[ 1145.918448][T13543] loop7: detected capacity change from 0 to 512
[ 1145.925621][T13543] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[ 1145.936718][T13543] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3590'.
[ 1146.156273][T13544] loop3: detected capacity change from 0 to 128
[ 1146.181287][T13544] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1146.203558][T13544] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1146.245780][T13544] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1146.313401][T13544] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1146.472589][T13596] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3613'.
[ 1146.628785][T13606] loop7: detected capacity change from 0 to 2048
[ 1146.691525][T13606] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1146.726190][T13606] fs-verity: sha512 using implementation "sha512-avx2"
[ 1146.815136][   T28] kauditd_printk_skb: 10 callbacks suppressed
[ 1146.815155][   T28] audit: type=1400 audit(1146.789:1258): avc:  denied  { mount } for  pid=13611 comm="syz.0.3619" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1146.879952][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1146.918298][   T28] audit: type=1400 audit(1146.839:1259): avc:  denied  { unmount } for  pid=13611 comm="syz.0.3619" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1147.289111][T13631] loop7: detected capacity change from 0 to 512
[ 1147.497594][T13631] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1148.204379][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1148.397817][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1148.517413][T13656] loop7: detected capacity change from 0 to 1024
[ 1148.717791][T13656] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1148.775377][T13656] EXT4-fs (loop7): unmounting filesystem.
[ 1149.312566][T13677] loop7: detected capacity change from 0 to 256
[ 1149.361892][   T28] audit: type=1400 audit(1149.339:1260): avc:  denied  { getopt } for  pid=13682 comm="syz.3.3644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1149.389717][T13685] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[ 1149.406426][T13685] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1149.439907][ T5898] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1149.511606][T13691] loop3: detected capacity change from 0 to 128
[ 1149.588091][T13693] loop7: detected capacity change from 0 to 512
[ 1149.608408][T13693] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1149.616426][T13693] EXT4-fs: Ignoring removed bh option
[ 1149.659898][T13693] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1149.675422][T13693] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1149.695886][T13693] EXT4-fs (loop7): 1 truncate cleaned up
[ 1149.702097][T13693] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1149.785225][T13413] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1149.889792][ T5898] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1149.995197][T13711] loop3: detected capacity change from 0 to 512
[ 1150.182443][T13711] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1150.821398][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1150.871060][T13735] loop3: detected capacity change from 0 to 512
[ 1150.902870][T13735] EXT4-fs: Ignoring removed oldalloc option
[ 1150.917198][T13735] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1150.928847][T13735] EXT4-fs (loop3): 1 truncate cleaned up
[ 1150.936011][T13735] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1150.977089][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1151.006113][   T28] audit: type=1400 audit(1150.979:1261): avc:  denied  { module_load } for  pid=13738 comm="syz.3.3664" path="/sys/kernel/notes" dev="sysfs" ino=1143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 1151.072642][T13745] loop3: detected capacity change from 0 to 256
[ 1151.529509][ T5898] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1151.640313][T13822] 9pnet_fd: Insufficient options for proto=fd
[ 1151.732125][ T5898] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[ 1151.741698][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1151.750232][ T5898] usb 4-1: Product: syz
[ 1151.754494][ T5898] usb 4-1: Manufacturer: syz
[ 1151.759101][ T5898] usb 4-1: SerialNumber: syz
[ 1151.769148][ T5898] usb 4-1: config 0 descriptor??
[ 1151.776948][ T5898] usb 4-1: Waiting for MOTU Microbook II to boot up...
[ 1151.784091][ T5898] usb 4-1: failed setting the sample rate for Motu MicroBook II: -22
[ 1151.792691][ T5898] snd-usb-audio: probe of 4-1:0.0 failed with error -22
[ 1151.820054][   T45] Bluetooth: hci0: command 0x1003 tx timeout
[ 1151.824454][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1151.978278][ T4966] usb 4-1: USB disconnect, device number 25
[ 1152.081756][T13832] serio: Serial port ttyS3
[ 1152.175240][T13413] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1152.220646][T13843] tmpfs: Unknown parameter 'roo'
[ 1152.345225][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1152.601957][T13879] loop7: detected capacity change from 0 to 128
[ 1152.616337][T13879] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1152.623287][T13879] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1152.690484][T13879] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1152.827831][T13879] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1153.707268][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1153.768106][T13892] loop3: detected capacity change from 0 to 512
[ 1153.779032][T13893] loop7: detected capacity change from 0 to 512
[ 1153.796708][T13892] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1153.809470][T13893] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1153.816545][T13892] EXT4-fs: Ignoring removed bh option
[ 1153.824548][T13898] tipc: Started in network mode
[ 1153.827163][T13893] EXT4-fs: Ignoring removed bh option
[ 1153.829987][T13898] tipc: Node identity 7365725f69643d3, cluster identity 4711
[ 1153.842843][T13892] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1153.850143][T13898] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1153.850588][T13892] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1153.858580][T13893] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1153.872304][T13892] EXT4-fs (loop3): 1 truncate cleaned up
[ 1153.881526][T13892] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1153.890449][T13893] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1153.918503][T13413] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1153.934521][T13893] EXT4-fs (loop7): 1 truncate cleaned up
[ 1153.950714][T13893] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1154.007374][T13413] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1154.219844][  T693] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1156.003978][  T693] Bluetooth: hci1: command 0x1003 tx timeout
[ 1156.010130][   T45] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1156.059456][ T1003] Bluetooth: hci2: command 0x1003 tx timeout
[ 1156.065592][ T1423] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1156.709718][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1156.729942][ T9855] EXT4-fs (loop7): unmounting filesystem.
[ 1156.843453][   T28] audit: type=1400 audit(1156.819:1262): avc:  denied  { module_load } for  pid=13935 comm="syz.2.3752" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=564 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[ 1156.950694][T13950] syz.2.3757[13950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1156.950792][T13950] syz.2.3757[13950] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1156.964928][T13950] x_tables: duplicate underflow at hook 4
[ 1157.074837][T13956] overlayfs: failed to clone upperpath
[ 1157.170550][T13967] syz.2.3765[13967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.170649][T13967] syz.2.3765[13967] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.262594][T13980] loop3: detected capacity change from 0 to 256
[ 1157.379054][T13413] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1158.529106][T14005] loop3: detected capacity change from 0 to 512
[ 1158.659780][T14005] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1158.692794][T14010] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3778'.
[ 1159.421020][ T1003] Bluetooth: hci0: command 0x1003 tx timeout
[ 1159.427175][ T1423] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1159.436033][T13986] Bluetooth: hci0: Opcode 0x080f failed: -22
[ 1159.499860][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1159.526814][T14045] loop3: detected capacity change from 0 to 256
[ 1159.544734][T14045] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3794'.
[ 1159.562404][T14049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3796'.
[ 1159.760646][T14049] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[ 1159.965490][T14045] loop3: detected capacity change from 0 to 2048
[ 1160.284577][T14045] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1160.329758][T14045] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3794'.
[ 1161.099921][  T282] EXT4-fs (loop3): unmounting filesystem.
[ 1161.373713][   T28] audit: type=1326 audit(1161.349:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14084 comm="syz.1.3807" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd5a298eb69 code=0x0
[ 1161.499430][    C1] ==================================================================
[ 1161.507655][    C1] BUG: KASAN: use-after-free in __run_timers+0x32b/0x9a0
[ 1161.514725][    C1] Write of size 8 at addr ffff888113ae0a00 by task swapper/1/0
[ 1161.522288][    C1] 
[ 1161.524639][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.1.145-syzkaller-00027-g42472e1a4913 #0
[ 1161.534116][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1161.544217][    C1] Call Trace:
[ 1161.547522][    C1]  <IRQ>
[ 1161.550396][    C1]  __dump_stack+0x21/0x24
[ 1161.554769][    C1]  dump_stack_lvl+0xee/0x150
[ 1161.559404][    C1]  ? __cfi_dump_stack_lvl+0x8/0x8
[ 1161.564464][    C1]  ? profile_hits+0x8e5/0xbe0
[ 1161.569177][    C1]  ? __run_timers+0x32b/0x9a0
[ 1161.573969][    C1]  print_address_description+0x71/0x210
[ 1161.579557][    C1]  print_report+0x4a/0x60
[ 1161.583911][    C1]  kasan_report+0x122/0x150
[ 1161.588440][    C1]  ? __run_timers+0x32b/0x9a0
[ 1161.593151][    C1]  __asan_report_store8_noabort+0x17/0x20
[ 1161.598887][    C1]  __run_timers+0x32b/0x9a0
[ 1161.603400][    C1]  ? sched_clock+0x9/0x10
[ 1161.607749][    C1]  ? sched_clock_cpu+0x6e/0x250
[ 1161.612631][    C1]  ? calc_index+0x200/0x200
[ 1161.617156][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1161.622369][    C1]  run_timer_softirq+0x6a/0xf0
[ 1161.627138][    C1]  handle_softirqs+0x1d7/0x600
[ 1161.631916][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1161.637132][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1161.641634][    C1]  irq_exit_rcu+0x9/0x10
[ 1161.645896][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1161.651534][    C1]  </IRQ>
[ 1161.654466][    C1]  <TASK>
[ 1161.657410][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1161.663404][    C1] RIP: 0010:default_idle+0xf/0x20
[ 1161.668453][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 33 f9 55 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[ 1161.688056][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[ 1161.694124][    C1] RAX: ffff8881f7100000 RBX: ffff8881003b6540 RCX: 2443d01a60270800
[ 1161.702188][    C1] RDX: 0000000000000001 RSI: ffffffff85aa0000 RDI: ffffffff85a9ffc0
[ 1161.710156][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[ 1161.718130][    C1] R10: 0000000000000000 R11: ffffffff84f03a40 R12: 0000000000000000
[ 1161.726108][    C1] R13: 0000000000000000 R14: ffff8881003b6540 R15: dffffc0000000000
[ 1161.734080][    C1]  ? __cfi_default_idle+0x10/0x10
[ 1161.739134][    C1]  arch_cpu_idle+0x1c/0x20
[ 1161.743551][    C1]  default_idle_call+0x71/0x1d0
[ 1161.748406][    C1]  do_idle+0x1a7/0x520
[ 1161.752472][    C1]  ? idle_inject_timer_fn+0x60/0x60
[ 1161.757686][    C1]  ? schedule_idle+0x5b/0x90
[ 1161.762280][    C1]  cpu_startup_entry+0x43/0x60
[ 1161.767052][    C1]  start_secondary+0x119/0x120
[ 1161.771829][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[ 1161.777722][    C1]  </TASK>
[ 1161.780735][    C1] 
[ 1161.783049][    C1] Allocated by task 13986:
[ 1161.787471][    C1]  kasan_set_track+0x4b/0x70
[ 1161.792059][    C1]  kasan_save_alloc_info+0x25/0x30
[ 1161.797173][    C1]  __kasan_kmalloc+0x95/0xb0
[ 1161.801758][    C1]  __kmalloc+0xb1/0x1e0
[ 1161.805912][    C1]  hci_alloc_dev_priv+0x27/0x1bd0
[ 1161.811017][    C1]  hci_uart_tty_ioctl+0x3d6/0xa20
[ 1161.816053][    C1]  tty_ioctl+0x8ef/0xc60
[ 1161.820290][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1161.824971][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1161.829560][    C1]  x64_sys_call+0x58b/0x9a0
[ 1161.834061][    C1]  do_syscall_64+0x4c/0xa0
[ 1161.838469][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1161.844364][    C1] 
[ 1161.846680][    C1] Freed by task 13986:
[ 1161.850750][    C1]  kasan_set_track+0x4b/0x70
[ 1161.855347][    C1]  kasan_save_free_info+0x31/0x50
[ 1161.860370][    C1]  ____kasan_slab_free+0x132/0x180
[ 1161.865480][    C1]  __kasan_slab_free+0x11/0x20
[ 1161.870258][    C1]  slab_free_freelist_hook+0xc2/0x190
[ 1161.875644][    C1]  __kmem_cache_free+0xb7/0x1b0
[ 1161.880490][    C1]  kfree+0x6f/0xf0
[ 1161.884230][    C1]  hci_release_dev+0x12a3/0x13b0
[ 1161.889171][    C1]  bt_host_release+0x82/0x90
[ 1161.893759][    C1]  device_release+0xa4/0x1d0
[ 1161.898343][    C1]  kobject_put+0x19d/0x280
[ 1161.902756][    C1]  put_device+0x1f/0x30
[ 1161.906910][    C1]  hci_dev_cmd+0x265/0x720
[ 1161.911325][    C1]  hci_sock_ioctl+0x41e/0x7f0
[ 1161.916009][    C1]  sock_do_ioctl+0x101/0x310
[ 1161.920612][    C1]  sock_ioctl+0x4d8/0x6e0
[ 1161.924963][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1161.929648][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1161.934238][    C1]  x64_sys_call+0x58b/0x9a0
[ 1161.938744][    C1]  do_syscall_64+0x4c/0xa0
[ 1161.943153][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1161.949045][    C1] 
[ 1161.951363][    C1] Last potentially related work creation:
[ 1161.957065][    C1]  kasan_save_stack+0x3a/0x60
[ 1161.961748][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[ 1161.967120][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1161.972940][    C1]  insert_work+0x51/0x300
[ 1161.977278][    C1]  __queue_work+0x9b1/0xd30
[ 1161.981779][    C1]  queue_work_on+0xd2/0x140
[ 1161.986295][    C1]  __hci_cmd_sync_sk+0xa3e/0xcf0
[ 1161.991234][    C1]  hci_cmd_sync_status+0x53/0x120
[ 1161.996275][    C1]  hci_dev_cmd+0x628/0x720
[ 1162.000705][    C1]  hci_sock_ioctl+0x41e/0x7f0
[ 1162.005388][    C1]  sock_do_ioctl+0x101/0x310
[ 1162.010013][    C1]  sock_ioctl+0x4d8/0x6e0
[ 1162.014338][    C1]  __se_sys_ioctl+0x12f/0x1b0
[ 1162.019014][    C1]  __x64_sys_ioctl+0x7b/0x90
[ 1162.023606][    C1]  x64_sys_call+0x58b/0x9a0
[ 1162.028107][    C1]  do_syscall_64+0x4c/0xa0
[ 1162.032515][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1162.038406][    C1] 
[ 1162.040723][    C1] Second to last potentially related work creation:
[ 1162.047300][    C1]  kasan_save_stack+0x3a/0x60
[ 1162.051972][    C1]  __kasan_record_aux_stack+0xb6/0xc0
[ 1162.057342][    C1]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1162.063150][    C1]  insert_work+0x51/0x300
[ 1162.067497][    C1]  __queue_work+0x9b1/0xd30
[ 1162.072018][    C1]  queue_work_on+0xd2/0x140
[ 1162.076521][    C1]  hci_cmd_timeout+0x191/0x200
[ 1162.081278][    C1]  process_one_work+0x71f/0xc40
[ 1162.086124][    C1]  worker_thread+0xa29/0x11f0
[ 1162.090804][    C1]  kthread+0x281/0x320
[ 1162.094917][    C1]  ret_from_fork+0x1f/0x30
[ 1162.099356][    C1] 
[ 1162.101689][    C1] The buggy address belongs to the object at ffff888113ae0000
[ 1162.101689][    C1]  which belongs to the cache kmalloc-8k of size 8192
[ 1162.115837][    C1] The buggy address is located 2560 bytes inside of
[ 1162.115837][    C1]  8192-byte region [ffff888113ae0000, ffff888113ae2000)
[ 1162.129321][    C1] 
[ 1162.131654][    C1] The buggy address belongs to the physical page:
[ 1162.138080][    C1] page:ffffea00044eb800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113ae0
[ 1162.148350][    C1] head:ffffea00044eb800 order:3 compound_mapcount:0 compound_pincount:0
[ 1162.156703][    C1] flags: 0x4000000000010200(slab|head|zone=1)
[ 1162.162897][    C1] raw: 4000000000010200 ffffea0004800c00 dead000000000004 ffff888100043500
[ 1162.171513][    C1] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 1162.180104][    C1] page dumped because: kasan: bad access detected
[ 1162.186538][    C1] page_owner tracks the page as allocated
[ 1162.192258][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 7354, tgid 7353 (syz.3.1481), ts 887988133646, free_ts 887949287026
[ 1162.215117][    C1]  post_alloc_hook+0x1f5/0x210
[ 1162.219913][    C1]  prep_new_page+0x1c/0x110
[ 1162.224421][    C1]  get_page_from_freelist+0x2c7b/0x2cf0
[ 1162.229977][    C1]  __alloc_pages+0x1c3/0x450
[ 1162.234564][    C1]  alloc_slab_page+0x6e/0xf0
[ 1162.239163][    C1]  new_slab+0x98/0x3d0
[ 1162.243260][    C1]  ___slab_alloc+0x6f6/0xb50
[ 1162.247850][    C1]  __slab_alloc+0x5e/0xa0
[ 1162.252204][    C1]  __kmem_cache_alloc_node+0x203/0x2c0
[ 1162.257677][    C1]  kmalloc_trace+0x29/0xb0
[ 1162.262138][    C1]  cryptomgr_notify+0x83/0x8e0
[ 1162.266927][    C1]  blocking_notifier_call_chain+0xcb/0x150
[ 1162.272768][    C1]  crypto_alg_mod_lookup+0x3a9/0x5c0
[ 1162.278358][    C1]  crypto_has_alg+0x27/0x130
[ 1162.282955][    C1]  xfrm_aalg_get_byid+0x209/0x290
[ 1162.287986][    C1]  pfkey_add+0xda5/0x2ca0
[ 1162.292322][    C1] page last free stack trace:
[ 1162.297004][    C1]  free_unref_page_prepare+0x742/0x750
[ 1162.302461][    C1]  free_unref_page+0x8f/0x530
[ 1162.307143][    C1]  __free_pages+0x67/0x100
[ 1162.311559][    C1]  __free_slab+0xca/0x1a0
[ 1162.315890][    C1]  __unfreeze_partials+0x160/0x190
[ 1162.320998][    C1]  put_cpu_partial+0xa9/0x100
[ 1162.325673][    C1]  __slab_free+0x1c4/0x280
[ 1162.330110][    C1]  ___cache_free+0xbf/0xd0
[ 1162.334522][    C1]  qlist_free_all+0xc6/0x140
[ 1162.339111][    C1]  kasan_quarantine_reduce+0x14a/0x170
[ 1162.344578][    C1]  __kasan_slab_alloc+0x24/0x80
[ 1162.349431][    C1]  slab_post_alloc_hook+0x4f/0x2d0
[ 1162.354570][    C1]  kmem_cache_alloc+0x16e/0x330
[ 1162.359444][    C1]  jbd2__journal_start+0x13d/0x6e0
[ 1162.364569][    C1]  __ext4_journal_start_sb+0x242/0x4a0
[ 1162.370035][    C1]  ext4_dirty_inode+0x8f/0x100
[ 1162.374801][    C1] 
[ 1162.377126][    C1] Memory state around the buggy address:
[ 1162.382748][    C1]  ffff888113ae0900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.390828][    C1]  ffff888113ae0980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.398886][    C1] >ffff888113ae0a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.406937][    C1]                    ^
[ 1162.411030][    C1]  ffff888113ae0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.419081][    C1]  ffff888113ae0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1162.427133][    C1] ==================================================================
[ 1162.435376][    C1] Disabling lock debugging due to kernel taint
[ 1162.441572][    C1] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 1162.453279][    C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 1162.461721][    C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G    B              6.1.145-syzkaller-00027-g42472e1a4913 #0
[ 1162.472650][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1162.482702][    C1] RIP: 0010:__queue_work+0x575/0xd30
[ 1162.487997][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 98 d4 28 00 4c 89 ff e8 d0 39 a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 31 6d 00 49 8b 7d 00 e8 b3 35
[ 1162.507600][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 1162.513670][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881003b6540
[ 1162.521640][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 1162.529607][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[ 1162.537575][    C1] R10: ffffed102275c139 R11: 1ffff1102275c139 R12: dffffc0000000000
[ 1162.545553][    C1] R13: 0000000000000000 R14: ffff888113ae09c8 R15: 0000000000000008
[ 1162.553536][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1162.562552][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1162.569155][    C1] CR2: 00007fd5a27fef98 CR3: 0000000137dbe000 CR4: 00000000003506a0
[ 1162.577141][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1162.585105][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1162.593123][    C1] Call Trace:
[ 1162.596397][    C1]  <IRQ>
[ 1162.599259][    C1]  delayed_work_timer_fn+0x61/0x80
[ 1162.604395][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 1162.610212][    C1]  call_timer_fn+0x46/0x2a0
[ 1162.614751][    C1]  ? __cfi_delayed_work_timer_fn+0x10/0x10
[ 1162.620568][    C1]  __run_timers+0x667/0x9a0
[ 1162.625111][    C1]  ? calc_index+0x200/0x200
[ 1162.629616][    C1]  ? kvm_sched_clock_read+0x18/0x40
[ 1162.634823][    C1]  run_timer_softirq+0x6a/0xf0
[ 1162.639587][    C1]  handle_softirqs+0x1d7/0x600
[ 1162.644351][    C1]  ? irqtime_account_irq+0xc4/0x240
[ 1162.649563][    C1]  __irq_exit_rcu+0x52/0xf0
[ 1162.654095][    C1]  irq_exit_rcu+0x9/0x10
[ 1162.658334][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 1162.663966][    C1]  </IRQ>
[ 1162.666896][    C1]  <TASK>
[ 1162.669843][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 1162.675823][    C1] RIP: 0010:default_idle+0xf/0x20
[ 1162.680850][    C1] Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 33 f9 55 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
[ 1162.700455][    C1] RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
[ 1162.706525][    C1] RAX: ffff8881f7100000 RBX: ffff8881003b6540 RCX: 2443d01a60270800
[ 1162.714495][    C1] RDX: 0000000000000001 RSI: ffffffff85aa0000 RDI: ffffffff85a9ffc0
[ 1162.722485][    C1] RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
[ 1162.730459][    C1] R10: 0000000000000000 R11: ffffffff84f03a40 R12: 0000000000000000
[ 1162.738429][    C1] R13: 0000000000000000 R14: ffff8881003b6540 R15: dffffc0000000000
[ 1162.746400][    C1]  ? __cfi_default_idle+0x10/0x10
[ 1162.751438][    C1]  arch_cpu_idle+0x1c/0x20
[ 1162.755852][    C1]  default_idle_call+0x71/0x1d0
[ 1162.760705][    C1]  do_idle+0x1a7/0x520
[ 1162.764771][    C1]  ? idle_inject_timer_fn+0x60/0x60
[ 1162.769966][    C1]  ? schedule_idle+0x5b/0x90
[ 1162.774568][    C1]  cpu_startup_entry+0x43/0x60
[ 1162.779325][    C1]  start_secondary+0x119/0x120
[ 1162.784086][    C1]  secondary_startup_64_no_verify+0xce/0xdb
[ 1162.789979][    C1]  </TASK>
[ 1162.792997][    C1] Modules linked in:
[ 1162.796896][    C1] ---[ end trace 0000000000000000 ]---
[ 1162.802428][    C1] RIP: 0010:__queue_work+0x575/0xd30
[ 1162.807719][    C1] Code: 39 2b 0f 84 b9 00 00 00 e8 98 d4 28 00 4c 89 ff e8 d0 39 a9 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 5c 31 6d 00 49 8b 7d 00 e8 b3 35
[ 1162.827331][    C1] RSP: 0018:ffffc900001b0c70 EFLAGS: 00010046
[ 1162.833394][    C1] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff8881003b6540
[ 1162.841363][    C1] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff
[ 1162.849338][    C1] RBP: ffffc900001b0d08 R08: fffffffffffffffb R09: 0000000000000007
[ 1162.857309][    C1] R10: ffffed102275c139 R11: 1ffff1102275c139 R12: dffffc0000000000
[ 1162.865303][    C1] R13: 0000000000000000 R14: ffff888113ae09c8 R15: 0000000000000008
[ 1162.873272][    C1] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 1162.882197][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1162.888780][    C1] CR2: 00007fd5a27fef98 CR3: 0000000137dbe000 CR4: 00000000003506a0
[ 1162.896752][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1162.904717][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1162.912687][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 1162.920252][    C1] Kernel Offset: disabled
[ 1162.924583][    C1] Rebooting in 86400 seconds..